refactor(neon_http_client): use nextcloud csrf request

[Leptopoda]

some housekeeping to use and test the now documented csrf endpoint

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 28.41%. Comparing base (a5bc224) to head (74fd815).
Report is 8 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2502      +/-   ##
==========================================
+ Coverage   28.37%   28.41%   +0.04%     
==========================================
  Files         352      352              
  Lines      135903   135903              
==========================================
+ Hits        38559    38615      +56     
+ Misses      97344    97288      -56     

Flag	Coverage Δ		*Carryforward flag
account_repository	98.76% <ø> (ø)
cookie_store	99.48% <ø> (ø)		Carriedforward from a5bc224
dashboard_app	96.05% <ø> (ø)
dynamite	31.08% <ø> (ø)		Carriedforward from a5bc224
dynamite_end_to_end_test	61.69% <ø> (ø)		Carriedforward from a5bc224
dynamite_runtime	85.40% <ø> (ø)		Carriedforward from a5bc224
neon_dashboard	96.05% <ø> (ø)		Carriedforward from a5bc224
neon_framework	57.07% <ø> (ø)
neon_http_client	97.50% <100.00%> (+0.80%)	⬆️
neon_notifications	100.00% <ø> (ø)		Carriedforward from a5bc224
neon_talk	99.45% <ø> (ø)		Carriedforward from a5bc224
nextcloud	24.19% <ø> (+0.04%)	⬆️
notifications_app	100.00% <ø> (ø)
sort_box	90.90% <ø> (ø)		Carriedforward from a5bc224
talk_app	99.09% <ø> (ø)

*This pull request uses carry forward flags. Click here to find out more.

Files with missing lines	Coverage Δ
..._client/lib/src/interceptors/csrf_interceptor.dart	100.00% <100.00%> (+2.85%)	⬆️

... and 2 files with indirect coverage changes

[provokateurin]

Why are you splitting the logic for vm and web and basically making vm noop? IMO we should use the same logic regardless of the target. In this case it only increases code complexity while having not much benefits.
The other two commits LGTM.

[Leptopoda]

We already had this split logic (it was just in a single class).
I found it less complex to split it into two separate classes, as there is only one condition being made.

I also find the unit tests more readable now that they are split.
The new solution will also avoid creating the nextcloud client on io as it isn't even needed (no real impact but cleaner nevertheless).

I can drop the commit if you prefer to keep it unified.

[provokateurin]

Instead of having two implementations I would rather just not add it on vm.
Everything else can stay the same then.

[Leptopoda]

I unified the csrf logic as previously discussed in our call.
I also changed the fixture validation so we also get one for the csrf test.

[Leptopoda]

I'll change the webdav csrf interceptor (in the nc package) as a followup