Fix Swagger to use OAuth 2.0 Implicit flow when authenticating using Keycloak

Don't want to have dev deployed and exposing the client secret for the `user-auth` client. Swagger should use the implicit oauth flow instead of client credentials, taking advantage of the keycloak login page.