Refactor: can use MOOC.fi tokens to authenticate

[mipyykko]

• at first, tries the token as TMC token
  • if successful, then it is a TMC token and business as usual
  • if not, we contact MOOC.fi validate endpoint to see if it's a user there
    • if we have successful validation, we receive the MOOC.fi user and try to look for the user by id in TMC
      • if successful, we are validated
      • if not successful, we try to look for the user by email
        • if successful, we contact MOOC.fi /api/user endpoint to update the user upstream_id (ie. TMC id) there
        • if not successful, we create a new TMC user with the data, and update the user upstream_id in MOOC.fi

Relies on the /auth/validate POST and /api/user PATCH endpoints to be there in MOOC.fi, which they currently are not in the master branch.
Needs two new envs: moocfi_update_secret is the secret token used to update the user in MOOC.fi; base_url_for_moocfi is the backend URL ie. https://www.mooc.fi

[codeclimate]

Analysis results are not available for those commits

View more on Code Climate.