Remove all TODOs

[element-of-surprise]

There are a series of TODOs that range from documenting why certain things happen to possible major bugs.

These need to be removed. They can be found with a simple search for "TODO".

[abhidnya13]

• Code TODOs

• [x] Clean-up authority validation here

• [ ] Review todo of storage.go not expiring tokens here and investigate this. Also foci investigation here

• [ ] Write tests for mex document parsing here

• [ ] Write tests for resolvers.go - here

• [ ] Investigate wstrust.go here

• [ ] Document saml attributes here

• [x] Review ID Token check here

• [x] Use named structs instead of naked structs for mex_document definition here

• [ ] Add example code for methods in public client here

• [x] Investigate authorization pending/ slow down in device code flow message here

• [x] Investigate JWT decoding here

• [x] Investigate expiry time for JWT assertion here

• [ ] Add example code for methods in confidential client here

• Sample TODOS

• [ ] Auth code sample here and here

• [ ] Use flag package in samples main file instead of if...else chain here

[bgavrilMS]

I've reviewed the //TODOs and they are mostly about adding more docs in the code, a bug which is tracked separately, missing unit tests etc.

Nothing that would impact public API or behavior.