There's a link straight above to the docs, a link to the rest
of the website in the footer, this paragraph is highly redundant.
It links to rnd.feide.no which is down.

This is likely way more informative for the average person
clicking the link - and linking directly to github only
stimulates people asking help questions in issue tracker.

Fix new UI

Do not enable complementary functionality by default

In the ldap-code, search.attributes can be either a string (single attribute) or an array of attributes... The negotiate attr-setting is equal to search.attributes, but was handled differently (as merely a string)

PasswordProtectedTransport authncontext when HTTPS

Add docs for saml:AuthnContextClassRef filter

Following up on the idea mentioned in #937: If the transport is secure fall back to the `PasswordProtectedTransport` authn context class ref, otherwise keep the current default of `Password`.

Requires a version of the SAML2 library with simplesamlphp/saml2#129 merged due to the reference on a newly defined Constant.

Fix for #933

`stream_context_create` functionality is handled with HTTP::fetch()

Add initial support for SAML Subject Id Attributes

The OASIS spec [SAML V2.0 Subject Identifier Attributes Profile](https://wiki.oasis-open.org/security/SAMLSubjectIDAttr) defines two new standard attributes intending to replace use of persistent NameIDs and the eduPersonTargetedID and eduPersonUniqueId SAML attributes. The updated Kantara [SAML V2.0 Interoperability Deployment Profile](https://kantarainitiative.github.io/SAMLprofiles/saml2int.html) will also standardize on these new attributes (cf. SDP-SP15 ibid.).

This commit adds the two new attributes:

* to the URN attribute maps
* to attribute definitions and translations of the locale system
* to the smartattributes:SmartID auth proc filter (after any other SAML attributes, but before the non-SAML ones).

Support for saml2int SDP-SP16 (attribute requirements signalling via Entity Attributes) is not included here.

Upgrade gettext to latest version

Make sure that session is closed and only then update cookie params

Add missing catalan language

Update config.php
Update header.php

Make authfacebook compatible with new facebook response query params

Do not include query parameters when constructing redirect uri for use with
the `access_token` endpoint.

Background:
Depending on your Facebook app configuration Facebook may return additional query
parameters after a a user authorizes an app. The module was incorrectly adding
these extra params to its redirect uri and generating a redirect uri that is
not in the app's whitelist.

People might just copy-paste it, while there's usually no reason
to enable this by default for new installations; specially not as
a QucikStart.