GeoAxis Integration in OCP 3

hosts

# Authentication via GEOAxIS,  RH SSO,  & htpasswd
openshift_master_identity_providers=[{'name':'GEOAxIS', 'login':'true', 'challenge':'false', 'mappingMethod':'add', 'kind':'OpenIDIdentityProvider', 'client_id':'openshift', 'client_secret':'${OCP_SSO_CLIENT_SECRET:=}', 'urls':{'authorize':'https://${OCP_SSO_HOST}/auth/realms/OpenShift/protocol/openid-connect/auth?kc_idp_hint=${OCP_SSO_GEOAXIS_IDENTITY_PROVIDER_ALIAS:=GEOAxIS}', 'token':'https://${OCP_SSO_HOST}/auth/realms/OpenShift/protocol/openid-connect/token', 'userInfo':'https://${OCP_SSO_HOST}/auth/realms/OpenShift/protocol/openid-connect/userinfo'}, 'claims':{'id':['sub'], 'preferredUsername':['preferred_username'], 'name':['name'], 'email':['email']}},  {'name':'RHSSO', 'login':'true', 'challenge':'false', 'mappingMethod':'add', 'kind':'OpenIDIdentityProvider', 'client_id':'openshift', 'client_secret':'${OCP_SSO_CLIENT_SECRET:=}', 'urls':{'authorize':'https://${OCP_SSO_HOST}/auth/realms/OpenShift/protocol/openid-connect/auth', 'token':'https://${OCP_SSO_HOST}/auth/realms/OpenShift/protocol/openid-connect/token', 'userInfo':'https://${OCP_SSO_HOST}/auth/realms/OpenShift/protocol/openid-connect/userinfo'}, 'claims':{'id':['sub'], 'preferredUsername':['preferred_username'], 'name':['name'], 'email':['email']}},  {'name': 'htpasswd', 'login':'true', 'challenge':'true', 'kind':'HTPasswdPasswordIdentityProvider'}]
openshift_master_openid_ca_file=/etc/ssl/certs/ca-bundle.crt
# so the CA cert files at the autogenerated paths
#     /etc/origin/master/<OpenID provider name>_openid_ca.crt
#   are created & can be used to verify the OpenID IdP HTTPS certificate