Add SAML support with ADFS as IdP

[Didainius]

This PR adds support to authenticate to Cloud Director using SAML authentication (by applying WithSamlAdfs() configuration option to NewVCDClient function). The identity provider (IdP) must be Active Directory Federation Services (ADFS) and "/adfs/services/trust/13/usernamemixed" endpoint must be enabled to make it work. Furthermore username must be supplied in ADFS friendly format - test@contoso.com' or 'contoso.com\test'.

Inner workings

In short - it works by finding ADFS login endpoint for vCD by querying vCD SAML redirect endpoint for specific Org and then submits authentication request to "/adfs/services/trust/13/usernamemixed" endpoint of ADFS server. Using ADFS response it constructs a SIGN token which vCD accepts for the "/api/sessions". After first initial "login" it grabs the regular X-Vcloud-Authorization token and uses it for further requests.

Testing

• There is a unit test TestSamlAdfsAuthenticate which spawns mock servers and does not require ADFS or SAML being configured. It tests the flow based on mock endpoints.
• Test_SamlAdfsAuth on the other hand can test and compare VDC retrieved using main authentication credentials vs the one retrieved using specific SAML credentials. This requires variables samlUser, samlPassword (and optionally samlCustomRptId if Relaying Party Trust ID must be overriden).

Note. SAML credentials can be used for main testing user (defined by user, password variables together with useSamlAdfs and optionally customAdfsRptId)as well. That would cause whole suite to work with SAML credentials.

Migration to X-Vmware-Vcloud-Access-Token:TOKEN

At the moment this codebase relies on x-vcloud-authorization token, however since API version 30 there is a new way to authenticate using bearer token (https://kb.vmware.com/s/article/56948). This PR does not change authentication mode as it is not directly related, but because "/api/sessions" endpoint returns both types of tokens now, SAML auth will have no additional trouble when we migrate to new token format

Examples

There is a working code example in /samples/saml_auth_adfs directory how to setup client using SAML auth.

[vbauzys]

Mock test run success. Haven't anticipated to be this fast.

[vbauzys]

LGTM

[lvirbalas]

Thank you for an awesome PR! Have three asks in-line and one here.

Please add a section to TESTING.md describing the nuances of the SAML auth testing. You have most of that write-up already in some of form in different places, but would like to provide a perspective for the casual user running the tests.

Thanks!

[dataclouder]

Here are a few suggestions to improve readability.
The tests are passing

[dataclouder]

Suggested change

	// getSamlTokenRequestBody. This request is submited to ADFS server endpoint
	// getSamlTokenRequestBody. This request is submitted to ADFS server endpoint

[Didainius]

Fixed

[dataclouder]

I think this long response could be stored in a file under ./test-resources instead of being merged as literal test here. The same suggestion is valid for other large strings of XML data in this file.
Moving the literal texts to external file would make the test more readable.

The comments in other files referring to saml_auth_unit_test.go should instead refer to the external file.

[lvirbalas]

Thank you for all the additional write-ups, they are helpful!

[dataclouder]

LGTM

[vbauzys]

Replicated adfs and tested on my env.