OpenID Connect client authentication: client_secret_jwt and private_key_jwt