Check for dependend URLs (web_origins, admin_url) is too strict if root-url is set for a client

[thomasdarimont]

Keycloak allows to use relative URLs for web_origins, admin_url and redirect_uri of a client that are resolved against a given root_url. The current implementation of terraform-keycloak requires that web_origins and admin_url are configured if a root_url is used, however Keycloak does not require it and there are scenarios where a client does not provide support for a admin_url endpoint or web_origins checks. For those cases one currently needs to avoid using the root_url which might lead to additional configuration.

It would be helpful if the check for the dependent urls like (admin_url, web_origins) in resource_keycloak_openid_client.go could be relaxed to support optional admin_url and web_origins in case a root_url is used.

[misteio]

+1

[daviddelannoy]

+1