The lookup functionality was too opinionated in how it was to be coupled
with the DRF authentication which lead to a problem in the Media
Platform whereby users which were created by being simple Django users
ended up with the wrong scheme somehow.

The fix for this is to decouple the Django user creation from the lookup
calls. Unfortunately, since it was copied wholesale from the IAR
project, the implementation of automationoauthclient, automationlookup
and automationoauthdrf was very tightly coupled.

Taking the lead from #4, move OAuth2 client functionality into a new
automationoauth module and factor out the token verification from
automationoauthdrf into automationoauthclient.token.

Do not remove the existing implementation for compatibility reasons but
re-implement it with the new API. Improve the documentation for the new
API a little and mark the previous API as deprecated.

Do not couple the OAuth2 token subject to the lookup proxy API since, as
in the UMP, we do not always have an OAuth2 token for a user we wish to
look up and so cannot rely on the automagic parsing of the token
subject.