We've just been moved from Precise to Trusty, and PHP 5.3 is not available in the latter, so builds fail.

Otherwise, a theme would not be able to include/embed/extend its own templates.

Also tweak wording of artifact idp docs a bit re memcache extension.

Memcached extension support

Adds further support for php-memcached.

Invalidate opcache after writing a file

When opcache.validate_timestamps is disabled, then the new metadata will not be read after a metarefresh.
This can be solved by adding the metadata file to an opcache blacklist, but calling opcache_invalidate()
after writing a file is a nice out-of-the-box solution.

Hopefully, this will enable everybody that is using simplesamlphp to disable opcache.validate_timestamps
without running into problems.

This new interface allows themes to define a class that can be hooked at certain specific points of template initialization/handling, so that they can do stuff like automatically adding variables for all templates, or adding twig extensions. This classes must implement the new TemplateControllerInterface, and be specified in the "theme.controller" configuration option. This way, we avoid the performance hit if we use traditional hooks, and we also avoid hooks from other modules causing trouble.

For now, the interface offers two entry points: setUpTwig(), which allows managing the twig environment after initialization (e.g. to add an extension or define filters); and display(), which offers all the data passed to the template, and allows adding or modifying it.

This makes sense as those should be static values available to every template.

Additionally, add a "templateId" variable that we can use for templates to identify themselves.

Make sure if we are using a theme, its module is added as a valid domain where we can look for translations.

Therefore, it should be accessed using self, not $this.

- Make sure timeout is added conditionally, when we actually have it.
- Additionally, pass the state ID to the template in the "auth_state" variable. Trying to be consistent with this from now on.

Fix for #618, correcting the login layout on mobile screens.

Instead of one cache, we need to use two: one for the list of modules available, and the other for the details for them. Those caches should be filled independently, so that someone calling getModules() does not trigger the code checking of the modules are enabled or finding their hooks.

It has also an impact in performance, and covers an unlikely scenario. Instead, if you plan to use templates from another module, now you need to call the "addTemplatesFromModule()" method right after creating the template. That way you can register manually what templates you are supposed to use, being much more efficient.

An alternative way to inject data in the templates should be used. This has a terrible impact in performance, and could have undesired side effects.

This allows template users to use their own twig extensions if they want, while also allowing us to remove the "twigInit" hook. Hooks come at a price, and it doesn't make much sense to use them in this case, as they would only be useful if a module wants to add a twig extension even if the code instantiating SimpleSAML_XHTML_Template does not belong to that module. This could lead to unexpected behaviour (i.e. a module adding a hook that creates trouble for the templates defined in another module), so given the lack of use cases supporting the hook and the possible negative consequences implied, it's better to remove it.

The issue here is that every time we need to list the modules or check if they are enabled, we just iterate over the modules directory and subdirectories, which is terribly expensive. Instead of doing so, we build a cache of modules specifying if they are enabled or not. In the end, this is also fixing another issue, given that enabling/disabling a module in the middle of a request being processed could lead to inconsistencies and unexpected behaviour (likely exceptions and horrible crashes). Modules should be checked in the beginning of a request and their state (enabled/disabled) frozen until the request is processed to avoid that, and this is the way to achieve so.

Additionally, we take the chance to check if modules are enabled when we search for them. This reduces the processing time to around a third of the original without this fix.

When the module tries to build up a menu, it instantiates a new "random" template (from another module, sanitycheck) to get a translator that it can use to translate the menu options. This is awfully wrong, as it forces SSP to load another template, reinit Twig, the translation system, and so on. Instead, a new instance of SimpleSAML\Locale\Translate should be more than enough.

If we get a response with an InResponseTo attribute that doesn't match a valid state array, and the response is not a duplicate, we should continue with the response as an unsolicited one.

FQDN can be up to 255 chars according to RFC1035 3.1

The _authSource column stores FQDNs. Increase the VARCHAR size from 30
to 255 since this is the maximum allowed length of a FQDN (RFC1035).

Also, increase the TableVersion to 2 and MODIFY the column size of
existing version 1 tables.

Fixes #579

Add PHP 7.1 to TravisCI build versions

Disco suggest algorithm accepts also -_() characters