OIDC Certification and FAPI profile

[peppelinux]

Changes that this PR accomplish:

• If response_type == id_token return userinfo that normally would be returned from the userinfo endpoint in the id_token.
• Don't run parse_cookie twice. One after the other.
• Allow for different claims release policies to be in effect simultaneously (typically id_token+userinfo).
• Error response when response_mode == form_post not handled correctly. return_uri needed.
• Use extra info in ValueError exception instance to return correct error code.
• Allow endpoints to have their own request verification error handler.
• Having session ID in ID Token instance simplifies things.
• Finding the last issued token of a specific type is useful.
• Should check if client session is revoked.
• Revoked all grants issued to a user/client pair.
• Merged the two ClaimsInterface versions.
• Removed tests using method that was removed and incomplete test.
• Client registration endpoint should return a 201 HTTP response code on successful registration.
• Default token lifetime should not be 0 (zero). Changed to be 30 minutes (1800 seconds).
• Authorization error response MUST contain 'state' if it is present in the request.
• Check cookie age.
• Revoke tokens that has been minted using a code that then is used once more.
• prompt==login forces re-authentication.
• prompt attribute is a list.
• FAPI OP example project