[WFLY-16532] elytron-oidc-client: add ability to configure additional…

… scope for authentication request

elytron/WFLY-16532-additional-scope-for-auth-request.adoc

@@ -0,0 +1,129 @@
+== Adding the ability to configure additional scope for authentication request
+:author:            Prarthona Paul
+:email:             prpaul@redhat.com
+:toc:               left
+:icons:             font
+:idprefix:
+:idseparator:       -
+
+== Overview
+
+OpenID Connect is an authentication mechanism that builds on OAuth 2.0 
+and allows a user to login to a web application using credentials established 
+by an OpenID provider. 
+Currently, when sending an authentication request to the OpenID provider, one 
+of the required parameters with the authentication flow is "scope". However, for 
+now, that value is hardcoded as just "openid". 
+
+The specifications indicate that there are other scope values which may be included in 
+the authentication request. This new feature adds the ability to configure the `scope` attribute
+of the `elytron-oidc-client` subsystem, so that those additional parameters can be specified when 
+configuring the server. 
+
+The feature will allow the user to configure the server in two ways: 
+
+* In an application's oidc.json file 
+
+* in the elytron-oidc-client subsystem configuration in the secure-deployment resource
+
+== Issue Metadata
+
+=== Issue
+
+* https://issues.redhat.com/browse/WFLY-16532[WFLY-16532]
+
+=== Related Issues
+
+* N/A
+
+=== Dev Contacts
+
+* mailto:{email}[{author}]
+
+=== QE Contacts
+
+* TBD
+
+=== Testing By
+// Put an x in the relevant field to indicate if testing will be done by Engineering or QE. 
+// Discuss with QE during the Kickoff state to decide this
+* [ ] Engineering
+
+* [ ] QE
+
+* TBD
+
+=== Affected Projects or Components
+
+* WildFly
+
+* WildFly-elytron
+
+=== Other Interested Projects
+
+N/A
+
+=== Relevant Installation Types
+
+* [x] Traditional standalone server (unzipped or provisioned by Galleon)
+
+* [x] Managed domain
+
+* [x] OpenShift s2i
+
+* [x] Bootable jar
+
+== Requirements
+
+=== Hard Requirements
+
+* A new `scope` resource added to the `elytron-oidc-client` subsystem, which will be used 
+to configure the scope attribute of the oidc client. 
+
+* It must be possible to configure this attribute using the following command: 
+
+```
+/subsystem=elytron-oidc-client=my-oidc-client:write-attribute(name=scope, value=openid)
+```
+
+* It must also be configured using the `oidc.json` file as follows: 
+```
+"scope" : "<clinet id>%20offline_access%20openid"
+```
+
+=== Nice-to-Have Requirements
+
+N/A
+
+=== Non-Requirements
+
+N/A
+
+=== Backwards Compatibility
+
+N/A
+
+=== Default Configuration
+
+The `scope` attribute would be undefined by default and in that case, the scope 
+would be hardcoded as `scope=openid` as before. 
+
+//commenting these out for now. Will delete if we dont need it. 
+// === Importing Existing Configuration
+
+// === Deployments
+
+// === Interoperability
+
+// === Security Considerations
+
+== Test Plan
+
+* Wildfly Elytron test suit: Test cases implemented for functionality. 
+
+* WildFly test suite: Ensuring the correct scope if chosen and used when the `scope` attribute is 
+changed. 
+
+== Community Documentation
+
+Documentation will be added to https://github.com/wildfly/wildfly/blob/main/docs/src/main/asciidoc/_elytron/Keycloak_Integration.adoc[Elytron's Keycloak Integration Documentation].