This makes the account system much more modular and makes it treat errors as something recoverable, unless they come directly from the MSA refresh token becoming invalid.
Device flow involves the user manually opening a web page and putting in a code. We no longer need to interact with the browser.
Both act as the first step of AuthContext.
