[WIP] Support Microsoft apps on v2 endpoint

[bennyboy1]

This works, but WIP because I could use some feedback, and also the README will need to be updated before this is merged.

Summary

• Use oAuth2 as the base strategy. This allows for simpler code here (no need to override #callback_phase, easier options etc.)
• Update to v2.0 endpoint. You will need to create an application here to accept logins for AD and personal accounts.
• Use 'common' as the default tenant.
• Update info to only include claims that are present in v2 id tokens
• Since the c_hash is not always present, only validate c_hash if it's present in the id token.
• verify_iss is defaulted to false because in my case I didn't need to verify the iss (it can either be the user's tenant ID if using an Azure AD account or 9188040d-6c67-4c5b-b112-36a304b66dad for Microsoft personal accounts, if I understand correctly). This will probably need an update to work for someone who needs to verify a specific iss. I may be able to investigate this a little later.

For reference: https://docs.microsoft.com/en-us/azure/active-directory/develop/id-tokens#v20

[msftclas]

All CLA requirements met.

[madkumamon]

@aj-michael Please update gem to support oAuth2 and omniauth-rails_csrf_protection.

[aj-michael]

@aj-michael Please update gem to support oAuth2 and omniauth-rails_csrf_protection.

Sorry, I do not have write access and have not for a long time.