Retain user roles after login and pass on destination parameter

[pixel21]

This will allow the users logging in using OneLogin to retain their roles on next login (e.g. a user logins using OneLogin where he will get a default assigned role, an admin can assign additional roles to that users from backend and we never check for existing roles). By adding this line, we pull the existing roles a user may have.

The check for RelayState and passing destination parameter in "Login using SAML" link is related. When we pass a destination parameter, the response from OneLogin will contain the destination in the RelayState parameter so we can redirect the users to that page after logging in using SAML.

[pitbulk]

We should add a setting in order to define if the roles of an user that already exists should be sync with the IdP's roles or should be a mix of pre-defined roles + new roles.

[pixel21]

That's a better way to do it for sure. Let me see if I can work something up.