Add method to request an OTP via SMS to the `OtpValidator` interface,
implement it in `TinyRadiusOtpValidator`, `AcceptingOtpValidator` and
`RejectingOtpValidator`.

Issue-Id: #3722

It allows executing an action while looping back to the same view.

Issue-Id: #3722

Added the following variables to `DisplayOTPForm` state:
- authenticationWarningContext
- custom
- environment
- extendedAuthenticationFlows
- ldapResponseContext
- response
- rpUIContext

`SimpleFlowTest` now needs a `RelyingPartyUIContext` subcontext to
pass. New test dependency on `net.shibboleth.idp:idp-ui`.

Issue-Id: #3776

- Override `doPreExecute()` in `SimpleValidationAction` to check for
  missing `OtpContext` or empty OTP, like
  `net.shibboleth.idp.authn.AbstractUsernamePasswordValidationAction`
  does.
- Attach a `ClassifiedMessageMap` bean to `SimpleValidationAction` to
  map error messages to a key in `messages/authn-messages.properties`
  ("InvalidPassword").

Issue-Id: #3756

Instead transition from 'validate' to 'DisplayOTPForm' becomes the
default. Every event but 'proceed' will go back to the form view. It
is done this way in the Password flow.

Issue-Id: #3756

Issue-Id: #3756

New location for anonymous read-only access since the previous one has
a tendency to stop working. Moreover, GitLab also provides HTTPS
access which is more convenient.

Issue-Id: #3747

Issue-id: #3757

Issue-Id: #3755

Issue-Id: #3742

Issue-Id: #3742

New properties:
- idp.radius.host
- idp.radius.secret

`SimpleFlowTest` overwrites the `RadiusOtpValidator` bean to avoid
depending on a real RADIUS server during tests.

Issue-Id: #3742

Uses `org.tinyradius.util.RadiusClient.authenticate(username, otp)`.

Issue-Id: #3742

Added my fork of TinyRadius via git subtree.
```
git remote add -f -m master tinyradius git@github.com:edysli/TinyRadius.git
git subtree add --prefix tinyradius tinyradius master --squash
```
Module `mfa-flows` now depends on `tinyradius`.

Issue-Id: #3735

git-subtree-dir: tinyradius
git-subtree-split: 6fa79a708cbd080d07430e300b6a40d3c3d156d0

Issue-Id: #3742

New OtpValidator bean wired in SimpleValidationAction.

Issue-Id: #3706

New mandatory dependency on the OtpValidator interface, constructor
injection.
The AuthenticationContext must contains an OtpContext subcontext.

Issue-Id: #3706

Created to hide the actual implementation of the validation service.

Issue-Id: #3741

New action state added after the form view state to process user
input. Updated form field name to what the code expects ('j_otp').

Issue-Id: #3705

New flow action bean that extracts the OTP from the HTTP request and
stores it in a subcontext of the AuthenticationContext.

Issue-Id: #3739

Issue-Id: #3703

Make the 'simple' flow work when reusing an old 'Password' flow
result, i.e. the 'Password' flow already ran earlier, but not as the
initial flow.

New method
`SimpleValidationAction.extractActiveSubject(AuthenticationContext)`
made public to be also used in a flow expression.

Issue-id: #3703

Several variables must be set in the view scope for this to work:
- profileRequestContext
- authenticationContext
- encoder
- request
Their definitions were copied from the Password flow.

There is a new variable, also set in the view scope, especially for
this flow: `initialUsername`.

Issue-Id: #3703

New property to configure `idp.authn.flows.initial`.

Issue-Id: #3701

The 'simple' flow now copies all `UsernamePrincipal`s from the initial
`AuthenticationResult` into the `Subject` it returns. It will throw a
NPE if no initial authentication took place.

Issue-Id: #3695
Issue-Id: #3702

Executing phase 'verify' is necessary to get something to archive in
the last step. Also added an artifact fingerprinting step.

New files to install:
- `${IDP_HOME}/flows/authn/simple/simple-beans.xml`
- `${IDP_HOME}/edit-webapp/WEB-INF/lib/mfa-flows-1.0-SNAPSHOT.jar`

Limit `org.springframework` to INFO, but keep
`org.springframework.webflow` at DEBUG.

Added a new action state `validate` with a new action bean
`SimpleValidationAction` (extends
net.shibboleth.idp.authn.AbstractValidationAction) in the "simple"
login flow to create required objects in the session. All the work is
actually done by the superclass in
`AbstractValidationAction#buildAuthenticationResult()`. Thus the
"simple" flow can run without errors and authentication proceeds to the
SP.

New Maven dependencies (required for tests to work):
- javax.servlet:javax.servlet-api:jar:3.0.1:provided
- net.shibboleth.idp:idp-profile-impl:jar:3.2.1:test
- org.mockito:mockito-all:jar:1.10.19:test

Issue-Id: #3694
Issue-Id: #3699
Issue-Id: #3700

Issue-Id: #3690

Made from a copy of login.vm with many irrelevant parts removed.

Issue-Id: #3679

This is how it is installed on the IdP and how SWF expects it.

Issue-Id: #3678

Also renamed view state to "simple-form".

Issue-Id: #3678

Requires dependency on net.shibboleth.idp:idp-conf and loading other
flow definitions (see SimpleFlowTest#getModelResources()). The input
variable "calledAsSubflow" must be passed to the flow too.

Issue-Id: #3675