Spring Security Allow the Oauth2 password authorisation grant without username/password for x509 client certificate authentication

Expected Behavior

Allow the PasswordReactiveOAuth2AuthorizedClientProvider to be used without password nor username.

Current Behavior

PasswordReactiveOAuth2AuthorizedClientProvider will not attempt authentication when password/username not set

Context

Keycloak has the option to authenticate clients using x509 certificates instead of username and password when using the password autoriztion grant type (See https://www.keycloak.org/docs/19.0.0/server_admin/index.html#_x509 - the direct grant flow case) As a workaround we set a bogus username and password.

Comment From: jgrandja

Closing this as duplicate of gh-4498