Decouple SAML authentication from the default Omniauth logic
Replaces !2782 (merged) since that one was not backwards compatible.
With this merge request SAML gets its own login logic and it's own
User
class underlib/gitlab/saml/
This is needed to give SAML more versatility over how the authorization process works and to pave the way for the development of a SAML group sync as outlined here: gitlab-org/gitlab-ee#118
cc @rymai @rspeicher