Provide alternative secured call configurations

[bgaillard]

For now OAuth.JS can create secured requests using a special secured parameter which can be provided with the options settings object of Backbone fetch methods and the config settings object of the Angular JS $http methods.

It works and it allows to have a very precise mechanism to choose when a request has to be secured and when it has'nt.

But in some cases this has several disavantages :

• When we want to integrate OAuth.JS into an existing application we have to modify all the call to the Framework's AJAX methods.
• On most applications all the calls have to be secured, so it would be more useful if the requests were secured by default.
• The calls to the Backbone fetch and Angular JS $http methods are done with an additional secured parameter which is not standard with those frameworks.

We thinks OAuth.JS could implement additional configuration to indicate how to secure the requests :

• Add URL prefix / regex configurations associated to names to indicate with which URLs the access_token parameter has to be added.
• Keep the secured and let it overwrite the URL prefix / regex configuration.

Here is a sample configuration with URL prefix / regex :

OAuth.init(
    {
        securedUrls : [
            usersApi : {
                prefix : 'http://website.org/rest/users'
            },
            groupsApi : {
                prefix : 'http://website.org/rest/groups/*/adminGroups'
            }
        ]
    }
);