Feature: AAA support

[lynxbat]

Snap should support some form of authentication, authorization, and auditing available.

UPDATE (by @mjbrender) - We've broken this out into 3 phases:

• Phase 1: Basic HTTPS (PR add https to rest api #378 & adds https ability to go rest client and pulsectl #389)
• Phase 2: API Authentication (PR REST API auth #724)
• Phase 3: Scope TBD - Focused on remote loading of tasks (see Add support for loading plugin and creating task from remote locations #1201 for now)

Other considerations:

• Improvements to auditing (especially with Tribe)
• End-to-end consideration of AAA in remote workflow architecture

// END UPDATE

This should be a new core module that is loaded into other core modules on startup.
The AAA module should be extendable to support multiple types of external auth.

For a first commit we should probably have some sort of token-based authentication.

[mbbroberg]

Since this was opened, we have made some progress on AAA. The goal has been put simply as:

Extend the security implementation for snap to help remove barriers to adoption within production scenarios. This would cover authentication, authorization and access control.

Related:
#724

[thomastaylor312]

@mjbrender Thanks for the clarification on this!