Added OAuth2 refresh token flow implementation + shortened `id` and `access` token lifespans

[BarcoMasile]

Description

This PR introduces the implementation of the refresh token flow for the OAuth2 protocol, enabling us to shorten token lifespans without breaking user experience.

Changes

• the authenticate method now checks if it's possible to refresh tokens when an expired accesstoken is used, and if so it performs the refresh setting new cookies values to be added to the response in a request context ( g.auth_cookies) to be used in a custom afterresponse func (this was done to avoid handling response objects manually since a view function could return either a dict and a code like in app.py, or a true Response object, like in handlers.py)
• added custom refreshtokenerror exception + handler
• tests have been added and existing tests adjusted
• edited the pcluster-manager.yaml to shorten lifespans of id and access token

How Has This Been Tested?

• unit tests
• manual tests
• manually deployed PCM in cloudformation to verify shortened ilfespans

References

PR Quality Checklist

• [x] I added tests to new or existing code
• [ ] I removed hardcoded strings and used our i18n solution instead (see here)
• [x] I made sure no sensitive info gets logged at any time in the codebase (see here) (e.g. no user info or details, no stacktraces, etc.)
• [ ] I checked that infrastructure/update_infrastructure.sh runs without any error
• [x] I checked that npm run build builds without any error
• [x] I checked that clusters are listed correctly
• [x] I checked that a new cluster can be created (config is produced and dry run passes)
• [x] I checked that login and logout work as expected

In order to increase the likelihood of your contribution being accepted, please make sure you have read both the Contributing Guidelines and the Project Guidelines

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.