Add quarkus-security-api dependency to modules which require tokens for outbound calls

[sberyozkin]

quarkus-security-api, https://github.com/quarkusio/quarkus-security, (to be renamed to quarkus-security-api in the next 2.0.4 release) contains a few interfaces only which represent key Quarkus security abstractions, it is a light weight dependency.

Specifically, it has TokenCredential representing the current OIDC access token. How can it be relevant ?

I've noticed two modules (and possibly a few more) require the access tokens in order to access remotely hosted LLMs, such as azure-openai, Google gemini.

So, having TokenCredential injected will let azure-openai, Google gemini and other modules which access LLMs hosted as social OIDC provider services, to use the current session's access token.

For example, it would be possible to create variations of #539, which would require a user authentication with either Azure or Google and use an injected TokenCredential to pick up the current access token to securely access remote LLMs on behalf of the currently authenticated user, as opposed to forwarding the bearer access token which was sent to the Quarkus endpoint. It won't impact the other options, but will add another one.

I can suggest a draft PR to show how it might work.

FYI, WebSockets Next in Quarkus 3.11 will also bring quarkus-security-api.

[geoand]

Definitely sounds interesting