+ Authenticate a user using username/password or token, plus project
+ :param user: user: name, id or None
+ :param password: password or None
+ :param project: name, id, or None. If None first found project will be used to get an scope token
+ :param token: previous token to obtain authorization
+ :return: the scoped token info or raises an exception. The token is a dictionary with:
+ _id: token string id,
+ username: username,
+ project_id: scoped_token project_id,
+ project_name: scoped_token project_name,
+ expires: epoch time when it expires,