fix: All responses now contain headers to not cache them

[mitar]

Proposed changes

Based on https://openid.net/specs/openid-connect-core-1_0.html (non-normative examples) it looks like all responses include headers to prevent caching. I think this is reasonable. I do not see why any of OAuth responses would ever be cached.

So I just went through everything and added those headers.

Checklist

• I have read the contributing guidelines
• I have read the security policy
• I confirm that this pull request does not address a security
  vulnerability. If this pull request addresses a security vulnerability, I
  confirm that I got green light (please contact
  [email protected]) from the maintainers to push
  the changes.
• I have added tests that prove my fix is effective or that my feature works
• I have added necessary documentation within the code base (if appropriate)

[aeneasr]

Thank you!

[aeneasr]

I was again fooled by CircleCI not running. The tests are actually broken on master, can you please address the broken changes?

https://app.circleci.com/pipelines/github/ory/fosite/19/workflows/5565d7c4-b9ac-47cd-bff3-7e62e2a72535/jobs/67

I will now enforce CI runs for merges on master, which means that we need to figure out why CircleCI is not running on your fork or I won't be able to merge your PRs any more :(

[mitar]

I will check. Sorry.

Have you seen this comment?

[mitar]

Done: #466