pgsql: libpq: Split PGOAUTHDEBUG=UNSAFE into multiple options

libpq: Split PGOAUTHDEBUG=UNSAFE into multiple options

PGOAUTHDEBUG is a blunt instrument: you get all the debugging features,
or none of them. The most annoying consequence during manual use is the
Curl debug trace, which tends to obscure the device flow prompt
entirely. The promotion of PGOAUTHCAFILE into its own feature in
993368113 improved the situation somewhat, but there's still the
discomfort of knowing you have to opt into many dangerous behaviors just
to get the single debug feature you wanted.

Explode the PGOAUTHDEBUG syntax into a comma-separated list. The old
"UNSAFE" value enables everything, like before. Any individual unsafe
features still require the envvar to begin with an "UNSAFE:" prefix, to
try to interrupt the flow of someone who is about to do something they
should not.

So now, rather than

PGOAUTHDEBUG=UNSAFE # enable all the unsafe things

a developer can say

PGOAUTHDEBUG=call-count # only show me the call count. safe!
PGOAUTHDEBUG=UNSAFE:trace # print secrets, but don't allow HTTP

To avoid adding more build system scaffolding to libpq-oauth, implement
this entirely in a small private header. This unfortunately can't be
standalone, so it needs a headerscheck exception.

Author: Zsolt Parragi <zsolt(dot)parragi(at)percona(dot)com>
Co-authored-by: Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>
Reviewed-by: Chao Li <li(dot)evan(dot)chao(at)gmail(dot)com>
Reviewed-by: Zsolt Parragi <zsolt(dot)parragi(at)percona(dot)com>
Discussion: https://postgr.es/m/CAOYmi%2B%3DfbZNJSkHVci%3DGpR8XPYObK%3DH%2B2ERRha0LDTS%2BifsWnw%40mail.gmail.com
Discussion: https://postgr.es/m/CAN4CZFMmDZMH56O9vb_g7vHqAk8ryWFxBMV19C39PFghENg8kA%40mail.gmail.com

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/6d00fb9048fe61381c9f4d542cfd2bc767d95a3b

Modified Files
--------------
doc/src/sgml/libpq.sgml | 119 +++++++++++++++----
src/interfaces/libpq-oauth/oauth-curl.c | 22 ++--
src/interfaces/libpq-oauth/oauth-utils.c | 11 --
src/interfaces/libpq-oauth/oauth-utils.h | 1 -
src/interfaces/libpq-oauth/test-oauth-curl.c | 2 +-
src/interfaces/libpq/fe-auth-oauth.c | 18 +--
src/interfaces/libpq/fe-auth-oauth.h | 1 -
src/interfaces/libpq/oauth-debug.h | 142 +++++++++++++++++++++++
src/test/modules/oauth_validator/t/001_server.pl | 22 +++-
src/tools/pginclude/headerscheck | 2 +
10 files changed, 277 insertions(+), 63 deletions(-)