Feature request for OAuth2.1 client authentication methods

[ch-lepp]

The OAuth2.1 spec does not require but strongly recommends asymmetric client authentication methods like "private_key_jwt" (source). In your documentation for your OidcMetadata interface you even hint towards the support of "private_key_jwt" with the attributes token_endpoint_auth_methods_supported and token_endpoint_auth_signing_alg_values_supported.

But for the attribute client_authentication within the OidcClientSettings interface you only support "client_secret_basic" and "client_secret_post" (as can bee seen in the code aswell).

Could you please add support for the OAuth2.1 recommended client auth methods?