Change from SamlAuth to BottleAuth for authorization/authentication of routes
* SamlSP can be used without SamlAuth or BottleAuth if desired
* SamlAuth was pulled out and turned into BottleAuth so it can be reused in other projects.
Optional restrict/allow idp initiated login
* `saml_config` option **`idp_ok`** is a boolean, defaults `True`
* If true, IdP initiated logins are permitted
* If false, all logins must be initiated by **SamlSP()**
minor updates
* doc corrections/enhancement
todo
* explicitly load session in acs route to allow `skip=True` on route options
* configurable TTL for request identifier