Add credentials exposure test & fix STS + SSO (#2603)

## Motivation and Context
- credentials providers may leak credentials in the HTTP body at the
debug level

## Description
This adds a test to aws-config that looks for leaked credentials in all
of our provider integration tests—since these test use AWS APIs under
the hood, this also serves to test AWS services in general.

To support this, `sensitive` was added to the ParseHttpResponse trait
and code was generated to take action based on this change.

- [x] Add environment variable to force logging of the body
- [x] consider if we want to suppress request body logging as well

## Testing
<!--- Please describe in detail how you tested your changes -->
<!--- Include details of your testing environment, and the tests you ran
to -->
<!--- see how your change affects other areas of the code, etc. -->

## Checklist
<!--- If a checkbox below is not applicable, then please DELETE it
rather than leaving it unchecked -->
- [x] I have updated `CHANGELOG.next.toml` if I made changes to the
smithy-rs codegen or runtime crates
- [x] I have updated `CHANGELOG.next.toml` if I made changes to the AWS
SDK, generated SDK code, or SDK runtime crates

----

_By submitting this pull request, I confirm that you can use, modify,
copy, and redistribute this contribution, under the terms of your
choice._

---------

Co-authored-by: John DiSanti <jdisanti@amazon.com>