gplazma: oidc plugin

[paulmillar]

When the oidc plugin attempts online verification of a token (using the userinfo endpoint), if that GET request fails then dCache attempts to parse the response entity as a JSON strings. This is to provide a more useful error message, based on what the server said was wrong. This is problematic for several reasons:

1. The response entity is not guaranteed to be present, or follow any structure. The WWW-Authenticate header is the correct place to get information on what went wrong.
2. The server could reply with a JSON response entity; however, this should only be parsed as JSON if the Content-Type header indicates it is JSON. Even then, there is no guarantee that the error information is present.
3. A new fall-back is needed if the WWW-Authenticate header is missing (or doesn't contain the error and error_description fields) and the response entity is not JSON (or doesn't contain the error and error_description fields). For example, taking the first line, ensuring it has ASCII-clean text and truncating if too long.