Add support for displaying and managing legacy SSO providers (#628)

* feat: add support for displaying and managing legacy SSO providers

- Introduced UI section for environment/YAML-configured SSO providers.
- Added warnings and guidance on migrating legacy providers to database-backed configuration.
- Enhanced localization with new keys for legacy provider management.
- Updated form and toggle components for improved usability.

* Expand SSO documentation: add SAML 2.0 support, JIT provisioning settings, super-admin setup steps, audit logging, and user administration details.

* Update JIT provisioning docs: clarify role mapping behavior and add examples; note new `logout_idp` audit log event.

---------

Co-authored-by: Josh Waldrep <joshua.waldrep5+github@gmail.com>

config/locales/views/admin/sso_providers/en.yml

@@ -18,6 +18,9 @@ en:
           actions: "Actions"
           enabled: "Enabled"
           disabled: "Disabled"
+        legacy_providers_title: "Environment-Configured Providers"
+        legacy_providers_notice: "These providers are configured via environment variables or YAML and cannot be managed through this interface. To manage them here, migrate them to database-backed providers by enabling AUTH_PROVIDERS_SOURCE=db and recreating them in the UI."
+        env_configured: "Env/YAML"
       new:
         title: "Add SSO Provider"
         description: "Configure a new single sign-on authentication provider"
@@ -51,6 +54,7 @@ en:
         icon_placeholder: "e.g., key, google, github"
         icon_help: "Lucide icon name (optional)"
         enabled_label: "Enable this provider"
+        enabled_help: "Users can sign in with this provider when enabled"
         issuer_label: "Issuer"
         issuer_placeholder: "https://accounts.google.com"
         issuer_help: "OIDC issuer URL (will validate .well-known/openid-configuration endpoint)"