Better errors for invalid requests

[lukos]

We have many developers who are new to oidc and who are trying to configure a plugin to use our site with idsrv but several errors all return the same thing, making it hard to distinguish real errors from user errors.

For instance, client.Enabled == false, IsRedirectUriValidAsync() == false, request.Flow != Client.Flow and !AreScopesValid() all produce the error, "The client application is not known or is not authorized.", which I believe is both misleading and unhelpful.

Many people will call the IdP with the wrong redirect uri and be told the client is not authorized, which is not strictly true and which doesn't help them fix their problem.

Is it OK for me to submit a PR that distinguishes these errors more specifically so that the ViewService can choose to show different messages or pages to the user to help them fix their problem?