Refactor django-digid-oidc callback/return flow

[sergei-maertens]

Closes #4246 partly

Changes

• Uses a single callback view now (we still subclass it for the OF auth plugin). This view no longer copies the upstream one and instead makes use of authentication backends again. Otherwise, we miss out on (security) patches made upstream.
• Merged all the callback routes into a single one (opt-in, behind a feature flag)
• Added upgrade note for changed callback URIs

TODO:

• [ ] Create custom authentication backend that handles the session stuff

Checklist

Check off the items that are completed or not relevant.

• Impact on features

  • [ ] Checked copying a form
  • [ ] Checked import/export of a form
  • [ ] Config checks in the configuration overview admin page
  • [ ] Problem detection in the admin email digest is handled

• Release management

  • [ ] I have labelled the PR as "needs-backport" accordingly

• I have updated the translations assets (you do NOT need to provide translations)

  • [ ] Ran ./bin/makemessages.sh
  • [ ] Ran ./bin/compilemessages_js.sh

• Commit hygiene

  • [ ] Commit messages refer to the relevant Github issue
  • [ ] Commit messages explain the "why" of change, not the how