Add default client scopes to auto generated keycloak clients

[ericwyles]

Is your feature request related to a problem? Please describe.

When using SSO Secret Templating (#263) to create clients, we need a way to set default scopes on the client. This is because Keycloak is now requiring the openid client scope to be present on all tokens in order for the userinfo call to succeeed (See: defenseunicorns/uds-identity-config#38)

Describe the solution you'd like

• Given I am using SSO Secret Templating to make a new client
• When The client is created in keycloak
• Then The openid client scope (see Create 'openid' client scope by default on the uds realm uds-identity-config#38) can be added automatically.

Additional context

The openid client scope also has to be configured on the keycloak realm before it can be added to specific clients. Issue open here for that: defenseunicorns/uds-identity-config#38

Keycloak change that requires this explained here: https://www.keycloak.org/docs/latest/upgrading/index.html#userinfo-endpoint-changes

[ericwyles]

This is not necessary as long as the client scope already exists on the realm. See defenseunicorns/uds-identity-config#38

Example config:

spec:
  sso:
    - name: Mattermost Client
      clientId: mattermost-client
      redirectUris:
        - "https://chat.uds.dev/*"
      defaultClientScopes:
        - "openid"

Closing this issue since it is already covered using defaultClientScopes as shown above.