Support credential profiles in Nuts node

[reinkrul]

GF AuthN doesn't use Presentation Definitions to convey required credentials, but pre-agreed credential profiles. This diverges from how Nuts currently works, since there the client requests the presentation definition to fulfill from the server.

With GF AuthN however, configuration needs to be the source of required credentials. We already PoC'd this during the LSPxNuts hackaton, so we can copy this solution. Changes:

• Add API input parameter profile_id to access token request API call (this allows separating OAuth2 scope from credential set, required for e.g. BgZ).
  • If given, use its value to identify the Presentation Definition to fulfil.
  • If not given, use the scope to identity the Presentation Definition to fulfil (for backwards compatibility of the API).
• Alter the access token request API to have it resolve the Presentation Definition locally first. If not present, the existing logic (try lookup from server) can be performed. This makes the change backwards compatible with existing Nuts use cases.

We already implemented this for LSPxNuts, so can be taken from there: 14358d9