build(requirements): pin 'itsdangerous' to < 2.1
'flask-oidc' 1.4.0 (latest) still use 'JSONWebSignatureSerializer' which was removed in 'itsdangerous' v2.1.
Until https://github.com/puiterwijk/flask-oidc/pull/144 is merged and a new version of flask-oidc is released,
it's necessary to pin 'itsdangerous' to a version below 2.1 if 'flask-oidc' is used.
References:
https://github.com/puiterwijk/flask-oidc/issues/147
https://itsdangerous.palletsprojects.com/en/2.1.x/changes/#version-2-1-0