Context:

1. In SSO 3.0, we support multiple clients configuration includes the direct client which allows users to access the content/pages using Access Token. We provided 2 "fixed" authenticators to validate/grant access for given access token:
   • clients.spa (mapped with ClientType.SPA enum): CustomUserInfoOidcAuthenticator rely on UserInfoOidcAuthenticator from Pac4j, actually returned the Pac4j’sJWTClaimsSet (put into UserProfile latter) with data same as Userinfo endpoint (http://localhost:8180/auth/realms/mgnl/protocol/openid-connect/userinfo)
   • clients.e2e (mapped with ClientType.E2E enum): validate the token using Token Introspection endpoint, get the response and create OidcProfile from the response info.
2. The SSO configuration depends on an Enum ClientType (or Map key, above) to distinguish them and create different Pac4j Clients from that.
   • Check out these class:
     • Pac4jConfigProvider#loadPac4jConfig
     • SsoConfig#ClientType

ACs:

• Make the authenticator configurable for various providers cuz they're all different (some of them don't have Token introspection enpoint)
• create the Pac4j Clients in more dynamic way (get rid of the ClientType enum)

Notes:

• Adapt SSO config for SaaS if needed
• Reference: inspiring doc for improving the multi-client config https://www.pac4j.org/docs/config-module.html

Discovery

• Get inspired from the PropertiesConfigFactory from Pac4j https://www.pac4j.org/docs/config-module.html to refactor the clients configuration
• Separate the authorizationGenerators to same level of "clients", then reference to it in the client configuration
• Make the Authenticator configurable for DirectClient only, defines constant value like "userInfoAuthenticator" and "tokenIntrospectionAuthenticator" and create the authenticator programmatically when creating the directClient
• Attached example MpConfig for reference (not final version) 
• Update documentation