From ab843f56aa66d5319b3e215f877f76292db3b092 Mon Sep 17 00:00:00 2001
From: Bob Copeland <me@bobcopeland.com>
Date: Tue, 25 Jun 2013 16:49:11 -0400
Subject: [PATCH 1/2] Return the signed response when signing

If caller asked for a signed response, we would return None.
Return the response from self.sign() instead.
---
 src/saml2/entity.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/saml2/entity.py b/src/saml2/entity.py
index 171a1a1..efc93aa 100644
--- a/src/saml2/entity.py
+++ b/src/saml2/entity.py
@@ -451,7 +451,7 @@ class Entity(HTTPBase):
         self._add_info(response, **kwargs)
 
         if sign:
-            self.sign(response, to_sign=to_sign)
+            return self.sign(response, to_sign=to_sign)
         elif to_sign:
             return signed_instance_factory(response, self.sec, to_sign)
         else:

From c23b5d513dc72e2c8ce852bf219acd7d7d57ca92 Mon Sep 17 00:00:00 2001
From: Bob Copeland <me@bobcopeland.com>
Date: Tue, 25 Jun 2013 16:57:40 -0400
Subject: [PATCH 2/2] Use list addition instead of .append() for to_sign

The signing code expects a flattened list of tuples, not a list
which contains a list of tuples.  For example, in my case I had:

to_sign = [('urn:oasis:names:tc:SAML:2.0:assertion:Assertion', 'id-2d44a290a77c9fe7b50899eea96aa183'), [('urn:oasis:names:tc:SAML:2.0:protocol:Response', 'id-7416bafb9df777c1c1151b6f1ce471bb')]]

Fixes:

  File "/usr/local/lib/python2.7/dist-packages/pysaml2-1.0.2-py2.7.egg/saml2/ent
ity.py", line 458, in _response
    return self.sign(response, to_sign=to_sign)
  File "/usr/local/lib/python2.7/dist-packages/pysaml2-1.0.2-py2.7.egg/saml2/ent
ity.py", line 347, in sign
    return signed_instance_factory(msg, self.sec, to_sign)
  File "/usr/local/lib/python2.7/dist-packages/pysaml2-1.0.2-py2.7.egg/saml2/sig
ver.py", line 264, in signed_instance_factory
    for (node_name, nodeid) in elements_to_sign:
ValueError: need more than 1 value to unpack
---
 src/saml2/entity.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/saml2/entity.py b/src/saml2/entity.py
index efc93aa..6c2adf1 100644
--- a/src/saml2/entity.py
+++ b/src/saml2/entity.py
@@ -339,7 +339,7 @@ class Entity(HTTPBase):
             mid = msg.id
 
         try:
-            to_sign.append([(class_name(msg), mid)])
+            to_sign += [(class_name(msg), mid)]
         except AttributeError:
             to_sign = [(class_name(msg), mid)]