Create a group service in Auth microservice

[jalbinson]

User Story

We will need to use the applications group API to retrieve an application's groups to pass along to any service.

Description/Use Case

Application groups cannot be automatically appended to the token with Okta. We need to bypass this method that users currently use and grab the groups directly from the Okta API.

Risks/Impacts/Considerations

Any additional api call during the authn/authz process can be another point of failure.

Dev Notes

• Have to add code to retrieve the okta private key secret from Azure.
  • Perhaps secret retrieving code can be moved into the shared project?
  • Base 64 encode the private key to avoid issues with length and formatting (decode after retrieving)
• Use Okta SDK libraries to make the call out to groups
• Wrap all external calls into coroutines to not block threads
• Only call this API for applications using client credentials flow.
  • You can check the claims to be able to tell the difference between an application and a user
  • the presence (or lack of) the "organization" claim will tell you what type of user it is

applicationGroupsApi.listApplicationGroupAssignments(appId, null, null, null, "group")

implementation("com.okta.sdk:okta-sdk-api:19.0.0")
runtimeOnly("com.okta.sdk:okta-sdk-impl:19.0.0") 

Acceptance Criteria

• Proper secret fetching from azure
• GroupService set up as suspended function in auth microservice
• unit tests