GW refactoring: Proxy

[olevski]

Currently the gateway does not implement a proxy. It has a reverse proxy that is to some extent being abused as a regular proxy.

The idea is that we will implement a proxy that will be used by any internal renku services to access gitlab or any other external service that requires authentication.

The proxy should do the following:

• implement http and https proxying
• for https the proxy will generate its own certificate that other renku services will have it in their certificate store
• https proxying will therefore have two connections (renku service <--> proxy and proxy <--> external service), the SSL/TLS connections will terminate at the proxy but extend outward from it to the internal and external services
• http proxying is simple because it simply involves passing of requests back and forth
• the proxy will trade sessionIDs for the appropriate credentials for the external service and inject them in appropriate requests
• BONUS: remove all mention of gitlab from the reverse proxy, use this to serve internal renku services and requests coming from client sessions
• BONUS: implement this with the assumption that in the near future we will support more than one Gitlab and Github. Not just a single fixed Gitlab deployment.

Useful links:

• https://github.com/elazarl/goproxy (currently used in each session to proxy calls to gitlab). The idea is to essentially implement a custom version of this library. This library is not very actively maintained so I am worried about relying on it too much.
• https://eli.thegreenplace.net/2022/go-and-proxy-servers-part-1-http-proxies/. A very good explanation and examples about how to implement reverse proxying in go (using only the built-in library) for both http and https.