Spec proxy with OAuth2 access_token... bugfix

Spec require/invalid credentials

Relay X-headers and passthru content-type headers with PUT requests

Include POST content-type in Proxy

Exception handling

Catch malformed request errors to /proxy

Support OAuth2 refresh_token exchange