Add OAuth 2.0 Login Flow

[lambdaschmied2]

Currently we support basic auth, yet realistically users require OAuth 2.0 in their production environment.

• Create a local dev setup with KeyCloak in the docker compose file to quickly spin up a working environment
• Refactor the existing basic auth login flow to be able to switch between authentication methods
• Implement the auth flow with a library; https://www.npmjs.com/package/openid-client probably use this library (we don't want a proprietary, compay owned library like auth0, Google etc.)

Camunda provides some documentation on how to setup Keycloak for their C7 plugin: https://camunda.com/blog/2021/11/qa-the-one-with-the-sso-implementation-in-camunda/
We can use this as reference for our Keycloak setup.

[Mojito060]

I just checked the repository and noticed that some work already has been done for example Keycloak is already included as a service in docker-compose-keycloak.yaml.
So I have a couple of questions:

• What parts of the original integration are already completed?
• Is this issue still relevant in its current form, or is there a specific next step I should work on?

[lambdaschmied2]

I basically just added the keycloak service to the docker-compose file and then removed it to create a seperate docker compose file only for keycloak.

Other than that, nothing was done.

I only thought about creating a keycloak config, which then should be exported as a file. This file could then be the default setup and part of the docker compose config when spinning up the oauth environment for the web apps, so not everyone has to create their own keycloak setup.