✨(backend) integrate ResourceServerAuthentication on the external api

Upgrade django-lasuite to v0.0.19 to benefit from the latest resource server
authentication backend. Thanks @qbey for your work. For my needs, @qbey
refactored the class in #46 on django-lasuite.

Integrate ResourceServerAuthentication in the relevant viewset. The integration
is straightforward since most heavy lifting was done in the external-api viewset
when introducing the service account.

Slightly modify the existing service account authentication backend to defer to
ResourceServerAuthentication if a token is not recognized.

Override user provisioning behavior in ResourceServerBackend: now, a user is
automatically created if missing, based on the 'sub' claim (email is not yet
present in the introspection response). Note: shared/common implementation
currently only retrieves users, failing if the user does not exist.

src/backend/core/external_api/viewsets.py

@@ -9,6 +9,7 @@ from django.core.exceptions import ValidationError
 from django.core.validators import validate_email
 
 import jwt
+from lasuite.oidc_resource_server.authentication import ResourceServerAuthentication
 from rest_framework import decorators, mixins, viewsets
 from rest_framework import (
     exceptions as drf_exceptions,
@@ -149,7 +150,10 @@ class RoomViewSet(
     - create: Create a new room owned by the user (requires 'rooms:create' scope)
     """
 
-    authentication_classes = [authentication.ApplicationJWTAuthentication]
+    authentication_classes = [
+        authentication.ApplicationJWTAuthentication,
+        ResourceServerAuthentication,
+    ]
     permission_classes = [
         api.permissions.IsAuthenticated & permissions.HasRequiredRoomScope
     ]