[OIDC] Add (backend) validation for entered client config

[AlexTugarev]

There are several means to verify that the entered OIDC client config is actually usable:

1. A reachability test for the issuer's URL should check if the backend services can actually work with the IdP. We learned several times that this is a common source of failure with different reasons, for instance: typo in URL, filtered by firewall, DNS quirks, etc.

2. Testing clientID/clientSecret, can only be done by letting the installer use the OIDC flow themselves.

3. Testing if OIDC discovery is supported, otherwise we need to fall back to full-fledged OIDC client configuration.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.