Consistent error handling

[tomasvotava]

Error handling right now is a mess, each SSO provider class lets exceptions propagate on their own terms. There should be a straightforward and concise set of exceptions raised from the verify_and_process coroutine so that devs can catch the errors and provide end users with relevant information.

Once the structure of exceptions is clear, it should be well documented so that contributors know which exceptions to raise when and devs know which exceptions to expect.