mod_http_oauth2: Separate extracting credentials from requests and verifying The token endpoint also uses Basic auth, but the password would be the client_secret, so we need to verify against that instead of using test_password(). Splitting this up here avoids code duplication. Possibly this new function could go into util.http...

---
summary: STARTTLS failure test
---

This module responds to `<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>` with
`<failure xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>`, in order to test
how clients and server behave.

See [RFC6120 Section 5.4.2.2](https://xmpp.org/rfcs/rfc6120.html#rfc.section.5.4.2.2)