NIFI-7584 Added OIDC logout mechanism.

[mtien-apache]

Added method to validate the OIDC Access Token for the revoke endpoint.
Created a new callback URI of oidc/logoutCallback to handle certain OIDC logout cases.
Changed method to exchange the Authorization Code for a Login Authentication Token.
Added a new method to exchange the AuthN Code for an Access Token.
Changed method to convert OIDC Token to a Login AuthN Token instead of a NiFi JWT.
Created new OidcServiceGroovyTest class.

Thank you for submitting a contribution to Apache NiFi.

Please provide a short description of the PR here:

Description of PR

Enables X functionality; fixes bug NIFI-YYYY.

In order to streamline the review of the contribution we ask you
to ensure the following steps have been taken:

For all changes:

• Is there a JIRA ticket associated with this PR? Is it referenced
  in the commit message?

• Does your PR title start with NIFI-XXXX where XXXX is the JIRA number you are trying to resolve? Pay particular attention to the hyphen "-" character.

• Has your PR been rebased against the latest commit within the target branch (typically main)?

• Is your initial contribution a single, squashed commit? Additional commits in response to PR reviewer feedback should be made on this branch and pushed to allow change tracking. Do not squash or use --force when pushing to allow for clean monitoring of changes.

For code changes:

• Have you ensured that the full suite of tests is executed via mvn -Pcontrib-check clean install at the root nifi folder?
• Have you written or updated unit tests to verify your changes?
• Have you verified that the full build is successful on JDK 8?
• Have you verified that the full build is successful on JDK 11?
• If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under ASF 2.0?
• If applicable, have you updated the LICENSE file, including the main LICENSE file under nifi-assembly?
• If applicable, have you updated the NOTICE file, including the main NOTICE file found under nifi-assembly?
• If adding new Properties, have you added .displayName in addition to .name (programmatic access) for each of the new properties?

For documentation related changes:

• Have you ensured that format looks appropriate for the output in which it is rendered?

Note:

Please ensure that once the PR is submitted, you check GitHub Actions CI for build issues and submit an update to your PR as soon as possible.

[thenatog]

Reviewing

[mtien-apache]

To test this, be sure to add the following redirect URI's to your Identity Provider's authorized redirect URI's list:

• https://{hostname}:{port-number}/nifi-api/access/oidc/logout

• https://{hostname}:{port-number}/nifi-api/access/oidc/callback

• https://{hostname}:{port-number}/nifi-api/access/oidc/logoutCallback

Depending on your ID Provider, you may need to add NiFi's home and the new logout page URI's:

• https://{hostname}:{port-number}/nifi-api/../nifi

• https://{hostname}:{port-number}/nifi-api/../nifi/logout-complete

[thenatog]

Tested this out with Google Suite and Microsoft Azure, was able to log out successfully. G Suite redirected back to the logout page of NiFi, and Azure presented a logout page to choose the user to log out and then a success page. Confirmed the NiFi JWT was invalidated in both cases.

[thenatog]

Looks like some issues with the style checker on line lengths in the Github Actions tests.

[mtien-apache]

@thenatog I fixed the issue. Thanks for reviewing.

[thenatog]

Retested with changes, looks good to me. +1 will merge, thanks for a great contribution.