feat(saml): support zero-downtime SP key rotation

[cemalkilic]

What kind of change does this PR introduce?

Feature

Summary

Adds GOTRUE_SAML_PRIVATE_KEY_NEXT to support safe rotation of the SAML SP signing key without interrupting active IdP integrations.

• Config: PrivateKeyNext parsed, validated (same rules as primary), and derived into RSAPrivateKeyNext / CertificateNext; explicit nil-reset guards against envconfig zero-value allocation
• Metadata: next cert injected as a second KeyDescriptor; Cache-Control drops to max-age=60 and XML cacheDuration is set to PT1H during the rotation window
• Encrypted assertions: when AllowEncryptedAssertions=true, a failed ParseResponse is retried with the old key in primary position; original error returned if both fail
• Settings: saml_private_key_next_configured boolean added to /settings
• Runbook: docs/saml_key_rotation.md covers key generation, the dual-key window, promotion, rollback, and encrypted assertion considerations