[IDEA] Add support for auth via OIDC

[mgaffigan]

Is your feature request related to a problem? Please describe.
Passwords suck.

Describe your use case
Most authentication providers have coalesced on OIDC as the "one true auth protocol". This includes but is certainly not limited to:

• Microsoft Active Directory Federation Services
• Microsoft Azure
• Google
• Amazon
• Apple
• Okta/Auth0
• Ping
• Onelogin
• Keycloak
• Github
• Gitlab

Describe the solution you'd like
Make it easy for an administrator to setup OIDC from within the mirth administrator UI.

Describe alternatives you've considered

• WS-Federation
  Fine, but less supported. Everyone that supports WS-Federation supports OIDC.
• SAML
  Fine, but less consistent. Everyone that supports SAML supports OIDC.
• Existing two-factor apps
  Doesn't support variety of auth circumstances and auth-integrated 2FA

Additional context

• Depends on [IDEA] Add web single sign-on support #171

[PBRichardson]

I love this proposal. Apart from all the obvious benefits of tying a user into their corporate directory, it is an easier and more flexible way of implementing MFA than building it into the app, plus if we design the set of claims right, we can implement role-based access as per the NG plugin. The NHS has a single OIDC/OAuth implementation for all its employees, so that's a huge additional win. How many more birds do we want to kill with one stone?

[mgaffigan]

@PBRichardson, I agree with including RBAC next. OIDC has a working implementation in https://github.com/mgaffigan/oie/tree/feature/add-oidc-auth that I'm working to merge (#175, #176). Testing appreciated! There are screenshots of use and admin UI in the discord thread.