Update jQuery version to the latest 1.8.x. Make those templates specifying a version to stop doing it. This resolves #24, at least for some time.

Fix new attributemaps

SimpleSAML\Utils\Attributes::getExpectedAttribute(): Check if the attribute has any values, and raise an exception if not.

Refactor SimpleSAML\Utils\Arrays::normalizeAttributesArray() to SimpleSAML\Utils\Attributes::normalizeAttributesArray().

Duplicate the $state['SimpleSAML_Auth_Default.*'] entries to $state['SimpleSAML_Auth_Source.*'] where needed, while we are transitioning to 2.0. Leave those that will be removed in SimpleSAML_Auth_Default. Move the rest of the code to the new entries in the state array.

Take back the migration of SimpleSAML_Auth_Default::initLogout(), initLogoutReturn() and logoutCompleted(), as they are not used anywhere. We'll just deprecate them and remove them in 2.0 then.

Throw an exception in SimpleSAML_Auth_Simple when the auth source cannot be found. This avoids trying to access a method in an object that's actually null.

Revert the new configuration option for the core:PHP authproc. Since we need to serialize authprocs and SP metadata in the state array, and closures are not serializable, it doesn't work. We could create a new module with this, adding a dependency on opis/closure 2.0.* or equivalent, to be able to serialize closures.

Move SimpleSAML_Auth_Default::initLogoutReturn() to SimpleSAML_Auth_Source and deprecate the former.

Throw an exception instead of doing nothing if the auth source specified is invalid. This mimics the old behaviour.

Add a check in case the authentication authority specified in SimpleSAML_Auth_Default::initLogin() is not valid.

Reimplement the old SimpleSAML_Auth_Default::loginCompleted() as a wrapper of the refactored method in SimpleSAML_Auth_Source, now that the latter is public again.

SimpleSAML_Auth_Source::loginCompleted() needs to be declared public, as it is used as a callback from outside the class.

Deprecate SimpleSAML_Default::logoutCallback() and move it to SimpleSAML_Auth_Source. This also resolves an issue with this callback not being called, since SimpleSAML_Auth_Source::initLogin() was expecting the method to be inside that class.

When building an assertion, the current time should be obtained once, used many, instead of being obtained every time we are using it (that could lead to clock discrepancies between several timestamps in the same assertion). Additionally, if authentication happened in the past (that is, we got a request that is not the one that triggered authentication, and this is pure SSO), we should calculate the value for SessionNotOnOrAfter relative to the start of the session, not the current time. This resolves #244.