Gfal2 - retrieve SE tokens

• absorbed functionality from x509-scitokens-issuer-client package
  • built-in requesting of macaroons
  • removes dependency to package
• development should reach FTS3-Devel by next DOMA-TPC
  • same testing done on FTS3-Devel-Next should move to FTS3-Devel after deployment
     

FTS

• FTS already has the server config option to enable/disable retrieving of macaroons (`se_token` branch)
  • RetrieveSEToken=<true|false> (default true) ;  requires FTS server restart
  • when Gfal2 developments go to FTS3-Devel, same will this change

gfal-macaroon CLI?

• Above developments allow Gfal2 to exchange a proxy certificate for a macaroon (for a given path).
  • Is there interest to have this in python bindings and Gfal2 CLI?

E.g.: gfal-macaroon gfal-se-token [--issuer <issuer>] [--validity <validity>] </path> [read(default)|write|<activity_list>]