Co-authored-by: Tim van Dijen <tvdijen@gmail.com>

Convert to our wrapper class for assertions

* Migrate assertions to Webmozart

* Raise minimum PHP version to 7.0

* Remove tests pre-PHP 7.2

* Upgrade dev dependencies

* Ignore tests for deprecated class

* Add typehints; not touching public API

* Remove none-array replacements-param; old behaviour from pre-1.4 release

* Psalm fixes

* Add upgrade notes

* PSR-12

PSR-12 compliancy

Fix Psalm-issues in the modules-directory

This reverts commit ef36c5fd.

All a bit too involved right before a planned release.

Also, convert to PSR-2 where that was still lacking in these files.

The configuration of the MultiAuth authentication source specifies the auth sources that the user is presented with when asked for authentication. However, there was no proper check for the auth source selected by the user to ensure it is one of those allowed for MultiAuth.

Use the recently added SimpleSAML_Configuration::getBasePath() instead. It guarantees the path prepended with a slash, so no need to do that every time when calling the method. As a side effect, we get rid of buggy invocations (calling getBaseUrl() instead of getBaseURL()), and also of old-style convention for the 'baseurlpath' configuration option, allowing a star at the beginning.

(being respectful with occurences that might change the behaviour, i.e. default database prefixes)

Move SimpleSAML_Utilities:: redirectTrustedURL() to SimpleSAML\Utils\HTTP:: redirectTrustedURL() and deprecate the former.

Move SimpleSAML_Utilities:: setCookie() to SimpleSAML\Utils\HTTP:: setCookie() and deprecate the former.