With this change you can authenticate via user certificate over sync api.
The application-uri is required, because some servers will reject the connection if the application-uri of the application does not match the one from the client application certificate.

Allow using OptionSets from Addresspace und dynamic creation of OptionSets

Running uals recursively with -l option gives RuntimeWarning:

```
$ uals -d 3 -l
Browsing node i=84 at opc.tcp://localhost:4840

DisplayName                    NodeId                    BrowseName                DataType   Timestamp                      Value

Traceback (most recent call last):
  File ".../opcua-asyncio/tools/uals", line 11, in <module>
    uals()
  File ".../opcua-asyncio/asyncua/tools.py", line 342, in uals
    asyncio.run(_uals())
  File "/usr/lib/python3.9/asyncio/runners.py", line 44, in run
    return loop.run_until_complete(main)
  File "/usr/lib/python3.9/asyncio/base_events.py", line 642, in run_until_complete
    return future.result()
  File ".../opcua-asyncio/asyncua/tools.py", line 368, in _uals
    await _lsprint_long(node, args.depth - 1)
  File ".../opcua-asyncio/asyncua/tools.py", line 442, in _lsprint_long
    name, bname, nclass, mask, umask, dtype, val = [attr.Value.Value for attr in attrs]
TypeError: 'coroutine' object is not iterable
sys:1: RuntimeWarning: coroutine 'Node.read_attributes' was never awaited
```

Support OptionSets from Part5 7.17 like UadpNetworkMessageContentMask. In nodesets they are UAEnumerations with attribut "IsOptionSet" = True

Fixed generation for default values for GUID. Now an empty GUID is generated.

When a client reconnects, it can require to clear its security_policy
settings to deal with situations where the peer_certificate has
changed for example (regular server cert renewal).

This PR introduces the `reset_security_policy()` client method to handle
this use-case, and adds it to the HaClient reconnection mechanism.

Note: We could arguably invoke this method from `set_security()` as they
often will be called together, but according to [OPC-UA Part4 5.4.4](https://reference.opcfoundation.org/v104/Core/docs/Part4/5.4.4/),
the GetEndpoints service may require TLS and so enforcing an empty policy would break this use-case.

The OPC UA specification does not forbid that a server does not offer DiscoveryUrls. This can lead to a crash when calling the function application_to_strings().

Check DiscoveryUrls for None or empty before iterating to avoid the crash described in #1127.

* extended ServerItemCallback class with 'event_comes_from_internal_session' parameter to distinguish events triggered from server to the ones triggered from OPC-UA clients

* Fixed arguments order

* Renamed variable to is_external
Co-authored-by: Marco Panato <marco.panato_01@univr.it>

* Remove old uniqueness check
Add check that properties are unique in one hierarchy

* Replace old duplicates browsename test with duplicated property browsename test.
Remove duplicated browsename test with different ns.

Co-authored-by: jportela <joao.portela@asml.com>