Add authentication service discovery to login service providing REST API authorization

[adamkorynta]

Is your feature request related to a problem? Please describe.
Currently, the REST API does not have service discovery for the authentication mechanism for the service. The PR: #186 added support for JWT and servlet SSO authorization, but it did not implement a discovery mechanism. Failed authorization results in a 401 error code and a simple message.

Describe the solution you'd like
An idea brought up in discussion was to use HATEOAS in the response and return relevant URL's for directing the client to where to obtain the initial token, refresh token, or login endpoint.

Describe alternatives you've considered
Adding a discovery endpoint could also work, but HATEOAS leads to more flexibility for adding other relevant links in the API for endpoint discovery.

[MikeNeilson]

For future reference this is how CDA went about it:
This link is somewhat javalin specific, but I suspect something similar with our swagger-ui/openapi spec setup could be done:
https://github.com/USACE/cwms-data-api/blob/7f3ebafdd516e70d568a8c9ea0f43cdfccd403bd/cwms-data-api/src/main/java/cwms/cda/ApiServlet.java#L749

https://github.com/USACE/cwms-data-api/blob/7f3ebafdd516e70d568a8c9ea0f43cdfccd403bd/cwms-data-api/src/main/java/cwms/cda/security/OpenIDAccessManager.java#L101
https://github.com/USACE/cwms-data-api/blob/7f3ebafdd516e70d568a8c9ea0f43cdfccd403bd/cwms-data-api/src/main/java/cwms/cda/security/OpenIDConfig.java#L99

The actual "Scheme" bits are from the io.swagger (OpenAPI spec) library, not Javalin so I suspect those sections could directly apply.

Seems to make sense to make it part of the OpenAPI Spec, but I'm not opposed to also (or just) a simple end point to do so.

[MikeNeilson]

In regards to the OpenAPI references, Given opendcs/opendcs#1591 and #322 we will want to make sure that while we provide a default scheme, we may want to generate it on the fly as well for additional runtime usage support.