wip: Keycloak 26 (without keycloakify)

[corneliusroemer]

relates to #1221

preview URL: https://kc26.loculus.org

Summary

Getting keycloak ready, now just waiting for keycloakify. One can already use as is, keycloakify is just for the looks (and the checkbox). Even registration still works!

Screenshot

Can already be used, just the login theme is missing. Everything else looks great.

Weird that E2E tests fail on this but it works in practice. That's because we're using the non-26 ready theme here, stupid me.

{"level":"error","message":"Failed to reach Keycloak server at http://localhost:8083/realms/loculus","timestamp":"2024-11-21T22:48:13.521Z"}

PR Checklist

• All necessary documentation has been adapted.
• The implemented feature is covered by an appropriate test.

[corneliusroemer]

Maybe something about our login/cookie fixture setup for E2E is no longer permitted in kc 26:

│ 2024-11-22 00:15:19,453 WARN  [org.keycloak.cookie.DefaultCookieProvider] (executor-thread-4) Non-secure context detected; cookies are not secured, and will not be available in cross-or │
│ igin POST requests                                                                                                                                                                        │
│ 2024-11-22 00:16:57,407 WARN  [org.keycloak.events] (executor-thread-8) type="RESTART_AUTHENTICATION_ERROR", realmId="695644c0-0ed1-48cf-994e-cde060e91d99", realmName="loculus", clientI │
│ d="backend-client", userId="null", ipAddress="10.42.0.1", error="expired_code", restart_after_timeout="true"

Login doesn't seem to work (keycloak itself is fine).

Website logs say this:

{"instance":"LoginMiddleware","level":"debug","message":"Trying to get token and user info from cookie","timestamp":"2024-11-22T00:17:07.486Z"}
{"instance":"LoginMiddleware","level":"debug","message":"Verifying token","timestamp":"2024-11-22T00:17:07.486Z"}
{"instance":"LoginMiddleware","level":"debug","message":"Error verifying token: AggregateError","timestamp":"2024-11-22T00:17:07.488Z"}
{"instance":"LoginMiddleware","level":"info","message":"Error verifying token: ","timestamp":"2024-11-22T00:17:07.488Z"}
{"instance":"LoginMiddleware","level":"debug","message":"Trying to get token and user info from params","timestamp":"2024-11-22T00:17:07.488Z"}
{"instance":"LoginMiddleware","level":"debug","message":"Keycloak callback params: {\"code\":[\"6c27848d-dd9c-4c66-b812-e2d1acbe2fe0.95c84d64-c90a-4957-83a0-987b905500c5.b11df7c0-b788-46a5-9193-66af40528583\",\"335def39-8565-4126-958b-ad07dc6dd7a6.95c84d64-c90a-4957-83a0-987b905500c5.b11df7c0-b788-46a5-9193-66af40528583\"],\"iss\":[\"http://localhost:8083/realms/loculus\",\"http://localhost:8083/realms/loculus\"],\"session_state\":[\"95c84d64-c90a-4957-83a0-987b905500c5\",\"95c84d64-c90a-4957-83a0-987b905500c5\"]}","timestamp":"2024-11-22T00:17:07.488Z"}
{"instance":"LoginMiddleware","level":"debug","message":"Keycloak callback redirect uri: http://localhost:3000/","timestamp":"2024-11-22T00:17:07.489Z"}
{"instance":"LoginMiddleware","level":"info","message":"Keycloak callback error: RPError: iss mismatch, expected http://localhost:8083/realms/loculus, got: [\n  'http://localhost:8083/realms/loculus',\n  'http://localhost:8083/realms/loculus'\n]","timestamp":"2024-11-22T00:17:07.489Z"}
{"instance":"LoginMiddleware","level":"error","message":"Error extracting token cookie from token set","timestamp":"2024-11-22T00:17:07.489Z"}