Django-microsoft-auth

-----------------

* Adds new setting for callback hook right before `auth_callback` view renders
to override context data
* Adds example non-admin login form example in test site
* Renames `admin_login.js` and `admin_login.css` to just `login.js` and
`login.css`

-----------------

* Adds profile back as a default scope since Microsoft is added if it is not

-----------------

* Adds support for multiple SITE_IDs. If the setting is not provided, it will
pull it from the request object
* Adds new setting for callback hook after
`microsoft_auth.backends.MicrosoftAuthenticationBackend` authenticates user.

-----------------

* Removes `profile` from required scopes

-----------------

* Replaces deprecated Microsoft auth scopes with proper OpenID Connect ones
* WARNING: Breaking change. New scopes provide a new user id. See
`migration docs <https://django-microsoft-auth.readthedocs.io/en/latest/usage.html#migrating-from-1-0-to-2-0>`_
for details.
* Pulls authorization/token URLs directly from Microsoft
* Adds id token validation
* Admin pages for the auth type that is not enable is disabled by default now.
They can be re-enabled with `MICROSOFT_AUTH_REGISTER_INACTIVE_ADMIN = True`
* Extra scopes can be provieded via the `MICROSOFT_AUTH_EXTRA_SCOPES` setting
(space delimited). These scopes are *added* to the default required scopes
(`openid email` for Microsoft Auth and
`XboxLive.signin XboxLive.offline_access` for Xbox Live auth)

-----------------

* Adds expiration to state values (hardcoded 5 minutes)