OpenID Connect token acquisition is a thin layer on top of OAuth2 flows. In practice this often requires using 'nonce' parameter, which is used to associate authorization (authentication) with the supplied ID token. Some vendors either refuse or require additional security credentials if 'nonce' is omitted with OIDC flows. This commit introduces two facilities to make usage of 'nonce' easy: - Mode to control whether or not the nonce should be included - Property for reading (and optionally setting) the nonce The default nonce mode is 'automatic', meaning that nonce is only used if required by OIDC flow. [ChangeLog][QAbstractOAuth2] Added 'nonce' property and 'NonceMode' enum for using nonce in the flows. Fixes: QTBUG-124336 Change-Id: I21a9a344a1bd1d8f440677f3c9335ce4df089a3f Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>