feat(op): allow scope without openid

[muhlemmer]

This changes removes the requirement of the openid scope to be set for all token requests. As this library also support OAuth2-only authentication mechanisms we still want to sanitize requested scopes, but not enforce the openid scope.

Related to https://github.com/zitadel/zitadel/discussions/8068

Definition of Ready

• [x] I am happy with the code
• [x] Short description of the feature/issue is added in the pr description
• [x] PR is linked to the corresponding user story
• [x] Acceptance criteria are met
• [ ] All open todos and follow ups are defined in a new ticket and justified
• [ ] Deviations from the acceptance criteria and design are agreed with the PO and documented.
• [x] No debug or dead code
• [x] My code has no repetitions
• [x] Critical parts are tested automatically
• [ ] Where possible E2E tests are implemented
• [x] Documentation/examples are up-to-date
• [x] All non-functional requirements are met
• [x] Functionality of the acceptance criteria is checked manually on the dev system.

[github-actions[bot]]

:tada: This PR is included in version 3.25.0 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: