feat(client): add optional dest_app_name to auth request JWT

[fadedsky]

• Extend create_auth_url with optional dest_app_name for Duo OIDC request.payload.dest_app_name
• Include dest_app_name in the signed request JWT only when provided
• Add unit test coverage for the authorization URI JWT payload

Description

This change extends Client.create_auth_url with an optional dest_app_name
parameter. When provided and truthy, dest_app_name is included in the signed
authorization request JWT payload as dest_app_name, matching Duo’s OIDC
Auth API field for a user-facing destination application name.

Motivation and Context

Duo documents dest_app_name as an optional field in the authorization request
JWT payload. Our Duo Admin expressed that it was a nice touch when they were looking
at logs that included it.

Reference: https://duo.com/docs/oauthapi#authorization-request

How Has This Been Tested?

Added/updated unit coverage in tests/test_create_auth.py to assert the
generated authorization URI’s request JWT includes dest_app_name when
passed to create_auth_url.

Also tested it on one of dev apps and our Duo Admin confirmed that the dest_app_name
was showing.

Types of Changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)