scp claim is deprecated, replaced with scope

[jbasney]

https://github.com/scitokens/scitokens.github.io/blob/master/technical_docs/Claims.md has examples like

"scp": "read:/store write:/store/user/bbockelm"

but https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-03#section-4.2 shows the scp claim is a JSON list like

"scp":["email","address","profile","phone"]

While the standard OAuth scope claim is a single string with a space separator, it seems the scp claim is defined differently. We should use the scope and scp claims consistent with the IETF specs.

[jbasney]

See https://self-issued.info/?p=1825. The scp claim is deprecated in https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-13#section-4.2. OAuth 2.0 Token Exchange now uses the standard scope claim. SciTokens should do the same.