proxy: add JWT request signing support (#19)

- Refactored middleware and request hander logging.
- Request refactored to use context.Context.
- Add helper (based on Alice) to allow middleware chaining.
- Add helper scripts to generate elliptic curve self-signed certificate that can be used to sign JWT.
- Changed LetsEncrypt scripts to use acme instead of certbot.
- Add script to have LetsEncrypt sign an RSA based certificate.
- Add documentation to explain how to verify headers.
- Refactored internal/cryptutil signer's code to expect a valid EC priv key.
- Changed JWT expiries to use default leeway period.
- Update docs and add screenshots.
- Replaced logging handler logic to use context.Context.
- Removed specific XML error handling.
- Refactored handler function signatures to prefer standard go idioms.

internal/log/log.go

@@ -2,7 +2,7 @@
 package log // import "github.com/pomerium/pomerium/internal/log"
 
 import (
-	"net/http"
+	"context"
 	"os"
 
 	"github.com/rs/zerolog"
@@ -21,19 +21,6 @@ func With() zerolog.Context {
 	return Logger.With()
 }
 
-// WithRequest creates a child logger with the remote user added to its context.
-func WithRequest(req *http.Request, function string) zerolog.Logger {
-	remoteUser := getRemoteAddr(req)
-	return Logger.With().
-		Str("function", function).
-		Str("req-remote-user", remoteUser).
-		Str("req-http-method", req.Method).
-		Str("req-host", req.Host).
-		Str("req-url", req.URL.String()).
-		// Str("req-user-agent", req.Header.Get("User-Agent")).
-		Logger()
-}
-
 // Level creates a child logger with the minimum accepted level set to level.
 func Level(level zerolog.Level) zerolog.Logger {
 	return Logger.Level(level)
@@ -109,3 +96,9 @@ func Print(v ...interface{}) {
 func Printf(format string, v ...interface{}) {
 	Logger.Printf(format, v...)
 }
+
+// Ctx returns the Logger associated with the ctx. If no logger
+// is associated, a disabled logger is returned.
+func Ctx(ctx context.Context) *zerolog.Logger {
+	return zerolog.Ctx(ctx)
+}