Started refactor for merge of OIDC

- Made oidc config more generic to not be overly reliant on the library
  based upon learnings from saml2 auth.
- Removed any settings that are redundant or not deemed required for
  initial implementation.
- Reduced some methods down where not needed.
- Renamed OpenID to OIDC
- Updated .env.example.complete to align with all options and their
  defaults

Related to #2169

app/Config/oidc.php

@@ -0,0 +1,30 @@
+<?php
+
+return [
+
+    // Display name, shown to users, for OpenId option
+    'name' => env('OIDC_NAME', 'SSO'),
+
+    // Dump user details after a login request for debugging purposes
+    'dump_user_details' => env('OIDC_DUMP_USER_DETAILS', false),
+
+    // Attribute, within a OpenId token, to find the user's display name
+    'display_name_claims' => explode('|', env('OIDC_DISPLAY_NAME_CLAIMS', 'name')),
+
+    // OAuth2/OpenId client id, as configured in your Authorization server.
+    'client_id' => env('OIDC_CLIENT_ID', null),
+
+    // OAuth2/OpenId client secret, as configured in your Authorization server.
+    'client_secret' => env('OIDC_CLIENT_SECRET', null),
+
+    // The issuer of the identity token (id_token) this will be compared with what is returned in the token.
+    'issuer' => env('OIDC_ISSUER', null),
+
+    // Public key that's used to verify the JWT token with.
+    // Can be the key value itself or a local 'file://public.key' reference.
+    'jwt_public_key' => env('OIDC_PUBLIC_KEY', null),
+
+    // OAuth2 endpoints.
+    'authorization_endpoint' => env('OIDC_AUTH_ENDPOINT', null),
+    'token_endpoint' => env('OIDC_TOKEN_ENDPOINT', null),
+];

app/Config/openid.php

@@ -1,46 +0,0 @@
-<?php
-
-return [
-
-    // Display name, shown to users, for OpenId option
-    'name' => env('OPENID_NAME', 'SSO'),
-
-    // Dump user details after a login request for debugging purposes
-    'dump_user_details' => env('OPENID_DUMP_USER_DETAILS', false),
-
-    // Attribute, within a OpenId token, to find the user's email address
-    'email_attribute' => env('OPENID_EMAIL_ATTRIBUTE', 'email'),
-    // Attribute, within a OpenId token, to find the user's display name
-    'display_name_attributes' => explode('|', env('OPENID_DISPLAY_NAME_ATTRIBUTES', 'name')),
-    // Attribute, within a OpenId token, to use to connect a BookStack user to the OpenId user.
-    'external_id_attribute' => env('OPENID_EXTERNAL_ID_ATTRIBUTE', null),
-
-    // Overrides, in JSON format, to the configuration passed to underlying OpenIDConnectProvider library.
-    'openid_overrides' => env('OPENID_OVERRIDES', null),
-
-    // Custom service instances, used by the underlying OpenIDConnectProvider library
-    'openid_services' => [],
-
-    'openid' => [
-        // OAuth2/OpenId client id, as configured in your Authorization server.
-        'clientId'                => env('OPENID_CLIENT_ID', ''),
-
-        // OAuth2/OpenId client secret, as configured in your Authorization server.
-        'clientSecret'            => env('OPENID_CLIENT_SECRET', ''),
-
-        // OAuth2 scopes that are request, by default the OpenId-native profile and email scopes.
-        'scopes'                  => 'profile email',
-
-        // The issuer of the identity token (id_token) this will be compared with what is returned in the token.
-        'idTokenIssuer'           => env('OPENID_ISSUER', ''),
-
-        // Public key that's used to verify the JWT token with.
-        'publicKey'               => env('OPENID_PUBLIC_KEY', ''),
-
-        // OAuth2 endpoints.
-        'urlAuthorize'            => env('OPENID_URL_AUTHORIZE', ''),
-        'urlAccessToken'          => env('OPENID_URL_TOKEN', ''),
-        'urlResourceOwnerDetails' => env('OPENID_URL_RESOURCE', ''),
-    ],
-
-];