Refactor the SP metadata loading logic.

[bfabio]

The SP metadata get loaded once at the start from all sources to index the entities ids and where the come from.

Upon every request from an SP, the metadata of that SP gets reloaded from the last known source: if it's not there anymore the server tries to look in all known sources again.

Protip! Using:

metadata:
    local:
        - conf/*.xml

Allows to drop config files to the directory at runtime and have their configuration picked up without restarting the server.

Other goodies:

• Invalid SP metadata are logged and discarded, but no longer prevent the rest of metadata from loading. (Fix #210)
• Duplicate entityIds are discarded with precedence given to local sources (local > db > remote) (Fix #205).
• Display the source of the SP metadata in the UI

[bfabio]

This doesn't work quite like https://github.com/italia/spid-testenv2/issues/205#issuecomment-449440530 suggested, but I preferred to be consistent and have the same behavior both at start and after a request by always printing a warning.

Another notable thing is that the SP list (AKA the main page) now reloads every configured metadata every time, which is a performance regression especially for servers with many SPs (looking at you https://idp.spid.gov.it 👀), but I think we want this and we can mitigate by using something else as main page.

[bfabio]

@sebbalex this is the last non-trivial one ;)

[bfabio]

@damikael I think we should release 1.1.0 after this one is merged, wdyt?