oauth2: add support for the google service account json file

[macMikey]

when using oauth2 with a google service account, it would be simpler, if the dev could supply their google service account json file. said file includes the following properties:

      "type":
      "project_id":
      "private_key_id":
      "private_key":
      "client_email":
      "client_id":
      "auth_uri":
      "token_uri":
      "auth_provider_x509_cert_url":
      "client_x509_cert_url":

this does not include every field that is required to request a jwt. for example, what you are calling the tenant (google calls it the sub), the scopes, and key would also be required to support a google service account.

[macMikey]

if you're cool with it, i propose changing the OAuth2Provicer class behavior as follows: if name is "Google" and permission is "service", use a property called something like googleServiceAccountKey, or serviceAccountKey, which is the json that google gives you when you create a service account, and use that to populate the various properties of the object, including adding the jit header.

[macMikey]

FYI, the service account key json is described here