Generalize AuthServiceExtension

[rtannenbaum]

Consolidate auth extensions to generalized ones, one for OAuth1 and one for OAuth2.

The plan is to combine all the service-level auth flows where possible to allow for more uniform and easy-to-understand auth flows based on underlying protocol, and to reduce reliance on third-party SDKs for future secure deployment environments.

out of date:
As discussed in https://portability.slack.com/archives/C8PH5R1C2/p1533592780000248
We should generalize AuthServiceExtension used in the API servers to be basically a config wrapper, which returns auth-related config to the FE

FE's should know how to handle various auth flows given the auth configuration returned from the API

[rtannenbaum]

update: this bug is now tracking the effort to consolidate auth extensions to generalized ones, one for OAuth1 and one for OAuth2.

The comment in the PR description about making API servers be auth config managers is now out of date. The latest discussion/thinking is for auth logic to be available in API servers for those who wish to use the API server as a web server to handle auth, but to also provide a separate, more minimal, mode as well for the API server to not handle auth flow (just provide an interface to JobStore). In that scenario, distributions would move auth logic to their frontend. This dual-mode API server approach was discussed in our maintainer meeting on 10/15/18.