Adding scope field to generic OAuth

Some OAuth providers (like Mastodon) do not use the default
"read_user" scope, instead offering a custom scope. The config.ini
for generic OAuth now contains a "scope" field, allowing the admin
to set the scope manually (it defaults to "read_user" if blank).