Support disabling the Accept header when requesting Json Web Key Sets.

[hmadison]

For certain servers which provide Json Web Key Sets, such as the Kubernetes API Server, if the Accept header sent by the client is present it is expected to be application/jwk-set+json. Based off of the discussion in the Strimzi slack channel, I've added an option which allows for users to skip sending the Accept header when making the JWKS request.

I've also updated the test documentation to cover how to use MiniKube and Helm to simplify the testing process and included an example of how to use this feature to authenticate into a Kafka cluster with a Service Account's token. To validate this locally, you can apply kafka-oauth-single-authz-service-accounts.yaml to a Kubernetes cluster with the operator installed and using a version of strimzi-kafka-oauth installed then:

• Generate a JWT for the default service account in the default namespace with kubectl create token default.
• Enter the Kafka pod via kubectl exec -it pod/test-cluster-kafka-0 -- /bin/bash.
• Connect to the cluster via one of the included scripts usingenv OAUTH_ACCESS_TOKEN="<token>" bin/kafka-console-producer.sh --broker-list test-cluster-kafka-bootstrap.default:9092 --topic my-topic --producer-property 'security.protocol=SASL_PLAINTEXT' --producer-property 'sasl.mechanism=OAUTHBEARER' --producer-property 'sasl.jaas.config=org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required;' --producer-property 'sasl.login.callback.handler.class=io.strimzi.kafka.oauth.client.JaasClientOauthLoginCallbackHandler'

[hmadison]

@mstruk I've made the requested changes. Do you have any idea why the s390x portion of the build is currently breaking?

[mstruk]

@mstruk I've made the requested changes. Do you have any idea why the s390x portion of the build is currently breaking?

The issue is definitely unrelated to this PR. travis-ci.com has had some issues with JDK 11 on s390x platform last weeks. They apparently got things working to some degree but it seems JDK 11 is still partially broken. Also the .travis/build.sh script does some special build in s390x with Keycloak and it's that particular custom thing that now breaks. I'll see if I can fix it in a separate PR.

[mstruk]

I added some tests to the testsuite and fixed some additional issues I found while writing tests: https://github.com/hmadison/strimzi-kafka-oauth/pull/1

[mstruk]

@hmadison Thank you very much for the contribution!