pinniped CLI: allow all forms of http redirects

[enj]

pinniped CLI: allow all forms of http redirects

For password based login on the CLI (i.e. no browser), this change
relaxes the response code check to allow for any redirect code
handled by the Go standard library. In the future, we can drop the
rewriteStatusSeeOtherToStatusFoundForBrowserless logic from the
server side code.

Signed-off-by: Monis Khan mok@vmware.com

Follow-up to #914:

Use github.com/felixge/httpsnoop to undo the changes made by
ory/fosite#636 for CLI based login flows. This is required for
backwards compatibility with older versions of our CLI. A
separate change after this will update the CLI to be more
flexible (it is purposefully not part of this change to confirm
that we did not break anything). For all browser login flows, we
now redirect using http.StatusSeeOther instead of http.StatusFound.

I have confirmed that adf04d2 passes all CI pipelines with no updates required to any integration test.

---

Drop unsafe unwrapper for exec.roundTripper

exec.roundTripper now implements utilnet.RoundTripperWrapper so this unsafe hack is no longer needed.

Signed-off-by: Monis Khan mok@vmware.com

Fixes #899

---

Clean up nits in AD code

• Make everything private
• Drop unused AuthTime field
• Use %q format string instead of "%s"
• Only rely on GetRawAttributeValues in AttributeUnchangedSinceLogin

Signed-off-by: Monis Khan mok@vmware.com

Addresses #884 (review)

---

Release note:

NONE

[codecov]

Codecov Report

Merging #925 (c155c6e) into main (adf04d2) will increase coverage by 0.09%.
The diff coverage is 94.00%.

@@            Coverage Diff             @@
##             main     #925      +/-   ##
==========================================
+ Coverage   79.04%   79.13%   +0.09%     
==========================================
  Files         133      133              
  Lines        9771     9763       -8     
==========================================
+ Hits         7723     7726       +3     
+ Misses       1785     1774      -11     
  Partials      263      263              

Impacted Files	Coverage Δ
...nal/oidc/provider/dynamic_upstream_idp_provider.go	0.00% <ø> (ø)
internal/upstreamldap/upstreamldap.go	84.06% <92.85%> (ø)
...streamwatcher/active_directory_upstream_watcher.go	89.35% <94.11%> (+0.14%)	⬆️
internal/kubeclient/kubeclient.go	58.00% <100.00%> (+3.13%)	⬆️
pkg/oidcclient/login.go	89.74% <100.00%> (+0.04%)	⬆️
...l/localuserauthenticator/localuserauthenticator.go	57.20% <0.00%> (+0.93%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update adf04d2...c155c6e. Read the comment docs.