Feature/omniauth

[dazza-codes]

Proposing to merge this branch with master (prefer it was develop, but that doesn't exist), so that further work on using omniauth can hack an oauth2 provider. This branch is a bare-bones addition of omniauth that is completely hacked to suit the proposed SearchWorks use case for authorization to get containers. It's not using oauth2 at present, only the base :developer provider. But at least that is working (see /auth/developer in the UI and note that is is already rigged to only accept a couple of 'authorized apps').

[dazza-codes]

@ndushay and @cbeer - please consider as a bare-bones start to working with omniauth, much more work is required to use an oauth2 provider rather than the simple developer used here.

[coveralls]

Coverage decreased (-0.07%) to 99.61% when pulling 15985332730041a6c026a577375421d1f205df3b on feature/omniauth into 06d8d978f856399c9fa70e0c46a9d70856ffeaf0 on master.

[dazza-codes]

Closing this PR after discussion to implement a different solution that follows IIIF patterns, see specs and related code:

• http://image-auth.iiif.io/api/image/2.1/authentication.html
• https://github.com/IIIF/auth/blob/master/server/pi3f.oauth.py
• https://github.com/IIIF/auth/tree/master/client/osd