[keycloak-dev] Cancel button options for clients

Currently the cancel button always redirects to the redirect_uri with error=access_denied. This is fine if the application wants to handle the rejected login. However, it does require the application to add logic/error handling to display a suitable error message to the user instead of just a generic 400 error page. I propose we add a configuration option to clients for how the cancel button is handled. Options would be: * None - don't display cancel button, this is useful when login is mandatory (for example our admin console) * Error redirect - redirect to redirect_uri with error=access_denied * Return to app - redirect to base_url of client (if this is set base_url would be required)