Spring Security Add Saml2AuthenticationRequestContextResolver

Related to #8356

In order for implementations of Saml2AuthenticationRequestFactory to take advantage of custom Saml2AuthenticationRequestContext instances, an application needs to create a custom filter, replacing Saml2WebSsoAuthenticationRequestFilter.

It would be simpler to have an API dedicated to resolving the Saml2AuthenticationRequestContext from the HttpServletRequest and RelyingPartyRegistration:

@Component
public class MyAuthenticationRequestContextResolver
        implements Saml2AuthenticationRequestContextResolver {

    private final Saml2AuthenticationRequestContextResolver delegate = 
            new DefaultSaml2AuthenticationRequestContextResolver();

    public Saml2AuthenticationRequestContext resolve(HttpServletRequest request, 
            RelyingPartyRegistration relyingParty) {

        boolean isForceAuthn = request.getParameter("force") != null;
        Saml2AuthenticationRequestContext context = this.delegate.resolve(request, relyingParty);
        return new MyAuthenticationRequestContext(context, isForceAuthn);
    }
}

The default implementation should extract the logic for formulating the Saml2AuthenticationRequestContext from Saml2WebSsoAuthenticationRequestFilter.

Saml2WebSsoAuthenticationRequestFilter should use the DefaultSaml2AuthenticationRequestContextResolver by default and have a setter for configuring a Saml2AuthenticationRequestContextResolver instance.

The interface and default implementation should be in org.springframework.security.saml2.provider.service.web. Note that the implementation currently in Saml2WebSsoAuthenticationRequestFilter refers to some package-private utility classes. They are rather small, so it will probably be best to inline them into DefaultSaml2AuthenticationRequestContextResolver for the time being.