feat: add slog logging (#432)

* feat(op): user slog for logging

integrate with golang.org/x/exp/slog for logging.
provide a middleware for request scoped logging.

BREAKING CHANGES:

1. OpenIDProvider and sub-interfaces get a Logger()
method to return the configured logger;
2. AuthRequestError now takes the complete Authorizer,
instead of only the encoder. So that it may use its Logger() method.
3. RequestError now takes a Logger as argument.

* use zitadel/logging

* finish op and testing
without middleware for now

* minimum go version 1.19

* update go mod

* log value testing only on go 1.20 or later

* finish the RP and example

* ping logging release

pkg/op/session.go

@@ -8,6 +8,7 @@ import (
 
 	httphelper "github.com/zitadel/oidc/v3/pkg/http"
 	"github.com/zitadel/oidc/v3/pkg/oidc"
+	"golang.org/x/exp/slog"
 )
 
 type SessionEnder interface {
@@ -15,6 +16,7 @@ type SessionEnder interface {
 	Storage() Storage
 	IDTokenHintVerifier(context.Context) *IDTokenHintVerifier
 	DefaultLogoutRedirectURI() string
+	Logger() *slog.Logger
 }
 
 func endSessionHandler(ender SessionEnder) func(http.ResponseWriter, *http.Request) {
@@ -31,12 +33,12 @@ func EndSession(w http.ResponseWriter, r *http.Request, ender SessionEnder) {
 	}
 	session, err := ValidateEndSessionRequest(r.Context(), req, ender)
 	if err != nil {
-		RequestError(w, r, err)
+		RequestError(w, r, err, ender.Logger())
 		return
 	}
 	err = ender.Storage().TerminateSession(r.Context(), session.UserID, session.ClientID)
 	if err != nil {
-		RequestError(w, r, oidc.DefaultToServerError(err, "error terminating session"))
+		RequestError(w, r, oidc.DefaultToServerError(err, "error terminating session"), ender.Logger())
 		return
 	}
 	http.Redirect(w, r, session.RedirectURI, http.StatusFound)