OAuth2/OIDC support

[Deleranax]

This PR adds the support for OAuth2/OIDC log in (and user provisioning). The implementation uses the built-in user system, and only do log in/register with OIDC (it doesn't use the session management mechanisms of OIDC).

This fork was not intended to be merged with upstream, but after seeing that SSO was a requested feature (issue #233), I decided to open this pull request (hoping that it can be useful!).

Work done:

• Added all required environment variables (RM_OIDC_ISSUER, RM_OIDC_CLIENT_ID, RM_OIDC_CLIENT_SECRET) plus some customisation (RM_OIDC_LABEL to change the log in button label, RM_OIDC_ONLY to disable password auth)
• Added 3 new API routes (ui/api/oidc/info to query OIDC availability and button label, ui/api/oidc/auth to launch OIDC auth, ui/api/oidc/callback to finish OIDC auth)
• Added a log out landing page, which is only useful when password auth is disabled (to prevent auto log in). The page just redirect the user to the log in page when password auth is enabled.
• Updated dependencies (I'm not very skilled with Go dependency management, and it was the only way I found for it to work, don't hesitate to correct me).
• Added user provisioning (when OPEN_REGISTRATION is true). The new users use a randomly generated password (which is not used when OIDC is enabled).
• Updated docs with the added features (and description of the env vars).

A working Docker image is hosted on DockerHub (deleranax/rmfakecloud).

[rmitchellscott]

Does this assign the admin role based on OIDC group membership?

[Deleranax]

Does this assign the admin role based on OIDC group membership?

In the current version no. Only the first user receives the admin role and can then assign this role to other users. But I'm willing to work on this feature if you wish.