Python-saml

- Improve get_metadata method from Parser, allowing to set timeouts and headers
- Fix expired payloads used on tests
- Updated content from docs folder
- Remove references of OneLogin as maintainer

- Remove version restriction on lxml dependency
- Update Demo Bottle
- Updated Travis file. Forced lxml to be installed using no-validate_binary

- lxml fixed to be lower than 4.7.1 since it seems to have issues validating the signature of encrypted elements See https://github.com/onelogin/python3-saml/issues/292

- [292](https://github.com/onelogin/python-saml/pull/292) Add rejectDeprecatedAlgorithm settings in order to be able reject messages signed with deprecated algorithms.
- Upgrade dm.xmlsec.binding to 2.1
- Set sha256 and rsa-sha256 as default algorithms
- Added warning about Open Redirect and Reply attacks

* Removed CC-BY-SA 3.0 non compliant implementation of dict_deep_merge
* Update expired dates from test responses
* Add warning about the use of OneLogin_Saml2_IdPMetadataParser class about SSRF attacks
* Migrate from Travis to Github Actions

* Destination URL Comparison is now case-insensitive for netloc
* Support single-label-domains as valid. New security parameter allowSingleLabelDomains
* Added get_idp_sso_url, get_idp_slo_url and get_idp_slo_response_url methods to the Settings class and use it in the toolkit
* [267](https://github.com/onelogin/python-saml/issues/267) Custom lxml parser based on the one defined at xmldefused. Parser will ignore comments and processing instructions and by default have deactivated huge_tree, DTD and access to external documents
* Add get_friendlyname_attributes support
* Remove external lib method get_ext_lib_path. Add set_cert_path in order to allow set the cert path in a different folder than the toolkit
* Add python2 deprecation info
* [269](https://github.com/onelogin/python-saml/issues/269) Add sha256 instead sha1 algorithm for sign/digest as recommended value on documentation and settings