urls.self.public gets ignored in most cases in favour of urls.self.issuer

[corrideat]

Describe the bug

Reproducing the bug

Steps to reproduce the behavior:

1. Set up the quickstart guide
2. Before launching, add the following environment variable to hydra in quickstart.yml: URLS_SELF_PUBLIC=http://this.domain.does.not.exist.and.is.invalid
3. Run the quickstart guide normally
4. The demo continues to work normally

Server logs

Not relevant

Server configuration

urls:
  self:
    issuer: http://127.0.0.1:4444
    public: http://this.domain.does.not.exist.and.is.invalid

Expected behavior

Login in the demo should fail as the user gets redirected to http://this.domain.does.not.exist.and.is.invalid.

The value of urls.self.public should be used for everything except well-known paths, as the intent of this configuration setting is to tell Hydra the URL that points to itself.

However, right now all of the paths use urls.self.public with the exception of the /userinfo path. RFC 8414, section 2, requires that metadata be published at a well-known address at the issuer. However, no such mandate is made for the other endpoints.

Environment

This issue is environment agnostic.

Additional context

Addressing this issue allows for using, among other things, urn-URIs as issuer, which are useful in contexts where publishing metadata is not required.