Make the docs feel more like a tutorial and add some more context.

oauth2_proxy is a proxy you can put in front of any http application to
add OAUTH 2.0 auth. I have added OIDC support to this proxy and to make
it easy to get started lets add it to the fixture.

Minor, non-content, formatting fixes. LGTM.

build: add install instructions for go-bindata

Markdown needs a newline between a paragraph and a code block for most
renderers. Fix this.

some of these items were space indented, others were tabbed. Use tabs.

Tell the user how to fix ther error! That is the best type of error
message. :)

server: Share token code

This patch proposes behavioral changes. In particular, referring
systems will need to provide client ids under all circumstances.

integration: check when there's no secret provided

server: use standard lib http.Request.BasicAuth

Add auth0 on Similar Software list

refreshtoken: return base64 encoded token for in-memory backend.

Previously if we use the in-memory backend, it will return a raw
binary token for refresh token. This fixes the case.

great work with dex guys! I remember talking to some of you back a year ago for using Auth0 internally for your products but you had some special requirements and it didn't work out. We are using CoreOS extensibly on our product for code sandboxing (https://medium.com/aws-activate-startup-blog/sandboxing-code-in-the-era-of-containers-294edb3a674) and we love it. 

Since you are listing similar software, I thought adding Auth0 would make sense, here. Writing a post on our blog about chaining dex with Auth0 would be nice as well.

Go 1.4+ has https://golang.org/pkg/net/http/#Request.BasicAuth
method for http.Request and it was requested by CoreOS(kelsey) [1]
with the same functionalities. If dex's Go development is being done
in Go 1.4 or later, we should use the standard library.

Thanks!

---
[1] https://codereview.appspot.com/76540043/

Protect admin api

Admin API now requires a 128 byte base64 encoded secret to be passed in
Authorization header, closing up a potential security hole for those
who expose this service.

server,cmd: Add flag for disabling registation

For situations where admins add users.

db: log schema errors, distinguish them from nil results where needed

Expose API to enable and disable users

includes changes to ensure uniform errors for DB and in-memory repos

build: add equals sign to avoid link warning when building project

Documentation: clearer guidance on creating OAuth 2 client ID

build: vendor quotedprintable to build on Go < 1.5