Read extended user attributes from auth proxy

[liggitt]

Bring the requestheader IDP to parity with the other providers by allowing setting the display name, email, and preferred username from header values.

Added config for listing headers to read display name, email, and preferred username from. Example config:

oauthConfig:
  ...
  identityProviders:
  - name: "..."
    provider:
      apiVersion: v1
      kind: RequestHeaderIdentityProvider
      headers:
      - X-Remote-User
      emailHeaders:
      - X-Remote-User-Email
      nameHeaders:
      - X-Remote-User-Display-Name
      preferredUsernameHeaders:
      - X-Remote-User-Login

[liggitt]

@deads2k @smarterclayton

[liggitt]

[test]

[liggitt]

@sgallagher PTAL

[openshift-bot]

Evaluated for origin test up to f6a0c52

[sgallagher]

Not that this is incorrect, but since this is now a function, wouldn't the logic be better if we had it return a boolean success or failure, rather than running a len() on the return? I'd think that would be less error-prone.

[liggitt]

if I had that bool, I'd still do the length check, because we can't successfully provision an identity with an empty id. when we have a case where we care about a present-but-empty value, it'd be fine to add then

[sgallagher]

LGTM

[liggitt]

[merge]

[openshift-bot]

continuous-integration/openshift-jenkins/test SUCCESS (https://ci.openshift.redhat.com/jenkins/job/test_pr_origin/1533/)

[openshift-bot]

continuous-integration/openshift-jenkins/merge SUCCESS (https://ci.openshift.redhat.com/jenkins/job/test_pr_origin/1533/) (Image: devenv-rhel7_3520)

[openshift-bot]

Evaluated for origin merge up to f6a0c52