OneLogin's SAML PHP Toolkit v3.7.0

• #586 IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
• #585 Declare conditional return types
• Make Saml2\Auth can accept a param $spValidationOnly
• #577 Allow empty NameID value when no strict or wantNameId is false
• #570 Support X509 cert comments
• #569 Add parameter to exclude validUntil on SP Metadata XML
• #551 Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
• #487 Enable strict check on in_array method
• Make Saml2\Auth can accept a param $spValidationOnly
• Fix typos on readme.
• Add warning about Open Redirect and Reply attacks
• Add warning about the use of IdpMetadataParser class. If Metadata URLs
  are provided by 3rd parties, the URL inputs MUST be validated to avoid issues like SSRF
• Fix test payloads
• Remove references to OneLogin.