Support key-value pair settings for Saml2 protocol and authentication connections

SAML 2.0 is a huge specification with numerous options from which organizations build their own derived specifications. Each derived specification usually has its own ideas about what is required, what is not, and what must be validated.

To cope with those specific requirements, Safewhere Identify now introduces the "Profile" concept. When a specific profile is selected for a tenant or a connection, Identify applies profile-specific processing code for it. The two supported profiles in 4.3 are OIOSAML and eHerkenning. As a side note, choosing the "OIOSAML" profile will not be different from choosing the "None" profile because most of the default behaviors actually follow the OIOSAML specification. You can configure it in the System Setup page:

SAML 2 Profile

This is how it looks in the SAML identity provider page:

SAML 2.0 Identity Provider

Similarly, the SAML application has the same setting:

SAML 2.0 Application

Note: when the "Profile" setting is set to "eHerkenning" for a SAML application, the following keys are added by default:

AssertionConsumerServiceIndex: default value is 0
OrganizationDisplayName: default value is Empty
ServiceID: default value is Empty
ServiceUUID: default value is Empty

Those settings are necessary for the flow "DV => HM => AD" so thus must be configured accordingly.