Oauth-dropins

* IndieAuth: support JSON code verification responses as well as form-encoded ([snarfed/bridgy809](https://github.com/snarfed/bridgy/issues/809)).

Notable changes

More Python 3 updates and bug fixes in webutil.util.

Notable changes
* Add GitHub!
* Facebook
* Pass `state` to the initial OAuth endpoint directly, instead of encoding it into the redirect URL, so the redirect can [match the Strict Mode whitelist](https://developers.facebook.com/blog/post/2017/12/18/strict-uri-matching/).
* Add humanize dependency for webutil.logs.

Notable changes
Mostly just internal changes to webutil to support granary v1.10.

Notable changes
Mostly just internal changes to webutil to support granary v1.9.

* Flickr:
* Handle punctuation in error messages.

Notable changes
* Facebook:
* Upgrade Graph API from v2.6 to v2.10.
* Flickr:
* Fix broken `FlickrAuth.urlopen()` method.
* Medium:
* Bug fix for Medium OAuth callback error handling.
* IndieAuth:
* Store authorization endpoint in state instead of rediscovering it from `me` parameter, [which is going away](https://github.com/aaronpk/IndieAuth.com/issues/167).