Refactor auth code to be cleaner and more extensible

We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).

auth/test/test_cookie.py

@@ -20,8 +20,8 @@ def test_invalidformatted_cookie(app):
   # Ensure we get an invalid session cookie format error.
   result = validate_session_cookie()
   assert result.authed_user is None
-  assert result.identity is None
-  assert not result.has_user
+  assert result.context.identity is None
+  assert not result.has_nonrobot_user
   assert result.error_message == 'Invalid session cookie format'
 
 
@@ -33,8 +33,8 @@ def test_disabled_user(app):
   # Ensure we get an invalid session cookie format error.
   result = validate_session_cookie()
   assert result.authed_user is None
-  assert result.identity is None
-  assert not result.has_user
+  assert result.context.identity is None
+  assert not result.has_nonrobot_user
   assert result.error_message == 'User account is disabled'
 
 
@@ -45,8 +45,8 @@ def test_valid_user(app):
 
   result = validate_session_cookie()
   assert result.authed_user == someuser
-  assert result.identity is not None
-  assert result.has_user
+  assert result.context.identity is not None
+  assert result.has_nonrobot_user
   assert result.error_message is None
 
 
@@ -61,6 +61,6 @@ def test_valid_organization(app):
 
   result = validate_session_cookie()
   assert result.authed_user is None
-  assert result.identity is None
-  assert not result.has_user
+  assert result.context.identity is None
+  assert not result.has_nonrobot_user
   assert result.error_message == 'Cannot login to organization'