Implement authentication via oauth2 proxy

[bodom0015]

Problem

We need the CLEAN Frontend to be able to log in, log out, fetch user info, and send an auth token along with API requests for authentication and authorization

Approach

• Deployed OAuth2 Proxy + Keycloak to the cluster: https://mmli1.nsca.illinois.edu/oauth2/start?rd=/oauth2/userinfo
• Cookie set by OAuth2 Proxy will be shared with all subdomains (if we set the cookie on the correct domains)
• Frontend code can check for this cookie, and send it back to OAuth2 Proxy to get back userinfo
  • If user is returned from our request, then we have our username, email, groups, etc
  • If no user is returned, then user is not logged in
• Support clean.proxy.localhost for local development
• Use envvars to override configuration at runtime - e.g. hostname, userInfoUrl, etc
• Inject new envvars using a ConfigMap - these can now be set in the values.yaml file

How to Test

1. (already running in staging) Start this image up on the cluster using ArgoCD: moleculemaker/clean-frontend:pr-111
2. Navigate to https://clean.frontend.staging.mmli1.ncsa.illinois.edu/configuration
   • You should see a button at the top right that says Login
3. Click the Login button at the top-right
   • You should be redirected to Keycloak to login
4. Login or create an account in Keycloak
   • You should be redirected back to the CLEAN Frontend after you log in
   • You should see the Login button has been replaced with a Logout button
5. Click the Logout button
   • You should be redirected back to the CLEAN Frontend after you log out
   • You should once again see the Login button at the top-right