* Refactor OpenIddict for shared usage between APIs + implement member authentication and handling within the Delivery API
* Make SwaggerRouteTemplatePipelineFilter UI config overridable
* Enable token revocation + rename logout endpoint to signout
* Add default implementation of SwaggerGenOptions configuration for enabling Delivery API member auth in Swagger
* Correct notification handling when (un)protecting content
* Fixing integration test framework
* Cleanup test to not execute some composers twice
* Update paths to match docs
* Return Forbidden when a member is authorized but not allowed to access the requested resource
* Cleanup
* Rename RequestMemberService to RequestMemberAccessService
* Rename badly named variable
* Review comments
* Hide the auth controller from Swagger
* Remove semaphore
* Add security requirements for content API operations in Swagger
* Hide the back-office auth endpoints from Swagger
* Fix merge
* Update back-office API auth endpoint paths + add revoke and sign-out endpoints (as of now they do not exist, a separate task will fix that)
* Swap endpoint order to maintain backwards compat with the current login screen for new back-office (will be swapped back again to ensure correct .well-known endpoints, see FIXME comment)
* Make "items by IDs" endpoint support member auth
* Add 401 and 403 to "items by IDs" endpoint responses
---------
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
Co-authored-by: Elitsa <elm@umbraco.dk>
83321a8fad