This function can be used to load an asset from a twig template, adding a "tag" parameter to it with a few dynamic bytes depending on the version of SimpleSAMLphp, or the last modification time of the file if we are running master. This behaves as a cache-buster, forcing browsers to reload assets when a new version of SimpleSAMLphp gets installed.

This way we can forget about updating the copyright notice every year.

Those using this new Menu class can easily generate a menu suitable for the menu template, and add new items. The Menu class calls an "adminmenu" hook as well for those modules willing to extend the menu.

It's divided in three main pages, as the old interface: front/configuration, authentication/testing and federation. For now, only the front/configuration page is working.

We'll use it in the new admin interface. For now, we just fix the old hook so that translations work for strings stored in dictionaries in the hooking module.

Create a new "configpage" hook for those modules that need to inject anything in the configuration page.

This allows us to change the signature of the hook, so that we pass it the \SimpleSAML\XHTML\Template object and then the hook can not only add data to be passed to the twig template, but also add its own translation domain. This was needed because many modules were putting their translations inside "core", and when moving those to the modules themselves, the new translation system cannot perform the translation because only the translations for the current module in use are loaded (in the config page, that's the core module). Therefore, we needed a way to get the Localization instance from the template, and a way to pass that to the hook so that the hook can register the translations for its own module.

Translations for preprodwarning replacement

This allows more graceful fallback for untranslated languages.
Also, use `raw` filter to keep the embedded HTML working.

Show custom rejection message to unauthorised users

Rewrite Crypto::passwordHash() to use BCRYPT instead of unsafe algorithms

Closes: #974

Deprecate preprodwarning

It does not seem like something that is normal so a warning seems in
place. However, forbidding it does not add much value since we accept
unsollicited responses (from any idp) anyway.

Closes: #975

Create a setting for the allowed assertion offset

This uses the translations from the preprodwarning module,
and can be removed in 2.0 (together with legacy templates).

All the old LC_MESSAGES content from the old
preprodwarning module will have to be added...

Update OpenSSL RSA bit length in docs