Use developers.redhat.com Identity Provider directly from Auth service

[alexeykazakov]

Currently we have there layers of services for login:
auth.openshift.io -> sso.openshift.io (OSIO Keycloak) -> developers.redhat.com (RHD Keycloak).
As soon as we switch Che to use Auth service and have authorization service in place on the auth.openshift.io side we can get rid of the OSIO Keycloak layer a start using RHD Keycloak directly.

Phase 1 : Stop talking to keycloak except during login.

• Start generating tokens in Auth instead of KC
• Support offline tokens in Auth Implement offline tokens natively in Auth #577
• Refresh tokens in Auth Implement native refresh token workflow #578
• Switch all existing Authorization implementation to Auth service

Phase 2: Talk to RHD directly during login

• Switch Che to Auth
• Configure RHD creds

Dependency

• Disconnect keycloak and make OAuth login generic Disconnect keycloak and make OAuth login more generic. #583
  - [ ] Support local login Add support for local login  #584
• Native logout Implement native logout & umbrella issue for authentication codebase refactor #646

Also tracked in openshiftio GitHub - openshiftio/openshift.io#2367

[sbose78]

Switch Che to Auth

DONE. Login using Auth's OAuth2.0 workflow.

Start generating tokens in Auth instead of KC

We already do so. Need to stop talking to KC, and talk to RHD only.

Switch all existing Authorization implementation to Auth service

Done 🎆

Support offline tokens in Auth.

#577

[sbose78]

updated the comment above with the list of tasks.