sso-auth: segfault if `OLD_COOKIE_SECRET` value is not present

[danbf]

reproduce by running the quick-start docker-compose environment without the OLD_COOKIE_SECRET causes a seg-fault

authenticator_1 | panic: runtime error: invalid memory address or nil pointer dereference
authenticator_1 | [signal SIGSEGV: segmentation violation code=0x1 addr=0x8 pc=0x6ba2d6]
authenticator_1 |
authenticator_1 | goroutine 5 [running]:
authenticator_1 | github.com/buzzfeed/cop/internal/pkg/sessions.(*CookieStore).AuthLoadSession(0x0, 0xc420127500, 0x1, 0x10, 0xc420074c30)
authenticator_1 | /go/src/github.com/buzzfeed/cop/internal/pkg/sessions/cookie_store.go:196 +0x26
authenticator_1 | github.com/buzzfeed/cop/internal/auth.(*Authenticator).LoadSession(0xc4200b6500, 0xc420127500, 0xa, 0x7fdc319a7000, 0x0)
authenticator_1 | /go/src/github.com/buzzfeed/cop/internal/auth/authenticator.go:144 +0xa6
authenticator_1 | github.com/buzzfeed/cop/internal/auth.(*Authenticator).authenticate(0xc4200b6500, 0xadb360, 0xc420176000, 0xc420127500, 0x1, 0xc420018270, 0x22)
authenticator_1 | /go/src/github.com/buzzfeed/cop/internal/auth/authenticator.go:283 +0x80
authenticator_1 | github.com/buzzfeed/cop/internal/auth.(*Authenticator).SignIn(0xc4200b6500, 0xadb360, 0xc420176000, 0xc420127500)
authenticator_1 | /go/src/github.com/buzzfeed/cop/internal/auth/authenticator.go:372 +0x14c
authenticator_1 | github.com/buzzfeed/cop/internal/auth.(*Authenticator).SignIn-fm(0xadb360, 0xc420176000, 0xc420127500)
authenticator_1 | /go/src/github.com/buzzfeed/cop/internal/auth/authenticator.go:207 +0x48
authenticator_1 | github.com/buzzfeed/cop/internal/auth.(*Authenticator).validateSignature.func1(0xadb360, 0xc420176000, 0xc420127500)
authenticator_1 | /go/src/github.com/buzzfeed/cop/internal/auth/middleware.go:154 +0x121
authenticator_1 | github.com/buzzfeed/cop/internal/auth.(*Authenticator).validateRedirectURI.func1(0xadb360, 0xc420176000, 0xc420127500)
authenticator_1 | /go/src/github.com/buzzfeed/cop/internal/auth/middleware.go:122 +0x6e0
authenticator_1 | github.com/buzzfeed/cop/internal/auth.(*Authenticator).validateClientID.func1(0xadb360, 0xc420176000, 0xc420127500)
authenticator_1 | /go/src/github.com/buzzfeed/cop/internal/auth/middleware.go:75 +0x703
authenticator_1 | github.com/buzzfeed/cop/internal/auth.(*Authenticator).withMethods.func1(0xadb360, 0xc420176000, 0xc420127500)
authenticator_1 | /go/src/github.com/buzzfeed/cop/internal/auth/middleware.go:47 +0x92
authenticator_1 | net/http.HandlerFunc.ServeHTTP(0xc4200e4b40, 0xadb360, 0xc420176000, 0xc420127500)
authenticator_1 | /usr/local/go/src/net/http/server.go:1918 +0x44
authenticator_1 | net/http.(*ServeMux).ServeHTTP(0xc4201414d0, 0xadb360, 0xc420176000, 0xc420127500)
authenticator_1 | /usr/local/go/src/net/http/server.go:2254 +0x130
authenticator_1 | net/http.(*ServeMux).ServeHTTP(0xc420141440, 0xadb360, 0xc420176000, 0xc420127500)
authenticator_1 | /usr/local/go/src/net/http/server.go:2254 +0x130
authenticator_1 | github.com/buzzfeed/cop/internal/auth.setHeaders.func1(0xadb360, 0xc420176000, 0xc420127500)
authenticator_1 | /go/src/github.com/buzzfeed/cop/internal/auth/middleware.go:32 +0x159
authenticator_1 | net/http.HandlerFunc.ServeHTTP(0xc4200e4da0, 0xadb360, 0xc420176000, 0xc420127500)
authenticator_1 | /usr/local/go/src/net/http/server.go:1918 +0x44
authenticator_1 | net/http.(*timeoutHandler).ServeHTTP.func1(0xc420141bc0, 0xc420176000, 0xc420127500, 0xc420014180)
authenticator_1 | /usr/local/go/src/net/http/server.go:3043 +0x53
authenticator_1 | created by net/http.(*timeoutHandler).ServeHTTP
authenticator_1 | /usr/local/go/src/net/http/server.go:3042 +0x158

[mreiferson]

This was fixed in #54, cleaned up the references to it in #120. Closing!