The External Authorization client used Excon to make HTTP calls.
This changes the client to use the safe Gitlab::HTTP client which
will block local requests, unless they're explicitly enabled.
The local requests for system services is enabled by default so
existing default behavior of external authorizations is preserved.