Authentication failure exceptions and events should provide additional request specific information

[sberyozkin]

Description

The user code which observes AuthenticationFailedException should be able to log or do other actions with the credentials which can not be verified. For example, if the code flow access token is invalid, users should be able to use soon to be available OidcProviderClient to revoke the token.

Implementation ideas

If it is OIDC it should pass the failed token with AuthenticationFailedException, probably as a map property

[quarkus-bot]

/cc @pedroigor (bearer-token)