Maintain legacy OAuth headers

[nynymike]

Kong defines a few headers:

https://getkong.org/plugins/oauth2-authentication/#upstream-headers

We will need to add

* X-Consumer-ID, the ID of the Consumer on Kong
* ADD THIS TO PLUGIN & KONGA: X-Consumer-Custom-ID, the custom_id of the Consumer (if set)
* X-Consumer-Username, the username of the Consumer (if set)
* ADD THIS FOR OAUTH2 CLIENTS ONLY: X-Authenticated-Scope, the comma-separated list of scopes that the end user has authenticated, if available (only if the consumer is not the 'anonymous' consumer)
* OMIT: X-Authenticated-Userid, the logged-in user ID who has granted permission to the client (only if the consumer is not the 'anonymous' consumer)
* X-Anonymous-Consumer, will be set to true when authentication failed, and the 'anonymous' consumer was set instead.

[nynymike]

1. I do not see any way for the admin to populate the X-Consumer-Custom-ID header in Konga.
2. X-Consumer-Custom-ID I think this also needs a Yes|No form control

[ldeveloperl1985]

You can set custom_id of a consumer using Consumer section

Currently, there is no way for an admin to hide/show from the header, it by default adds in the header after successful authentication.

https://github.com/GluuFederation/gluu-gateway/blob/master/gluu-oauth2-client-auth/kong/plugins/gluu-oauth2-client-auth/access.lua#L138

[nynymike]

This is an id distinct from the consumer id... it is present in the default kong oauth plugin

[ldeveloperl1985]

Added a field for show and hide consumer custom id from header.