Fix non spec conformant login oauth flow

[JMoVS]

The current implementation uses a trick where the redirect URL is passed with a parameter specifying the userID so on return, the specific userID can be extracted from the called URL again. This is against the spec of Oauths RFC and does currently work with Github, however while trying to reuse the code for interacting with the Wrike API it turned out to be problematic.

This is what I'm referring to:

Per-Request Customization

Often times a developer will think that they need to be able to use a different redirect URL on each authorization request, and will try to change the query string parameters per request. This is not the intended use of the redirect URL, and **should not be allowed by the authorization server**. **The server should reject any authorization requests with redirect URLs that are not an exact match of a registered URL.**

If a client wishes to include request-specific data in the redirect URL, it can instead use the “state” parameter to store data that will be included after the user is redirected. It can either encode the data in the state parameter itself, or use the state parameter as a session ID to store the state on the server.

Now as during the creation of the github oauth app, the redirect URL is specified without the UserID field, it should not work.

I edited the code to instead put the userID in the state field and extract it when returning back to maubot.

I tried to make sure that the delimiter between the userID and the state would not run into any conflicts. The chosen "%" is not a viable character for userIDs in matrix (https://spec.matrix.org/v1.8/appendices/#user-identifiers) and also poses no problems with URLs.

As I'm working on my end with different APIs from Wrike, would it be possible for you to check if these commits work on Github as well or if you run into other issues?