(REF) authx - Reorganize internal methods to use an auth-request object

(REF) authx - Reorganize internal methods to use an auth-request object

This significantly trims down the `auth()` method and rearranges as three
methods. A data object is passed between the three methods. The main method:

```
    if ($principal = $this->checkCredential($tgt)) {
      $tgt->setPrincipal($principal);
    }
    $this->checkPolicy($tgt);
    $this->login($tgt);
```

This arrangement lays the groundwork for implementing more varied policies.
For example, we could have a policy where the ability to login via
username/password/api_key is dictated by the user's role or permissions.