From 03238e343a595e1cb4fd43a84062db72b094c832 Mon Sep 17 00:00:00 2001
From: Stephen Finucane <stephenfin@redhat.com>
Date: Wed, 5 Jan 2022 17:57:00 +0000
Subject: [PATCH] Add support for pysaml2 >= 7.1.0

A constant was renamed in commit 1e59eaa0 [1].

[1] https://github.com/IdentityPython/pysaml2/commit/1e59eaa0

Change-Id: I0489fde7eced9af8a534736960b75a0d2c189933
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
---
 keystone/federation/idp.py | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/keystone/federation/idp.py b/keystone/federation/idp.py
index fd464f5c20..2f1a4fe5a4 100644
--- a/keystone/federation/idp.py
+++ b/keystone/federation/idp.py
@@ -366,7 +366,11 @@ class SAMLGenerator(object):
 
         """
         canonicalization_method = xmldsig.CanonicalizationMethod()
-        canonicalization_method.algorithm = xmldsig.ALG_EXC_C14N
+        # TODO(stephenfin): Drop when we remove support for pysaml < 7.1.0
+        if hasattr(xmldsig, 'TRANSFORM_C14N'):  # >= 7.1.0
+            canonicalization_method.algorithm = xmldsig.TRANSFORM_C14N
+        else:  # < 7.1.0
+            canonicalization_method.algorithm = xmldsig.ALG_EXC_C14N
         signature_method = xmldsig.SignatureMethod(
             algorithm=xmldsig.SIG_RSA_SHA1)
 
@@ -374,7 +378,11 @@ class SAMLGenerator(object):
         envelope_transform = xmldsig.Transform(
             algorithm=xmldsig.TRANSFORM_ENVELOPED)
 
-        c14_transform = xmldsig.Transform(algorithm=xmldsig.ALG_EXC_C14N)
+        # TODO(stephenfin): Drop when we remove support for pysaml < 7.1.0
+        if hasattr(xmldsig, 'TRANSFORM_C14N'):  # >= 7.1.0
+            c14_transform = xmldsig.Transform(algorithm=xmldsig.TRANSFORM_C14N)
+        else:  # < 7.1.0
+            c14_transform = xmldsig.Transform(algorithm=xmldsig.ALG_EXC_C14N)
         transforms.transform = [envelope_transform, c14_transform]
 
         digest_method = xmldsig.DigestMethod(algorithm=xmldsig.DIGEST_SHA1)