Split up the 'Create OAuth2 client' form to a 'public' and 'confidential' flow

[evert]

Right now we have 1 form for creating oauth2 clients, which supports features for both public and confidential clients.

The upcoming OAuth 2.1 spec creates a stronger distinction between the two:

https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1-12#section-2.1

It would be nice if instead of 1 form, we create a multi-step process.

• Step 1: Are you creating a public or confidential client.
• Step 2: Send people to the old form, but remove irrelevant questions. (for example, public clients should not get access to password, authorization_challenge or client_credentials flows).
• Step 3: Send people to the success screen. Don't generate a client_secret if the client was public.

The confidential/public flag should also be stored in the database.