Refactor auth code to be cleaner and more extensible

We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).

endpoints/api/__init__.py

@@ -15,7 +15,8 @@ from auth.permissions import (ReadRepositoryPermission, ModifyRepositoryPermissi
                               AdministerRepositoryPermission, UserReadPermission,
                               UserAdminPermission)
 from auth import scopes
-from auth.auth_context import get_authenticated_user, get_validated_oauth_token
+from auth.auth_context import (get_authenticated_context, get_authenticated_user,
+                               get_validated_oauth_token)
 from auth.decorators import process_oauth
 from endpoints.csrf import csrf_protect
 from endpoints.exception import (Unauthorized, InvalidRequest, InvalidResponse,
@@ -291,8 +292,7 @@ def require_fresh_login(func):
     if not user:
       raise Unauthorized()
 
-    oauth_token = get_validated_oauth_token()
-    if oauth_token:
+    if get_validated_oauth_token():
       return func(*args, **kwargs)
 
     logger.debug('Checking fresh login for user %s', user.username)