Support max-age cookie expiration, fix impossible to sign-in

[michelerenzullo]

Problem:
There is a specific circumstance where it's impossible to sign-in anymore till the deletion of _session cookie in Chrome(Android) or Safari(iOS), even if the prompt=login. Related issue here https://github.com/openid/AppAuth-Android/issues/874 and how it is solved

Steps to reproduce the issue, assuming you have a signin with auto code exchange and prompt=login, i.e should always force a new login:

1. You log-in in your app
2. You clear the data / uninstall app
3. From your provider, you must delete the account where you logged in at step 1
4. Open the app and try to login: you get always "invalid-grant" PlatformException(authorize_and_exchange_code_failed, Failed to authorize: [error: invalid_grant, description: grant request is invalid], null, null)

What would be the correct flow:

1. //
2. //
3. //
4. You should be able to login again, because prompt=login should be a guarantee that any (corrupted or not corrupted)_session cookie previously stored in the browser won't prevent you to login again

Explanations:

• The app or flutter_appauth reads the _session cookie that points to "a dead" user information. The user will not be able to login anymore till he manually delete the _session cookie in Chrome.

Possible solution:

• Find a way to set max_age: 0 along with prompt=login perhaps in additionalParameters, so that the _session cookie auto-expire. Note: 0 must be int not type String so not sure if is parsed correctly under-the-hood

[michelerenzullo]

It might be the case that this is not really flutter_appauth issue, but more AppAuth0 or LogTo (provider), I'm not sure but please feel free to close it if you agree. For other devs that have similar issue, I opened a new issue in LogTo: https://github.com/logto-io/js/issues/765