GitLab

Change setting and url prefixes from `oa2` to 
`oauth2`

Introduce new setting ``PITHOS_SERVE_API_DOMAIN``. When set, all api views
that serve pithos file contents will be restricted to be served only under
the domain specified in the setting value.

Distinguise offline and online token use

Add tests for validate access token endpoint

The astakos authorization endpoint url should be an absolute url.

Instead of raising PermissionDenied redirect to the
object view url to re-initiate the procedure
for acquiring a new access token.

Prevent api calls from being served by setting PITHOS_SERVE_API
to False.

Pithos views no longer use the information stored in
the PITHOS_ASTAKOS_COOKIE_NAME cookie
for authenticating the user and authorizing access to the
targeted resource.
They acquire, instead, from the authentication server (astakos)
a short-term token for accessing the specific resource.

The general flow includes the following steps:
1. The user clicks on a resource to view its content.
2. The view requests an authorisation code from astakos
   by providing its identifier, the requested scope,
   and a redirection URI.
3. Astakos authenticates the user and since the pithos view
   is considered a trusted client grants the view's access request.
4. Astakos redirects the user-agent back to the view using
   the redirection URI provided earlier.
   The redirection URI includes an authorisation code.
5. The view requests an access token from astakos
   by including the authorisation code.
   The view also posts a pair of credentials used to
   authenticate itself with astakos and the redirection URI
   used to obtain the authorisation code for verification.
6. Astakos authenticates the view, validates the authorization code,
   and ensures that the redirection URI received matches the URI
   used to redirect the client.
   If valid, astakos responds back with an short-term access token.
7. The view exchanges with astakos the access token
   for the user information to whom the authorisation was granted.
8. The view responses with the resource contents
   if the user has access to the specific resource.

Remove 'cleanse' middleware that was used to clean sensitive variables
from admin mails. Instead, create a custom exception filter and set this
filter as Django's default reporter (DEFAULT_EXCEPTION_REPORTER_FILTER).

* Search by object UUID
* Do not display hashmap by default

This option is used to specify a temp directory to be used
by burnin to save it's intermediate files. The default
value for this option is "/tmp/"

Add sections about dhcp, public network connectivity, network
connectivity for newly created servers and public IP accounting.
Also fix many trailing whitespace issues.

Return 405 (NotAllowed) instead of 400 (BadRequest)
Add Allow header in the response containing the list of valid methods

Add section about Cyclades resources and quota handling. Also, refactor
the section about the reconciliation mechanism.

Signed-off-by: Olga Brani <olgabrani@grnet.gr>