feat(security): add CORS support and update security config

frontend/src/app/service/auth.service.ts

@@ -4,6 +4,7 @@ import { AuthConfig, OAuthService, OAuthStorage } from 'angular-oauth2-oidc';
 import { UserService } from './user.service';
 import { User } from '../model/User';
 import { Router } from '@angular/router';
+import { environment } from '../../environments/environment';
 
 
 @Injectable({
@@ -12,9 +13,9 @@ import { Router } from '@angular/router';
 export class AuthService {
   private readonly authConfig: AuthConfig = {
     issuer: 'https://oauth.simonis.lol/application/o/casino-dev/',
-    clientId: 'MDqjm1kcWKuZfqHJXjxwAV20i44aT7m4VhhTL3Nm',
-    dummyClientSecret: 'GY2F8te6iAVYt1TNAUVLzWZEXb6JoMNp6chbjqaXNq4gS5xTDL54HqBiAlV1jFKarN28LQ7FUsYX4SbwjfEhZhgeoKuBnZKjR9eiu7RawnGgxIK9ffvUfMkjRxnmiGI5',
-    scope: 'openid profile email',
+    clientId: environment.OAUTH_CLIENT_ID,
+    dummyClientSecret: environment.OAUTH_CLIENT_SECRET,
+    scope: `openid email profile ${environment.OAUTH_CLIENT_ID}`,
     responseType: 'code',
     redirectUri: window.location.origin + '/auth/callback',
     oidc: true,
@@ -22,6 +23,9 @@ export class AuthService {
     strictDiscoveryDocumentValidation: false,
     skipIssuerCheck: true,
     disableAtHashCheck: true,
+    jwks: {
+      skipJwksValidation: true,
+    }
   };
 
   private userService: UserService = inject(UserService);