This patch is about a revision to the webhook implementation, major
changes include:
- allow credential to be omitted, where the assumption is that the
requester's trust data can be used as an alternative, or the object
owner's trust data can be used, if the requester is an admin.
- change the 'credential' field of webhook to be a text, so that the
whole field will be encrpted/decrypted; with this change, we can
accommodate more flexible credential formats.
- simplified webhook test cases so now the most time consuming unit test
cases are all about encryption/decryption.
Change-Id: I94f3de40ced6bdaa974750d33891f0eeed0bc06a