OIDC improvements

[hipoloco]

Apologies in advance if my english is not very good.

At my work we have implemented Apereo CAS (with OAuth 2.0 enabled) as SSO solution. When I tried to connect Greenlight with our SSO I encountered several problems, which I detail:

• you can't use the discovery function (you need to set it to false).
• it's necessary to set the host variable in the provider's client options
• it's necessary to set the URIs of the endpoints (in particular, the user info endpoint)
• the user data returned by our SSO has a structure that does not correspond to the one defined in the ./app/controllers/external_controller.rb file, in particular for the name and email fields:

Definition:

• name: credentials['info']['name']
• email: credentials['info']['email']

Definition required for Apereo CAS:

• name: credentials['extra']['raw_info']]['attributes']['cn']
• email: credentials['extra']['raw_info']['attributes']['mail']

This PR attempts to solve these problems by making the OIDC configuration more flexible.

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.4% Duplication on New Code

See analysis details on SonarCloud

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud