Embed an OAuth2 issuer in Pelican #3153
Description
In prior work, we pulled quite a bit of the "business logic" of the allowable scopes into the Pelican code base (previously in QDL for OA4MP).
We've been challenged in getting the OA4MP stack (Java runtime, Tomcat, then the application itself) setup in the pelican origin environments outside the container.
Investigate using ory/fosite (previously used for the HTCondor MCP) as an embedded OAuth2 issuer. Reuse the existing "business logic", the Gin handlers and pages for the consent, fosite for the OAuth2 RFC implementations, the existing authentication routines, and the existing SQLite database for the state of the IDP.