This backend for Django REST Framework enables to authenticate users through the
use of bearer tokens (provided by Keycloak) sent in HTTP request headers.

Closes T2249

Add Django plumbing in swh-web to use OpenID Connect authentication layer.

It enables to securely authenticate users stored in a remote identity
and access management server implementing OpenID Connect specifications.
For the swh-web case, the open source solution Keycloak will be used.

New Django views are also introduced in order for users to login/logout
from the main HTML interface.

A custom Django User model is also used for remote users in order to
store OpenID Connect related data and avoid to save users to Django
database (those sensitive information are already securely stored in
Keycloak so there is no need to duplicate them).

Closes T2245
Closes T2246
Closes T2295

Related to D2820

Closes T2294

swh.model.from_disk.Directory.from_disk signature and usage have changed
since rDMOD6da524cb2bd8b870eaa0be477837694617cfff1b.

Also add a new rule to enforce consistent spacing inside braces.

closes T2286

This will prevent bad surprises when users simply invoke pytest in the root folder
of swh-web as default profile makes tests execution slow and tests can fail depending
on the hypothesis version used.

It will enable to find an origin when users provide urls with or without
a trailing slash.

Closes T1852
Closes T2289

Closes T2141

Closes T2284

  - add external links parsing

  - fix parsing of multiple links in same paragraph

  - fix links to endpoints documentation since D2665

Extract the methods from the sphinxcontrib-httdomain directives instead of a
complicated parsing from some strings in the endpoint docstrings.

It enables to document nested objects for request and response data.

Some new api endpoints require to send JSON data in HTTP requests but it was currently
not handled by the apidoc module.

So handle corresponding httpdomain directives in our custom rst nodes visitor.

Also add support for documenting JSON array of non object type as httpdomain does
not offer any directive for that type.

In order to simplify the use of the apidoc module, create a dedicated view
to display HTML documentation for each decorated endpoint.

This fixes an issue when an endpoint only accepts POST requests.

The noargs parameter is still used but is no more mandatory to an endpoint
without URL arguments. It simply enables to avoid redirecting to the endpoint
doc view from the endpoints list view as response data can be immediately
displayed.

The `?` character was always missing.

The appended `?` character was after `?fulltext=`, which caused the URL
to not be parsed as expected.

Required by swh-storage >= v0.0.172.

Use a __getattr__ like storage proxies do.

This will also be required when the validation proxy of swh-storage is merged,
as this proxy uses __getattr__, so inspect.getmembers() does not return all
method names that can be called.

When a search query does not look like a PID, do not try to resolve it by
sending a request to the dedicated endpoint and directly search for origins.

Closes T1850

Related to T2265

Current implementation of polyfill for document.elementsFromPoint is buggy,
so fix it to avoid js errors in old browsers.

Stop leaking those ids in results from the /api/1/origins/ endpoint.

Remove any reference to those ids in the doc and the code.

Related to T1791

Closes T2250

(and sort alphabetically)