Allow tokens with multiple audiences as long as one matches

[EngHabu]

Signed-off-by: Haytham Abuelfutuh [email protected]

TL;DR

Tested this using keycloak as an external auth server.
The token generated by keycloak come with account as audience and verified that with admin not configured with this audience rejects the token

{"json":{"src":"handlers.go:237"},"level":"info","msg":"Failed to parse Access Token from context. Will attempt to find IDToken. Error: invalid audience [account]","ts":"2022-02-02T15:43:42+05:30"}

Unit tests added for multiple audience.

Tried adding keycloak token mapper to generate multiple audience but couldn't get that to work . But this code works in all cases which are required for this ticket.

Type

• Bug Fix
• Feature
• Plugin

Are all requirements met?

• Code completed
• Smoke tested
• Unit tests added
• Code documentation added
• Any pending items have an associated Issue

Complete description

How did you fix the bug, make the feature etc. Link to any design docs etc

Tracking Issue

Remove the 'fixes' keyword if there will be multiple PRs to fix the linked issue

fixes flyteorg/flyte#1809

[EngHabu]

@pmahindrakar-oss this is roughly what's needed... feel free to validate and test though..

[codecov]

Codecov Report

Merging #285 (c761a3a) into master (c1b8fa4) will increase coverage by 0.02%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##           master     #285      +/-   ##
==========================================
+ Coverage   58.50%   58.53%   +0.02%     
==========================================
  Files         152      152              
  Lines       11018    11021       +3     
==========================================
+ Hits         6446     6451       +5     
+ Misses       3873     3872       -1     
+ Partials      699      698       -1     

Flag	Coverage Δ
unittests	57.29% <100.00%> (+0.02%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
auth/authzserver/provider.go	75.18% <100.00%> (+2.11%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c1b8fa4...c761a3a. Read the comment docs.

[pmahindrakar-oss]

@EngHabu this is ready for review. Verified this using keycloak

[kumare3]

Wait - should you change line# 177

[pmahindrakar-oss]

Thanks @kumare3 for pointing that out. Adding the matched audience to the identity context now