Add OpenID Connect for Authentication

Add the ability to configure and enable authentication via an OpenID connect provider - e.g. https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server. The admin should have a choice between "remote_user" HTTP header and OpenID Connect.
