feat: Support workload identity federation flow

[JorTurFer]

Description

This PR supports incoming Workload Identity Federation flow. New environment variables have been added to allow default configuration:

• "STACKIT_SERVICE_ACCOUNT_EMAIL" -> Service account email (this isn't new but it was deprecated and deprecation has been removed)
• "STACKIT_FEDERATED_TOKEN_FILE" -> Directory where the assertion token is placed
• "STACKIT_IDP_ENDPOINT" -> IDP endpoint to exchange the token
• "STACKIT_IDP_EXPIRATION_SECONDS" -> Sets token duration. Not used yet but added for SDK downstream proposes.

Except STACKIT_SERVICE_ACCOUNT_EMAIL, all of them have default values (prod values)

This is a new auth method that will be publicly shipped during next weeks

Checklist

• No generated code was adjusted manually (check comments in file header)
• Changelogs
  • Changelog in the root directory was adjusted (see here)
  • Changelog(s) of the service(s) were adjusted (see e.g. here)
• VERSION file(s) of the service(s) were adjusted
• Code format was applied: make fmt
• Examples were added / adjusted (see examples/ directory)
• Unit tests got implemented or updated
• Unit tests are passing: make test (will be checked by CI)
• No linter issues: make lint (will be checked by CI)

[marceljk]

could be moved to utils pkg. This can be useful in some other places as well and you also added a similar function in your terraform pr, which can be probably replaced by this one as well

[JorTurFer]

I'll move it but it can be replaced on terraform because the terraform one is coupled to terraform types

[JorTurFer]

Updated comments 😄