Client & Central Controller updates to support additonal OIDC features (#1848)

Client side:
* Fix compatibility with OneLogin
* Requested scopes vary by OIDC provider. Different providers have different

Controller side:
*Update Postgres queries to latest Central schema
* Added Central Controller support for the different providers
* Base OIDC provider details are still attached to an org. Client ID & group/email lists are now associated with individual networks.

node/NetworkConfig.cpp

@@ -201,6 +201,7 @@ bool NetworkConfig::toDictionary(Dictionary<ZT_NETWORKCONFIG_DICT_CAPACITY> &d,b
 			if (!d.add(ZT_NETWORKCONFIG_DICT_KEY_NONCE, this->ssoNonce)) return false;
 			if (!d.add(ZT_NETWORKCONFIG_DICT_KEY_STATE, this->ssoState)) return false;
 			if (!d.add(ZT_NETWORKCONFIG_DICT_KEY_CLIENT_ID, this->ssoClientID)) return false;
+			if (!d.add(ZT_NETWORKCONFIG_DICT_KEY_SSO_PROVIDER, this->ssoProvider)) return false;
 		}
 
 		delete tmp;
@@ -424,6 +425,12 @@ bool NetworkConfig::fromDictionary(const Dictionary<ZT_NETWORKCONFIG_DICT_CAPACI
 					if (d.get(ZT_NETWORKCONFIG_DICT_KEY_CLIENT_ID, this->ssoClientID, (unsigned int)sizeof(this->ssoClientID)) > 0) {
 						this->ssoClientID[sizeof(this->ssoClientID) - 1] = 0;
 					}
+					if (d.get(ZT_NETWORKCONFIG_DICT_KEY_SSO_PROVIDER, this->ssoProvider, (unsigned int)(sizeof(this->ssoProvider))) > 0) {
+						this->ssoProvider[sizeof(this->ssoProvider) - 1] = 0;
+					} else {
+						strncpy(this->ssoProvider, "default", sizeof(this->ssoProvider));
+						this->ssoProvider[sizeof(this->ssoProvider) - 1] = 0;
+					}
 				} else {
 					this->authenticationURL[0] = 0;
 					this->authenticationExpiryTime = 0;
@@ -432,6 +439,7 @@ bool NetworkConfig::fromDictionary(const Dictionary<ZT_NETWORKCONFIG_DICT_CAPACI
 					this->ssoState[0] = 0;
 					this->ssoClientID[0] = 0;
 					this->issuerURL[0] = 0;
+					this->ssoProvider[0] = 0;
 				}
 			}
 		}