Add OIDC provider functionality with validation setup

This commit adds OpenID Connect (OIDC) provider functionality to tinyauth,
allowing it to act as an OIDC identity provider for other applications.

Features:
- OIDC discovery endpoint at /.well-known/openid-configuration
- Authorization endpoint for OAuth 2.0 authorization code flow
- Token endpoint for exchanging authorization codes for tokens
- ID token generation with JWT signing
- JWKS endpoint for public key distribution
- Support for PKCE (code challenge/verifier)
- Nonce validation for ID tokens
- Configurable OIDC clients with redirect URIs, scopes, and grant types

Validation:
- Docker Compose setup for local testing
- OIDC test client (oidc-whoami) with session management
- Nginx reverse proxy configuration
- DNS server (dnsmasq) for custom domain resolution
- Chrome launch script for easy testing

Configuration:
- OIDC configuration in config.yaml
- Example configuration in config.example.yaml
- Database migrations for OIDC client storage

validation/config.yaml

@@ -0,0 +1,36 @@
+appUrl: "http://auth.example.com"
+logLevel: "info"
+databasePath: "/data/tinyauth.db"
+
+auth:
+  users: "user:$2b$12$mWEdxub8KTTBLK/f7dloKOS4t3kIeLOpme5pMXci5.lXNPANjCT5u"  # user:pass
+  secureCookie: false
+  sessionExpiry: 3600
+  loginTimeout: 300
+  loginMaxRetries: 3
+
+oidc:
+  enabled: true
+  issuer: "http://auth.example.com"
+  accessTokenExpiry: 3600
+  idTokenExpiry: 3600
+  clients:
+    testclient:
+      clientSecret: "test-secret-123"
+      clientName: "OIDC Test Client"
+      redirectUris:
+        - "http://client.example.com/callback"
+        - "http://localhost:8765/callback"
+        - "http://127.0.0.1:8765/callback"
+      grantTypes:
+        - "authorization_code"
+      responseTypes:
+        - "code"
+      scopes:
+        - "openid"
+        - "profile"
+        - "email"
+
+ui:
+  title: "Tinyauth OIDC Test"
+