Support bcrypt passwords in htpasswd

Strip JWT base64 padding before parsing. #560

typo(README): Terminiation » Termination

Fix typo in css for the sign in page template

more robust ClearSessionCookie()

README: fix nginx auth_request example for requests with body

default domain changed from request Host to blank, recently
try to clear cookies for both

Nginx never sends the body with the auth_request sub-request, but
keeps the original Content-Length header by default. Without some
config tweaks, this results in the request to /oauth2/auth hanging.

Iterate through pages returned by List Your Organizations endpoint

For some GHE instances where a user can have more than 100
organizations, traversing the other pages is important otherwise
oauth2_proxy will consider the user unauthorized. This change traverses
the list returned by the API to avoid that.

Update github provider tests to include this case.

Make Request Logging Format Configurable

distribution: create sha256sum.txt file when creating version releases

* update README.md to include instructions on how to verify prebuilt binaries for new releases.

GitHub use login as user

- Save both user and email in session state:
    Encoding/decoding methods save both email and user
    field in session state, for use cases when User is not derived from
    email's local-parth, like for GitHub provider.

    For retrocompatibility, if no user is obtained by the provider,
    (e.g. User is an empty string) the encoding/decoding methods fall back
    to the previous behavior and use the email's local-part

    Updated also related tests and added two more tests to show behavior
    when session contains a non-empty user value.

- Added first basic GitHub provider tests

- Added GetUserName method to Provider interface
    The new GetUserName method is intended to return the User
    value when this is not the email's local-part.

    Added also the default implementation to provider_default.go

- Added call to GetUserName in redeemCode

    the new GetUserName method is used in redeemCode
    to get SessionState User value.

    For backward compatibility, if GetUserName error is
    "not implemented", the error is ignored.

- Added GetUserName method and tests to github provider.

options: update options parsing for better handling of incorrect values

* don't add in failed compiled regexes for skip auth regex option
* improve test coverage for skip auth regex option to handle partial
success case
* add tests for incorrect upstream options parsing errors

raw url encoding

Switch from gpm -> dep for dependency management

Switch from 18F/hmacauth to mbland/hmacauth

Since I'm no longer with 18F, I've re-released hmacauth under the ISC
license as opposed to the previous CC0 license. There have been no
changes to the hmacauth code itself, and all tests still pass.

providers: update gitlab api endpoint to use latest version, v4

Don't set the cookie domain to the host by default, as it breaks Cookie Prefixes

Swap out bmizerany/assert package in favor of stretchr/testify/assert

Clarify that GitHub team option in README

Add OpenID Connect provider name.

Drop deprecated MyUSA provider.

[Resolves #390]