Setting auth/token in <dbp-components> directly without <dbp-provider>

Replace with the event bus for now

Now that we have a separate component for keyclaok we can move those
keycloak specific settings into their own attributes.

This should make it more clear what the components are used for

In some cases we want to set the path via a html attribute where we can't easily
compute a URL relative to the bundle or page. Convert a path to an URL
if parsing it as an URL doesn't work instead.

These scopes get used for the keycloak login and in case they are registered
as optional scopes for that client get added to the access token.

See #7

We need to override everything on the prod server, and having everything in one object
makes it clear what is keycloak specific (we could also prefix everything...).

With the new ability to log in without redirecting to keycloak and reloading the page
we can now try to login on start every time.

Instead of remembering the login state in the session storage we just ask keycloak in an iframe
on start. To better describe this new behaviour rename the attribute from remember-login to try-login.

We keep the login state in the session storage and force a login in case the user was
logged in before.

This means a page refresh will try to restore the login state (which usually should mean
that it just flashes becasue of redirects). And new visitors get the logged out state by default.

Bekerle, Patrizio authored 5 years ago and Reiter, Christoph committed 4 years ago

# Conflicts:
#	vpu-auth.js