mod_http_oauth2: Return Authentication Time per OpenID Core Section 2 Mandatory To Implement, either MUST include or OPTIONAL depending on things we don't look at, so might as well include it all the time. Since we do not persist authentication state with cookies or such, the authentication time will always be some point between the user being sent to the authorization endpoint and the time they are sent back to the client application.

This module discards typing notifications sent to a bare host JID,
preventing error replies to be sent. These errors are harmless but can
be annoying sometimes if your client shows them prominently.