move directory providers (#3633)

* remove directory providers and support for groups

* idp: remove directory providers

* better error messages

* fix errors

* restore postgres

* fix test

config/options_test.go

@@ -310,12 +310,9 @@ func TestOptionsFromViper(t *testing.T) {
 					"X-Frame-Options":           "SAMEORIGIN",
 					"X-XSS-Protection":          "1; mode=block",
 				},
-				RefreshDirectoryTimeout:  1 * time.Minute,
-				RefreshDirectoryInterval: 10 * time.Minute,
-				QPS:                      1.0,
-				DataBrokerStorageType:    "memory",
-				EnvoyAdminAccessLogPath:  os.DevNull,
-				EnvoyAdminProfilePath:    os.DevNull,
+				DataBrokerStorageType:   "memory",
+				EnvoyAdminAccessLogPath: os.DevNull,
+				EnvoyAdminProfilePath:   os.DevNull,
 			},
 			false,
 		},
@@ -330,9 +327,6 @@ func TestOptionsFromViper(t *testing.T) {
 				CookieHTTPOnly:           true,
 				InsecureServer:           true,
 				SetResponseHeaders:       map[string]string{"disable": "true"},
-				RefreshDirectoryTimeout:  1 * time.Minute,
-				RefreshDirectoryInterval: 10 * time.Minute,
-				QPS:                      1.0,
 				DataBrokerStorageType:    "memory",
 				EnvoyAdminAccessLogPath:  os.DevNull,
 				EnvoyAdminProfilePath:    os.DevNull,
@@ -342,7 +336,6 @@ func TestOptionsFromViper(t *testing.T) {
 		{"bad url", []byte(`{"policy":[{"from": "https://","to":"https://to.example"}]}`), nil, true},
 		{"bad policy", []byte(`{"policy":[{"allow_public_unauthenticated_access": "dog","to":"https://to.example"}]}`), nil, true},
 		{"bad file", []byte(`{''''}`), nil, true},
-		{"allowed_groups without idp_service_account should fail", []byte(`{"autocert_dir":"","insecure_server":true,"policy":[{"from": "https://from.example","to":"https://to.example","allowed_groups": "['group1']"}]}`), nil, true},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {