proxy: Allow injection of request headers

[mcfearsome]

• Added InjectRequestHeaders to UpstreamConfig/OptionsConfig
• Loop over InjectRequestHeaders during Authenticate and add headers to the request

Problem

#243

Notes

I am unfamiliar with Go and was unsure how to go about testing the actual adding of the headers. If someone would be kind enough to point me in the right direction I can continue.

[codecov]

Codecov Report

Merging #244 into master will decrease coverage by 0.02%.
The diff coverage is 33.33%.

@@            Coverage Diff             @@
##           master     #244      +/-   ##
==========================================
- Coverage   62.25%   62.22%   -0.03%     
==========================================
  Files          50       50              
  Lines        4069     4072       +3     
==========================================
+ Hits         2533     2534       +1     
- Misses       1349     1350       +1     
- Partials      187      188       +1

Impacted Files	Coverage Δ
internal/proxy/oauthproxy.go	50.73% <0%> (-0.25%)	⬇️
internal/proxy/proxy_config.go	78.26% <100%> (+0.11%)	⬆️

[jphines]

Overall, this looks great! Just one small nit about placement of setting headers.

Additionally, can we add some documentation to https://github.com/buzzfeed/sso/blob/master/docs/sso_config.md?

[jphines]

Let's move these above setting of the X-Forwarded- headers. We don't want to allow impersonation by setting these headers from a config.

[mcfearsome]

moved