Add G Suite's Google Groups membership as access criteria

[pataquets]

[Since I don't know the upstreaming status of this repo against Agora Games's one, just copying to give visibility to agoragames/nginx-google-oauth#14]

G Suite has a Groups feature: https://support.google.com/a/answer/33329
Instead of white/blacklist or domain, membership of a G Suite Group would provide a more streamlined, granular and easy management of allowed users.
Also as done on bitly's oauth_proxy2

[TiagoTT]

We have an experimental version of nginx-google-oauth which uses a service account (with domain wide delegation) to fetch user data from Google Directory API.
https://github.com/BrandwatchLtd/nginx-google-oauth

But are not using Google Directory Groups, we use customSchemas on the Google Directory Users.
So in our case the groups of a user are fetched from the Directory User object, and not searching on the Directory Groups.

I know this is not exactly what @pataquets asked, but at least the first part would be common, which consists of loading the service account JSON file and getting the access token on behalf of a domain admin account.
https://github.com/BrandwatchLtd/nginx-google-oauth/blob/fd6fe426fb84ceb65e7640d23a2de783c935242b/access.lua#L171-L213

I didn't open a PR because our code is not generic, but will do it maybe later if we find a more generic solution.

[TiagoTT]

I have cleaned up the code and made it use Google Directory Groups. See PR: #33