[Django] Pass "next" urlparam to authorize endpoint

[james-emerton]

When an unauthenticated user accesses a view that requires authentication, the initial redirect to the login endpoint includes a next url parameter containing the url for the original view. This change arranges to have that same parameter available to the authorize endpoint so the user can be redirected to the page they originally intended to visit.

Also fixed an unrelated typo.

NB: It is the responsibility of handle_authorize to verify that the value of next is safe before responding with a redirect.