Adds feature to configure keycloak server with Scopes

[mdanish98]

This library is indeed really useful.
I was using this library to mock keycloak authorization token behavior. But one use case it was missing like when there is an implementation for getting authorization token with normal OAuth2 request using custom getAccessToken method. The scenario is like I have a project which has a method to provide authorization and it just takes clientId, clientSecret and tokenUrl and it has its own implementation to request JWT token. Here I have to check whether it is able to successfully get the access token and then able to provide access to the secured registry, and the secured registry checks for the required scopes needed to perform certain action (Read/Write etc).
So for this there is a need to configure the realm with clientScopes while configuring the server and by not using TokenConfig.
I have added this feature to initialize and start KeyCloakMock server with clientScopes. I have also added the required test cases to cover this implementation.

Please let me know incase you need further information.

Thanks
Signed-off-by: Mohammad Ghazanfar Ali Danish [email protected]

[mdanish98]

Dear @ostrya

Did you had some time to check this PR ?
Actually I have another PR on my other project which is dependent on this. If this change is merged that would be easy to update the dependent PR.

Please let me know incase of any further information.

Thanks and Regards

[ostrya]

Sorry for the late reply. I like your change, but I have a suggestion so we can avoid manipulating static variables.

[mdanish98]

Dear @ostrya

Did you had a chance to check these changes?

[mdanish98]

Dear @ostrya @mrmarbury @Achimh3011 @aaschmid ,

Actually we are dependent on this change and our project which is Eclipse Basyx an Industry 4.0 project is pending due to this pull request.

I request you to please look into this pull request and merge it so that we can use it in our project.

[ostrya]

Hi, sorry for the long delay. I had a really busy November and must then have lost track of this PR. I will have a look now.

[mdanish98]

Dear @ostrya

Many thanks for your suggestion I updated all the changes you requested.
One remark regarding the "please use a solution similar to the "resourcesToMapRolesTo" parameter:" comment:
As per your remarks I created a named singleton inside ServerModule. I tried to inject the named parameter into TokenGenerator's constructor but it was not working because the TokenGenerator is being used in SignatureComponent and due to this it was throwing error as [[Dagger/MissingBinding]](error: [Dagger/MissingBinding] @javax.inject.Named). So I thought that would be a major change because I might have to include the ServerModule.class in SignatureComponent like @component(modules = {KeyModule.class, ServerModule.class}) . And thatswhy I did the same thing you suggested in TokenHelper class instead, i.e. how "resourcesToMapRolesTo" is also implemented.

Please let me know if this is fine otherwise I will do it in TokenGenerator.

Please review it and let me know for further changes.

Thanks and Regards

[ostrya]

Yes, the approach to inject the scopes is much better. And it's fine to inject the scopes in the token helper instead.

I have just two minor remarks on the tests, otherwise it looks good now.

[ostrya]

Cosmetic change:

Suggested change

	assertThat(scope.size()).isEqualTo(3);
	assertThat(scope).hasSize(3);

[ostrya]

To document the new behavior, maybe assert the scope is empty by default? I.e.

assertThat(config.getScope()).isEmpty();

[ostrya]

I'll just merge and adapt the tests on the main branch.