[Feature Request] Throw if confidential clients use the user token cache but have not customized token cache serialization

[jmprieur]

Is your feature request related to a problem? Please describe.
In Web Apps and Web APIs using the auth code flow or OBO (not the confidential client flow), we recommend developers to customize the token cache serialization with one cache per user account. It's time to enforce the recommendation.

Describe the solution you'd like
Throw if confidential clients use the user token cache but have not customized token cache serialization. This won't guaranty that the cache key is the right one, though, but that's a good way of sending developers to the right documentation page.

Describe alternatives you've considered
Not do anything

[jmprieur]

@henrik-me, let's discuss.

[jmprieur]

Postpone to when we have the extension library in prod.