Feature/whitelisted urls ignore tokens no matter valid invalid or expired extra filter validation

[sergio-soria-bi]

AadAppRoleStatelessAuthenticationFilter tries to get a valid UserPrincipal on every request (no matter if it is whitelisted).

That's ok if token is not existing, if token is invalid, but if token is valid but expired, AadAppRoleStatelessAuthenticationFilter rejects request.

That's an issue, and sadly, AadAppRoleStatelessAuthenticationFilter does not offer an option to ignore that.

This MR will introduce a custom preFilter, ConditionalAadFilter, that will skip AadAppRoleStatelessAuthenticationFilter if request is whitelisted.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud