feat: add support for allowing individual users

[fcinqmars]

Hello,

I have a use case where I would like to authorize service accounts without necessarily adding them to security groups. I implemented a new feature in the plugin to support granting access to users via either DNs or usernames. It is very similar to the AllowedGroups feature except that no LDAP queries are required.

Added:

• LdapCheckAllowedUsers: Returns true if the user to authorize is part of the AllowedUsers list (DN or username) or false if the list is empty.
• LdapCheckUserAuthorized: Handles the authorization flow post-authentication. It checks if either AllowedUsers or AllowedGroups is set. If both are not, returns true. Otherwise, it checks both the AllowedUsers and AllowedGroups.
• Documentation for AllowedUsers feature
• Added AllowedUsers to examples as well

Minor changes:

• LdapCheckUserGroups returns errrors only for unexpected behaviours (LDAP issues basically). It also returns false, if the list of Allowed groups is empty.
• ServeHTTP: It nows leverages the newly added LdapCheckUserAuthorized function instead of using LdapCheckUserGroups directly.

[No breaking changes]

[fcinqmars]

I had to change the way I join the errors in the LdapCheckUserAuthorized function as the pipeline is on Go 1.17. errors.Join was added in 1.20.