Migrate to @nuxtjs/auth-next and add CILogon SSO support.

[carboxylman]

@nuxtjs/auth 4.9.1 doesn't support urlencoded form data, and doesn't offer an easy way to add it, so I pulled forward to auth-next.

However, auth-next is backwards-incompat (e.g. if you attempt to use a custom scope Array with an existing scheme, and if the base scheme defines a default scope Array, the new defu defaults stuff will result in your scopes being concatenated to the base. This doesn't work for our github integration; we have a read-only set of user and email scopes, so we set scope as a space-separated list, a hack that works around this problem.

Furthermore, the oauth2 scheme tries to send a nonce parameter to google, which throws an error if this is sent. So we implement a googlecustom provider that uses a stock oauth2 authorization_code flow.

To make our custom auth provider modules (see ~/modules) work and reuse the goo that generates the right callback stuff to process the authorization_code and call the idp for an access_token, we use rewire to import the unexported auth-next functions. Unfortunate, but should be stable into the future.