make setting headers in request object consistent

[rishabhpoddar]

Somewhere we use headers.set, whereas somewhere else we use headers = {key1: "..", }.

This causes an issue in the pre API hook wherein if the user wants to modify the headers, in order to copy over the existing headers, they have to somewhere use headers.entries() (in case for refresh API) and do a foreach and somewhere else they have to do {...context.requestInit.headers} (in case for signout API).

We should be consistent in how we set headers to the request object.

Im not sure if this also affects the user's request interceptor since there too we use header.set to add rid: anti-csrf, so what if the user has added headers to the request using just a method like header['.."] = ".."?