v0.22.0

Warning note for upgraders. This release has a database migration on the oauth2_tokens table. For most users this is the largest table, some downtime may be expected while the server runs its migrations.

• #425: Using a client_secret is now supported with authorization_code, and it's read from either the request body or HTTP Basic Authorization header.
• The service now keeps track when issuing access tokens, whether those tokens have used a client_secret or not, which grant_type was used to issue them and what scopes were requested. This work is done to better support OAuth2 scopes in the future, and eventually OpenID Connect.
• Fixed broken 'principal uri' in introspection endpoint response.
• OAuth2 service is almost entirely rewritten.
• The number of tokens issued is now displayed on the home page.
• Large numbers are now abbreviated with K and M.
• #426: Updated to Curveball 0.20.
• #427: Typescript types for the database schema are now auto-generated with mysql-types-generator.