Decouple SAML authentication from the default Omniauth logic
Fixes gitlab-org/gitlab-ee#178
With this merge request SAML gets its own login logic and its own `User` class under `lib/gitlab/saml/` This is needed to give SAML more versatility over how the authorization process works and to pave the way for the development of a SAML group sync as outlined here: gitlab-org/gitlab-ee#118
See merge request !2782
