The last bugfix added some explicit header fields in an attempt of
fixing an issue with error responses. Unfortunately they weren't
strictly needed for the fix but ended up causing issues in a non-error
case.
This commit removes those header fields again and makes sure the "auth
header not found in response" header doesn't occur anymore.
The target service name remains unused in its current form, but will be
required in order to verify that an incoming request with an LSAT
attached is authorized to access the service being attempted. We can
derive this from the request's host field, but we choose to extend the
methods with the additional parameter in order to prevent parsing the
host field again to determine which service is being accessed.
The service limiter holds all of the constraints that should be applied
to a given service at the base tier. These are currently static and are
parsed from the proxy's configuration file as a temporary work-around.
Eventually, we plan to integrate this with etcd as well in order to
achieve dynamic service discovery.
