grafana: Fix login after the Keycloak upgrade

Request the openid scope for auth against Keycloak.

Logging in to Grafana was broken, with the login form yielding:

Login failed

Internal server error

The server logs reported:

logger=oauth.generic_oauth t=2024-06-13T09:46:31.887290207Z
  level=error
  msg="Error getting email address"
  url=https://login.collabora.com/auth/realms/master/protocol/openid-connect/userinfo/emails
  error="unsuccessful response status code 404: {\"error\":\"HTTP 404 Not Found\",\"error_description\":\"For more on this error consult the server log at the debug level.\"}"

Apparently the new version of Keycloak that got deployed recently is a bit more strict in the way it checks oauth scopes: since we are doing OpenID-Connect authentication let's then set the required openid scope to make Keycloak happy.

See also https://gitlab.collabora.com/sysadmin/ansible-core-services/-/merge_requests/59