OIDC: Login-Workflow

[tibroc]

While the current implementation of the OIDC login works well, the login workflow for the users could be simplified.

Wherever there are login buttons, if OIDC is configured as only login option, you should be redirected directly to your OIDC provider instead of the login page that only has the option to redirect:

Also, the string for the wording in the login page should be configurable somewhere, because OpenID Connect is a technical term that not always is publicized like this in all instituions (e.g. I could imagine this being something like "Login in through the IT-Portal of Fabulous University"). [The same goes for the other log-in methods, btw]

Lastly, I guess it would nicer to not see a login page at all when you are already logged-in globally.

[samuelwei]

1. I agree, in case only a single auth. provider is enabled, the UI should be smoother
2. There is no one-size-fits-all solution for how to name the different Auth. methods, especially if multiple are enabled. Therefore, we decided to stick with the technical term but recommend every admin to adjust the locale to their local wording. See: https://thm-health.github.io/PILOS/docs/administration/customisation/locales
3. The way SSO for Shibb and OIDC is handled, we cannot detect if the user is already logged into an IDP, so the user always have to click. In case 1 is resolved, that would only require a single click as the IDP is immediatly redirecting you back to the auth. endpoint