Upgrade omniauth-saml to ~> 2.1

Description

GitLab is on version 2.0.0 of omniauth-saml as of this MR.

The latest version of omniauth-saml is 2.1.0 but upgrading to that version without making other changes breaks GitLab's omniauth-saml integration.

This breakage is revealed by the Group SAML QA tests. See QA failure here and issue for failure here.

This is because 2.1 upgraded ruby-saml to 1.12.0 and that version bump was what caused GitLab's Group SAML feature to break. Specifically, there is a breaking change between 2.0.0 and 2.1.0 because issuer_id is renamed to sp_entity_id. See the diff here.

Solution

In addition to upgrading the gem to 2.1.0, we must add custom setters to avoid breaking existing omniauth-saml integrations that have omniauth-saml configured using the old attribute names so that:

• issuer_id is converted to sp_entity_id
• idp_sso_target_url is converted to idp_sso_service_url
• idp_sso_target_url_runtime_params is converted to idp_sso_service_url_runtime_params

Other details

• The easiest way to test that this works locally is to set up SAML using these instructions. Alternatively, you can use Okta via a trial (reference).
• The MR that introduces this change should run the QA pipeline (needs to be run manually pending any changes as a result of this issue that would allow it to be kicked off via an MR label)