Support JWT-bearer client assertions grant type in Nuts node

[reinkrul]

GF AuthN specifies JWT bearer grant type, instead of Nuts' vp_token-bearer grant type (see https://www.rfc-editor.org/rfc/rfc7523#section-2.1).

The GF also separates care organization authentication from client authentication. Client authentication can be used to hold info about the client itself, e.g.:

• this software is audited to do use case X (e.g. eOverdracht)
• this software/vendor may act on behalf of care organization Y

Changes in Nuts node:

• Support urn:ietf:params:oauth:grant- type:jwt-bearer grant type
  • Support it in the client (take inspiration from LSPxNuts PoC: 19f5960)
  • Support it in the server
    • Add it to the OAuth2 Authorization Server metadata
    • Authenticate it when an access token is issued
    • Add support for client credentials requirements to Nuts Policy Definition (we currently support user and organization).

[reinkrul]

Required for PoC 12/hackaton.