mod_http_oauth2: Remove duplicated word in README introduced in 734788d8bfc3

mod_http_oauth2: Allow omitting application type for native apps This derives "application_type":"native" from the first redirect URI when registering a client, so that it can be omitted without the default value of "web" causing the very same redirect URIs to be rejected.

mod_client_management: Show timestamp of first client appearance

mod_http_oauth2: Improve templates XML-ness by avoiding value-less attributes or whatever they're called Plus some Aria label tweaks

mod_http_oauth2: Add autocomplete hint to username field

mod_http_oauth2: Make storage of various code more consistent I'm not sure how any of this worked at all.

mod_http_oauth2: Bail on invalid or expired device flow state token

mod_http_oauth2: Tweak method of centering the UI The percentage here was relative to the viewport width, which on some very wide screens may put the UI slightly outside of the view, requiring scrolling to see. By using a unit relative to the height of the viewport, this is avoided and should work better. But no guarantees, it's still possible to resize the browser or adjust font sizes so that the UI goes out of view.

mod_http_oauth2: Optionally enforce authentication on revocation endpoint But why do OAuth require this? If a token leaks, why couldn't anyone revoke it?

mod_http_oauth2: Present errors in HTML <dialog> Nice semantic things that don't require JavaScript