Implement REST-y OAuth2 authenticated Lookup API proxy

This pull request adds most of this project atop the template Django app in master. The meat of the pull request is commit b57574b2 which actually implements the API. Other commits update documentation or install various Django applications which are used by the API.

When running, a nice UI to try out the API can be found at http://localhost:8080/ui.

The API is authenticated by means of an OAuth2 token and set of required scopes for that token. Tokens are validated by a RFC7662 introspection endpoint. Documentation for the API is by means of an OpenAPI document which is rendered by a Swagger UI instance at /ui.

The API is read-only and has CORS headers so that it may be used from a web browser.

Commit eb0372b6 is the other large commit in this PR. This commit creates the infrastructure needed to develop and locally test this API. Testing this project is a little tricky without an OAuth2 endpoint so we update the docker-compose infrastructure to create as much infrastructure as possible, including the hydra OAuth2 server and a testing consent app. The consent app simply grants whatever scopes were requested and lets you set the username associated with the token. We also add some simple helper scripts for creating clients and tokens for use with the OAuth2 endpoint.

In order to test this PR, checkout and run docker-compose up devserver as usual. IMPORTANT: you must also create an OAuth2 client application if you want to test the API. The scripts/create-client.sh script can help here.