namespace scoped web sockets

[hosie]

If I am running firefly behind an HTTP aware gateway, I can govern access to REST api for namespaces based on the HTTP path. However, for websockets, this is not possible. namespace isolation is much looser and requires analysis of query parameters and/or websocket message payloads.

This PR proposes a solution where a WebSocket connection can be opened on a namespace specific path (/api/v1/namespaces/{namespace}/ws) and the web socket plugin will only allow streams to be started for the given namespace.

This also means that namespace query parameter and namespace field of the start message become redundant. For compatibility reasons, the PR tolerates them but asserts that they must be equal to the namespace for which the connection was opened.

[codecov-commenter]

Codecov Report

Merging #1419 (f6cbfe1) into main (13bf4e1) will increase coverage by 0.00%.
The diff coverage is 100.00%.

@@           Coverage Diff           @@
##             main    #1419   +/-   ##
=======================================
  Coverage   99.99%   99.99%           
=======================================
  Files         321      321           
  Lines       23027    23065   +38     
=======================================
+ Hits        23025    23063   +38     
  Misses          1        1           
  Partials        1        1           

Files	Coverage Δ
internal/apiserver/server.go	100.00% <100.00%> (ø)
internal/events/websockets/websocket_connection.go	100.00% <100.00%> (ø)
internal/events/websockets/websockets.go	100.00% <100.00%> (ø)

[nguyer]

Looks good to me. Thanks!