From 0e4f5fa48b1965b269f69bd383bbfbde6b41ac63 Mon Sep 17 00:00:00 2001
From: Roland Hedberg <roland.hedberg@adm.umu.se>
Date: Wed, 3 Feb 2016 08:38:37 +0100
Subject: [PATCH] Applied a modified version of a fix proposed by Valentin
 Gutierrez and Julian Vilas.

---
 setup.py            |  2 +-
 src/saml2/client.py | 35 +++++++++++++++--------------------
 2 files changed, 16 insertions(+), 21 deletions(-)

diff --git a/setup.py b/setup.py
index d866d2a..f907e82 100755
--- a/setup.py
+++ b/setup.py
@@ -13,7 +13,7 @@ install_requires = [
     'paste',
     'zope.interface',
     'repoze.who',
-    'pycrypto >= 2.5',  # 'Crypto'
+    'pycryptodome',  # 'Crypto'
     'pytz',
     'pyOpenSSL',
     'python-dateutil',
diff --git a/src/saml2/client.py b/src/saml2/client.py
index 65c2bca..5415da3 100644
--- a/src/saml2/client.py
+++ b/src/saml2/client.py
@@ -31,11 +31,6 @@ from saml2.client_base import LogoutError
 from saml2.client_base import NoServiceDefined
 from saml2.mdstore import destinations
 
-try:
-    from urllib.parse import parse_qs
-except ImportError:
-    from urlparse import parse_qs
-
 import logging
 
 logger = logging.getLogger(__name__)
@@ -68,17 +63,17 @@ class Saml2Client(Base):
 
         reqid, negotiated_binding, info = \
             self.prepare_for_negotiated_authenticate(
-            entityid=entityid,
-            relay_state=relay_state,
-            binding=binding,
-            vorg=vorg,
-            nameid_format=nameid_format,
-            scoping=scoping,
-            consent=consent,
-            extensions=extensions,
-            sign=sign,
-            response_binding=response_binding,
-            **kwargs)
+                entityid=entityid,
+                relay_state=relay_state,
+                binding=binding,
+                vorg=vorg,
+                nameid_format=nameid_format,
+                scoping=scoping,
+                consent=consent,
+                extensions=extensions,
+                sign=sign,
+                response_binding=response_binding,
+                **kwargs)
 
         assert negotiated_binding == binding
 
@@ -126,12 +121,12 @@ class Saml2Client(Base):
             logger.info("AuthNReq: %s", _req_str)
 
             try:
-                sigalg = kwargs["sigalg"]
+                args = {'sigalg': kwargs["sigalg"]}
             except KeyError:
-                sigalg = ""
+                args = {}
 
             http_info = self.apply_binding(binding, _req_str, destination,
-                                           relay_state, sigalg=sigalg)
+                                           relay_state, **args)
 
             return reqid, binding, http_info
         else:
@@ -235,7 +230,7 @@ class Saml2Client(Base):
                     if binding == BINDING_HTTP_REDIRECT:
                         sigalg = kwargs.get(
                             "sigalg", ds.DefaultSignature().get_sign_alg())
-                        #key = kwargs.get("key", self.signkey)
+                        # key = kwargs.get("key", self.signkey)
                         srequest = str(request)
                     else:
                         srequest = self.sign(request, sign_alg=sign_alg,