feat: Support RelayState binding by default during SSO

[smudge]

Per OASIS SAML 2.0 standard:

Some bindings define a "RelayState" mechanism for preserving and conveying state information. When such a mechanism is used in conveying a request message as the initial step of a SAML protocol, it places requirements on the selection and use of the binding subsequently used to convey the response. Namely, if a SAML request message is accompanied by RelayState data, then the SAML responder MUST return its SAML protocol response using a binding that also supports a RelayState mechanism, and it MUST place the exact RelayState data it received with the request into the corresponding RelayState parameter in the response.

In order to make standards-compliant usage of RelayState easier for implementing developers, this PR makes two changes:

1. It adds a default RelayState param mapping to the gem's :idp_sso_service_url_runtime_params config.
2. It enables the use of RelayState when OmniAuth.config.test_mode is enabled.
   • It does this by extending OmniAuth::Strategy#mock_request_call to add any POST RelayState params to the query string that will be used in the callback URL.

Tests have been added for both of these new behaviors.