Add $authority parameter to initLogoutReturn which was previously removed instead of making it mandatory.

Make auth source mandatory as a parameter to SimpleSAML_Auth_Default::initLogoutReturn() and initLogout().

To prevent local and remote file inclusion attacks. This is in most cases
already disabled by default in system libraries, so this will be a no-op to
most systems, but to be safe we explicitly disable it also.

Fixes #74

Fixes a bug in Memcache.php that would cause every fetch to also
result in a push if multiple memcache servers were being used.

If multiple memcache servers are in use, the code needs to check
if they aren't out of sync. If they are, the most recent data needs
to be pushed to all mirrors.

The original code compared the parsed data structures using ===,
but that always fails because that just does a pointer comparison
and not a deep comparison.

Changed the code to compare the original unparsed values instead.
Also added a few debug-level log statements.

Remove extra URL validation as normalizeURL() will have done that already. Return an empty string if the input URL is empty (disregarding its type). This should make the checkURLAllowed() function transparent and avoid it returning the current URL (normalized) when input is empty. Fixes #99.

Avoid calling SimpleSAML_Utilities::normalizeURL() twice when we are redirecting and need to check if the URL is trusted.

Extract constant information out of the getContact() function and make it public static properties of the class.

Start using the new helper function for contact configuration validation in SAMLBuilder. Change the documentation to warn about upcoming changes.