Filter out Cognito Prefixes

[aldrinleal]

First of all: YUGE THANKS for this plugin

AWS Cognito creates a weird 'Cognito:username' prefix, which makes my life upstream (proxy) a burden. e.g. after adding a fmt.Println for headername on jwt.go @ line 135:

headerName: Token-Claim-Iat
headerName: Token-Claim-At_hash
headerName: Token-Claim-Sub
headerName: Token-Claim-Email_verified
headerName: Token-Claim-Email
headerName: Token-Claim-Aud
headerName: Token-Claim-Iss
headerName: Token-Claim-Cognito:username <====
headerName: Token-Claim-Token_use
headerName: Token-Claim-Exp
headerName: Token-Claim-Event_id
headerName: Token-Claim-Auth_time

Later, that happens with proxy:

29/Jun/2018:02:37:30 -0500 [ERROR 502 /api/v1/user] net/http: invalid header field name "Token-Claim-Cognito:username"

This PR replaces 'Cognito:' with 'Cognito_', so we can still capture it.

[BTBurke]

That's a bug. Let me take a look at it this weekend. Invalid characters should be URL escaped so it should look like Cognito%3Ausername.

I'll make sure that works instead of adding in a special case for this one circumstance.

Thanks for letting me know.

[aldrinleal]

So a Query String quote would suffice, right?

[magikstm]

I think a simple url escaping would be inadequate for this.

I'm quite new to Go, but I believe It should be escaped based on this:
https://github.com/golang/net/blob/master/http/httpguts/httplex.go#L15

Based on the source of the error being either:
https://github.com/golang/go/blob/master/src/net/http/h2_bundle.go#L3258
https://github.com/golang/net/blob/master/http/httpguts/httplex.go#L196

Both of them use this:
https://github.com/golang/net/blob/master/http/httpguts/httplex.go#L95

I think any character that isn't accepted in this array could be replaced with "_" or url escaped.