Revise functionality of Profile & Security page

[skabashnyuk]

Now, these pages look like this.

The functionality of this pages is supported by ProfileService. But in the case of integration of keycloak all this information are not stored in Che database and delighted to ID provide service (keycloak in our case). In this #5438 we are going provide an ability to get some information for ProfileService from Keycloak via OpenID protocol. In the first stage, it will be this fields

{
  "sub": "c8785721-f72d-4628-a9b5-391ff65f7b93",
  "name": "max shaposhnik",
  "preferred_username": "uy7c",
  "given_name": "max",
  "family_name": "shaposhnik",
  "email": "uy7c2@yahoo.com"
}

A couple of notes to consider.

1. ProfileService will be readonly.
2. Consider to redirect to profile and change passwor page insted of editing it directly.

[mshaposhnik]

Profile endpoint URL will be available at /api/keycloak/settings under the che.keycloak.profile.endpoint and che.keycloak.password.endpoint key.

[skabashnyuk]

This is how
/api/keycloak/settings looks like

profile page

Password

Logout url looks like

http://192.168.65.2:5050/auth/realms/che/protocol/openid-connect/logout?redirect_uri=http%3A%2F%2F192.168.65.2%3A5050%2Fauth%2Frealms%2Fche%2Faccount%2F
See more http://www.keycloak.org/docs/3.2/securing_apps/topics/oidc/java/logout.html

@ashumilova @slemeur please revise this info. Do you need something else?

[slemeur]

Curious, why do you think we need to redirect to keycloack pages? Are we not able to reuse the pages that we already have and connect them to the keycloak API?

[skabashnyuk]

I doubt that such API exists.