Add basic support & documentation for built-in and plugin-based auth

[vdye]

Closes #41

This pull request lays the foundation for specialized auth configuration in the bundle server:

• Commit 1 creates the AuthResult type, which the web server will use to relay the output of a custom auth function as an HTTP response
• Commit 2 adds the --auth-config type and initial schema; in this commit, it doesn't do much of anything (since there aren't any valid modes yet). Also introduce the AuthMiddleware interface, which will be used in both built-in modes and the basis for plugin modes.
• Commit 3 upgrades the version of Go used by the bundle server to 1.20 (necessary for Commit 4)
• Commit 4 adds the fixed built-in auth mode, which validates a request's Basic header against a static username/password pair.
• Commits 5 & 6 update the integration tests to include tests of the fixed auth mode
• Commit 7 adds the plugin auth mode, which allows a user to load (at runtime) a custom implementation of AuthMiddleware

This is a pretty major feature (or the start of one, at least), so I'd really appreciate an extra reviewer focus on making sure the architecture is sound and there aren't any glaring security issues (other than what's already mentioned in the docs, i.e. "don't run untrusted plugins").

[vdye]

@derrickstolee @mjcheetham I think I've addressed all of the feedback so far. The PR has changed a fair amount since the first round of reviews (added integration tests, manpage docs, and better in-code documentation for pkg/auth; also, changed AuthResult pretty substantially), so please let me know if you have any questions or otherwise think something should be changed! 🙇‍♀️