feat: update token on login (rebase)

[FaeyUmbrea]

This PR rebases #2428 onto the current master as the original maintainer has gone missing.

The aim is the same as in the original PR. Ory should save tokens its getting on each login. This is helpful in scenarios where the user is encountering a consent screen and the refresh token issues to the backend was invalidated, i.e. through a scope change.

Further, this simplifies implementing applications that might not need to do any background processing and require a login to use. For those usecases the most recent token issued on login is sufficient.

Related issue(s)

#1912
#2428

Checklist

• I have read the contributing guidelines.
• I have referenced an issue containing the design document if my change
  introduces a new feature.
• I am following the
  contributing code guidelines.
• I have read the security policy.
• I confirm that this pull request does not address a security
  vulnerability. If this pull request addresses a security vulnerability, I
  confirm that I got the approval (please contact
  [email protected]) from the maintainers to push
  the changes.
• I have added tests that prove my fix is effective or that my feature
  works.
• I have added or changed the documentation.

Further Comments

[FaeyUmbrea]

@aeneasr tests that have been passing on main are passing and I've given it my best shot to implement your suggestions given in #2428 (comment)

A couple of them the original contributor already got to, I've taken it upon myself to introduce a per-provider feature flag.

There's an E2E test that checks if this functionality is working but no unit test. In the case we need one, I'd greatly appreciate some input what tests exactly should be added. I have broken the token update logic into its own function to facilitate unit tests more easily though.