We often need to implement a site-specific authentication hook plugin for the manager which accepts arbitrarily-formatted authentication data from 3rd parties.

Let's:

• Add an "opaque" mode (e.g., ?mode=opaque) to the /authorize manager API so that it just accepts arbitrary query parameters and body content so that any internally installed auth-hook plugins could apply custom processing of them.
• Update the client SDK's functional API, User.authorize() to support this opaque mode as well.
• Add support for the opaque mode in the webserver as well using the updated client.
  I think it would be good enough to have a branch to apply different trafaret depending on the "mode" query parameter (which fallbacks to the "email", the current impl.).

This is a refactoring of #1478 and lablup/backend.ai-webui#1862.