api: Obscure Authorization header

[marclop]

Overview

Currently the verbose transport, dumps out all of the request / response to the specified writer, while this is great for debugging purposes, it also exposes the Authorization header which contains credentials.

It would be great to add a bool parameter in the api.VerboseSettings to allow the VerboseTransport to obscure that header.

This will allow us to ship and collect the verbose output cleanly without exposing any secrets.

Of course a step further would be to actually purge any potential from API responses not only headers.