Add a page to handle OAuth redirection

[westbury]

This adds a page to the syncany.org web server that can be used to receive a redirect when https is required or local host is not allowed. It then redirects to the Syncany application at localhost.

This is needed to get the Hubic plugin to work. Hubic requires the redirect URL to be HTTPS. It would have been possible to setup up SSL socket listener in the Syncany application. However the certificate would have to be self-signing (all Certificate Authorities want one to prove rights to a domain name etc), and if a self-signed certificate is used then browsers give security warnings to the users which we don't really want. So in the end I think this is the best approach. This approach also involved minimal changes to the code in the oauth package in Syncany.

I am confident this will work as I have tested it on another HTTPS server, and just edited the URLs in the browser. If you can get this onto the syncany.org server then this will help with the testing of the rest of the changes.

[pimotte]

Couple of remarks:

1. I'm not sure I would be okay with this in the grand scheme. If Hubic requires the redirect to be https and we provide that, then we should also verify what we're redirecting to. I would be much happier if it is possible to hardcode the target of the redirect, or at least validate it in some way.
2. This seems kind of hacky. We have quite a nice php structure for routing with controllers. This is also functionality that ought to be in the api. subdomain.
3. To get this live, we'll need @binwiederhier anyway, so I'm going to ping him here.

[westbury]

1. What is the reason for validating the redirect and what would you accept as valid? Even if this validation is done server side it would provide no extra protection.
2. I agree that it is kind of hacky, but we are limited by Hubic's restrictions and the fact Syncany is a client application that keeps no secrets. I would be very happy if you came up with a better way.

[pimotte]

1. Well, wouldn't we always want to redirect to localhost, for starters?

2. I should have been more clear, I think the hacky part is doing the redirect by serving javascript. We could have the code in the api subdomain: https://github.com/syncany/syncany-website/tree/develop/api.syncany.org/src/main/php/Syncany/Api, and introduce a controller which does the redirect. Which will then simply return a 30x to redirect to the desired url.