Recompose security-openid-connect-web-authentication.adoc to Diataxis framework

[sheilamjones]

Recompose the guide USING OPENID CONNECT (OIDC) TO PROTECT WEB APPLICATIONS USING AUTHORIZATION CODE FLOW (security-openid-connect-web-authentication.adoc) into the Diataxis framework.

The focus of this PR is to move and restructure the content into the topics. Further iterations are needed to further recomposition and style/editing changes

The following updates were made:

• Moved the overview, OIDC diagram, and all sections under ==Reference guide into a new file called xref:security-oidc-code-flow-authentication-concept.adoc
• Moved all elements in the ==Quickstart section into a new file called xref:security-oidc-code-flow-authentication-tutorial.adoc
• Updated and fixed links to point to new topics and moved content-
• Completed minor style changes and identified further enhancements needed
• Fixed existing links to the content that was moved.

Closes: https://issues.redhat.com/browse/QDOCS-85
(and subtasks https://issues.redhat.com/browse/QDOCS-109 and https://issues.redhat.com/browse/QDOCS-110)

[sberyozkin]

Good evening @sheilamjones Thanks for this PR, I'd consider naming it a security-protect-web-authentication-tutorial, simpler name, only code flow is supported in any case but we can discuss it next week, FYI, I've seen https://github.com/quarkusio/quarkus/pull/30456/files, but haven't started reviewing it as I guess there will be some links updated to link to these new files, etc.

Enjoy the weekend

[sberyozkin]

Hi Sheila, should this PR be combined with another PR you opened ? I'd like to see how both new files are linked to, you probably need to rebase once @michelle-purcell 's PR is merged, as the OIDC intro section will be in the new auth mechanisms doc.
Please also simplify/shorten the name of the new file as proposed in the prev comment, the shorter the final URL segment the better IMHO
Thanks

[sheilamjones]

@sberyozkin: Thanks for your comments above. I have renamed the new tutorial file to shorten it per your suggestions. In this PR, the Quickstart content from the original file (security-openid-connect-web-authentication.adoc) file has been removed from there and recomposed into this new tutorial file. I also rebased to pull in Michelle's latest changes.
Note, further styling needs to be done in the next iteration of updates.
There is a separate PR (https://github.com/quarkusio/quarkus/pull/30456/files) to handle the recomposing of the conceptual and reference sections of (security-openid-connect-web-authentication.adoc)

[rolfedh]

LGTM! Nice work.

[michelle-purcell]

@sheilamjones - Nice job 👍 Just a few very minor comments.
Some might be slightly outside the scope of this iteration.

[github-actions]

🙈 The PR is closed and the preview is expired.

[sberyozkin]

Hi @sheilamjones

Thanks for the updates,

https://github.com/quarkusio/quarkus/pull/30456/files

My question is, should #30456 and this PR become a single PR ? Both PR affect the same document, and it is not easy to see how this single security-openid-connect-web-authentication is impacted

[sheilamjones]

Thanks @sberyozkin. I shall close PR #30456 and move those changes under this single PR.

[sberyozkin]

I think the line 249 is not necessary, and the link to the bearer token concept should be in References, as well as the security concept one.
As far as the next steps in scope of this tutorial is concerned, it should be the web-app reference (concept) and OIDC multi-tenency

[sberyozkin]

Good evening @sheilamjones :-), thanks for this PR, a lot of work has been done here which is very appreciated.
IMHO we need to optimize a few things here though, lets discuss it in the next day or so.
Cheers

[sberyozkin]

By the way, Sheila, your idea to have authorization code reflected somehow in the doc names is nice, I thought about it this morning, the current base name security-openid-connect-web-authentication-*.adoc does not reflect it, and I guess web-authentication part in this name can cause some confusion. But FYI, security-openid-connect.adoc does not reflect it either it is about a bearer authentication.
Lets agree on the restructuring aspects first and then if you don't mind, perhaps we should indeed follow your lead and rename these new docs, perhaps security-openid-connect-web-authentication-*.adoc -> security-openid-connect-web-authentication-*.adoc -> security-openid-connect-authorization-code-*.adoc or something like that

[sberyozkin]

Made a bad typo, it was your lead, I typed our :-), not sure how I managed to type it but fixed now :-)

[sberyozkin]

@sheilamjones Excellent work, thanks, we might tweak a few more things going forward, but it does look good now, cheers