Allow authentication via uaa client credentials

[jmcarp]

It would be useful to authenticate using uaa client id and secret as well as username and password or oauth token. For compliance reasons, our user credentials expire after a few months, so it would be helpful to authenticate with creds that don't expire.

[gberche-orange]

thanks @jmcarp for this interesting suggestion. Can you please detail your usage of client credentials grant type for interacting with CF: Is your Oauth client_id given CF scopes (such as such as cloudcontroller.admin) as authorities ? How do you then manage client secret rotation ?

As a side note, we've updated the README.md to reflect the current status of the project along with a pointer to the design document that details goals and planned refined modeling. This is still early stage, we plan to refine this in the coming days, but comments/suggestions are welcomed.