Add support for IdP broker endpoint based IdC auth

[rasika]

Description

This pull request adds support for a new authentication plugin, IdpTokenUrlAuthPlugin, which enables Redshift clients to dynamically fetch access tokens from an external IDP broker endpoint (such as Keycloak) over HTTPs. This plugin removes the need for embedding static tokens in JDBC URLs—solving token-replay issues when using DB connection pools—and integrates seamlessly with the existing Redshift authentication framework.

Motivation and Context

New Authentication Plugin Support

Introduced IdpTokenUrlAuthPlugin in
src/main/java/com/amazon/redshift/plugin/IdpTokenUrlAuthPlugin.java.

#146

Diagram

Supports:

• Fetching IDP tokens via HTTP(S) from a user-specified endpoint with Bearer auth token retrieval.
• Custom token attribute extraction.

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)

Checklist

• Local run of mvn install succeeds
• My code follows the code style of this project
• My change requires a change to the Javadoc documentation
• I have updated the Javadoc documentation accordingly
• I have read the README document
• I have added tests to cover my changes
• All new and existing tests passed
• A short description of the change has been added to the CHANGELOG

License

- By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.