Add proper and tested OIDC support on the server

Note that this will still not work on the client side; the followup CL for the client side is right after this one.

endpoints/common.py

@@ -197,7 +197,6 @@ def render_page_template(name, route_data=None, **kwargs):
         'title': login_service.service_name(),
         'config': login_service.get_public_config(),
         'icon': login_service.get_icon(),
-        'scopes': login_service.get_login_scopes(),
       })
 
     return login_config

endpoints/oauthlogin.py

@@ -1,4 +1,5 @@
 import logging
+import uuid
 
 from flask import request, redirect, url_for, Blueprint
 from peewee import IntegrityError
@@ -50,6 +51,7 @@ def _conduct_oauth_login(service_id, service_name, user_id, username, email, met
 
     # Try to create the user
     try:
+      # Generate a valid username.
       new_username = None
       for valid in generate_valid_usernames(username):
         if model.user.get_user_or_org(valid):
@@ -58,6 +60,11 @@ def _conduct_oauth_login(service_id, service_name, user_id, username, email, met
         new_username = valid
         break
 
+      # Generate a valid email. If the email is None and the MAILING feature is turned
+      # off, simply place in a fake email address.
+      if email is None and not features.MAILING:
+        email = '%s@fake.example.com' % (str(uuid.uuid4()))
+
       prompts = model.user.get_default_user_prompts(features)
       to_login = model.user.create_federated_user(new_username, email, service_id,
                                                   user_id, set_password_notification=True,
@@ -102,6 +109,7 @@ def _register_service(login_service):
     try:
       lid, lusername, lemail = login_service.exchange_code_for_login(app.config, client, code, '')
     except OAuthLoginException as ole:
+      logger.exception('Got login exception')
       return _render_ologin_error(login_service.service_name(), ole.message)
 
     # Conduct login.