Implement `SsoTokenProvider` (#2917)

This PR adds a `SsoTokenProvider` that loads session name cached SSO
tokens, and automatically refreshes them when possible. The
`SsoCredentialsProvider` is updated to use this new `SsoTokenProvider`
so that it is now compatible with the latest AWS CLI.

----

_By submitting this pull request, I confirm that you can use, modify,
copy, and redistribute this contribution, under the terms of your
choice._