auth: add support for authc/authz via external api (#10)
Squash a series of commits related to authentication found on
v5.0.1-criteo branch:
* 34fe8d4ef11962a5f56772641193886bbbf07c9e Add attributes support
* bf5cf176fb8deaee04e70f9c7f24eb18e4ccd496 Implement List Roles
* fe21809bc5d7288545ea9aa21ef05a0d29f07336 Add alter user implementation to the rest role manager
* 69fd387e7103245cce998216af706b70c9c242b3 Update ssl cert
* 6a32079f6d6e3e2b7809b021f32c433b67e76c4d Add authorization support with rest_auth
* 2f92f8b8d182aa23992c9ac6d7de5775de16498a deprecate internal_distributed_timeout_config
* a39e509b4fa3df5da84300d75d444aa4c92e3f8c Add rest_authenticator to manage authentication with a rest endpoint validating credentials
Few changes introduced compared to 5.0.1 version:
* fixed runtime assertion related to pending flush when scylla
fails to communicate with rest auth api
* picojson replaced by rapidjson (used by scylla)
* rest_http_client replaced by seastar::http::experimental::connection
* unit tests fixed and enriched
* formatting aligned with rest of scylla code base
* tools/rest_authenticator_server updated to match actual
implementation (usage of TLS and of GET http verb instead
of POST)
* 73d02b12e5708cf9bd28609edd1c34255c78664f make our rest_authenticator accepted by some clients
make our rest_authenticator accepted by some clients
authenticator_name is checked by some clients (go, rust) and connections
are rejected if not in an allowed list on client side.
We spoof cassandra authenticator name as scylla is doing for
password authenticator.
