Sync GitHub internal repos during user perms sync

[pjlast]

Closes #56648

Sourcegraph now explicitly fetches internal repositories for organizations a user belongs to. This used to be only done when groups caching is enabled, but it leads to a lot of confusion for customers.

This may increase the number of requests made by user permission syncs. If that is the case, groups caching should be enabled.

As part of this work I decided the refactor the GitHub user permissions fetching code, which was very contrived. It's a lot easier to reason about what should be happening now.

Test plan

VCR tests updated to account for extra API calls. Local validations done as well.

[sourcegraph-bot]

Codenotify: Notifying subscribers in CODENOTIFY files for diff 2193a1c...e3e5b05.

Notify	File(s)
@eseliger	internal/batches/sources/testdata/golden/GithubSource_GetFork_success_with_existing_changeset_and_existing_fork internal/batches/sources/testdata/golden/GithubSource_GetFork_success_with_existing_changeset_and_new_fork internal/batches/sources/testdata/golden/GithubSource_GetFork_success_with_new_changeset_and_existing_fork internal/batches/sources/testdata/golden/GithubSource_GetFork_success_with_new_changeset_and_new_fork internal/extsvc/github/common.go internal/extsvc/github/testdata/golden/ListRepositoriesForSearch internal/extsvc/github/testdata/golden/SearchRepos-Enterprise-narrow-query-enterprise internal/extsvc/github/testdata/golden/TestGetRepository/cached-response/first_run internal/extsvc/github/testdata/golden/TestGetRepository/cached-response/second_run internal/extsvc/github/testdata/golden/TestGetRepository/forked_repo internal/extsvc/github/testdata/golden/TestV3Client_Fork_success_sourcegraph-testing internal/extsvc/github/testdata/golden/TestV3Client_Fork_success_user internal/extsvc/github/v3.go internal/extsvc/github/v3_test.go internal/extsvc/github/v4.go internal/repos/github.go internal/repos/github_test.go
@unknwon	cmd/frontend/internal/auth/githuboauth/session.go cmd/repo-updater/internal/authz/BUILD.bazel cmd/repo-updater/internal/authz/integration_test.go cmd/repo-updater/internal/authz/testdata/vcr/TestIntegration_GitHubInternalRepositories.yaml cmd/repo-updater/internal/authz/testdata/vcr/TestIntegration_GitHubPermissions/repo-centric/groups-enabled.yaml cmd/repo-updater/internal/authz/testdata/vcr/TestIntegration_GitHubPermissions/repo-centric/no-groups.yaml cmd/repo-updater/internal/authz/testdata/vcr/TestIntegration_GitHubPermissions/user-centric/groups-enabled.yaml cmd/repo-updater/internal/authz/testdata/vcr/TestIntegration_GitHubPermissions/user-centric/no-groups.yaml internal/authz/providers/github/BUILD.bazel internal/authz/providers/github/BUILD.bazel internal/authz/providers/github/authz.go internal/authz/providers/github/authz.go internal/authz/providers/github/client.go internal/authz/providers/github/client.go internal/authz/providers/github/github.go internal/authz/providers/github/github.go internal/authz/providers/github/github_test.go internal/authz/providers/github/github_test.go internal/authz/providers/github/mocks_test.go internal/authz/providers/github/mocks_test.go

[unknwon]

👍 (not an authoritative approval)

[eseliger]

By no means am I an expert in the authz stuff yet, but the code change makes logical sense to me .. hope that is enough 😆

Approving, but as we talked about today, would be great to also have the toggle to disable this changed behavior.