Htgettoken

- Set BROWSER variable to prevent xdg-open from running lynx, which hangs.

- Support the new poll api in addition to the old device_wait api when waiting for authorization response
- Use colon as separator in default secret path instead of hyphen
- Add --scopes and --audience options
- Implement the --minsecs option (was present before but didn't work)
- Stop reading old bearer token and remove use of jwt package

- Avoid including standard system libraries with pyinstaller
- Increase timeout on web browser interaction to 5 minutes
- Set up the interrupt signal to kill the program
- Add BuildRequires for openssl-devel and swig
- Remove confusing code for setting default cafile on RHEL and make setting
the Debian default more clear

- Allow for missing xdg-open
- Add some missing "Exception as e" clauses
- Create configdir if missing when needed
- Change from jwt pip package to pyjwt, and disable verify_aud

This is the first htgettoken pre-release, supporting oidc device flow & kerberos flow with vault. The binary rpm was built on CentOS7 but works also on CentOS8.