Add config option for any existing attribute maps

[brendanheywood]

What happened?

A common issue, especially with ADFS, is that the attributes are returned using large name spaced strings, ie instead of 'uid' as the key you will get:

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier

In theory this should still work, but it's a little awkward and makes for a lot of support queries. There are several workarounds and potential fixes:

• Just use the long string name (there is a bug with these fields see Help: Custom claims for ADFS attribute mapping #124) but this needs to be changed in core for the mappings here https://github.com/moodle/moodle/blob/master/lib/authlib.php?utf8=%E2%9C%93#L1040

• for the idp mapping this needs to be changed here: https://github.com/catalyst/moodle-auth_saml2/blob/MOODLE_33PLUS/settings.php#L130

• we should also allow any of the predefined attribute maps that come with simplesaml to be pre-applied before we use them. ie for ADFS most people might want to use say name2claim or something. At the moment this is hard coded to 'oid2name' here:

https://github.com/catalyst/moodle-auth_saml2/blob/MOODLE_33PLUS/config/config.php#L82-L83

A workaround many people have done with ADFS is to configure a custom claim which just uses the short human readable key name instead of the long xmlsoap one. See an example of these custom claims here: #124 (comment)

[brendanheywood]

I've implemented this, but in a more flexible way. I was originally intending to use the SSP attribute map proc, but after some testing it doesn't work in reverse unless you have an explicit reverse mapping file, eg

https://github.com/catalyst/moodle-auth_saml2/blob/master/extlib/simplesamlphp/attributemap/urn2oid.php
vs
https://github.com/catalyst/moodle-auth_saml2/blob/master/extlib/simplesamlphp/attributemap/oid2urn.php

But there is not a claim2name reverse mapping for ADFS in SSP. I thought about adding it, but instead I've made a much more flexible and robust attribute simplification setting which should work with just about any odd shaped data that gets thrown at it and from any scheme or namespace.