feat: integrate keycloak oauth

[Mohmn]

Description

• Added Keycloak SSO integration (keycloak-js) with check-sso bootstrap and PKCE.
• Moved auth initialization to app startup (src/index.js) before rendering routes.
• Added clean auth routing flow:
  • LoginRoute starts SSO login
  • AuthCallback handles Keycloak callback and redirects back to original page
  • PrivateRoute simplified to guard-only behavior
• Added axios auth client setup (authAxios / publicAxios) with:
  • token refresh via ensureFreshToken(30)
  • auth header attachment for protected requests
  • fallback to legacy token when Keycloak is disabled
  • redirect to /login on refresh failure
• Refactored existing API/network calls from fetch to axios in API modules and related components/contexts (without introducing new backend endpoints).

Issue(s) addressed

• Resolves #issue_number

What kind of change(s) does this PR introduce?

• Enhancement
• Bug fix
• Refactor

Please check if the PR fulfils these requirements

• The commit message follows our guidelines
• Tests for the changes have been added (for bug fixes / features)
• Docs have been added / updated (for bug fixes / features)

Issue

What is the current behavior?

What is the new behavior?

Breaking change

Does this PR introduce a breaking change?

Other useful information