Ignore "broker" and "realm-management" client for PKCE and client aut…

…h checks. Closes #27

kcwarden/auditors/client/client_authentication_via_mtls_or_jwt_recommended.py

@@ -17,6 +17,11 @@ def should_consider_client(self, client) -> bool:
             and not client.is_realm_specific_client()
             and client.is_oidc_client()
             and not client.is_public()
+            # Ignore broker and realm-management - they show up as having the standard
+            # flow enabled, but don't actually have it, according to the UI. They are
+            # also lacking redirect URIs and other relevant settings. See issue #27 on
+            # GitHub.
+            and client.get_name() not in ["broker", "realm-management"]
         )
 
     def client_does_not_use_mtls_or_jwt_auth(self, client) -> bool:

kcwarden/auditors/client/confidential_client_should_enforce_pkce.py

@@ -19,6 +19,11 @@ def should_consider_client(self, client) -> bool:
             and not client.is_realm_specific_client()
             and (not client.is_public())
             and client.has_standard_flow_enabled()
+            # Ignore broker and realm-management - they show up as having the standard
+            # flow enabled, but don't actually have it, according to the UI. They are
+            # also lacking redirect URIs and other relevant settings. See issue #27 on
+            # GitHub.
+            and client.get_name() not in ["broker", "realm-management"]
         )
 
     def client_does_not_enforce_pkce(self, client) -> bool: