Test helpers

[DFurnes]

What's this PR do?

This pull request adds a WithOAuthTokens trait which makes it easy to use JWT access tokens in PHPUnit tests (using an included example private & public key):

// specify user ID, user role, and scopes
$request = $this->withAccessToken('5554eac1a59dbf117e8b4567', 'staff', ['user', 'role:staff'])->get('/api/v2/lalala');

// make a request as a "normal" user w/ a random ID
$request = $this->withStandardAccessToken()->get('/api/v2/public');

// make a request as an "admin" user w/ a random ID
$request = $this->withAdminAccessToken()->get('/api/v2/secure');

I also made two changes for some little "footguns" that'd trip up OAuth token usage:

💉 Get the OAuth token with token() helper in role middleware, rather than by injecting it in the constructor. This is necessary since the request is empty when we inject it into the middleware.

🆔 The Auth::authenticate() method will now just return a boolean (instead of a full Northstar profile). This prevents us from making an unexpected API call to Northstar (for example, the default Laravel auth middleware calls this but doesn't use the result). I did a quick audit & no framework code expects this to have a real Authenticatable object returned.

How should this be reviewed?

👀

Checklist

• [ ] Tests added for new features/bug fixes.
• [ ] Is this a breaking change?

[DFurnes]

The role tests were breaking since they rely on app() helper existing now... I'll fix those up in a follow-up PR but don't want to block merging this for now.