Fix: SAML SP metadata endpoint generates incorrect XML with IDP EntityID

[Adityakk9031]

Issue The SAML Service Provider metadata endpoint (/auth/v1/sso/saml/metadata) was generating incorrect XML that used the Identity Provider's EntityID as the base URL for all Service Provider service endpoints, instead of using the Supabase project's own URLs.

Expected:

Actual (before fix): Impact: Identity Providers correctly rejected the metadata as it claimed the SP was hosted at the IDP's domain, completely blocking SAML SSO integration.

Related Issue: #41716

Root Cause The samlsp.DefaultServiceProvider() function (from crewjam/saml v0.4.14) was incorrectly initializing the ServiceProvider's MetadataURL, AcsURL, and SloURL fields, causing them to use incorrect base URLs during metadata generation.

Solution Explicitly override the ServiceProvider's URL fields after creation to ensure they use the correct Supabase project base URL:

MetadataURL → {base}/sso/saml/metadata AcsURL → {base}/sso/saml/acs SloURL → {base}/sso/saml/slo Changes File: internal/api/saml.go

Added URL override logic in getSAMLServiceProvider() function (lines 54-72) to manually set the correct URLs after samlsp.DefaultServiceProvider() initialization.