feat(auth): add role mapping for JWT auth claims

[jescalada]

This PR builds on #967 and adds the possibility of defining mappings for JWT claims into app roles, such as the admin role. This adds flexibility to the API, allowing automated tools to use admin-only endpoints.

It also adds a test suite for the JWT-related additions in both PRs.

Here's a sample apiAuthentication entry in proxy.config.json to understand the structure of the mapping definition. In this case, all users with the claim "name" set to a value of "Juan E" will have their req.user.admin == true:

"apiAuthentication": [
    {
      "type": "jwt",
      "enabled": true,
      "jwtConfig": {
        "clientID": "<my-client-id>",
        "authorityURL": "https://accounts.google.com",
        "roleMapping": {
          "admin": {
            "name": "Juan E"
          }
        }
      }
    }
  ]

Changelog:

• Add JWT claim -> role mapping functionality
• Add JWT mappings to config
  • admin role set by default
• Add unit tests for jwtAuthHandler and jwtUtils files

[netlify]

✅ Deploy Preview for endearing-brigadeiros-63f9d0 canceled.

Name	Link
🔨 Latest commit	336e51d
🔍 Latest deploy log	https://app.netlify.com/sites/endearing-brigadeiros-63f9d0/deploys/67ff69cda407d70008d0920d

[codecov]

Codecov Report

Attention: Patch coverage is 73.78049% with 43 lines in your changes missing coverage. Please review.

Project coverage is 51.86%. Comparing base (3718943) to head (336e51d).

Files with missing lines	Patch %	Lines
src/service/passport/activeDirectory.js	15.38%	22 Missing ⚠️
src/service/passport/oidc.js	30.00%	7 Missing ⚠️
src/service/passport/jwtAuthHandler.js	84.61%	4 Missing ⚠️
src/service/passport/local.js	85.18%	4 Missing ⚠️
src/config/index.ts	85.71%	2 Missing ⚠️
src/service/passport/jwtUtils.js	94.44%	2 Missing ⚠️
src/service/routes/auth.js	66.66%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #977      +/-   ##
==========================================
+ Coverage   49.65%   51.86%   +2.21%     
==========================================
  Files          48       51       +3     
  Lines        1718     1799      +81     
  Branches      175      176       +1     
==========================================
+ Hits          853      933      +80     
- Misses        841      842       +1     
  Partials       24       24              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[dcoric]

Everything looks good, I just have a small suggestions for Improvement:

Cypress Tests:

• Login Tests: Consider adding a negative test case in login.cy.js to verify error handling for invalid login attempts.

Config Schema:

• Documentation: Enhance the apiAuthentication property with examples or additional documentation to clarify its usage and purpose.

[dcoric]

The new test "should redirect to repo list on valid login" is good, but consider adding a negative test case (e.g., invalid login) to ensure the login flow handles errors gracefully.

[dcoric]

The new apiAuthentication property is well-defined, but consider adding examples or additional documentation to clarify how this property should be used in practice. This will help other developers understand its purpose and usage.