Migrations are once again enabled if `migrate-from` property is set.
Code has been refactored to use `@ConditionalOnProperty` instead of a
custom implementation for `@Conditional`.

* Add handling for OIDC, SAML and anonymized profiles
* Remove prefixes from loginIds

Content groups are created based on question variants of the v2 question
documents.

Use Object instead of wildcard for extensions' inner Map

See merge request arsnova/arsnova-backend!173

Wildcard types should not be used as return type.

Add additional text properties for content

See merge request arsnova/arsnova-backend!172

An additional text and title can be added to contents which can be used
for multiple purposes based on the content format. These properties are
also used to migrate solution and hint properties from v2.

Add SAML authentication support

See merge request arsnova/arsnova-backend!171

Those classes are now used for OAuth, OIDC and SAML authentication
handling, so the Oauth prefix would be confusing.

Fix CAS callback path

See merge request arsnova/arsnova-backend!170

While it didn't cause any issues it doesn't make any sense to have the
CAS callback path under `/oauth`.

LDAP and SSO auth endpoints

See merge request arsnova/arsnova-backend!169

HTML/JavaScript code is output by the SuccessHandler to close the
browser window if SSO login was opened in a popup.

A short lived cookie is set for the temporary JWT. The cookie will be
deleted once the token is manually refreshed.

Because the API's callback isn't directly called by the frontend, it
doesn't have access to the response. I found three options to pass
authentication to the frontend: via URL (query param/fragment
identifier), JavaScript in the callback response or a short lived
cookie. The cookie is easy to implement and doesn't require any
knowledge about the frontend.

A `refresh` parameter has been added to /auth/login to create a new JWT
with an extended `expiredAt`.

Make auth callback handling more consistent

See merge request arsnova/arsnova-backend!168

Callback URIs for SSO authentication have been adjusted to use a common
pattern: `/auth/callback/*`. The Pac4j client name is now based on the
provider id an is part of the path instead of a query parameter.

Register Pac4j's AuthenticationProvider for OIDC

See merge request arsnova/arsnova-backend!167

Improve CI config for Maven

See merge request arsnova/arsnova-backend!166

Maven options have been added to CI config.

Improve proxy path handling for API

See merge request arsnova/arsnova-backend!165

* Automatically append /v2 to `apiPath` in legacy config.
* Renamed `api.path` config property to `api.proxy-path`.
* `api.proxy-path` is not set by default.

Set Docker images for CI jobs explicitly

See merge request arsnova/arsnova-backend!164

Restrict config endpoint to HTTP GET method

See merge request arsnova/arsnova-backend!163

Fix calculation of JWT's exp value (expires at)

See merge request arsnova/arsnova-backend!162

The time zone conversion was handled incorrectly which lead to the
exp value being in the past or too far in the future if the system's
time zone was not UTC.

Config endpoint

See merge request !161

This endpoint returns properties for enabled authentication providers,
a list of enabled features and UI-specific properties.

Configuration properties are now additionally loaded from:
* secrets.yml
* ui.yml

Properties in these files are merged with properties from
application.yml and override existing ones.