Implemented test for verifying that the reading permissions are denied to IAM ESCAPE tokens with openid scope.

Implemented also a couple of group base authz tests:

• read only access is granted to default groups
• full access (read, make directory, remove) is granted to the /escape/data-manager group

The testsuite uses gfal as utils for auth tests; don't know if it is better to use curl.