Default idp endpoints
Preparation for migration from Keycloak-legacy to Keycloak-quarkus. Currently BB Keycloak-legacy uses Wildfly subsystem undertow configuration to redirect to the endpoint paths expected by Keycloak. It does not make sense to write custom quarkus extension code to duplicate this feature when Mattermost can configure the correct endpoints.
Change this
sso:
auth_endpoint: https://login.dso.mil/oauth/authorize
token_endpoint: https://login.dso.mil/oauth/token
user_api_endpoint: https://login.dso.mil/api/v4/user
to this
sso:
auth_endpoint: https://login.dso.mil/auth/realms/baby-yoda/protocol/openid-connect/auth
token_endpoint: https://login.dso.mil/auth/realms/baby-yoda/protocol/openid-connect/token
user_api_endpoint: https://login.dso.mil/auth/realms/baby-yoda/protocol/openid-connect/userinfo
reference https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/keycloak/-/issues/76
See related BB MR for better handling of the passthrough values from the BB chart.
https://repo1.dso.mil/platform-one/big-bang/bigbang/-/merge_requests/2121