create api class to ease authentication for third party apps

[marlon-wiprud]

goals

• Make log in / log out easy for 3rd party apps
• automatically handle token refresh
• expose functions to make interaction with the Roll api quick and easy

I am designing this class to achieve these goals with as little assumptions about the consumers implementation as possible.

currently I am allowing the class consumer to decide how they handle:

• caching access and refresh tokens
• the logged in/logged out state of the roll account in the context of their whole application
• the way they navigate to the roll login and logout pages

Initializing the api class will look like this:

const rollAPI = new RollAPI(
  clientID,
  issuerURL,
  redirectURL,
  scopes, // array of scopes ["read", "write"...etc]
  cacheOauthTokens, // optional function written by consumer to set the oauth tokens in a caching mechanism
  getCachedOauthTokens, // optional function to return the cached tokens
  clearCachedOauthTokens // optional function to clear cached tokens
);

The consumer will log in like this:

window.location.href = rollAPI.getLoginURL()

//// once the redirect url is hit...

 rollAPI.initializeSession(
          window.location.search, // the callback url container the ?code=123 param
          handleSuccess, // callback to be invoked when the user becomes authenticated, and when tokens are refreshed
          handleFail // callback to be invoked when login or refresh fails
        );

The consumer will log out like this:

window.location.href = rollAPI.getLogoutURL();

cacheOauthTokens: (oauthTokenOBJ) => void
getCachedOauthTokens: () => oauthTokenOBJ
clearCachedOauthTokens: () => void
handle success: () => void
handleFail: (err) => void

cc @sidko here are some notes on how I am implementing the roll api class.