Add a consent screen if a client tries to obtain an accessToken for a user for the first time #28
Description
When a user might accidentally visit a client which uses a SigAuth instance that he is already signed in to. There is currently nothing he can do to revoke the authentication process and is forced to share his data with the client.
Before authenticating the user (no matter if he is logged in or not) he should be asked if that was intentional and what data will be shared of him.
When he has to login show the data in the login screen otherwise create a extra card similiar to google
