Add ability to get groups information for Google Workspace authentication source

[andy-nix]

Feature Description

Unlike other auth providers Google Workspace doesn't provides information about users groups. This prevents using such awesome Gitea functionality as autoatically assigning administrators and org teams membership based on OAuth claims.

I want to propose to implement the same approach as currently implemented in Grafana project:

1. Administrator can specify additional OAuth scope https://www.googleapis.com/auth/cloud-identity.groups.readonly to provide Gitea access to Google API that needed on next step. On login user would see consent screen with information that Gitea want to take information about his groups
2. After that it is possible to use corresponded API https://cloud.google.com/identity/docs/reference/rest/v1/groups/list to retrieve list of user groups. So during login Gitea do request to this API with user identificator, receive list of groups and inject them as groups claim
3. With information about groups Gitea administrator can configure authomatic permissions/membership mapping using approaches already implemented in Gitea

Reference to implementation and configuration process in Grafana project:

• Configuration https://grafana.com/docs/grafana/latest/setup-grafana/configure-security/configure-authentication/google/#configure-team-sync-for-google-oauth
• Code https://github.com/grafana/grafana/blob/c593b20465eb2b326091f1d97dd3a0d5330c397e/pkg/login/social/connectors/google_oauth.go

Screenshots

No response