Password reset link test condition more strict and move all WebWolf links to /WebWolf (#1645)

* better check on host and port for password reset and make context roots more flexible

* spotless applied

* removed hardcoded /WebGoat from js

* removed hardcoded /WebGoat from js

* fix spotless

* fix scoreboard

* upgrade WebWolf bootstrap version and icons and templates - part 1

* fixed more bootstrap 5 style issues and context path issues

* organized WebSecurityConfig based on latest conventions and added basic support for oauth (more work needed)

* spotless applied

* added mock bean

* requires updates to properties - commented for now

* requires updates to properties - commented for now

* oauth secrets through env values

* user creation after oauth login

* integration test against non default context paths

* adjusted StartupMessage

* add global model element username

* conditionally show login oauth links

* fixed WebWolf login

---------

Co-authored-by: René Zubcevic <rene@Mac-mini-van-Rene.local>

src/main/resources/lessons/httpbasics/html/HttpBasics.html

@@ -21,7 +21,7 @@
             <!-- of course, you can write your own ajax submission /handling in your own javascript if you like -->
 			<form class="attack-form" accept-charset="UNKNOWN"
 				method="POST" name="form"
-				action="/WebGoat/HttpBasics/attack1">
+				action="HttpBasics/attack1">
 				<div id="lessonContent">
 					<form accept-charset="UNKNOWN" method="POST" name="form"
 						action="#attack/307/100">
@@ -51,7 +51,7 @@
                 <!-- of course, you can write your own ajax submission /handling in your own javascript if you like -->
 				<form class="attack-form" accept-charset="UNKNOWN" 
 					method="POST" name="form"
-					action="/WebGoat/HttpBasics/attack2">
+					action="HttpBasics/attack2">
 					<script>
 					    // sample custom javascript in the recommended way ...
 					    // a namespace has been assigned for it, but you can roll your own if you prefer