Migrate archweb to Keycloak
Add keycloak openid/saml support in archweb and connect it to keycloak.
Groups on archweb:
- Developer
- Trusted Users
- Mirror administrator
- Testers
- Release engineering
- Retired Support Staff
- Support Staff
- Retired Developers
- Retired Trusted Users
Additionally there are some special permissions for some groups:
- everyone from the DevOps team get's Staff status and Superuser status on archweb
- everyone from Mirror maintainers/administrators get's Staff status.
Furthermore we want to be able to write customer user attributes in keycloak via OIDC/SAML, so this must be supported.