Add an `AuthStateStorage` parameter to `ServerSettingsValidator`

Typically we use `Account` to hold the (OAuth 2.0) authorization state. But during account setup we don't have an `Account` instance yet. So we allow a `ServerSettingsValidator` caller to pass an `AuthStateStorage` that we then use with `OAuth2TokenProviderFactory` to create an `OAuth2TokenProvider` instance. When setting up an account we can use an `AuthStateStorage` implementation that will simply hold the state in memory.