sso-proxy: signature mismatch on empty cookie value

[jphines]

Describe the bug
SSO Proxy can send a blank cookie header which is then used as part of the request signature which can be confusing to implement for upstream signature verifiers.

This bug is a result of the way sso removes the session cookie when it was the only cookie. In this case, it stores an empty string as a single item in a string slice. This empty string is then used as part of the signature. The specification is unclear what to do when empty values are encountered.

Expected behavior

• Do not proxy empty cookie headers and prevent from being used as part of the signature
• The signer should then specify and ignore empty strings