Support Webservice-less CheckRequest calls

[SamMHD]

After merging these changes one can set Cerberus as external auth without creating API key or Webservice custom resources. They only need to specify webservice: none, authURL: <address of http auth service> and readTokenFrom, writeTokenTo, timeout and comma joined careHeaders fields in auth context of the external auth request.

NOTE:

• readTokenFrom, writeTokenTo, timeout are optional, their default values are:
  • readTokenFrom: Authorization
  • writeTokenTo: Authorization
  • timeout: 200 (ms)

Example HTTPProxy:

apiVersion: projectcontour.io/v1
kind: HTTPProxy
metadata:
  name: cerberus-webserviceless-test-route
spec:
  ingressClassName: private
  routes:
    - conditions:
        - exact: /
      enableWebsockets: false
      permitInsecure: false
      authPolicy:
        authContext:
          webservice: none
          authURL: <address of http external auth service>
          readTokenFrom: Authorization
          writeTokenTo: Authorization
          timeout: 200
          careHeaders: X-User-Data,X-User-State
      services:
        - name: echo
          port: 80
          weight: 100
      timeoutPolicy:
        idle: 5m
        idleConnection: 1h
        response: 30s
  virtualhost:
    fqdn: test.cerberus.snappcloud.io
    tls:
      minimumProtocolVersion: "1.2"
      passthrough: false
      secretName: openshift-ingress/letsencrypt
    authorization:
      extensionRef:
        namespace: cerberus-operator-system
        name: cerberus-auth
      authPolicy:
        context:
          webservice: webservice-sample

[SamMHD]

Tagged as v1.15.9-rc to build and release RC image.

[SamMHD]

Production test was successful, Merging...