A short lived cookie is set for the temporary JWT. The cookie will be
deleted once the token is manually refreshed.

Because the API's callback isn't directly called by the frontend, it
doesn't have access to the response. I found three options to pass
authentication to the frontend: via URL (query param/fragment
identifier), JavaScript in the callback response or a short lived
cookie. The cookie is easy to implement and doesn't require any
knowledge about the frontend.

A `refresh` parameter has been added to /auth/login to create a new JWT
with an extended `expiredAt`.

Make auth callback handling more consistent

See merge request arsnova/arsnova-backend!168

Callback URIs for SSO authentication have been adjusted to use a common
pattern: `/auth/callback/*`. The Pac4j client name is now based on the
provider id an is part of the path instead of a query parameter.

Register Pac4j's AuthenticationProvider for OIDC

See merge request arsnova/arsnova-backend!167

Improve CI config for Maven

See merge request arsnova/arsnova-backend!166

Maven options have been added to CI config.

Improve proxy path handling for API

See merge request arsnova/arsnova-backend!165

* Automatically append /v2 to `apiPath` in legacy config.
* Renamed `api.path` config property to `api.proxy-path`.
* `api.proxy-path` is not set by default.

Set Docker images for CI jobs explicitly

See merge request arsnova/arsnova-backend!164

Restrict config endpoint to HTTP GET method

See merge request arsnova/arsnova-backend!163

Fix calculation of JWT's exp value (expires at)

See merge request arsnova/arsnova-backend!162

The time zone conversion was handled incorrectly which lead to the
exp value being in the past or too far in the future if the system's
time zone was not UTC.

Config endpoint

See merge request !161

This endpoint returns properties for enabled authentication providers,
a list of enabled features and UI-specific properties.

Configuration properties are now additionally loaded from:
* secrets.yml
* ui.yml

Properties in these files are merged with properties from
application.yml and override existing ones.

Move to new API because of deprecation and add correct annotation

See merge request !159

Jetty 9.4.20 has a breaking change causing issues with Spring's
Websocket handling. This will be fixed in version 9.4.21.

See https://github.com/eclipse/jetty.project/issues/4020.

Closes #49.

Replace wiki link with relative repository link.

Add /stats endpoint for rooms with content group stats

See merge request !158

The endpoint currently returns the number of contents of the room and a
list of all content groups with their number of contents. Additional
stats like total answer and comment are not set yet and have to be added
later.

Refs #45.

Conditional beans

Closes #35 and #50

See merge request !157

Beans related to authentication providers are now only initialized if
they have been enabled via configuration.

Besides eliminating memory usage and initialization time of the beans
this fixes issues caused by filters of disabled authentication
providers.

Fixes #35, #50.