Pass virtualUser avatars through the content proxy (camoproxy)

Pass virtualUser avatars through the content proxy (camoproxy). Because someone can pass anything to virtualUser.avatarUrl, we should proxy the avatar images to avoid people scraping IP's for anyone seeing the image (context https://gitlab.com/gitlab-org/gitter/webapp/-/issues/2037).

Fix https://gitlab.com/gitlab-org/gitter/webapp/-/issues/2628

Testing strategy

1. Add to your config\config.user-overrides.json, https://gitlab.com/gl-gitter/secrets/blob/master/webapp/prod

     "camo": {
       "camoUrl": "https://user-content.gitter-static.net",
       "camoSecret": "<see Gitter secrets repo, https://gitlab.com/gl-gitter/secrets/blob/master/webapp/prod>"
     }

2. Restart the webapp
3. If not already in your Mongo database, create the bridge OAuth clients and tokens that are allowed to bridge and use virtualUser

   $ mongo gitter
   
   > db.oauthclients.insert({
       clientKey: 'bot-bridge',
       clientSecret: Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 15),
       name: 'Bridge OAuth app for bot services to bridge in messages',
       tag: 'bot-bridge'
   })
   
   // You probably need to change the `gitter-badger` username to something that exists on your local instance. Can be any user
   > db.oauthaccesstokens.insert({
       token: Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 15),
       clientId: db.oauthclients.findOne({clientKey: 'bot-bridge' })._id,
       userId: db.users.findOne({ username: 'gitter-badger' })._id
   })
   
   > db.oauthaccesstokens.find({ clientId: db.oauthclients.findOne({clientKey: 'bot-bridge' })._id })

4. Send a message from a virtualUser with an avatarUrl. POST http://localhost:5000/api/v1/rooms/:roomId/chatMessages with

   {
       "virtualUser": {
           "type": "matrix",
           "externalId": "madlittlemods:matrix.org",
           "displayName": "madlittlemods (Eric Eastwood)",
           "avatarUrl": "https://matrix-client.matrix.org/_matrix/media/r0/thumbnail/matrix.org/bDayqThxTIcGNcskzIADknRv?width=30&height=30&method=crop"
       },
       "text": "asdf"
   }

   • Once https://gitlab.com/gitlab-org/gitter/webapp/-/merge_requests/2042 is merged, you can just go to your local riot instance and send a message back in one of the bridged rooms.
5. Notice the avatar image is being requested from https://user-content.gitter-static.net