request help: support hide the authentication header in basic-auth and key-auth plugins

[starsz]

Issue description

Hello,
When using base-auth plugins, I don't want to pass the Authentication header to upstream.
IMO, there is no need for upstream to perceive these authentication headers.

Now, I use proxy-rewrite plugin to rewrite the Authentication head like this:

 "plugins": {
        "basic-auth": {},
        "proxy-rewrite": {
            "headers": {
                "Authorization": ""
            }
        }
    },

I think we can add a config in the basic-auth plugin to hide the auth head.
That will be more convenient in using these plugins. So do key-auth plugin.

Environment

• apisix version (cmd: apisix version): 2.11.0
• OS (cmd: uname -a):
• OpenResty / Nginx version (cmd: nginx -V or openresty -V):
• etcd version, if have (cmd: run curl http://127.0.0.1:9090/v1/server_info to get the info from server-info API):
• apisix-dashboard version, if have:
• the plugin runner version, if the issue is about a plugin runner (cmd: depended on the kind of runner):
• luarocks version, if the issue is about installation (cmd: luarocks --version):

[tokers]

Agress +1.

[tzssangglass]

useful, maybe *-auth plugins are all needed

[tokers]

useful, maybe *-auth plugins are all needed

Exactly.

[spacewander]

useful, maybe *-auth plugins are all needed

I don't think blindly applying this to other *-auth plugins is a good idea. Take jwt-auth as an example, the JWT token serves both as a user id and storage containing user info. We should discuss it plugin by plugin.