Add WebAuth Logout feature

[lbalmaceda]

Changes

This PR adds a static builder to launch a call to the /v2/logout endpoint.
Users can customize the scheme of the returnTo URL, and the Chrome Custom Tabs customization options, although TBH the process is quite fast and you barely notice the browser was open.

Usage

//log out method
Auth0 auth0 = getAccount();
WebAuthProvider.logout(auth0)
                .withScheme("demo")
                .start(this, logoutCallback);

//somewhere in the code
private VoidCallback logoutCallback = new VoidCallback() {
    @Override
    public void onFailure(Auth0Exception error) {
        //Browser app not found or logout canceled, check error message.
    }

    @Override
    public void onSuccess(Void payload) {
        //Logged out!
    }
};

Callback

The call can

• succeed: when the browser invokes the returnTo URL and in turn, re-opens the user application.
• fail:
  • when there is no browser app available,
  • or the user closes the browser manually. This last scenario is also triggered if the log out URL is not whitelisted in the application or tenant settings.

The log out URL will always include the client_id parameter. So the returnTo URL must be whitelisted in the application allowed logout URLs section on the dashboard. More info in auth0 docs.

References

• Docs: https://auth0.com/docs/logout/guides/logout-auth0
• Issues: Can't logout from Webclient #155

Testing

Added a bunch of tests for the introduced changes.

Will probably rename some of the previous tests as now we share 2 flows (auth / logout) on the same WebAuthProvider class. (On a different PR)

• This change adds unit test coverage

• This change adds integration test coverage

• This change has been tested on the latest version of the platform/language or why not

Checklist

• I have read the Auth0 general contribution guidelines

• I have read the Auth0 Code of Conduct

• All existing and new tests complete without errors

[jimmyjames]

Looks good, just a few comments/suggestions around method names and the callback handler params.

[joshcanhelp]

Make sure you're following the docs styleguide for "logout" and "log out:"

https://github.com/auth0/docs/blob/master/STYLEGUIDE.md#vocabulary

All this makes me wonder if we want to expose the onFailure method or just expose the onSuccess method when we're confident that the returnTo URL was called because the user did log out.

Seems like there are enough conditions for failure that you would want to allow catching that. IMHO.