Support OAuth2 Authentication on client side

[githengi]

• Support OAuth2 Authentication on client side.

• This should be be able to client side to authenticate against OpenSRP Oauth Authorization server and get a refresh and access token

• The client side should be able to use the access token to authenticate subsequent requests.

• The client side should use the refresh token to get a new access token if the the current access token expires.

• Use the account manager to store both the refresh and access tokens

• Encrypt with a salt the password : Fixes Issue Encrypt with a salt the password stored on the settings table #354

Reference https://developer.android.com/training/id-auth/authenticate

[craigappl]

@githengi , I have two notes:

1. We need to make sure we retain the process so users can login while offline.
2. How do we deal with sessions that expire because the user is offline for up to a week?

[githengi]

1. Offline login should still work as the local authentication will not be changed where the user keys username and password and those are used to authenticate against the generated keypair on the device.

2. Access tokens will used to authenticate to the server. However they expire with a short duration currently they are configured to expire in an hour. The refresh token expires by default in 30 days (can be configured )and are used to get new access tokens if the access token has expired. If the refresh token is expired users have to login again

@craigappl does the above address the 2 concerns

[ndegwamartin]

Fixes related to/Fixed Issue 283 - Switch to Account Manager for client authentication

[githengi]

@ndegwamartin added the below for Keycloak changes

• Invoke the URL /rest/config/keycloak to get the Keycloak realm details

• Extract the token endpoint from the key token_endpoint from the JSON payload and use to invoke the token Endpoint on Keycloak