changed the request method to check user role slightly to session-token based approach and added retry-option, if 401 occures for requesting specialized scope, also added a small method to match different kinds of auth-urls with the valid path to request user roles from barbican
changed the request method to check user role slightly to session-token based approach and added retry-option, if 401 occures for requesting specialized scope, also added a small method to match different kinds of auth-urls with the valid path to request user roles from barbican