Add CSRF filter + response validation to the core Quarkus lib

This enables a CSRF feature that can be used on any app that makes use of this lib. Enable the csrf through security.csrf.enabled, and configure security.csrf.salt to strengthen the security of the app.

Once done, any mutator requests become guarded by CSRF. Other requests can manually call the CSRF helper to validate a request as done in the test resource.

Additionally, added authenticated test profile for testing security/authentication layer separate from the rest of the application. Authentication has been disabled by default, and can be enabled by setting the field in the application.properties file of the app.

Signed-off-by: Martin Lowe martin.lowe@eclipse-foundation.org

core/src/main/java/org/eclipsefoundation/core/exception/FinalUnauthorizedException.java

+package org.eclipsefoundation.core.exception;
+
+/**
+ * Represents an unauthorized request with no redirect (standard UnauthorizedException gets routed
+ * to OIDC login page when active, which is not desired).
+ *
+ * @author Martin Lowe
+ */
+public class FinalUnauthorizedException extends RuntimeException {
+
+  public FinalUnauthorizedException(String message) {
+    super(message);
+  }
+
+  /** */
+  private static final long serialVersionUID = 1L;
+}