Enabling OAuth for the origin and cache, adding support for Globus as another auth server

[haoming29]

Closes #928

This PR also added API support for OAuth login for cache.

To accommodate the second OAuth provider, the login and callback urls for OAuth have breaking changes. This time we can barely do a backward compatible change due to the fact that the redirect URL as part of the shared OAuth configuration can't be changed in between different gin router handler (i.e. /auth/cilogon/login VS /auth/oauth/login).

Now the endpoints are renamed from /auth/cilogon/login and /auth/cilogon/callback to /auth/oauth/login and /auth/oauth/callback respectively.

This breaking change is documented in the Swagger and should be highlighted in the release notes too.

Another deprecate action is the Registry.AdminUsers, which is renamed to OIDC.AdminUsers. This is still backward-compatible.

This PR also addressed the first issue listed in #631 where if we have more than one server running, we direct user to login even if server(s) with a public-view are enabled (such as registry/director)

This PR also enforced the permission check on web pages, where the public can only access /view/director, /view/registry, and / page. For other pages, attempting to access without admin privilege will result in a 403 error with a string "You don't have the permission to view this page. If you think this is wrong, please contact your server admin.".

[haoming29]

@bbockelm any chance that I could get a review in soon? since this is a critical item for 7.7 release and Cannon's login UI change also depends on this PR to be merged, or do you want to hand this off to someone else?

[bbockelm]

Very minor changes requested. Some of the formatting nitpicks I fixed up already in a pushed commit.

[haoming29]

@CannonLock as I was going over the code to address the code review comments, I realized that I didn't use Origin.EnableOIDC flag that we meant to use for conditionally turn on the OAuth for origin (and cache), so we need to update the UI as well to conditionally render the OAuth options based on the server config. To make your life easier, I have an API included in this PR at /api/v1.0/auth/oauth, a GET request will give you an object with key oidc_enabled_servers which is a list of servers that enable OAuth (also documented in the Swagger). You should be able to iterate over the enabledServers list and match the oidc_enabled_servers to see which server turns on the option. Let me know if that makes sense

[haoming29]

Hey @bbockelm, could you take another look at this PR? This one is blocking the release

[bbockelm]

Revisions LGTM.