F5 SSO provider

[Freedmont]

F5's implementation of SAML seems pretty straight forward.

With minor tweaks to my locally installed saml.py I was able to get it working. I'll see about submitting a PR if I get a chance to set up a development environment.

[JordonPhillips]

Supporting providers outside of ADFS and Okta is out of scope for the project right now. We want to make sure that we can test them against a live service, which is a fairly significant undertaking for most IDPs. That said, I'll leave this feature request open. If we get enough love for the feature request we can see about taking it on.

[Freedmont]

Thanks. Originally, I was using the scripts provided here: https://aws.amazon.com/blogs/security/how-to-implement-a-general-solution-for-federated-apicli-access-using-saml-2-0/ which work out of the box with our SAML provider, but I wanted to be able to tell my colleagues to use awsprocesscreds (since it had been mentioned in multiple talks at Re:Invent).

The ADFS3 code in that blog post was where I saw the comment "Some IdPs don't explicitly set a form action" that lead to the fix I submitted to awsprocesscreds, so perhaps there are enough other Identity Providers out there (besides F5) that do not set a form action to justify putting this into the mainstream.