Fix PKeyAuth after changes on Microsoft side

Initially when PKey authentication was implemented, the OAuth2 flow
was handled by the browser for the first steps until a redirection to
PKey authentication was requested, after which the browser was closed
and the flow continued GUI-less. This was possible as the PKey
authentication was the last step and sending a request to the
SubmitUrl resulted in a redirect to the final OAuth2 redirect URL and
ended the authentication flow.

Some time ago Microsoft made a change to this flow and introduced
another confirmation page after the PKey authentication step. This
meant that the PKey authentication request could not be done outside
of the browser any more, as a request to the SubmitUrl would now
return an actual web page, which demanded further action from the
user.

To fix this problem the PKey authentication logic was moved to the
browser and wired into the request interceptor.

Unfortunately a Qt bug (reported as QTBUG-88861) was encountered,
which prevented the Authorization header from being set on a
redirected request. This bug has been worked around using an external
redirection issued by a minimalistic web server implemented in the
resource itself.

Signed-off-by: Krzysztof Nowicki <krissn@op.pl>