[oauth] Increased CPU usage during device flow with libcurl 8.20.0

Hi all,

A couple of macOS testers pinged me last week with a newly failing
test in oauth_validator/001_server:

not ok 113 - call count is reasonably small

It's a heuristic test, so I was looking into whether that heuristic
needed to be tweaked. But this is actually a legitimate failure,
caused by an upstream regression in Curl 8.20.0 [1]. I've tested the
most recent 8.21.0 RC, due to release later this month, and the test
now passes again.

So that just leaves what to do about the current test failures. My
current idea is to just skip the test if the curl binary reports that
specific minor version. (A configure test probably won't help very
much after this month: anyone consuming rolling releases of Curl in
production will have already built against a past version, and if an
upcoming LTS distro chose 8.20.0 as its base, they'd almost certainly
backport the fix too, making the check worse than nothing.) An
alternative would be to just let it ride for a couple weeks, but I
don't really want to inflict that on our Homebrew testers.

Either way, debugging this has inspired some improvements to
OAUTHDEBUG_UNSAFE_TRACE that I'll propose after the 19 freeze is over.

Thoughts?

--Jacob

[1] https://github.com/curl/curl/issues/21547