Migrate to openid client

common.js

@@ -374,4 +374,17 @@ module.exports.moveOldFiles = function (filelist) {
         for (var i in filelist) { if (fs.existsSync(filelist[i] + oldFileExt) == true) { extOk = false; } }
     } while (extOk == false);
     for (var i in filelist) { try { fs.renameSync(filelist[i], filelist[i] + oldFileExt); } catch (ex) { } }
+}
+
+// Convert strArray to Array, returns array if strArray or null if any other type
+module.exports.convertStrArray = function (object, split) {
+    if (split && typeof object === 'string') {
+        return object.split(split)
+    } else if (typeof object === 'string') {
+        return Array(object);
+    } else if (Array.isArray(object)) {
+        return object
+    } else {
+        return []
+    }
 }

docs/docs/meshcentral/index.md

@@ -1659,7 +1659,39 @@ Enabling SAML will require MeshCentral to install extra modules from NPM, so dep
 
 !!!note
     MeshCentral only supports "POST". [For example Authentik's](https://github.com/Ylianst/MeshCentral/issues/4725) default setting is to use "Redirect" as a "Service Provider Binding".
-
+
+### Generic OpenID Connect Setup
+
+Generally, if you are using an IdP that supports OpenID Connect (OIDC), you can use a very basic configuration to get started, and if needed, add more specific or advanced configurations later. Here is what your config file will look like with a basic, generic, configuration.
+
+``` json
+{
+	"settings": {
+		"cert": "mesh.your.domain",
+		"port": 443,
+		"sqlite3": true
+	},
+	"domains": {
+		"": {
+			"title": "Mesh",
+			"title2": ".Your.Domain",
+			"authStrategies": {
+				"oidc": {
+					"issuer": "https://sso.your.domain",
+					"clientid": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
+					"clientsecret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+					"newAccounts": true
+				}
+			}
+		}
+  }
+}
+```
+
+As you can see, this is roughly the same as all the other OAuth2 based authentication strategies. These are the basics you need to get started using OpenID Connect because it's still authenticating with OAuth2. If you plan to take advantage of some of the more advanced features provided by this strategy you should consider reading the [additional strategy documentation](./openidConnectStrategy.md).
+
+> NOTE: MeshCentral will use `https://mesh.your.domain/auth-oidc-callback` as the default redirect uri.
+
 ## Improvements to MeshCentral
 
 In 2007, the first version of MeshCentral was built. We will refer to it as “MeshCentral1”. When MeshCentral1 was designed, HTML5 did not exist and web sockets where not implemented in any of the major browsers. Many design decisions were made at the time that are no longer optimal today. With the advent of the latest MeshCentral, MeshCentral1 is no longer supported and MeshCentral v2 has been significantly redesigned and mostly re-written based of previous version. Here is a list of improvements made in MeshCentral when compared with MeshCentral1: