feat: Set groups based on Entra groups (Azure auth module)

[pianosaurus]

Add group synchronization for Entra ID (aka. Azure AD)

Azure AD is now called Entra, hence the name of the auth module.

This is a copy-paste of the code used from generic OAuth2, except the group claim name is always "groups". This is not configurable in Entra, so no configuration is needed here either. It solves #1874 for the Azure module, as others have already done for SAML and OIDC.

User how-to

1. Enable the "groups" claim in Entra under App Registrations ("Token configuration" -> "Add groups claim").
2. Edit the Azure auth module in Wiki.js, and enable the new setting ("Map groups").
3. Create the groups in Wiki.js.
4. Groups are mapped during the auth process, so users have to log in again.

[NGPixel]

Thanks!

[elypse-dev]

Thank a lot for this improvement merged a few weeks before I start testing wiki.js
Therefore, I had to do a few things before it work as I hoped
Entra seems to send group names only in case of synced groups. In case of pure cloud groups, Entra sends the ID
Moreover, I find these name/id in the roles section, not in the group section
As a test, I add the id in the wiki.js group name between brackets and replace your code by this one :

And I works as I expected