Kinto-fxa

------------------

**Bug fixes**

- In case the Oauth dance is interrupted, return a ``408 Request Timeout``
error instead of the ``401 Unauthenticated`` one. (11)
- Do not call ``cliquet.load_default_settings`` from cliquet-fxa (12)

------------------

- Separate multiple scopes by a + in login URL.

------------------

**Bug fixes**

- Multiple scopes can be requested on the login flow.
- Multiple scopes can be required for the app.

**Configuration changes**

- ``fxa-oauth.scope`` is now deprecated. ``fxa-oauth.requested_scope`` and
``fxa-oauth.required_scope`` should be used instead.

------------------

- Add default settings to define a policy "fxa".
It is now possible to just include ``cliquet_fxa`` and
add ``fxa`` to ``multiauth.policies`` setting list.
- Do not check presence of cliquet cache in initialization
phase.
- Do not use Cliquet logger to prevent initialization errors.

------------------

- Do not prefix authenticated user with ``fxa_`` anymore (5)

------------------

- Imported code from *Cliquet*