Ensure correct OpenID Connect error responses

[kjac]

Prerequisites

• I have added steps to test this contribution in the description below

Description

This PR aligns the custom error responses from the auth parts of the Management and Delivery APIs with those of OpenIddict, which in turn are aligned with the OpenID Connect standard.

Testing this PR

Invalid auth requests should have responses that conform to the standard.

For example attempting to use an invalid client_id (this is a custom error response in MemberController):

....compared to using an invalid redirect_uri (this is a response from OpenIddict):

[kevinchalet]

JSYK, the plain-text errors returned by OpenIddict from user-visible endpoints like the authorization endpoint are not a standard thing: the only standard errors defined by the OAuth 2.0 RFC6749/6750 specifications are the ones returned in the WWW-Authenticate response headers (for API calls) or in JSON responses (e.g errored token responses).

The plain-text errors are really a fallback thing. For a much better UX, you may want to enable the status code pages middleware integration instead: https://documentation.openiddict.com/integrations/aspnet-core#status-code-pages-middleware-integration.