Add CBS/PSI strategy

[nichtich]

To authentificate against the CBS library system.

Basically it's a simple HTTP request

POST https://kxp.k10plus.de/login/LOGIN
USER_KEY=...
PASSWORD=...

And inspect the returned Header

X-PSI-Context: LOGIN_REJECT

or

X-PSI-Context: RELOCATE

followed by

X-PSI-Context: MAIN

The user name is hidden in the response XML (XML interface) or HTML (HTML interface).

Configuration via base URL (e.g. https://kxp.k10plus.de/)

{
   "strategy": "psi",
   "name": "Gemeinsamer Verbundkatalog (GVK)",
   "url": "https://kxp.k10plus.de/"
}

URL for the POST request and user URI template can be derived from url as {url}/login/LOGIN and {url}/user/{id} (the latter not supported as URL by PSI but can be used as URI).

[nichtich]

This includes two use cases

• login via user account
• login as an authenticated librarian at a specific library (as used in WinIBW)

The latter checks given username & password and returns the library (for instance http://uri.gbv.de/organization/isil/DE-7), the account belongs to, so individual accounts are anonymous. Login might be required to be protected against brute-force attack.