diff --git a/.flake8 b/.flake8
new file mode 100644
index 00000000..3b2e86e6
--- /dev/null
+++ b/.flake8
@@ -0,0 +1,4 @@
+[flake8]
+ignore = E731,W503,W504,E501
+max-complexity = 50
+max-line-length = 200
diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
new file mode 100644
index 00000000..ac0a9f6c
--- /dev/null
+++ b/.github/FUNDING.yml
@@ -0,0 +1,3 @@
+# These are supported funding model platforms
+
+github: [SAML-Toolkits]
diff --git a/.github/workflows/python-package.yml b/.github/workflows/python-package.yml
new file mode 100644
index 00000000..c17b3107
--- /dev/null
+++ b/.github/workflows/python-package.yml
@@ -0,0 +1,100 @@
+# This workflow will install Python dependencies, run tests and lint with a variety of Python versions
+# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
+
+name: Python package
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
+
+jobs:
+  test_py3:
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version:
+          - "3.7"
+          - "3.8"
+          - "3.9"
+          - "3.10"
+          - "3.11"
+          - "3.12"
+    steps:
+    - uses: actions/checkout@v4
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v5
+      with:
+        python-version: ${{ matrix.python-version }}
+    - uses: actions/cache@v4
+      with:
+        path: ~/.cache/pip
+        key: ${{ runner.os }}-pip-${{ hashFiles('**/pyproject.toml') }}
+        restore-keys: |
+          ${{ runner.os }}-pip-
+    - name: Install dependencies
+      run: |
+        pip install -U setuptools
+        sudo apt-get update -qq
+        sudo apt-get install -qq swig libxml2-dev libxmlsec1-dev
+        make install-req
+        make install-test
+    - name: Test
+      run: make pytest
+  lint:
+    runs-on: ubuntu-22.04
+    steps:
+    - uses: actions/checkout@v4
+    - uses: actions/setup-python@v5
+      with:
+        python-version: "3.12"
+    - uses: actions/cache@v4
+      with:
+        path: ~/.cache/pip
+        key: ${{ runner.os }}-pip-${{ hashFiles('**/pyproject.toml') }}
+        restore-keys: |
+          ${{ runner.os }}-pip-
+    - name: Install dependencies
+      run: |
+        pip install -U setuptools
+        sudo apt-get update -qq
+        sudo apt-get install -qq swig libxml2-dev libxmlsec1-dev
+        make install-req
+        make install-lint
+    - name: Run linters
+      run: |
+        make flake8
+        make black
+  coveralls:
+    if: ${{ github.secret_source == 'Actions' }}
+    runs-on: ubuntu-22.04
+    environment: CI
+    steps:
+    - uses: actions/checkout@v4
+    - uses: actions/setup-python@v5
+      with:
+        python-version: "3.12"
+    - uses: actions/cache@v4
+      with:
+        path: ~/.cache/pip
+        key: ${{ runner.os }}-pip-${{ hashFiles('**/pyproject.toml') }}
+        restore-keys: |
+          ${{ runner.os }}-pip-
+    - name: Install dependencies
+      run: |
+        pip install -U setuptools
+        sudo apt-get update -qq
+        sudo apt-get install -qq swig libxml2-dev libxmlsec1-dev
+        make install-req
+        make install-test
+    - name: Run coveralls
+      env:
+        COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_REPO_TOKEN }}
+      run: |
+        pip install coveralls
+        make coverage
+        make coveralls      
diff --git a/.gitignore b/.gitignore
index c16b943e..7504184a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -14,6 +14,7 @@ __pycache_
 /*.eg
 *.egg-info
 /eggs
+/.eggs
 /build
 /dist
 /venv
@@ -21,6 +22,8 @@ __pycache_
 .pypirc
 /.idea
 .mypy_cache/
+.pytest_cache
+poetry.lock
 
 *.key
 *.crt
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 3ddd4236..00000000
--- a/.travis.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-language: python
-python:
-  - '2.7'
-  - '3.5'
-  - '3.6'
-
-matrix:
-  include:
-    - python: '3.7'
-      dist: xenial  # required for Python >= 3.7 (travis-ci/travis-ci#9069)
-
-install:
-  - sudo apt-get update -qq
-  - sudo apt-get install -qq swig python-dev libxml2-dev libxmlsec1-dev
-  - 'travis_retry pip install .'
-  - 'travis_retry pip install -e ".[test]"'
-
-script: 
-  - 'coverage run --source=src/onelogin/saml2 --rcfile=tests/coverage.rc setup.py test'
-  - 'coverage report -m --rcfile=tests/coverage.rc'
-# - 'pylint src/onelogin/saml2 --rcfile=tests/pylint.rc'
-  - 'flake8 .'
-
-after_success: 'coveralls'
diff --git a/LICENSE b/LICENSE
index 1c8f814e..c141165e 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,4 +1,5 @@
-Copyright (c) 2010-2018 OneLogin, Inc.
+Copyright (c) 2010-2022 OneLogin, Inc.
+Copyright (c) 2023 IAM Digital Services, SL.
 
 Permission is hereby granted, free of charge, to any person
 obtaining a copy of this software and associated documentation
diff --git a/MANIFEST.in b/MANIFEST.in
deleted file mode 100644
index 9b0be815..00000000
--- a/MANIFEST.in
+++ /dev/null
@@ -1,6 +0,0 @@
-include README.md
-include LICENSE
-recursive-include src *.py
-recursive-include src *.xsd
-recursive-exclude * __pycache__
-recursive-exclude * *.py[co]
diff --git a/Makefile b/Makefile
new file mode 100644
index 00000000..31efe284
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,43 @@
+PIP=pip
+BLACK=black
+FLAKE8=flake8
+PYTEST=pytest
+COVERAGE=coverage
+COVERAGE_CONFIG=tests/coverage.rc
+COVERALLS=coveralls
+MAIN_SOURCE=src/onelogin/saml2
+DEMOS=demo-django demo-flask demo-tornado demo_pyramid
+TESTS=tests/src/OneLogin/saml2_tests
+SOURCES=$(MAIN_SOURCE) $(DEMOS) $(TESTS)
+
+install-req:
+	$(PIP) install .
+
+install-test:
+	$(PIP) install -e ".[test]"
+
+install-lint:
+	$(PIP) install -e ".[lint]"
+
+pytest:
+	$(PYTEST)
+
+coverage:
+	$(COVERAGE) run -m $(PYTEST)
+	$(COVERAGE) report -m
+
+coveralls:
+	$(COVERALLS)
+
+black:
+	$(BLACK) $(SOURCES)
+
+flake8:
+	$(FLAKE8) $(SOURCES)
+
+clean:
+	rm -rf .pytest_cache/
+	rm -rf .eggs/
+	find . -type d -name "__pycache__" -exec rm -r {} +
+	find . -type d -name "*.egg-info" -exec rm -r {} +
+	rm .coverage
diff --git a/README.md b/README.md
index e652786e..ff71357f 100644
--- a/README.md
+++ b/README.md
@@ -1,19 +1,24 @@
-# OneLogin's SAML Python Toolkit (compatible with Python3)
+# SAML Python3 Toolkit
 
-[![Build Status](https://api.travis-ci.org/onelogin/python3-saml.png?branch=master)](http://travis-ci.org/onelogin/python3-saml)
-[![Coverage Status](https://coveralls.io/repos/github/onelogin/python3-saml/badge.svg?branch=master)](https://coveralls.io/github/onelogin/python3-saml?branch=master)
+[![Python package](https://github.com/SAML-Toolkits/python3-saml/actions/workflows/python-package.yml/badge.svg)](https://github.com/SAML-Toolkits/python3-saml/actions/workflows/python-package.yml)
+![PyPI Downloads](https://img.shields.io/pypi/dm/python3-saml.svg?label=PyPI%20Downloads)
+[![Coverage Status](https://coveralls.io/repos/github/SAML-Toolkits/python3-saml/badge.svg?branch=master)](https://coveralls.io/github/SAML-Toolkits/python3-saml?branch=master)
 [![PyPi Version](https://img.shields.io/pypi/v/python3-saml.svg)](https://pypi.python.org/pypi/python3-saml)
-![Python versions](https://img.shields.io/pypi/pyversions/python3-saml.svg)
-
+![Python versions](https://img.shields.io/python/required-version-toml?tomlFilePath=https%3A%2F%2Fraw.githubusercontent.com%2FSAML-Toolkits%2Fpython3-saml%2Fmaster%2Fpyproject.toml)
 
 Add SAML support to your Python software using this library.
-Forget those complicated libraries and use the open source library provided
-and supported by OneLogin Inc.
+Forget those complicated libraries and use the open source library provided by the SAML tool community.
 
-This version supports Python3. There is a separate version that only support Python2: [python-saml](https://github.com/onelogin/python-saml)
+This version supports Python3. Python 2 support was deprecated on Jan 1st, 2020: [python-saml](https://github.com/onelogin/python-saml)
 
 #### Warning ####
 
+Version 1.16.X is the latest version supporting Python2, consider its use deprecated. 1.17 won't be Python2 and old Python3 compatible.
+
+Version 1.13.0 sets sha256 and rsa-sha256 as default algorithms
+
+Version 1.8.0 sets strict mode active by default
+
 Update ``python3-saml`` to ``1.5.0``, this version includes security improvements for preventing XEE and Xpath Injections.
 
 Update ``python3-saml`` to ``1.4.0``, this version includes a fix for the [CVE-2017-11427](https://www.cvedetails.com/cve/CVE-2017-11427/) vulnerability.
@@ -30,7 +35,12 @@ Update ``python3-saml`` to ``>= 1.2.1``, ``1.2.0`` had a bug on signature valida
 
 #### Security Guidelines ####
 
-If you believe you have discovered a security vulnerability in this toolkit, please report it at https://www.onelogin.com/security with a description. We follow responsible disclosure guidelines, and will work with you to quickly find a resolution.
+If you believe you have discovered a security vulnerability in this toolkit, please report it by mail to the maintainer: sixto.martin.garcia+security@gmail.com
+
+### Sponsors
+Thanks to the following sponsors for their support:
+
+[<img alt="84codes" src="https://avatars.githubusercontent.com/u/739212?s=200&v=4" width="50px">](https://www.maykinmedia.nl)
 
 Why add SAML support to my software?
 ------------------------------------
@@ -58,7 +68,7 @@ since 2002, but lately it is becoming popular due its advantages:
 General Description
 -------------------
 
-OneLogin's SAML Python toolkit lets you turn your Python application into a SP
+SAML Python toolkit lets you turn your Python application into a SP
 (Service Provider) that can be connected to an IdP (Identity Provider).
 
 **Supports:**
@@ -79,20 +89,19 @@ OneLogin's SAML Python toolkit lets you turn your Python application into a SP
  * **Easy to use** - Programmer will be allowed to code high-level and
    low-level programming, 2 easy to use APIs are available.
  * **Tested** - Thoroughly tested.
- * **Popular** - OneLogin's customers use it. Add easy support to your Django/Flask web projects.
 
 Installation
 ------------
 
 ### Dependencies ###
 
- * python 2.7 // python 3.6
+ * python => 3.7
  * [xmlsec](https://pypi.python.org/pypi/xmlsec) Python bindings for the XML Security Library.
+ * [lxml](https://pypi.python.org/pypi/lxml) Python bindings for the libxml2 and libxslt libraries.
  * [isodate](https://pypi.python.org/pypi/isodate) An ISO 8601 date/time/
  duration parser and formatter
- * [defusedxml](https://pypi.python.org/pypi/defusedxml) XML bomb protection for Python stdlib modules
 
-Review the ``setup.py`` file to know the version of the library that ``python3-saml`` is using
+Review the ``pyproject.toml`` file to know the version of the library that ``python3-saml`` is using
 
 ### Code ###
 
@@ -100,10 +109,10 @@ Review the ``setup.py`` file to know the version of the library that ``python3-s
 
 The toolkit is hosted on GitHub. You can download it from:
 
- * Latest release: https://github.com/onelogin/python3-saml/releases/latest
- * Master repo: https://github.com/onelogin/python3-saml/tree/master
+ * Latest release: https://github.com/saml-toolkits/python3-saml/releases/latest
+ * Master repo: https://github.com/saml-toolkits/python3-saml/tree/master
 
-Copy the core of the library ``(src/onelogin/saml2 folder)`` and merge the ``setup.py`` inside the Python application. (Each application has its structure so take your time to locate the Python SAML toolkit in the best place).
+Find the core of the library at ``src/onelogin/saml2`` folder.
 
 #### Option 2. Download from pypi ####
 
@@ -116,6 +125,14 @@ $ pip install python3-saml
 
 If you want to know how a project can handle python packages review this [guide](https://packaging.python.org/en/latest/tutorial.html) and review this [sampleproject](https://github.com/pypa/sampleproject)
 
+#### NOTE ####
+To avoid ``libxml2`` library version incompatibilities between ``xmlsec`` and ``lxml`` it is recommended that ``lxml`` is not installed from binary.
+
+This can be ensured by executing:
+```
+$ pip install --force-reinstall --no-binary lxml lxml
+```
+
 Security Warning
 ----------------
 
@@ -124,12 +141,41 @@ your environment is not secure and will be exposed to attacks.
 
 In production also we highly recommend to register on the settings the IdP certificate instead of using the fingerprint method. The fingerprint, is a hash, so at the end is open to a collision attack that can end on a signature validation bypass. Other SAML toolkits deprecated that mechanism, we maintain it for compatibility and also to be used on test environment.
 
+
+### Avoiding Open Redirect attacks ###
+
+Some implementations uses the RelayState parameter as a way to control the flow when SSO and SLO succeeded. So basically the
+user is redirected to the value of the RelayState.
+
+If you are using Signature Validation on the HTTP-Redirect binding, you will have the RelayState value integrity covered, otherwise, and
+on HTTP-POST binding, you can't trust the RelayState so before
+executing the validation, you need to verify that its value belong
+a trusted and expected URL.
+
+Read more about Open Redirect [CWE-601](https://cwe.mitre.org/data/definitions/601.html).
+
+### Avoiding Replay attacks ###
+
+A replay attack is basically try to reuse an intercepted valid SAML Message in order to impersonate a SAML action (SSO or SLO).
+
+SAML Messages have a limited timelife (NotBefore, NotOnOrAfter) that
+make harder this kind of attacks, but they are still possible.
+
+In order to avoid them, the SP can keep a list of SAML Messages or Assertion IDs already validated and processed. Those values only need
+to be stored the amount of time of the SAML Message life time, so
+we don't need to store all processed message/assertion Ids, but the most recent ones.
+
+The OneLogin_Saml2_Auth class contains the [get_last_request_id](https://github.com/onelogin/python3-saml/blob/ab62b0d6f3e5ac2ae8e95ce3ed2f85389252a32d/src/onelogin/saml2/auth.py#L357), [get_last_message_id](https://github.com/onelogin/python3-saml/blob/ab62b0d6f3e5ac2ae8e95ce3ed2f85389252a32d/src/onelogin/saml2/auth.py#L364) and [get_last_assertion_id](https://github.com/onelogin/python3-saml/blob/ab62b0d6f3e5ac2ae8e95ce3ed2f85389252a32d/src/onelogin/saml2/auth.py#L371) methods to retrieve the IDs
+
+Checking that the ID of the current Message/Assertion does not exists in the list of the ones already processed will prevent replay attacks.
+
+
 Getting Started
 ---------------
 
 ### Knowing the toolkit ###
 
-The new OneLogin SAML Toolkit contains different folders (``certs``, ``lib``, ``demo-django``, ``demo-flask`` and ``tests``) and some files.
+The new SAML Toolkit contains different folders (``certs``, ``lib``, ``demo-django``, ``demo-flask`` and ``tests``) and some files.
 
 Let's start describing them:
 
@@ -161,7 +207,7 @@ publish that X.509 certificate on Service Provider metadata.
 If you want to create self-signed certs, you can do it at the https://www.samltool.com/self_signed_certs.php service, or using the command:
 
 ```bash
-openssl req -new -x509 -days 3652 -nodes -out sp.crt -keyout saml.key
+openssl req -new -x509 -days 3652 -nodes -out sp.crt -keyout sp.key
 ```
 
 #### demo-flask ####
@@ -172,26 +218,36 @@ This folder contains a Flask project that will be used as demo to show how to ad
 
 This folder contains a Pyramid project that will be used as demo to show how to add SAML support to the [Pyramid Web Framework](http://docs.pylonsproject.org/projects/pyramid/en/latest/).  ``\_\_init__.py`` is the main file that configures the app and its routes, ``views.py`` is where all the logic and SAML handling takes place, and the templates are stored in the ``templates`` folder. The ``saml`` folder is the same as in the other two demos.
 
+#### demo-tornado ####
+
+This folder contains a Tornado project that will be used as demo to show how to add SAML support to the Tornado Framework. ``views.py`` (with its ``settings.py``) is the main Flask file that has all the code, this file uses the templates stored at the ``templates`` folder. In the ``saml`` folder we found the ``certs`` folder to store the X.509 public and private key, and the SAML toolkit settings (``settings.json`` and ``advanced_settings.json``).
 
-#### setup.py ####
+It requires python3.8 (it's using tornado 6.4.1)
 
-Setup script is the centre of all activity in building, distributing, and installing modules.
-Read more at https://pythonhosted.org/an_example_pypi_project/setuptools.html
 
 #### tests ####
 
 Contains the unit test of the toolkit.
 
-In order to execute the test you only need to load the virtualenv with the toolkit installed on it and execute:
+In order to execute the test you only need to load the virtualenv with the toolkit installed on it properly:
+```
+make install-test
+```
+
+and execute:
 ```
-python setup.py test
+make pytest
 ```
 The previous line will run the tests for the whole toolkit. You can also run the tests for a specific module. To do so for the auth module you would have to execute this:
 ```
-python setup.py test --test-suite tests.src.OneLogin.saml2_tests.auth_test.OneLogin_Saml2_Auth_Test
+pytest tests/src/OneLogin/saml2_tests/auth_test.py::OneLogin_Saml2_Auth_Test
+```
+
+Or for an specific method:
+```
+pytest tests/src/OneLogin/saml2_tests/auth_test.py::OneLogin_Saml2_Auth_Test::testBuildRequestSignature
 ```
 
-With the ``--test-suite`` parameter you can specify the module to test. You'll find all the module available and their class names at ``tests/src/OneLogin/saml2_tests/``.
 
 ### How It Works ###
 
@@ -230,24 +286,31 @@ This is the ``settings.json`` file:
             // URL Location where the <Response> from the IdP will be returned
             "url": "https://<sp_domain>/?acs",
             // SAML protocol binding to be used when returning the <Response>
-            // message. OneLogin Toolkit supports this endpoint for the
+            // message. SAML Toolkit supports this endpoint for the
             // HTTP-POST binding only.
             "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
         },
-        // Specifies info about where and how the <Logout Response> message MUST be
-        // returned to the requester, in this case our SP.
+        // Specifies info about where and how the <Logout Request/Response> message MUST be sent.
         "singleLogoutService": {
-            // URL Location where the <Response> from the IdP will be returned
+            // URL Location where the <LogoutRequest> from the IdP will be sent (IdP-initiated logout)
             "url": "https://<sp_domain>/?sls",
+            // URL Location where the <LogoutResponse> from the IdP will sent (SP-initiated logout, reply)
+            // OPTIONAL: only specify if different from url parameter
+            //"responseUrl": "https://<sp_domain>/?sls",
             // SAML protocol binding to be used when returning the <Response>
-            // message. OneLogin Toolkit supports the HTTP-Redirect binding
+            // message. SAML Toolkit supports the HTTP-Redirect binding
             // only for this endpoint.
             "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
         },
         // If you need to specify requested attributes, set a
         // attributeConsumingService. nameFormat, attributeValue and
-        // friendlyName can be ommited
+        // friendlyName can be omitted
         "attributeConsumingService": {
+                // OPTIONAL: only specify if SP requires this.
+                // index is an integer which identifies the attributeConsumingService used
+                // to the SP. SAML toolkit supports configuring only one attributeConsumingService
+                // but in certain cases the SP requires a different value.  Defaults to '1'.
+                // "index": '1',
                 "serviceName": "SP test",
                 "serviceDescription": "Test Service",
                 "requestedAttributes": [
@@ -289,16 +352,19 @@ This is the ``settings.json`` file:
             // will be sent.
             "url": "https://app.onelogin.com/trust/saml2/http-post/sso/<onelogin_connector_id>",
             // SAML protocol binding to be used when returning the <Response>
-            // message. OneLogin Toolkit supports the HTTP-Redirect binding
+            // message. SAML Toolkit supports the HTTP-Redirect binding
             // only for this endpoint.
             "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
         },
         // SLO endpoint info of the IdP.
         "singleLogoutService": {
-            // URL Location of the IdP where SLO Request will be sent.
+            // URL Location where the <LogoutRequest> from the IdP will be sent (IdP-initiated logout)
             "url": "https://app.onelogin.com/trust/saml2/http-redirect/slo/<onelogin_connector_id>",
+            // URL Location where the <LogoutResponse> from the IdP will sent (SP-initiated logout, reply)
+            // OPTIONAL: only specify if different from url parameter
+            "responseUrl": "https://app.onelogin.com/trust/saml2/http-redirect/slo_return/<onelogin_connector_id>",
             // SAML protocol binding to be used when returning the <Response>
-            // message. OneLogin Toolkit supports the HTTP-Redirect binding
+            // message. SAML Toolkit supports the HTTP-Redirect binding
             // only for this endpoint.
             "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
         },
@@ -307,8 +373,8 @@ This is the ``settings.json`` file:
         /*
          *  Instead of using the whole X.509cert you can use a fingerprint in order to
          *  validate a SAMLResponse (but you still need the X.509cert to validate LogoutRequest and LogoutResponse using the HTTP-Redirect binding).
-         *  But take in mind that the fingerprint, is a hash, so at the end is open to a collision attack that can end on a signature validation bypass,
-         *  that why we don't recommend it use for production environments.
+         *  But take in mind that the algorithm for the fingerprint should be as strong as the algorithm in a normal certificate signature
+	 *  (e.g. SHA256 or strong)
          *
          *  (openssl x509 -noout -fingerprint -in "idp.crt" to generate it,
          *  or add for example the -sha256 , -sha384 or -sha512 parameter)
@@ -408,7 +474,7 @@ In addition to the required settings data (idp, sp), extra settings can be defin
         "requestedAuthnContext": true,
 	// Allows the authn comparison parameter to be set, defaults to 'exact' if the setting is not present.
         "requestedAuthnContextComparison": "exact",
-        // Set to true to check that the AuthnContext received matches the one requested.
+        // Set to true to check that the AuthnContext(s) received match(es) the requested.
         "failOnAuthnContextMismatch": false,
 
         // In some environment you will need to set how long the published metadata of the Service Provider gonna be valid.
@@ -418,20 +484,33 @@ In addition to the required settings data (idp, sp), extra settings can be defin
         // Provide the desire Duration, for example PT518400S (6 days)
         "metadataCacheDuration": null,
 
+        // If enabled, URLs with single-label-domains will
+        // be allowed and not rejected by the settings validator (Enable it under Docker/Kubernetes/testing env, not recommended on production)
+        "allowSingleLabelDomains": false,
+
         // Algorithm that the toolkit will use on signing process. Options:
         //    'http://www.w3.org/2000/09/xmldsig#rsa-sha1'
         //    'http://www.w3.org/2000/09/xmldsig#dsa-sha1'
         //    'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
         //    'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384'
         //    'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'
-        "signatureAlgorithm": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
+        "signatureAlgorithm": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
 
         // Algorithm that the toolkit will use on digest process. Options:
         //    'http://www.w3.org/2000/09/xmldsig#sha1'
         //    'http://www.w3.org/2001/04/xmlenc#sha256'
         //    'http://www.w3.org/2001/04/xmldsig-more#sha384'
         //    'http://www.w3.org/2001/04/xmlenc#sha512'
-        'digestAlgorithm': "http://www.w3.org/2000/09/xmldsig#sha1"
+        'digestAlgorithm': "http://www.w3.org/2001/04/xmlenc#sha256",
+
+        // Specify if you want the SP to view assertions with duplicated Name or FriendlyName attributes to be valid
+        // Defaults to false if not specified
+        'allowRepeatAttributeName': false,
+
+        // If the toolkit receive a message signed with a
+        // deprecated algorithm (defined at the constant class)
+        // will raise an error and reject the message
+        "rejectDeprecatedAlgorithm": true
     },
 
     // Contact information template, it is recommended to suply a
@@ -448,7 +527,7 @@ In addition to the required settings data (idp, sp), extra settings can be defin
     },
 
     // Organization information template, the info in en_US lang is
-    // recomended, add more if required.
+    // recommended, add more if required.
     "organization": {
         "en-US": {
             "name": "sp_test",
@@ -500,12 +579,25 @@ The method above requires a little extra work to manually specify attributes abo
 
 There's an easier method -- use a metadata exchange.  Metadata is just an XML file that defines the capabilities of both the IdP and the SP application.  It also contains the X.509 public key certificates which add to the trusted relationship.  The IdP administrator can also configure custom settings for an SP based on the metadata.
 
-Using ````parse_remote```` IdP metadata can be obtained and added to the settings withouth further ado.
+Using ````parse_remote```` IdP metadata can be obtained and added to the settings without further ado.
+
+Take in mind that the OneLogin_Saml2_IdPMetadataParser class does not validate in any way the URL that is introduced in order to be parsed.
+
+Usually the same administrator that handles the Service Provider also sets the URL to the IdP, which should be a trusted resource.
+
+But there are other scenarios, like a SAAS app where the administrator of the app delegates this functionality to other users. In this case, extra precaution should be taken in order to validate such URL inputs and avoid attacks like SSRF.
+
 
 ``
 idp_data = OneLogin_Saml2_IdPMetadataParser.parse_remote('https://example.com/auth/saml2/idp/metadata')
 ``
 
+You can specify a timeout in seconds for metadata retrieval, without it is not guaranteed that the request will complete
+
+``
+idp_data = OneLogin_Saml2_IdPMetadataParser.parse_remote('https://example.com/auth/saml2/idp/metadata', timeout=5)
+``
+
 If the Metadata contains several entities, the relevant ``EntityDescriptor`` can be specified when retrieving the settings from the ``IdpMetadataParser`` by its ``entityId`` value:
 
 ``idp_data = OneLogin_Saml2_IdPMetadataParser.parse_remote(https://example.com/metadatas, entity_id='idp_entity_id')``
@@ -536,15 +628,15 @@ This parameter has the following scheme:
 req = {
     "http_host": "",
     "script_name": "",
-    "server_port": "",
     "get_data": "",
     "post_data": "",
 
     # Advanced request options
     "https": "",
-    "lowercase_urlencoding": "",
     "request_uri": "",
-    "query_string": ""
+    "query_string": "",
+    "validate_signature_from_qs": False,
+    "lowercase_urlencoding": False
 }
 ```
 
@@ -556,7 +648,6 @@ def prepare_from_django_request(request):
     return {
         'http_host': request.META['HTTP_HOST'],
         'script_name': request.META['PATH_INFO'],
-        'server_port': request.META['SERVER_PORT'],
         'get_data': request.GET.copy(),
         'post_data': request.POST.copy()
     }
@@ -564,8 +655,7 @@ def prepare_from_django_request(request):
 def prepare_from_flask_request(request):
     url_data = urlparse(request.url)
     return {
-        'http_host': request.host,
-        'server_port': url_data.port,
+        'http_host': request.netloc,
         'script_name': request.path,
         'get_data': request.args.copy(),
         'post_data': request.form.copy()
@@ -576,12 +666,12 @@ An explanation of some advanced request parameters:
 
 * `https` - Defaults to ``off``. Set this to ``on`` if you receive responses over HTTPS.
 
-* `lowercase_urlencoding` - Defaults to `false`. ADFS users should set this to `true`.
-
-* `request_uri` - The path where your SAML server recieves requests. Set this if requests are not recieved at the server's root.
+* `request_uri` - The path where your SAML server receives requests. Set this if requests are not received at the server's root.
 
 * `query_string` - Set this with additional query parameters that should be passed to the request endpoint.
 
+* `validate_signature_from_qs` - If `True`, use `query_string` to validate request and response signatures. Otherwise, use `get_data`. Defaults to `False`. Note that when using `get_data`, query parameters need to be url-encoded for validation. By default we use upper-case url-encoding. Some IdPs, notably Microsoft AD, use lower-case url-encoding, which makes signature validation to fail. To fix this issue, either pass `query_string` and set `validate_signature_from_qs` to `True`, which works for all IdPs, or set `lowercase_urlencoding` to `True`, which only works for AD.
+
 
 #### Initiate SSO ####
 
@@ -594,12 +684,13 @@ req = prepare_request_for_toolkit(request)
 auth = OneLogin_Saml2_Auth(req)   # Constructor of the SP, loads settings.json
                                   # and advanced_settings.json
 
-auth.login()      # Method that builds and sends the AuthNRequest
+auth.login()      # This method will build and return a AuthNRequest URL that can be
+                  # either redirected to, or printed out onto the screen as a hyperlink
 ```
 
 The ``AuthNRequest`` will be sent signed or unsigned based on the security info of the ``advanced_settings.json`` file (i.e. ``authnRequestsSigned``).
 
-The IdP will then return the SAML Response to the user's client. The client is then forwarded to the **Attribute Consumer Service (ACS)** of the SP with this information.
+The IdP will then return the SAML Response to the user's client. The client is then forwarded to the **Assertion Consumer Service (ACS)** of the SP with this information.
 
 We can set a ``return_to`` url parameter to the login function and that will be converted as a ``RelayState`` parameter:
 
@@ -607,7 +698,7 @@ We can set a ``return_to`` url parameter to the login function and that will be
 target_url = 'https://example.com'
 auth.login(return_to=target_url)
 ```
-The login method can recieve 3 more optional parameters:
+The login method can receive 3 more optional parameters:
 
 * ``force_authn``       When ``true``, the ``AuthNReuqest`` will set the ``ForceAuthn='true'``
 * ``is_passive``        When true, the ``AuthNReuqest`` will set the ``Ispassive='true'``
@@ -648,7 +739,7 @@ saml_settings = OneLogin_Saml2_Settings(settings=None, custom_base_path=None, sp
 ```
 to get the settings object and with the ``sp_validation_only=True`` parameter we will avoid the IdP settings validation.
 
-***Attribute Consumer Service (ACS)***
+***Assertion Consumer Service (ACS)***
 
 This code handles the SAML response that the IdP forwards to the SP through the user's client.
 
@@ -662,6 +753,8 @@ if not errors:
         request.session['samlUserdata'] = auth.get_attributes()
         if 'RelayState' in req['post_data'] and
           OneLogin_Saml2_Utils.get_self_url(req) != req['post_data']['RelayState']:
+            # To avoid 'Open Redirect' attacks, before execute the redirection confirm
+                # the value of the req['post_data']['RelayState'] is a trusted URL.
             auth.redirect_to(req['post_data']['RelayState'])
         else:
             for attr_name in request.session['samlUserdata'].keys():
@@ -669,7 +762,7 @@ if not errors:
     else:
       print('Not authenticated')
 else:
-    print("Error when processing SAML Response: %s" % (', '.join(errors)))
+    print("Error when processing SAML Response: %s %s" % (', '.join(errors), auth.get_last_error_reason()))
 ```
 
 The SAML response is processed and then checked that there are no errors. It also verifies that the user is authenticated and stored the userdata in session.
@@ -684,7 +777,7 @@ Notice that we saved the user data in the session before the redirection to have
 In order to retrieve attributes we use:
 
 ```python
-attributes = auth.get_attributes();
+attributes = auth.get_attributes()
 ```
 
 With this method we get a dict with all the user data provided by the IdP in the assertion of the SAML response.
@@ -700,12 +793,12 @@ If we execute print attributes we could get:
 }
 ```
 
-Each attribute name can be used as a key to obtain the value. Every attribute is a list of values. A single-valued attribute is a listy of a single element.
+Each attribute name can be used as a key to obtain the value. Every attribute is a list of values. A single-valued attribute is a list of a single element.
 
 The following code is equivalent:
 
 ```python
-attributes = auth.get_attributes();
+attributes = auth.get_attributes()
 print(attributes['cn'])
 
 print(auth.get_attribute('cn'))
@@ -724,11 +817,13 @@ url = auth.process_slo(delete_session_cb=delete_session_callback)
 errors = auth.get_errors()
 if len(errors) == 0:
     if url is not None:
+        # To avoid 'Open Redirect' attacks, before execute the redirection confirm
+        # the value of the url is a trusted URL.
         return redirect(url)
     else:
-        print("Sucessfully Logged out")
+        print("Successfully Logged out")
 else:
-    print("Error when processing SLO: %s" % (', '.join(errors)))
+    print("Error when processing SLO: %s %s" % (', '.join(errors), auth.get_last_error_reason()))
 ```
 
 If the SLS endpoints receives a Logout Response, the response is validated and the session could be closed, using the callback.
@@ -851,6 +946,8 @@ elif 'acs' in request.args:                 # Assertion Consumer Service
             request.session['samlSessionIndex'] = auth.get_session_index()
             self_url = OneLogin_Saml2_Utils.get_self_url(req)
             if 'RelayState' in request.form and self_url != request.form['RelayState']:
+                # To avoid 'Open Redirect' attacks, before execute the redirection confirm
+                # the value of the request.form['RelayState'] is a trusted URL.
                 return redirect(auth.redirect_to(request.form['RelayState']))   # Redirect if there is a relayState
             else:                           # If there is user data we save that to print it later.
                 msg = ''
@@ -862,9 +959,11 @@ elif 'sls' in request.args:                                             # Single
     errors = auth.get_errors()              #  Retrieves possible validation errors
     if len(errors) == 0:
         if url is not None:
+            # To avoid 'Open Redirect' attacks, before execute the redirection confirm
+            # the value of the url is a trusted URL.
             return redirect(url)
         else:
-            msg = "Sucessfully logged out"
+            msg = "Successfully logged out"
 
 if len(errors) == 0:
   print(msg)
@@ -906,7 +1005,7 @@ Described below are the main classes and methods that can be invoked from the SA
 
 #### OneLogin_Saml2_Auth - auth.py ####
 
-Main class of OneLogin Python Toolkit
+Main class of SAML Python Toolkit
 
 * `__init__` Initializes the SP SAML instance.
 * ***login*** Initiates the SSO process.
@@ -932,9 +1031,11 @@ Main class of OneLogin Python Toolkit
 * ***set_strict*** Set the strict mode active/disable.
 * ***get_last_request_xml*** Returns the most recently-constructed/processed XML SAML request (``AuthNRequest``, ``LogoutRequest``)
 * ***get_last_response_xml*** Returns the most recently-constructed/processed XML SAML response (``SAMLResponse``, ``LogoutResponse``). If the SAMLResponse had an encrypted assertion, decrypts it.
+* ***get_last_response_in_response_to*** The `InResponseTo` ID of the most recently processed SAML Response.
 * ***get_last_message_id*** The ID of the last Response SAML message processed.
 * ***get_last_assertion_id*** The ID of the last assertion processed.
 * ***get_last_assertion_not_on_or_after*** The ``NotOnOrAfter`` value of the valid ``SubjectConfirmationData`` node (if any) of the last assertion processed (is only calculated with strict = true)
+* ***get_last_assertion_issue_instant*** The `IssueInstant` value of the last assertion processed.
 
 #### OneLogin_Saml2_Auth - authn_request.py ####
 
@@ -978,7 +1079,7 @@ SAML 2 Logout Request class
 * ***get_nameid*** Gets the NameID of the Logout Request Message (returns a string).
 * ***get_issuer*** Gets the Issuer of the Logout Request Message.
 * ***get_session_indexes*** Gets the ``SessionIndexes`` from the Logout Request.
-* ***is_valid*** Checks if the Logout Request recieved is valid.
+* ***is_valid*** Checks if the Logout Request received is valid.
 * ***get_error*** After execute a validation process, if fails this method returns the cause.
 * ***get_xml*** Returns the XML that will be sent as part of the request or that was received at the SP
 
@@ -997,7 +1098,7 @@ SAML 2 Logout Response class
 
 #### OneLogin_Saml2_Settings - settings.py ####
 
-Configuration of the OneLogin Python Toolkit
+Configuration of the SAML Python Toolkit
 
 * `__init__`  Initializes the settings: Sets the paths of the different folders and Loads settings info from settings file or array/object provided.
 * ***check_settings*** Checks the settings info.
@@ -1061,7 +1162,7 @@ Auxiliary class that contains several methods
 * ***get_expire_time*** Compares 2 dates and returns the earliest.
 * ***delete_local_session*** Deletes the local session.
 * ***calculate_X.509_fingerprint*** Calculates the fingerprint of a X.509 cert.
-* ***format_finger_print*** Formates a fingerprint.
+* ***format_finger_print*** Formats a fingerprint.
 * ***generate_name_id*** Generates a nameID.
 * ***get_status*** Gets Status from a Response.
 * ***decrypt_element*** Decrypts an encrypted element.
@@ -1095,7 +1196,7 @@ For more info, look at the source code. Each method is documented and details ab
 Demos included in the toolkit
 -----------------------------
 
-The toolkit includes 2 demos to teach how use the toolkit (A Django and a Flask project), take a look on it.
+The toolkit includes 3 demos to teach how use the toolkit (A Django, Flask and a Tornado project), take a look on it.
 Demos require that SP and IdP are well configured before test it, so edit the settings files.
 
 Notice that each python framework has it own way to handle routes/urls and process request, so focus on
@@ -1111,22 +1212,14 @@ let's see how fast is it to deploy them.
 The use of a [virtualenv](http://virtualenv.readthedocs.org/en/latest/) is
 highly recommended.
 
-Virtualenv helps isolating the python enviroment used to run the toolkit. You
+Virtualenv helps isolating the python environment used to run the toolkit. You
 can find more details and an installation guide in the
 [official documentation](http://virtualenv.readthedocs.org/en/latest/).
 
 Once you have your virtualenv ready and loaded, then you can install the
-toolkit on it in development mode executing this:
-```
- python setup.py develop
-```
-
-Using this method of deployment the toolkit files will be linked instead of
-copied, so if you make changes on them you won't need to reinstall the toolkit.
-
-If you want install it in a normal mode, execute:
+toolkit executing this:
 ```
- python setup.py install
+ make install-req
 ```
 
 ### Demo Flask ###
@@ -1165,7 +1258,7 @@ The flask project contains:
 
 #### SP setup ####
 
-The Onelogin's Python Toolkit allows you to provide the settings info in 2 ways: Settings files or define a setting dict. In the ``demo-flask``, it uses the first method.
+The SAML Python Toolkit allows you to provide the settings info in 2 ways: Settings files or define a setting dict. In the ``demo-flask``, it uses the first method.
 
 In the ``index.py`` file we define the ``app.config['SAML_PATH']``, that will target to the ``saml`` folder. We require it in order to load the settings files.
 
@@ -1175,6 +1268,79 @@ First we need to edit the ``saml/settings.json`` file, configure the SP part and
 
 Once the SP is configured, the metadata of the SP is published at the ``/metadata`` url. Based on that info, configure the IdP.
 
+#### How it works ####
+
+ 1. First time you access to the main view (http://localhost:8000), you can select to login and return to the same view or login and be redirected to ``/?attrs`` (attrs view).
+
+ 2. When you click:
+
+    2.1 in the first link, we access to ``/?sso`` (index view). An ``AuthNRequest`` is sent to the IdP, we authenticate at the IdP and then a Response is sent through the user's client to the SP, specifically the Assertion Consumer Service view: ``/?acs``. Notice that a ``RelayState`` parameter is set to the url that initiated the process, the index view.
+
+    2.2 in the second link we access to ``/?attrs`` (attrs view), we will expetience have the same process described at 2.1 with the diference that as ``RelayState`` is set the ``attrs`` url.
+
+ 3. The SAML Response is processed in the ACS ``/?acs``, if the Response is not valid, the process stops here and a message is shown. Otherwise we are redirected to the ``RelayState`` view. a) / or b) ``/?attrs``
+
+ 4. We are logged in the app and the user attributes are showed. At this point, we can test the single log out functionality.
+
+ The single log out functionality could be tested by 2 ways.
+
+    5.1 SLO Initiated by SP. Click on the ``logout`` link at the SP, after that a Logout Request is sent to the IdP, the session at the IdP is closed and replies through the client to the SP with a Logout Response (sent to the Single Logout Service endpoint). The SLS endpoint ``/?sls`` of the SP process the Logout Response and if is valid, close the user session of the local app. Notice that the SLO Workflow starts and ends at the SP.
+
+    5.2 SLO Initiated by IdP. In this case, the action takes place on the IdP side, the logout process is initiated at the IdP, sends a Logout Request to the SP (SLS endpoint, ``/?sls``). The SLS endpoint of the SP process the Logout Request and if is valid, close the session of the user at the local app and send a Logout Response to the IdP (to the SLS endpoint of the IdP). The IdP receives the Logout Response, process it and close the session at of the IdP. Notice that the SLO Workflow starts and ends at the IdP.
+
+Notice that all the SAML Requests and Responses are handled at a unique view (index) and how GET parameters are used to know the action that must be done.
+
+### Demo Tornado ###
+
+You'll need a virtualenv with the toolkit installed on it.
+
+First of all you need some packages, execute:
+```
+apt-get install libxml2-dev libxmlsec1-dev libxmlsec1-openssl
+```
+
+To run the demo you need to install the requirements first. Load your
+virtualenv and execute:
+```
+ pip install -r demo-tornado/requirements.txt
+```
+
+
+This will install tornado and its dependencies. Once it has finished, you have to complete the configuration
+of the toolkit. You'll find it at `demo-tornado/saml/settings.json`
+
+Now, with the virtualenv loaded, you can run the demo like this:
+```
+ cd demo-tornado
+ python views.py
+```
+
+You'll have the demo running at http://localhost:8000
+
+#### Content ####
+
+The tornado project contains:
+
+* ***views.py*** Is the main flask file, where or the SAML handle take place.
+
+* ***settings.py*** Contains the base path and the path where is located the ``saml`` folder and the ``template`` folder
+
+* ***templates***. Is the folder where tornado stores the templates of the project. It was implemented a base.html template that is extended by index.html and attrs.html, the templates of our simple demo that shows messages, user attributes when available and login and logout links.
+
+* ***saml*** Is a folder that contains the 'certs' folder that could be used to store the X.509 public and private key, and the saml toolkit settings (settings.json and advanced_settings.json).
+
+#### SP setup ####
+
+The SAML Python Toolkit allows you to provide the settings info in 2 ways: Settings files or define a setting dict. In the ``demo-tornado``, it uses the first method.
+
+In the ``settings.py`` file we define the ``SAML_PATH``, that will target to the ``saml`` folder. We require it in order to load the settings files.
+
+First we need to edit the ``saml/settings.json`` file, configure the SP part and review the metadata of the IdP and complete the IdP info.  Later edit the ``saml/advanced_settings.json`` files and configure the how the toolkit will work. Check the settings section of this document if you have any doubt.
+
+#### IdP setup ####
+
+Once the SP is configured, the metadata of the SP is published at the ``/metadata`` url. Based on that info, configure the IdP.
+
 #### How it works ####
 
 1. First time you access to the main view (http://localhost:8000), you can select to login and return to the same view or login and be redirected to ``/?attrs`` (attrs view).
@@ -1238,7 +1404,7 @@ The django project contains:
 
 #### SP setup ####
 
-The Onelogin's Python Toolkit allows you to provide the settings info in 2 ways: settings files or define a setting dict. In the demo-django it used the first method.
+The SAML Python Toolkit allows you to provide the settings info in 2 ways: settings files or define a setting dict. In the demo-django it used the first method.
 
 After set the ``SAML_FOLDER`` in the ``demo/settings.py``, the settings of the Python toolkit will be loaded on the Django web.
 
@@ -1318,7 +1484,7 @@ The Pyramid project contains:
 
 #### SP setup ####
 
-The Onelogin's Python Toolkit allows you to provide the settings info in 2 ways: settings files or define a setting dict. In ``demo_pyramid`` the first method is used.
+The SAML Python Toolkit allows you to provide the settings info in 2 ways: settings files or define a setting dict. In ``demo_pyramid`` the first method is used.
 
 In the ``views.py`` file we define the ``SAML_PATH``, which will target the ``saml`` folder. We require it in order to load the settings files.
 
@@ -1342,7 +1508,7 @@ Once the SP is configured, the metadata of the SP is published at the ``/metadat
 
  4. We are logged in the app and the user attributes are showed. At this point, we can test the single log out functionality.
 
- The single log out funcionality could be tested by 2 ways.
+ The single log out functionality could be tested by 2 ways.
 
     5.1 SLO Initiated by SP. Click on the "logout" link at the SP, after that a Logout Request is sent to the IdP, the session at the IdP is closed and replies through the client to the SP with a Logout Response (sent to the Single Logout Service endpoint). The SLS endpoint /?sls of the SP process the Logout Response and if is valid, close the user session of the local app. Notice that the SLO Workflow starts and ends at the SP.
 
diff --git a/changelog.md b/changelog.md
index 9d7e4384..10a066f0 100644
--- a/changelog.md
+++ b/changelog.md
@@ -1,6 +1,74 @@
 # python3-saml changelog
-### 1.7.1 (unrelease)
-* Drop python3.4 support
+### 1.16.0 (Oct 9, 2023)
+- [#364](https://github.com/SAML-Toolkits/python3-saml/commit/d1bfaeb17a786735827b8252b91deafde29dabd8) Improve get_metadata method from Parser, allowing to set headers
+- Fix WantAuthnRequestsSigned parser
+- Fix expired payloads used on tests
+- Updated content from docs folder
+
+### 1.15.0 (Dec 27, 2022)
+- [#317](https://github.com/SAML-Toolkits/python3-saml/pull/317) Handle unicode characters gracefully in python 2
+- [#338](https://github.com/SAML-Toolkits/python3-saml/pull/338) Fix WantAuthnRequestsSigned parser
+- [#339](https://github.com/SAML-Toolkits/python3-saml/pull/339) Add Poetry support
+- Remove version restriction on lxml dependency
+- Updated Django demo to 4.X (only py3 compatible)
+- Updated Travis file. Forced lxml to be installed using no-validate_binary
+- Removed references to OneLogin from documentation
+
+### 1.14.0 (Feb 18, 2022)
+- [#297](https://github.com/onelogin/python3-saml/pull/297) Don't require yanked version of lxml.
+- [#298](https://github.com/onelogin/python3-saml/pull/298) Add support for python 3.10 and cleanup the GHA.
+- [#299](https://github.com/onelogin/python3-saml/pull/299) Remove stats from coveralls removed as they are no longer maintained.
+
+### 1.13.0 (Jan 28, 2022)
+- [#296](https://github.com/onelogin/python3-saml/pull/296) Add rejectDeprecatedAlgorithm settings in order to be able reject messages signed with deprecated algorithms.
+- Set sha256 and rsa-sha256 as default algorithms
+- [#288](https://github.com/onelogin/python3-saml/pull/288) Support building a LogoutResponse with non-success status
+- Added warning about Open Redirect and Reply attacks
+- [##274](https://github.com/onelogin/python3-saml/pull/274) Replace double-underscored names with single underscores
+- Add at OneLogin_Saml2_Auth get_last_assertion_issue_instant() and get_last_response_in_response_to() methods
+- Upgrade dependencies
+
+### 1.12.0 (Aug 13, 2021)
+* [#276](https://github.com/onelogin/python3-saml/pull/276) Deprecate server_port from request data dictionary
+
+### 1.11.0 (Jul 23, 2021)
+* [#261](https://github.com/onelogin/python3-saml/pull/261) Allow duplicate named attributes, controlled by a new setting
+* [#268](https://github.com/onelogin/python3-saml/pull/268) Make the redirect scheme matcher case-insensitive
+* [#256](https://github.com/onelogin/python3-saml/pull/256) Improve signature validation process. Add an option to use query string for validation
+* [#259](https://github.com/onelogin/python3-saml/pull/259) Add get metadata timeout
+* [#246](https://github.com/onelogin/python3-saml/pull/246) Add the ability to change the ProtocolBinding in the authn request.
+* [#248](https://github.com/onelogin/python3-saml/pull/248) Move storing the response data into its own method in the Auth class
+* Remove the dependency on defusedxml
+* [#241](https://github.com/onelogin/python3-saml/pull/241) Improve AttributeConsumingService support
+* Update expired dates from test responses
+* Migrate from Travis to Github Actions
+
+### 1.10.1 (Jan 27, 2021)
+* Fix bug on LogoutRequest class, get_idp_slo_response_url was used instead get_idp_slo_url
+
+### 1.10.0 (Jan 14, 2021)
+* Added custom lxml parser based on the one defined at xmldefused. Parser will ignore comments and processing instructions and by default have deactivated huge_tree, DTD and access to external documents
+* Destination URL Comparison is now case-insensitive for netloc
+* Support single-label-domains as valid. New security parameter allowSingleLabelDomains
+* Added get_idp_sso_url, get_idp_slo_url and get_idp_slo_response_url methods to the Settings class and use it in the toolkit
+* [#212](https://github.com/onelogin/python3-saml/pull/212) Overridability enhancements. Made classes overridable by subclassing. Use of classmethods instead staticmethods
+* Add get_friendlyname_attributes support
+* Remove external lib method get_ext_lib_path. Add set_cert_path in order to allow set the cert path in a different folder than the toolkit
+* Add sha256 instead sha1 algorithm for sign/digest as recommended value on documentation and settings
+* [#178](https://github.com/onelogin/python3-saml/pull/178) Support for adding idp.crt from filesystem
+* Add samlUserdata to demo-flask session
+* Fix autoreloading in demo-tornado
+
+### 1.9.0 (Nov 20, 2019)
+* Allow any number of decimal places for seconds on SAML datetimes
+* Fix failOnAuthnContextMismatch code
+* Improve signature validation when no reference uri
+* Update demo versions. Improve them and add Tornado demo.
+
+### 1.8.0 (Sep 11, 2019)
+* Set true as the default value for strict setting
+* [#152](https://github.com/onelogin/python3-saml/pull/152/files) Don't clean xsd and xsi namespaces
+* Drop python3.4 support due lxml. See lxml 4.4.0 (2019-07-27)
 
 ### 1.7.0 (Jul 02, 2019)
 * Adjusted acs endpoint to extract NameQualifier and SPNameQualifier from SAMLResponse. Adjusted single logout service to provide NameQualifier and SPNameQualifier to logout method. Add getNameIdNameQualifier to Auth and SamlResponse. Extend logout method from Auth and LogoutRequest constructor to support SPNameQualifier parameter. Align LogoutRequest constructor with SAML specs
@@ -39,7 +107,7 @@
 ### 1.3.0 (Sep 15, 2017)
 * Improve decrypt method, Add an option to decrypt an element in place or copy it before decryption.
 * [#63](https://github.com/onelogin/python3-saml/pull/63) Be able to get at the auth object the last processed ID (response/assertion) and the last generated ID, as well as the NotOnOrAfter value of the valid SubjectConfirmationData in the processed SAMLResponse
-* On a LogoutRequest if the NameIdFormat is entity, NameQualifier and SPNameQualifier will be ommited. If the NameIdFormat is not entity and a NameQualifier is provided, then the SPNameQualifier will be also added.
+* On a LogoutRequest if the NameIdFormat is entity, NameQualifier and SPNameQualifier will be omitted. If the NameIdFormat is not entity and a NameQualifier is provided, then the SPNameQualifier will be also added.
 * Reset errorReason attribute of the auth object before each Process method
 * [#65](https://github.com/onelogin/python3-saml/pull/65) Fix issue on getting multiple certs when only sign or encryption certs
 
diff --git a/demo-django/demo/urls.py b/demo-django/demo/urls.py
index cb05b321..92bc0a2b 100644
--- a/demo-django/demo/urls.py
+++ b/demo-django/demo/urls.py
@@ -1,10 +1,11 @@
-from django.conf.urls import url
+from django.urls import re_path
 from django.contrib import admin
 from .views import attrs, index, metadata
+
 admin.autodiscover()
 
 urlpatterns = [
-    url(r'^$', index, name='index'),
-    url(r'^attrs/$', attrs, name='attrs'),
-    url(r'^metadata/$', metadata, name='metadata'),
+    re_path(r"^$", index, name="index"),
+    re_path(r"^attrs/$", attrs, name="attrs"),
+    re_path(r"^metadata/$", metadata, name="metadata"),
 ]
diff --git a/demo-django/demo/views.py b/demo-django/demo/views.py
index 4c61e599..82ae55eb 100644
--- a/demo-django/demo/views.py
+++ b/demo-django/demo/views.py
@@ -1,7 +1,6 @@
 from django.conf import settings
 from django.urls import reverse
-from django.http import (HttpResponse, HttpResponseRedirect,
-                         HttpResponseServerError)
+from django.http import HttpResponse, HttpResponseRedirect, HttpResponseServerError
 from django.shortcuts import render
 
 from onelogin.saml2.auth import OneLogin_Saml2_Auth
@@ -17,14 +16,13 @@ def init_saml_auth(req):
 def prepare_django_request(request):
     # If server is behind proxys or balancers use the HTTP_X_FORWARDED fields
     result = {
-        'https': 'on' if request.is_secure() else 'off',
-        'http_host': request.META['HTTP_HOST'],
-        'script_name': request.META['PATH_INFO'],
-        'server_port': request.META['SERVER_PORT'],
-        'get_data': request.GET.copy(),
+        "https": "on" if request.is_secure() else "off",
+        "http_host": request.META["HTTP_HOST"],
+        "script_name": request.META["PATH_INFO"],
+        "get_data": request.GET.copy(),
         # Uncomment if using ADFS as IdP, https://github.com/onelogin/python-saml/pull/144
         # 'lowercase_urlencoding': True,
-        'post_data': request.POST.copy()
+        "post_data": request.POST.copy(),
     }
     return result
 
@@ -39,89 +37,93 @@ def index(request):
     attributes = False
     paint_logout = False
 
-    if 'sso' in req['get_data']:
+    if "sso" in req["get_data"]:
         return HttpResponseRedirect(auth.login())
         # If AuthNRequest ID need to be stored in order to later validate it, do instead
         # sso_built_url = auth.login()
         # request.session['AuthNRequestID'] = auth.get_last_request_id()
         # return HttpResponseRedirect(sso_built_url)
-    elif 'sso2' in req['get_data']:
-        return_to = OneLogin_Saml2_Utils.get_self_url(req) + reverse('attrs')
+    elif "sso2" in req["get_data"]:
+        return_to = OneLogin_Saml2_Utils.get_self_url(req) + reverse("attrs")
         return HttpResponseRedirect(auth.login(return_to))
-    elif 'slo' in req['get_data']:
+    elif "slo" in req["get_data"]:
         name_id = session_index = name_id_format = name_id_nq = name_id_spnq = None
-        if 'samlNameId' in request.session:
-            name_id = request.session['samlNameId']
-        if 'samlSessionIndex' in request.session:
-            session_index = request.session['samlSessionIndex']
-        if 'samlNameIdFormat' in request.session:
-            name_id_format = request.session['samlNameIdFormat']
-        if 'samlNameIdNameQualifier' in request.session:
-            name_id_nq = request.session['samlNameIdNameQualifier']
-        if 'samlNameIdSPNameQualifier' in request.session:
-            name_id_spnq = request.session['samlNameIdSPNameQualifier']
+        if "samlNameId" in request.session:
+            name_id = request.session["samlNameId"]
+        if "samlSessionIndex" in request.session:
+            session_index = request.session["samlSessionIndex"]
+        if "samlNameIdFormat" in request.session:
+            name_id_format = request.session["samlNameIdFormat"]
+        if "samlNameIdNameQualifier" in request.session:
+            name_id_nq = request.session["samlNameIdNameQualifier"]
+        if "samlNameIdSPNameQualifier" in request.session:
+            name_id_spnq = request.session["samlNameIdSPNameQualifier"]
 
         return HttpResponseRedirect(auth.logout(name_id=name_id, session_index=session_index, nq=name_id_nq, name_id_format=name_id_format, spnq=name_id_spnq))
         # If LogoutRequest ID need to be stored in order to later validate it, do instead
         # slo_built_url = auth.logout(name_id=name_id, session_index=session_index)
         # request.session['LogoutRequestID'] = auth.get_last_request_id()
         # return HttpResponseRedirect(slo_built_url)
-    elif 'acs' in req['get_data']:
+    elif "acs" in req["get_data"]:
         request_id = None
-        if 'AuthNRequestID' in request.session:
-            request_id = request.session['AuthNRequestID']
+        if "AuthNRequestID" in request.session:
+            request_id = request.session["AuthNRequestID"]
 
         auth.process_response(request_id=request_id)
         errors = auth.get_errors()
         not_auth_warn = not auth.is_authenticated()
 
         if not errors:
-            if 'AuthNRequestID' in request.session:
-                del request.session['AuthNRequestID']
-            request.session['samlUserdata'] = auth.get_attributes()
-            request.session['samlNameId'] = auth.get_nameid()
-            request.session['samlNameIdFormat'] = auth.get_nameid_format()
-            request.session['samlNameIdNameQualifier'] = auth.get_nameid_nq()
-            request.session['samlNameIdSPNameQualifier'] = auth.get_nameid_spnq()
-            request.session['samlSessionIndex'] = auth.get_session_index()
-            if 'RelayState' in req['post_data'] and OneLogin_Saml2_Utils.get_self_url(req) != req['post_data']['RelayState']:
-                return HttpResponseRedirect(auth.redirect_to(req['post_data']['RelayState']))
-        else:
-            if auth.get_settings().is_debug_active():
-                error_reason = auth.get_last_error_reason()
-    elif 'sls' in req['get_data']:
+            if "AuthNRequestID" in request.session:
+                del request.session["AuthNRequestID"]
+            request.session["samlUserdata"] = auth.get_attributes()
+            request.session["samlNameId"] = auth.get_nameid()
+            request.session["samlNameIdFormat"] = auth.get_nameid_format()
+            request.session["samlNameIdNameQualifier"] = auth.get_nameid_nq()
+            request.session["samlNameIdSPNameQualifier"] = auth.get_nameid_spnq()
+            request.session["samlSessionIndex"] = auth.get_session_index()
+            if "RelayState" in req["post_data"] and OneLogin_Saml2_Utils.get_self_url(req) != req["post_data"]["RelayState"]:
+                # To avoid 'Open Redirect' attacks, before execute the redirection confirm
+                # the value of the req['post_data']['RelayState'] is a trusted URL.
+                return HttpResponseRedirect(auth.redirect_to(req["post_data"]["RelayState"]))
+        elif auth.get_settings().is_debug_active():
+            error_reason = auth.get_last_error_reason()
+    elif "sls" in req["get_data"]:
         request_id = None
-        if 'LogoutRequestID' in request.session:
-            request_id = request.session['LogoutRequestID']
+        if "LogoutRequestID" in request.session:
+            request_id = request.session["LogoutRequestID"]
         dscb = lambda: request.session.flush()
         url = auth.process_slo(request_id=request_id, delete_session_cb=dscb)
         errors = auth.get_errors()
         if len(errors) == 0:
             if url is not None:
+                # To avoid 'Open Redirect' attacks, before execute the redirection confirm
+                # the value of the url is a trusted URL
                 return HttpResponseRedirect(url)
             else:
                 success_slo = True
+        elif auth.get_settings().is_debug_active():
+            error_reason = auth.get_last_error_reason()
 
-    if 'samlUserdata' in request.session:
+    if "samlUserdata" in request.session:
         paint_logout = True
-        if len(request.session['samlUserdata']) > 0:
-            attributes = request.session['samlUserdata'].items()
+        if len(request.session["samlUserdata"]) > 0:
+            attributes = request.session["samlUserdata"].items()
 
-    return render(request, 'index.html', {'errors': errors, 'error_reason': error_reason, 'not_auth_warn': not_auth_warn, 'success_slo': success_slo,
-                                          'attributes': attributes, 'paint_logout': paint_logout})
+    return render(
+        request, "index.html", {"errors": errors, "error_reason": error_reason, "not_auth_warn": not_auth_warn, "success_slo": success_slo, "attributes": attributes, "paint_logout": paint_logout}
+    )
 
 
 def attrs(request):
     paint_logout = False
     attributes = False
 
-    if 'samlUserdata' in request.session:
+    if "samlUserdata" in request.session:
         paint_logout = True
-        if len(request.session['samlUserdata']) > 0:
-            attributes = request.session['samlUserdata'].items()
-    return render(request, 'attrs.html',
-                  {'paint_logout': paint_logout,
-                   'attributes': attributes})
+        if len(request.session["samlUserdata"]) > 0:
+            attributes = request.session["samlUserdata"].items()
+    return render(request, "attrs.html", {"paint_logout": paint_logout, "attributes": attributes})
 
 
 def metadata(request):
@@ -133,7 +135,7 @@ def metadata(request):
     errors = saml_settings.validate_metadata(metadata)
 
     if len(errors) == 0:
-        resp = HttpResponse(content=metadata, content_type='text/xml')
+        resp = HttpResponse(content=metadata, content_type="text/xml")
     else:
-        resp = HttpResponseServerError(content=', '.join(errors))
+        resp = HttpResponseServerError(content=", ".join(errors))
     return resp
diff --git a/demo-django/demo/wsgi.py b/demo-django/demo/wsgi.py
index b1c7db13..49617a60 100644
--- a/demo-django/demo/wsgi.py
+++ b/demo-django/demo/wsgi.py
@@ -8,7 +8,9 @@
 """
 
 import os
+
 os.environ.setdefault("DJANGO_SETTINGS_MODULE", "demo.settings")
 
 from django.core.wsgi import get_wsgi_application  # noqa: E402
+
 application = get_wsgi_application()
diff --git a/demo-django/requirements.txt b/demo-django/requirements.txt
index 1aa1df39..c4d84d80 100644
--- a/demo-django/requirements.txt
+++ b/demo-django/requirements.txt
@@ -1,2 +1,2 @@
-Django==1.11
+Django==4.1.13
 python3-saml
diff --git a/demo-django/saml/advanced_settings.json b/demo-django/saml/advanced_settings.json
index 3115e17e..3960911a 100644
--- a/demo-django/saml/advanced_settings.json
+++ b/demo-django/saml/advanced_settings.json
@@ -10,8 +10,10 @@
         "wantNameId" : true,
         "wantNameIdEncrypted": false,
         "wantAssertionsEncrypted": false,
-        "signatureAlgorithm": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
-        "digestAlgorithm": "http://www.w3.org/2000/09/xmldsig#sha1"
+        "allowSingleLabelDomains": false,
+        "signatureAlgorithm": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
+        "digestAlgorithm": "http://www.w3.org/2001/04/xmlenc#sha256",
+        "rejectDeprecatedAlgorithm": true
     },
     "contactPerson": {
         "technical": {
diff --git a/demo-django/saml/certs/README b/demo-django/saml/certs/README
index 7e837fb9..ed973e05 100644
--- a/demo-django/saml/certs/README
+++ b/demo-django/saml/certs/README
@@ -1,6 +1,6 @@
 Take care of this folder that could contain private key. Be sure that this folder never is published.
 
-Onelogin Python Toolkit expects that certs for the SP could be stored in this folder as:
+SAML Python Toolkit expects that certs for the SP could be stored in this folder as:
 
  * sp.key     Private Key
  * sp.crt     Public cert
diff --git a/demo-django/templates/base.html b/demo-django/templates/base.html
index a55dbf0b..960ca0bc 100644
--- a/demo-django/templates/base.html
+++ b/demo-django/templates/base.html
@@ -5,7 +5,7 @@
     <meta http-equiv="X-UA-Compatible" content="IE=edge">
     <meta name="viewport" content="width=device-width, initial-scale=1">
 
-    <title>A Python SAML Toolkit by OneLogin demo</title>
+    <title>A Python SAML Toolkit demo</title>
 
     <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css">
 
@@ -18,7 +18,7 @@
   </head>
   <body>
     <div class="container">
-      <h1>A Python SAML Toolkit by OneLogin demo</h1>
+      <h1>A Python SAML Toolkit demo</h1>
 
       {% block content %}{% endblock %}
     </div>
diff --git a/demo-flask/index.py b/demo-flask/index.py
index b344da4c..a03eeccd 100644
--- a/demo-flask/index.py
+++ b/demo-flask/index.py
@@ -1,134 +1,131 @@
 import os
 
-from flask import (Flask, request, render_template, redirect, session,
-                   make_response)
-
-from urllib.parse import urlparse
+from flask import Flask, request, render_template, redirect, session, make_response
 
 from onelogin.saml2.auth import OneLogin_Saml2_Auth
 from onelogin.saml2.utils import OneLogin_Saml2_Utils
 
 
 app = Flask(__name__)
-app.config['SECRET_KEY'] = 'onelogindemopytoolkit'
-app.config['SAML_PATH'] = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'saml')
+app.config["SECRET_KEY"] = "onelogindemopytoolkit"
+app.config["SAML_PATH"] = os.path.join(os.path.dirname(os.path.abspath(__file__)), "saml")
 
 
 def init_saml_auth(req):
-    auth = OneLogin_Saml2_Auth(req, custom_base_path=app.config['SAML_PATH'])
+    auth = OneLogin_Saml2_Auth(req, custom_base_path=app.config["SAML_PATH"])
     return auth
 
 
 def prepare_flask_request(request):
     # If server is behind proxys or balancers use the HTTP_X_FORWARDED fields
-    url_data = urlparse(request.url)
     return {
-        'https': 'on' if request.scheme == 'https' else 'off',
-        'http_host': request.host,
-        'server_port': url_data.port,
-        'script_name': request.path,
-        'get_data': request.args.copy(),
+        "https": "on" if request.scheme == "https" else "off",
+        "http_host": request.host,
+        "script_name": request.path,
+        "get_data": request.args.copy(),
         # Uncomment if using ADFS as IdP, https://github.com/onelogin/python-saml/pull/144
         # 'lowercase_urlencoding': True,
-        'post_data': request.form.copy()
+        "post_data": request.form.copy(),
     }
 
 
-@app.route('/', methods=['GET', 'POST'])
+@app.route("/", methods=["GET", "POST"])
 def index():
     req = prepare_flask_request(request)
     auth = init_saml_auth(req)
     errors = []
+    error_reason = None
     not_auth_warn = False
     success_slo = False
     attributes = False
     paint_logout = False
 
-    if 'sso' in request.args:
+    if "sso" in request.args:
         return redirect(auth.login())
         # If AuthNRequest ID need to be stored in order to later validate it, do instead
         # sso_built_url = auth.login()
         # request.session['AuthNRequestID'] = auth.get_last_request_id()
         # return redirect(sso_built_url)
-    elif 'sso2' in request.args:
-        return_to = '%sattrs/' % request.host_url
+    elif "sso2" in request.args:
+        return_to = "%sattrs/" % request.host_url
         return redirect(auth.login(return_to))
-    elif 'slo' in request.args:
+    elif "slo" in request.args:
         name_id = session_index = name_id_format = name_id_nq = name_id_spnq = None
-        if 'samlNameId' in session:
-            name_id = session['samlNameId']
-        if 'samlSessionIndex' in session:
-            session_index = session['samlSessionIndex']
-        if 'samlNameIdFormat' in session:
-            name_id_format = session['samlNameIdFormat']
-        if 'samlNameIdNameQualifier' in session:
-            name_id_nq = session['samlNameIdNameQualifier']
-        if 'samlNameIdSPNameQualifier' in session:
-            name_id_spnq = session['samlNameIdSPNameQualifier']
+        if "samlNameId" in session:
+            name_id = session["samlNameId"]
+        if "samlSessionIndex" in session:
+            session_index = session["samlSessionIndex"]
+        if "samlNameIdFormat" in session:
+            name_id_format = session["samlNameIdFormat"]
+        if "samlNameIdNameQualifier" in session:
+            name_id_nq = session["samlNameIdNameQualifier"]
+        if "samlNameIdSPNameQualifier" in session:
+            name_id_spnq = session["samlNameIdSPNameQualifier"]
 
         return redirect(auth.logout(name_id=name_id, session_index=session_index, nq=name_id_nq, name_id_format=name_id_format, spnq=name_id_spnq))
-    elif 'acs' in request.args:
+    elif "acs" in request.args:
         request_id = None
-        if 'AuthNRequestID' in session:
-            request_id = session['AuthNRequestID']
+        if "AuthNRequestID" in session:
+            request_id = session["AuthNRequestID"]
 
         auth.process_response(request_id=request_id)
         errors = auth.get_errors()
         not_auth_warn = not auth.is_authenticated()
         if len(errors) == 0:
-            if 'AuthNRequestID' in session:
-                del session['AuthNRequestID']
-            session['samlNameId'] = auth.get_nameid()
-            session['samlNameIdFormat'] = auth.get_nameid_format()
-            session['samlNameIdNameQualifier'] = auth.get_nameid_nq()
-            session['samlNameIdSPNameQualifier'] = auth.get_nameid_spnq()
-            session['samlSessionIndex'] = auth.get_session_index()
+            if "AuthNRequestID" in session:
+                del session["AuthNRequestID"]
+            session["samlUserdata"] = auth.get_attributes()
+            session["samlNameId"] = auth.get_nameid()
+            session["samlNameIdFormat"] = auth.get_nameid_format()
+            session["samlNameIdNameQualifier"] = auth.get_nameid_nq()
+            session["samlNameIdSPNameQualifier"] = auth.get_nameid_spnq()
+            session["samlSessionIndex"] = auth.get_session_index()
             self_url = OneLogin_Saml2_Utils.get_self_url(req)
-            if 'RelayState' in request.form and self_url != request.form['RelayState']:
-                return redirect(auth.redirect_to(request.form['RelayState']))
-    elif 'sls' in request.args:
+            if "RelayState" in request.form and self_url != request.form["RelayState"]:
+                # To avoid 'Open Redirect' attacks, before execute the redirection confirm
+                # the value of the request.form['RelayState'] is a trusted URL.
+                return redirect(auth.redirect_to(request.form["RelayState"]))
+        elif auth.get_settings().is_debug_active():
+            error_reason = auth.get_last_error_reason()
+    elif "sls" in request.args:
         request_id = None
-        if 'LogoutRequestID' in session:
-            request_id = session['LogoutRequestID']
+        if "LogoutRequestID" in session:
+            request_id = session["LogoutRequestID"]
         dscb = lambda: session.clear()
         url = auth.process_slo(request_id=request_id, delete_session_cb=dscb)
         errors = auth.get_errors()
         if len(errors) == 0:
             if url is not None:
+                # To avoid 'Open Redirect' attacks, before execute the redirection confirm
+                # the value of the url is a trusted URL.
                 return redirect(url)
             else:
                 success_slo = True
+        elif auth.get_settings().is_debug_active():
+            error_reason = auth.get_last_error_reason()
 
-    if 'samlUserdata' in session:
+    if "samlUserdata" in session:
         paint_logout = True
-        if len(session['samlUserdata']) > 0:
-            attributes = session['samlUserdata'].items()
+        if len(session["samlUserdata"]) > 0:
+            attributes = session["samlUserdata"].items()
 
-    return render_template(
-        'index.html',
-        errors=errors,
-        not_auth_warn=not_auth_warn,
-        success_slo=success_slo,
-        attributes=attributes,
-        paint_logout=paint_logout
-    )
+    return render_template("index.html", errors=errors, error_reason=error_reason, not_auth_warn=not_auth_warn, success_slo=success_slo, attributes=attributes, paint_logout=paint_logout)
 
 
-@app.route('/attrs/')
+@app.route("/attrs/")
 def attrs():
     paint_logout = False
     attributes = False
 
-    if 'samlUserdata' in session:
+    if "samlUserdata" in session:
         paint_logout = True
-        if len(session['samlUserdata']) > 0:
-            attributes = session['samlUserdata'].items()
+        if len(session["samlUserdata"]) > 0:
+            attributes = session["samlUserdata"].items()
 
-    return render_template('attrs.html', paint_logout=paint_logout,
-                           attributes=attributes)
+    return render_template("attrs.html", paint_logout=paint_logout, attributes=attributes)
 
 
-@app.route('/metadata/')
+@app.route("/metadata/")
 def metadata():
     req = prepare_flask_request(request)
     auth = init_saml_auth(req)
@@ -138,11 +135,11 @@ def metadata():
 
     if len(errors) == 0:
         resp = make_response(metadata, 200)
-        resp.headers['Content-Type'] = 'text/xml'
+        resp.headers["Content-Type"] = "text/xml"
     else:
-        resp = make_response(', '.join(errors), 500)
+        resp = make_response(", ".join(errors), 500)
     return resp
 
 
 if __name__ == "__main__":
-    app.run(host='0.0.0.0', port=8000, debug=True)
+    app.run(host="0.0.0.0", port=8000, debug=True)
diff --git a/demo-flask/requirements.txt b/demo-flask/requirements.txt
index 335836f7..d9340937 100644
--- a/demo-flask/requirements.txt
+++ b/demo-flask/requirements.txt
@@ -1 +1 @@
-flask==0.10.1
+flask==1.0
diff --git a/demo-flask/saml/advanced_settings.json b/demo-flask/saml/advanced_settings.json
index 3115e17e..3960911a 100644
--- a/demo-flask/saml/advanced_settings.json
+++ b/demo-flask/saml/advanced_settings.json
@@ -10,8 +10,10 @@
         "wantNameId" : true,
         "wantNameIdEncrypted": false,
         "wantAssertionsEncrypted": false,
-        "signatureAlgorithm": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
-        "digestAlgorithm": "http://www.w3.org/2000/09/xmldsig#sha1"
+        "allowSingleLabelDomains": false,
+        "signatureAlgorithm": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
+        "digestAlgorithm": "http://www.w3.org/2001/04/xmlenc#sha256",
+        "rejectDeprecatedAlgorithm": true
     },
     "contactPerson": {
         "technical": {
diff --git a/demo-flask/saml/certs/README b/demo-flask/saml/certs/README
index 7e837fb9..ed973e05 100644
--- a/demo-flask/saml/certs/README
+++ b/demo-flask/saml/certs/README
@@ -1,6 +1,6 @@
 Take care of this folder that could contain private key. Be sure that this folder never is published.
 
-Onelogin Python Toolkit expects that certs for the SP could be stored in this folder as:
+SAML Python Toolkit expects that certs for the SP could be stored in this folder as:
 
  * sp.key     Private Key
  * sp.crt     Public cert
diff --git a/demo-flask/templates/base.html b/demo-flask/templates/base.html
index a55dbf0b..960ca0bc 100644
--- a/demo-flask/templates/base.html
+++ b/demo-flask/templates/base.html
@@ -5,7 +5,7 @@
     <meta http-equiv="X-UA-Compatible" content="IE=edge">
     <meta name="viewport" content="width=device-width, initial-scale=1">
 
-    <title>A Python SAML Toolkit by OneLogin demo</title>
+    <title>A Python SAML Toolkit demo</title>
 
     <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css">
 
@@ -18,7 +18,7 @@
   </head>
   <body>
     <div class="container">
-      <h1>A Python SAML Toolkit by OneLogin demo</h1>
+      <h1>A Python SAML Toolkit demo</h1>
 
       {% block content %}{% endblock %}
     </div>
diff --git a/demo-flask/templates/index.html b/demo-flask/templates/index.html
index ad42cf5c..fd1ff051 100644
--- a/demo-flask/templates/index.html
+++ b/demo-flask/templates/index.html
@@ -10,6 +10,9 @@
           <li>{{err}}</li>
         {% endfor %}
     </ul>
+    {% if error_reason %}
+        <span>{{error_reason}}</span>
+    {% endif %}
   </div>
 {% endif %}
 
diff --git a/demo-tornado/README.md b/demo-tornado/README.md
new file mode 100644
index 00000000..428d192c
--- /dev/null
+++ b/demo-tornado/README.md
@@ -0,0 +1,9 @@
+# Tornado Demo #
+Fully-working tornado-demo.
+
+### About issues ###
+This is only a demo, some issues about session still remain. 
+Actually the session is global.
+
+### Production ###
+Remember to disable debugging in production.
diff --git a/demo-tornado/Settings.py b/demo-tornado/Settings.py
new file mode 100644
index 00000000..46fb48ca
--- /dev/null
+++ b/demo-tornado/Settings.py
@@ -0,0 +1,6 @@
+import os
+
+BASE_DIR = os.path.dirname(__file__)
+
+SAML_PATH = os.path.join(BASE_DIR, "saml")
+TEMPLATE_PATH = os.path.join(BASE_DIR, "templates")
diff --git a/demo-tornado/requirements.txt b/demo-tornado/requirements.txt
new file mode 100644
index 00000000..0f21d3ed
--- /dev/null
+++ b/demo-tornado/requirements.txt
@@ -0,0 +1 @@
+tornado==6.4.1
diff --git a/demo-tornado/saml/advanced_settings.json b/demo-tornado/saml/advanced_settings.json
new file mode 100644
index 00000000..3960911a
--- /dev/null
+++ b/demo-tornado/saml/advanced_settings.json
@@ -0,0 +1,35 @@
+{
+    "security": {
+        "nameIdEncrypted": false,
+        "authnRequestsSigned": false,
+        "logoutRequestSigned": false,
+        "logoutResponseSigned": false,
+        "signMetadata": false,
+        "wantMessagesSigned": false,
+        "wantAssertionsSigned": false,
+        "wantNameId" : true,
+        "wantNameIdEncrypted": false,
+        "wantAssertionsEncrypted": false,
+        "allowSingleLabelDomains": false,
+        "signatureAlgorithm": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
+        "digestAlgorithm": "http://www.w3.org/2001/04/xmlenc#sha256",
+        "rejectDeprecatedAlgorithm": true
+    },
+    "contactPerson": {
+        "technical": {
+            "givenName": "technical_name",
+            "emailAddress": "technical@example.com"
+        },
+        "support": {
+            "givenName": "support_name",
+            "emailAddress": "support@example.com"
+        }
+    },
+    "organization": {
+        "en-US": {
+            "name": "sp_test",
+            "displayname": "SP test",
+            "url": "http://sp.example.com"
+        }
+    }
+}
\ No newline at end of file
diff --git a/demo-tornado/saml/certs/README b/demo-tornado/saml/certs/README
new file mode 100644
index 00000000..ed973e05
--- /dev/null
+++ b/demo-tornado/saml/certs/README
@@ -0,0 +1,13 @@
+Take care of this folder that could contain private key. Be sure that this folder never is published.
+
+SAML Python Toolkit expects that certs for the SP could be stored in this folder as:
+
+ * sp.key     Private Key
+ * sp.crt     Public cert
+ * sp_new.crt Future Public cert
+
+
+Also you can use other cert to sign the metadata of the SP using the:
+
+ * metadata.key
+ * metadata.crt
diff --git a/demo-tornado/saml/settings.json b/demo-tornado/saml/settings.json
new file mode 100644
index 00000000..391b91c1
--- /dev/null
+++ b/demo-tornado/saml/settings.json
@@ -0,0 +1,30 @@
+{
+    "strict": true,
+    "debug": true,
+    "sp": {
+        "entityId": "https://<sp_domain>/metadata/",
+        "assertionConsumerService": {
+            "url": "https://<sp_domain>/?acs",
+            "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+        },
+        "singleLogoutService": {
+            "url": "https://<sp_domain>/?sls",
+            "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+        },
+        "NameIDFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
+        "x509cert": "",
+        "privateKey": ""
+    },
+    "idp": {
+        "entityId": "https://app.onelogin.com/saml/metadata/<onelogin_connector_id>",
+        "singleSignOnService": {
+            "url": "https://app.onelogin.com/trust/saml2/http-post/sso/<onelogin_connector_id>",
+            "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+        },
+        "singleLogoutService": {
+            "url": "https://app.onelogin.com/trust/saml2/http-redirect/slo/<onelogin_connector_id>",
+            "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+        },
+        "x509cert": "<onelogin_connector_cert>"
+    }
+}
\ No newline at end of file
diff --git a/demo-tornado/templates/attrs.html b/demo-tornado/templates/attrs.html
new file mode 100644
index 00000000..e2429739
--- /dev/null
+++ b/demo-tornado/templates/attrs.html
@@ -0,0 +1,35 @@
+{% extends "base.html" %}
+
+{% block content %}
+
+{% if paint_logout %}
+  {% if attributes %}
+    <p>You have the following attributes:</p>
+    <table class="table table-striped">
+      <thead>
+        <th>Name</th><th>Values</th>
+      </thead>
+      <tbody>
+        {% for attr, i in attributes %}
+            {% if i == 0 %}
+                <tr><td>{{ attr }}</td>
+                <td><ul class="list-unstyled">
+            {% end %}
+            {% if i == 1 %}
+                {% for val in attr %}
+                    <li>{{ val }}</li>
+                {% end %}
+            {% end %}
+            </ul></td></tr>
+        {% end %}
+      </tbody>
+    </table>
+  {% else %}
+    <div class="alert alert-danger" role="alert">You don't have any attributes</div>
+  {% end %}
+  <a href="/?slo" class="btn btn-danger">Logout</a>
+{% else %}
+  <a href="/?sso2" class="btn btn-primary">Login and access again to this page</a>
+{% end %}
+
+{% end %}
diff --git a/demo-tornado/templates/base.html b/demo-tornado/templates/base.html
new file mode 100644
index 00000000..e71bb136
--- /dev/null
+++ b/demo-tornado/templates/base.html
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+
+    <title>A Python SAML Toolkit demo</title>
+
+    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css">
+
+    <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
+      <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
+    <![endif]-->
+  </head>
+  <body>
+    <div class="container">
+      <h1>A Python SAML Toolkit demo</h1>
+
+      {% block content %}{% end %}
+    </div>
+  </body>
+</html>
diff --git a/demo-tornado/templates/index.html b/demo-tornado/templates/index.html
new file mode 100644
index 00000000..f8dfac0a
--- /dev/null
+++ b/demo-tornado/templates/index.html
@@ -0,0 +1,69 @@
+{% extends "base.html" %}
+
+{% block content %}
+
+{% if errors %}
+  <div class="alert alert-danger" role="alert">
+    <strong>Errors:</strong>
+    <ul class="list-unstyled">
+        {% for err in errors %}
+          <li>{{err}}</li>
+        {% end %}
+        {% if error_reason %}
+          <span>{{error_reason}}</span>
+        {% end %}
+    </ul>
+  </div>
+{% end %}
+
+{% if not_auth_warn %}
+  <div class="alert alert-danger" role="alert">Not authenticated</div>
+{% end %}
+
+{% if success_slo %}
+  <div class="alert alert-success" role="alert">Successfully logged out</div>
+{% end %}
+
+{% if paint_logout %}
+  {% if attributes %}
+    <table class="table table-striped">
+      <thead>
+        <th>Name</th><th>Values</th>
+      </thead>
+      <tbody>
+        {% for attr in attributes %}
+          <tr>
+              <td>{{ attr[0] }}</td>
+            <td><ul class="list-unstyled">
+              <!-- <li>{{ attr[1][0] }}</li> -->
+              {% for elem in attr[1] %}
+                <li>{{ elem }}</li>
+              {% end %}
+            </ul></td>
+          </tr>
+        {% end %}
+
+
+        <!-- {% for attr, i in attributes %}
+            {% if i == 0 %}
+                <tr><td>{{ attr }}</td>
+                <td><ul class="list-unstyled">
+            {% end %}
+            {% if i == 1 %}
+                {% for val in attr %}
+                    <li>{{ val }}</li>
+                {% end %}
+            {% end %}
+          </ul></td></tr>
+        {% end %} -->
+      </tbody>
+    </table>
+  {% else %}
+    <div class="alert alert-danger" role="alert">You don't have any attributes</div>
+  {% end %}
+  <a href="?slo" class="btn btn-danger">Logout</a>
+{% else %}
+  <a href="?sso" class="btn btn-primary">Login</a> <a href="?sso2" class="btn btn-info">Login and access to attrs page</a>
+{% end %}
+
+{% end %}
diff --git a/demo-tornado/views.py b/demo-tornado/views.py
new file mode 100644
index 00000000..677cf3a8
--- /dev/null
+++ b/demo-tornado/views.py
@@ -0,0 +1,170 @@
+import tornado.ioloop
+import tornado.web
+import Settings
+import tornado.httpserver
+import tornado.httputil
+
+from onelogin.saml2.auth import OneLogin_Saml2_Auth
+from onelogin.saml2.utils import OneLogin_Saml2_Utils
+
+# Global session info
+session = {}
+
+
+class Application(tornado.web.Application):
+    def __init__(self):
+        handlers = [
+            (r"/", IndexHandler),
+            (r"/attrs", AttrsHandler),
+            (r"/metadata", MetadataHandler),
+        ]
+        settings = {"template_path": Settings.TEMPLATE_PATH, "saml_path": Settings.SAML_PATH, "autoreload": True, "debug": True}
+        tornado.web.Application.__init__(self, handlers, **settings)
+
+
+class IndexHandler(tornado.web.RequestHandler):
+    def post(self):
+        req = prepare_tornado_request(self.request)
+        auth = init_saml_auth(req)
+        error_reason = None
+        attributes = False
+        paint_logout = False
+        success_slo = False
+
+        auth.process_response()
+        errors = auth.get_errors()
+        not_auth_warn = not auth.is_authenticated()
+
+        if len(errors) == 0:
+            session["samlUserdata"] = auth.get_attributes()
+            session["samlNameId"] = auth.get_nameid()
+            session["samlSessionIndex"] = auth.get_session_index()
+            self_url = OneLogin_Saml2_Utils.get_self_url(req)
+            if "RelayState" in self.request.arguments and self_url != self.request.arguments["RelayState"][0].decode("utf-8"):
+                # To avoid 'Open Redirect' attacks, before execute the redirection confirm
+                # the value of the self.request.arguments['RelayState'][0] is a trusted URL.
+                return self.redirect(self.request.arguments["RelayState"][0].decode("utf-8"))
+        elif auth.get_settings().is_debug_active():
+            error_reason = auth.get_last_error_reason()
+
+        if "samlUserdata" in session:
+            paint_logout = True
+            if len(session["samlUserdata"]) > 0:
+                attributes = session["samlUserdata"].items()
+
+        self.render("index.html", errors=errors, error_reason=error_reason, not_auth_warn=not_auth_warn, success_slo=success_slo, attributes=attributes, paint_logout=paint_logout)
+
+    def get(self):
+        req = prepare_tornado_request(self.request)
+        auth = init_saml_auth(req)
+        error_reason = None
+        errors = []
+        not_auth_warn = False
+        success_slo = False
+        attributes = False
+        paint_logout = False
+
+        if "sso" in req["get_data"]:
+            print("-sso-")
+            return self.redirect(auth.login())
+        elif "sso2" in req["get_data"]:
+            print("-sso2-")
+            return_to = "%s/attrs" % self.request.host
+            return self.redirect(auth.login(return_to))
+        elif "slo" in req["get_data"]:
+            print("-slo-")
+            name_id = None
+            session_index = None
+            if "samlNameId" in session:
+                name_id = session["samlNameId"]
+            if "samlSessionIndex" in session:
+                session_index = session["samlSessionIndex"]
+            return self.redirect(auth.logout(name_id=name_id, session_index=session_index))
+        elif "acs" in req["get_data"]:
+            print("-acs-")
+            auth.process_response()
+            errors = auth.get_errors()
+            not_auth_warn = not auth.is_authenticated()
+            if len(errors) == 0:
+                session["samlUserdata"] = auth.get_attributes()
+                session["samlNameId"] = auth.get_nameid()
+                session["samlSessionIndex"] = auth.get_session_index()
+                self_url = OneLogin_Saml2_Utils.get_self_url(req)
+                if "RelayState" in self.request.arguments and self_url != self.request.arguments["RelayState"][0].decode("utf-8"):
+                    return self.redirect(auth.redirect_to(self.request.arguments["RelayState"][0].decode("utf-8")))
+                elif auth.get_settings().is_debug_active():
+                    error_reason = auth.get_last_error_reason()
+        elif "sls" in req["get_data"]:
+            print("-sls-")
+            dscb = lambda: session.clear()  # clear out the session
+            url = auth.process_slo(delete_session_cb=dscb)
+            errors = auth.get_errors()
+            if len(errors) == 0:
+                if url is not None:
+                    # To avoid 'Open Redirect' attacks, before execute the redirection confirm
+                    # the value of the url is a trusted URL.
+                    return self.redirect(url)
+                else:
+                    success_slo = True
+            elif auth.get_settings().is_debug_active():
+                error_reason = auth.get_last_error_reason()
+        if "samlUserdata" in session:
+            print("-samlUserdata-")
+            paint_logout = True
+            if len(session["samlUserdata"]) > 0:
+                attributes = session["samlUserdata"].items()
+                print("ATTRIBUTES", attributes)
+        self.render("index.html", errors=errors, error_reason=error_reason, not_auth_warn=not_auth_warn, success_slo=success_slo, attributes=attributes, paint_logout=paint_logout)
+
+
+class AttrsHandler(tornado.web.RequestHandler):
+    def get(self):
+        paint_logout = False
+        attributes = False
+
+        if "samlUserdata" in session:
+            paint_logout = True
+            if len(session["samlUserdata"]) > 0:
+                attributes = session["samlUserdata"].items()
+
+        self.render("attrs.html", paint_logout=paint_logout, attributes=attributes)
+
+
+class MetadataHandler(tornado.web.RequestHandler):
+    def get(self):
+        req = prepare_tornado_request(self.request)
+        auth = init_saml_auth(req)
+        saml_settings = auth.get_settings()
+        metadata = saml_settings.get_sp_metadata()
+        errors = saml_settings.validate_metadata(metadata)
+
+        if len(errors) == 0:
+            # resp = HttpResponse(content=metadata, content_type='text/xml')
+            self.set_header("Content-Type", "text/xml")
+            self.write(metadata)
+        else:
+            # resp = HttpResponseServerError(content=', '.join(errors))
+            self.write(", ".join(errors))
+        # return resp
+
+
+def prepare_tornado_request(request):
+
+    dataDict = {}
+    for key in request.arguments:
+        dataDict[key] = request.arguments[key][0].decode("utf-8")
+
+    result = {"https": "on" if request == "https" else "off", "http_host": request.host, "script_name": request.path, "get_data": dataDict, "post_data": dataDict, "query_string": request.query}
+    return result
+
+
+def init_saml_auth(req):
+    auth = OneLogin_Saml2_Auth(req, custom_base_path=Settings.SAML_PATH)
+    return auth
+
+
+if __name__ == "__main__":
+    app = Application()
+    http_server = tornado.httpserver.HTTPServer(app)
+    http_server.listen(8000)
+    tornado.ioloop.IOLoop.instance().start()
diff --git a/demo_pyramid/demo_pyramid/__init__.py b/demo_pyramid/demo_pyramid/__init__.py
index 805e51d1..02abda7b 100644
--- a/demo_pyramid/demo_pyramid/__init__.py
+++ b/demo_pyramid/demo_pyramid/__init__.py
@@ -2,18 +2,17 @@
 from pyramid.session import SignedCookieSessionFactory
 
 
-session_factory = SignedCookieSessionFactory('onelogindemopytoolkit')
+session_factory = SignedCookieSessionFactory("onelogindemopytoolkit")
 
 
 def main(global_config, **settings):
-    """ This function returns a Pyramid WSGI application.
-    """
+    """This function returns a Pyramid WSGI application."""
     config = Configurator(settings=settings)
     config.set_session_factory(session_factory)
-    config.include('pyramid_jinja2')
-    config.add_static_view('static', 'static', cache_max_age=3600)
-    config.add_route('index', '/')
-    config.add_route('attrs', '/attrs/')
-    config.add_route('metadata', '/metadata/')
+    config.include("pyramid_jinja2")
+    config.add_static_view("static", "static", cache_max_age=3600)
+    config.add_route("index", "/")
+    config.add_route("attrs", "/attrs/")
+    config.add_route("metadata", "/metadata/")
     config.scan()
     return config.make_wsgi_app()
diff --git a/demo_pyramid/demo_pyramid/saml/advanced_settings.json b/demo_pyramid/demo_pyramid/saml/advanced_settings.json
index 3115e17e..3960911a 100644
--- a/demo_pyramid/demo_pyramid/saml/advanced_settings.json
+++ b/demo_pyramid/demo_pyramid/saml/advanced_settings.json
@@ -10,8 +10,10 @@
         "wantNameId" : true,
         "wantNameIdEncrypted": false,
         "wantAssertionsEncrypted": false,
-        "signatureAlgorithm": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
-        "digestAlgorithm": "http://www.w3.org/2000/09/xmldsig#sha1"
+        "allowSingleLabelDomains": false,
+        "signatureAlgorithm": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
+        "digestAlgorithm": "http://www.w3.org/2001/04/xmlenc#sha256",
+        "rejectDeprecatedAlgorithm": true
     },
     "contactPerson": {
         "technical": {
diff --git a/demo_pyramid/demo_pyramid/saml/certs/README b/demo_pyramid/demo_pyramid/saml/certs/README
index 7e837fb9..ed973e05 100644
--- a/demo_pyramid/demo_pyramid/saml/certs/README
+++ b/demo_pyramid/demo_pyramid/saml/certs/README
@@ -1,6 +1,6 @@
 Take care of this folder that could contain private key. Be sure that this folder never is published.
 
-Onelogin Python Toolkit expects that certs for the SP could be stored in this folder as:
+SAML Python Toolkit expects that certs for the SP could be stored in this folder as:
 
  * sp.key     Private Key
  * sp.crt     Public cert
diff --git a/demo_pyramid/demo_pyramid/tests.py b/demo_pyramid/demo_pyramid/tests.py
index 58882283..f2a171cf 100644
--- a/demo_pyramid/demo_pyramid/tests.py
+++ b/demo_pyramid/demo_pyramid/tests.py
@@ -12,18 +12,21 @@ def tearDown(self):
 
     def test_my_view(self):
         from .views import my_view
+
         request = testing.DummyRequest()
         info = my_view(request)
-        self.assertEqual(info['project'], 'demo_pyramid')
+        self.assertEqual(info["project"], "demo_pyramid")
 
 
 class FunctionalTests(unittest.TestCase):
     def setUp(self):
         from demo_pyramid import main
+
         app = main({})
         from webtest import TestApp
+
         self.testapp = TestApp(app)
 
     def test_root(self):
-        res = self.testapp.get('/', status=200)
-        self.assertTrue(b'Pyramid' in res.body)
+        res = self.testapp.get("/", status=200)
+        self.assertTrue(b"Pyramid" in res.body)
diff --git a/demo_pyramid/demo_pyramid/views.py b/demo_pyramid/demo_pyramid/views.py
index 86814a99..98852671 100644
--- a/demo_pyramid/demo_pyramid/views.py
+++ b/demo_pyramid/demo_pyramid/views.py
@@ -1,12 +1,16 @@
 import os
 
-from pyramid.httpexceptions import (HTTPFound, HTTPInternalServerError, HTTPOk,)
+from pyramid.httpexceptions import (
+    HTTPFound,
+    HTTPInternalServerError,
+    HTTPOk,
+)
 from pyramid.view import view_config
 
 from onelogin.saml2.auth import OneLogin_Saml2_Auth
 from onelogin.saml2.utils import OneLogin_Saml2_Utils
 
-SAML_PATH = os.path.join(os.path.dirname(__file__), 'saml')
+SAML_PATH = os.path.join(os.path.dirname(__file__), "saml")
 
 
 def init_saml_auth(req):
@@ -15,20 +19,25 @@ def init_saml_auth(req):
 
 
 def prepare_pyramid_request(request):
-    # If server is behind proxys or balancers use the HTTP_X_FORWARDED fields
+    # Uncomment this portion to set the request.scheme
+    # based on the supplied `X-Forwarded` headers.
+    # Useful for running behind reverse proxies or balancers.
+    #
+    # if 'X-Forwarded-Proto' in request.headers:
+    #    request.scheme = request.headers['X-Forwarded-Proto']
+
     return {
-        'https': 'on' if request.scheme == 'https' else 'off',
-        'http_host': request.host,
-        'server_port': request.server_port,
-        'script_name': request.path,
-        'get_data': request.GET.copy(),
+        "https": "on" if request.scheme == "https" else "off",
+        "http_host": request.host,
+        "script_name": request.path,
+        "get_data": request.GET.copy(),
         # Uncomment if using ADFS as IdP, https://github.com/onelogin/python-saml/pull/144
         # 'lowercase_urlencoding': True,
-        'post_data': request.POST.copy(),
+        "post_data": request.POST.copy(),
     }
 
 
-@view_config(route_name='index', renderer='templates/index.jinja2')
+@view_config(route_name="index", renderer="templates/index.jinja2")
 def index(request):
     req = prepare_pyramid_request(request)
     auth = init_saml_auth(req)
@@ -41,77 +50,81 @@ def index(request):
 
     session = request.session
 
-    if 'sso' in request.GET:
+    if "sso" in request.GET:
         return HTTPFound(auth.login())
-    elif 'sso2' in request.GET:
-        return_to = '%s/attrs/' % request.host_url
+    elif "sso2" in request.GET:
+        return_to = "%s/attrs/" % request.host_url
         return HTTPFound(auth.login(return_to))
-    elif 'slo' in request.GET:
+    elif "slo" in request.GET:
         name_id = None
         session_index = None
-        if 'samlNameId' in session:
-            name_id = session['samlNameId']
-        if 'samlSessionIndex' in session:
-            session_index = session['samlSessionIndex']
+        if "samlNameId" in session:
+            name_id = session["samlNameId"]
+        if "samlSessionIndex" in session:
+            session_index = session["samlSessionIndex"]
 
         return HTTPFound(auth.logout(name_id=name_id, session_index=session_index))
-    elif 'acs' in request.GET:
+    elif "acs" in request.GET:
         auth.process_response()
         errors = auth.get_errors()
         not_auth_warn = not auth.is_authenticated()
         if len(errors) == 0:
-            session['samlUserdata'] = auth.get_attributes()
-            session['samlNameId'] = auth.get_nameid()
-            session['samlSessionIndex'] = auth.get_session_index()
+            session["samlUserdata"] = auth.get_attributes()
+            session["samlNameId"] = auth.get_nameid()
+            session["samlSessionIndex"] = auth.get_session_index()
             self_url = OneLogin_Saml2_Utils.get_self_url(req)
-            if 'RelayState' in request.POST and self_url != request.POST['RelayState']:
-                return HTTPFound(auth.redirect_to(request.POST['RelayState']))
+            if "RelayState" in request.POST and self_url != request.POST["RelayState"]:
+                # To avoid 'Open Redirect' attacks, before execute the redirection confirm
+                # the value of the request.POST['RelayState'] is a trusted URL.
+                return HTTPFound(auth.redirect_to(request.POST["RelayState"]))
         else:
             error_reason = auth.get_last_error_reason()
-    elif 'sls' in request.GET:
+    elif "sls" in request.GET:
         dscb = lambda: session.clear()
         url = auth.process_slo(delete_session_cb=dscb)
         errors = auth.get_errors()
         if len(errors) == 0:
             if url is not None:
+                # To avoid 'Open Redirect' attacks, before execute the redirection confirm
+                # the value of the url is a trusted URL.
                 return HTTPFound(url)
             else:
                 success_slo = True
 
-    if 'samlUserdata' in session:
+    if "samlUserdata" in session:
         paint_logout = True
-        if len(session['samlUserdata']) > 0:
-            attributes = session['samlUserdata'].items()
+        if len(session["samlUserdata"]) > 0:
+            attributes = session["samlUserdata"].items()
 
     return {
-        'errors': errors,
-        'error_reason': error_reason,
-        'not_auth_warn': not_auth_warn,
-        'success_slo': success_slo,
-        'attributes': attributes,
-        'paint_logout': paint_logout,
+        "errors": errors,
+        "error_reason": error_reason,
+        "not_auth_warn": not_auth_warn,
+        "success_slo": success_slo,
+        "attributes": attributes,
+        "paint_logout": paint_logout,
     }
 
 
-@view_config(route_name='attrs', renderer='templates/attrs.jinja2')
+@view_config(route_name="attrs", renderer="templates/attrs.jinja2")
 def attrs(request):
     paint_logout = False
     attributes = False
 
     session = request.session
 
-    if 'samlUserdata' in session:
+    if "samlUserdata" in session:
         paint_logout = True
-        if len(session['samlUserdata']) > 0:
-            attributes = session['samlUserdata'].items()
+        if len(session["samlUserdata"]) > 0:
+            attributes = session["samlUserdata"].items()
 
     return {
-        'paint_logout': paint_logout,
-        'attributes': attributes,
+        "paint_logout": paint_logout,
+        "attributes": attributes,
     }
 
 
-@view_config(route_name='metadata', renderer='html')
+@view_config(route_name="metadata", renderer="html")
 def metadata(request):
     req = prepare_pyramid_request(request)
     auth = init_saml_auth(req)
@@ -120,7 +133,7 @@ def metadata(request):
     errors = settings.validate_metadata(metadata)
 
     if len(errors) == 0:
-        resp = HTTPOk(body=metadata, headers={'Content-Type': 'text/xml'})
+        resp = HTTPOk(body=metadata, headers={"Content-Type": "text/xml"})
     else:
-        resp = HTTPInternalServerError(body=', '.join(errors))
+        resp = HTTPInternalServerError(body=", ".join(errors))
     return resp
diff --git a/demo_pyramid/setup.py b/demo_pyramid/setup.py
index 50291385..1c61bcbc 100644
--- a/demo_pyramid/setup.py
+++ b/demo_pyramid/setup.py
@@ -3,52 +3,52 @@
 from setuptools import setup, find_packages
 
 here = os.path.abspath(os.path.dirname(__file__))
-with open(os.path.join(here, 'README.txt')) as f:
+with open(os.path.join(here, "README.txt")) as f:
     README = f.read()
-with open(os.path.join(here, 'CHANGES.txt')) as f:
+with open(os.path.join(here, "CHANGES.txt")) as f:
     CHANGES = f.read()
 
 requires = [
-    'pyramid',
-    'pyramid_jinja2',
-    'pyramid_debugtoolbar',
-    'waitress',
-    'xmlsec',
-    'isodate',
-    'python3-saml',
+    "pyramid",
+    "pyramid_jinja2",
+    "pyramid_debugtoolbar",
+    "waitress",
+    "xmlsec",
+    "isodate",
+    "python3-saml",
 ]
 
 tests_require = [
-    'WebTest >= 1.3.1',  # py3 compat
-    'pytest',
-    'pytest-cov',
+    "WebTest >= 1.3.1",  # py3 compat
+    "pytest",
+    "pytest-cov",
 ]
 
 setup(
-    name='demo_pyramid',
-    version='0.0',
-    description='demo_pyramid',
-    long_description=README + '\n\n' + CHANGES,
+    name="demo_pyramid",
+    version="0.0",
+    description="demo_pyramid",
+    long_description=README + "\n\n" + CHANGES,
     classifiers=[
-        'Programming Language :: Python',
-        'Framework :: Pyramid',
-        'Topic :: Internet :: WWW/HTTP',
-        'Topic :: Internet :: WWW/HTTP :: WSGI :: Application',
+        "Programming Language :: Python",
+        "Framework :: Pyramid",
+        "Topic :: Internet :: WWW/HTTP",
+        "Topic :: Internet :: WWW/HTTP :: WSGI :: Application",
     ],
-    author='',
-    author_email='',
-    url='',
-    keywords='web pyramid pylons',
+    author="",
+    author_email="",
+    url="",
+    keywords="web pyramid pylons",
     packages=find_packages(),
     include_package_data=True,
     zip_safe=False,
     extras_require={
-        'testing': tests_require,
+        "testing": tests_require,
     },
     install_requires=requires,
     entry_points={
-        'paste.app_factory': [
-            'main = demo_pyramid:main',
+        "paste.app_factory": [
+            "main = demo_pyramid:main",
         ],
     },
 )
diff --git a/docs/SAML_Python3_Toolkit_Guide.pdf b/docs/SAML_Python3_Toolkit_Guide.pdf
new file mode 100644
index 00000000..3425fb19
Binary files /dev/null and b/docs/SAML_Python3_Toolkit_Guide.pdf differ
diff --git a/docs/saml2/.buildinfo b/docs/saml2/.buildinfo
deleted file mode 100644
index 5e197dbf..00000000
--- a/docs/saml2/.buildinfo
+++ /dev/null
@@ -1,4 +0,0 @@
-# Sphinx build info version 1
-# This file hashes the configuration used when building these files. When it is not found, a full rebuild will be done.
-config: e10660514f5c62e16e90878c60a15170
-tags: fbb0d17656682115ca4d033fb2f83ba1
diff --git a/docs/saml2/_modules/index.html b/docs/saml2/_modules/index.html
index d672e465..decb1d07 100644
--- a/docs/saml2/_modules/index.html
+++ b/docs/saml2/_modules/index.html
@@ -1,101 +1,116 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>Overview: module code &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../" id="documentation_options" src="../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../_static/doctools.js?v=888ff710"></script>
+        <script src="../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../genindex.html" />
+    <link rel="search" title="Search" href="../search.html" /> 
+</head>
 
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
 
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+          
+          
+          <a href="../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../onelogin.html">onelogin package</a></li>
+</ul>
 
+        </div>
+      </div>
+    </nav>
 
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>Overview: module code &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="../_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '../',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="../_static/jquery.js"></script>
-    <script type="text/javascript" src="../_static/underscore.js"></script>
-    <script type="text/javascript" src="../_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="../index.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li> 
-      </ul>
-    </div>  
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
 
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../index.html" class="icon icon-home" aria-label="Home"></a></li>
+      <li class="breadcrumb-item active">Overview: module code</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
   <h1>All modules for which code is available</h1>
-<ul><li><a href="saml2/auth.html">saml2.auth</a></li>
-<li><a href="saml2/authn_request.html">saml2.authn_request</a></li>
-<li><a href="saml2/constants.html">saml2.constants</a></li>
-<li><a href="saml2/errors.html">saml2.errors</a></li>
-<li><a href="saml2/logout_request.html">saml2.logout_request</a></li>
-<li><a href="saml2/logout_response.html">saml2.logout_response</a></li>
-<li><a href="saml2/metadata.html">saml2.metadata</a></li>
-<li><a href="saml2/response.html">saml2.response</a></li>
-<li><a href="saml2/settings.html">saml2.settings</a></li>
-<li><a href="saml2/utils.html">saml2.utils</a></li>
+<ul><li><a href="lxml/etree.html">lxml.etree</a></li>
+<li><a href="onelogin/saml2/auth.html">onelogin.saml2.auth</a></li>
+<li><a href="onelogin/saml2/authn_request.html">onelogin.saml2.authn_request</a></li>
+<li><a href="onelogin/saml2/compat.html">onelogin.saml2.compat</a></li>
+<li><a href="onelogin/saml2/constants.html">onelogin.saml2.constants</a></li>
+<li><a href="onelogin/saml2/errors.html">onelogin.saml2.errors</a></li>
+<li><a href="onelogin/saml2/idp_metadata_parser.html">onelogin.saml2.idp_metadata_parser</a></li>
+<li><a href="onelogin/saml2/logout_request.html">onelogin.saml2.logout_request</a></li>
+<li><a href="onelogin/saml2/logout_response.html">onelogin.saml2.logout_response</a></li>
+<li><a href="onelogin/saml2/metadata.html">onelogin.saml2.metadata</a></li>
+<li><a href="onelogin/saml2/response.html">onelogin.saml2.response</a></li>
+<li><a href="onelogin/saml2/settings.html">onelogin.saml2.settings</a></li>
+<li><a href="onelogin/saml2/utils.html">onelogin.saml2.utils</a></li>
+<li><a href="onelogin/saml2/xml_templates.html">onelogin.saml2.xml_templates</a></li>
+<li><a href="onelogin/saml2/xml_utils.html">onelogin.saml2.xml_utils</a></li>
+<li><a href="onelogin/saml2/xmlparser.html">onelogin.saml2.xmlparser</a></li>
 </ul>
 
+           </div>
           </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
         </div>
       </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="../search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
 </html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/auth.html b/docs/saml2/_modules/onelogin/saml2/auth.html
new file mode 100644
index 00000000..b202bed0
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/auth.html
@@ -0,0 +1,865 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.auth &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.auth</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.auth</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; OneLogin_Saml2_Auth class</span>
+
+
+<span class="sd">Main class of SAML Python Toolkit.</span>
+
+<span class="sd">Initializes the SP SAML instance</span>
+
+<span class="sd">&quot;&quot;&quot;</span>
+
+<span class="kn">import</span> <span class="nn">xmlsec</span>
+
+<span class="kn">from</span> <span class="nn">onelogin.saml2</span> <span class="kn">import</span> <span class="n">compat</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.authn_request</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Authn_Request</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.logout_request</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Logout_Request</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.logout_response</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Logout_Response</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.response</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Response</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.settings</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Settings</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">,</span> <span class="n">OneLogin_Saml2_ValidationError</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.xmlparser</span> <span class="kn">import</span> <span class="n">tostring</span>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Auth</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+
+<span class="sd">    This class implements the SP SAML instance.</span>
+
+<span class="sd">    Defines the methods that you can invoke in your application in</span>
+<span class="sd">    order to add SAML support (initiates SSO, initiates SLO, processes a</span>
+<span class="sd">    SAML Response, a Logout Request or a Logout Response).</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="n">authn_request_class</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Authn_Request</span>
+    <span class="n">logout_request_class</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Logout_Request</span>
+    <span class="n">logout_response_class</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Logout_Response</span>
+    <span class="n">response_class</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Response</span>
+
+    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">request_data</span><span class="p">,</span> <span class="n">old_settings</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">custom_base_path</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Initializes the SP SAML instance.</span>
+
+<span class="sd">        :param request_data: Request Data</span>
+<span class="sd">        :type request_data: dict</span>
+
+<span class="sd">        :param old_settings: Optional. SAML Toolkit Settings</span>
+<span class="sd">        :type old_settings: dict</span>
+
+<span class="sd">        :param custom_base_path: Optional. Path where are stored the settings file and the cert folder</span>
+<span class="sd">        :type custom_base_path: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span> <span class="o">=</span> <span class="n">request_data</span>
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">old_settings</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Settings</span><span class="p">):</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span> <span class="o">=</span> <span class="n">old_settings</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Settings</span><span class="p">(</span><span class="n">old_settings</span><span class="p">,</span> <span class="n">custom_base_path</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_attributes</span> <span class="o">=</span> <span class="nb">dict</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_friendlyname_attributes</span> <span class="o">=</span> <span class="nb">dict</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_nameid</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_nameid_format</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_nameid_nq</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_nameid_spnq</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_session_index</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_session_expiration</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_authenticated</span> <span class="o">=</span> <span class="kc">False</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span> <span class="o">=</span> <span class="p">[]</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_error_reason</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_request_id</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_message_id</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_assertion_id</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_assertion_issue_instant</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_authn_contexts</span> <span class="o">=</span> <span class="p">[]</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_request</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_response</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_response_in_response_to</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_assertion_not_on_or_after</span> <span class="o">=</span> <span class="kc">None</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_settings"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_settings">[docs]</a>    <span class="k">def</span> <span class="nf">get_settings</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the settings info</span>
+<span class="sd">        :return: Setting info</span>
+<span class="sd">        :rtype: OneLogin_Saml2_Setting object</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.set_strict"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.set_strict">[docs]</a>    <span class="k">def</span> <span class="nf">set_strict</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Set the strict mode active/disable</span>
+
+<span class="sd">        :param value:</span>
+<span class="sd">        :type value: bool</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">value</span><span class="p">,</span> <span class="nb">bool</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">set_strict</span><span class="p">(</span><span class="n">value</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.store_valid_response"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.store_valid_response">[docs]</a>    <span class="k">def</span> <span class="nf">store_valid_response</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">response</span><span class="p">):</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_attributes</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_attributes</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_friendlyname_attributes</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_friendlyname_attributes</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_nameid</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_nameid</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_nameid_format</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_nameid_format</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_nameid_nq</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_nameid_nq</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_nameid_spnq</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_nameid_spnq</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_session_index</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_session_index</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_session_expiration</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_session_not_on_or_after</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_message_id</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_id</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_assertion_id</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_assertion_id</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_assertion_issue_instant</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_assertion_issue_instant</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_authn_contexts</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_authn_contexts</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_authenticated</span> <span class="o">=</span> <span class="kc">True</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_response_in_response_to</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_in_response_to</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_assertion_not_on_or_after</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_assertion_not_on_or_after</span><span class="p">()</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.process_response"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.process_response">[docs]</a>    <span class="k">def</span> <span class="nf">process_response</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">request_id</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Process the SAML Response sent by the IdP.</span>
+
+<span class="sd">        :param request_id: Is an optional argument. Is the ID of the AuthNRequest sent by this SP to the IdP.</span>
+<span class="sd">        :type request_id: string</span>
+
+<span class="sd">        :raises: OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND, when a POST with a SAMLResponse is not found</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span> <span class="o">=</span> <span class="p">[]</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_error_reason</span> <span class="o">=</span> <span class="kc">None</span>
+
+        <span class="k">if</span> <span class="s1">&#39;post_data&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span> <span class="ow">and</span> <span class="s1">&#39;SAMLResponse&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="p">[</span><span class="s1">&#39;post_data&#39;</span><span class="p">]:</span>
+            <span class="c1"># AuthnResponse -- HTTP_POST Binding</span>
+            <span class="n">response</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">response_class</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="p">[</span><span class="s1">&#39;post_data&#39;</span><span class="p">][</span><span class="s1">&#39;SAMLResponse&#39;</span><span class="p">])</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_last_response</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_xml_document</span><span class="p">()</span>
+
+            <span class="k">if</span> <span class="n">response</span><span class="o">.</span><span class="n">is_valid</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="p">,</span> <span class="n">request_id</span><span class="p">):</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">store_valid_response</span><span class="p">(</span><span class="n">response</span><span class="p">)</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;invalid_response&#39;</span><span class="p">)</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_error_reason</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_error</span><span class="p">()</span>
+
+        <span class="k">else</span><span class="p">:</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;invalid_binding&#39;</span><span class="p">)</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                <span class="s1">&#39;SAML Response not found, Only supported HTTP_POST Binding&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SAML_RESPONSE_NOT_FOUND</span>
+            <span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.process_slo"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.process_slo">[docs]</a>    <span class="k">def</span> <span class="nf">process_slo</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">keep_local_session</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">request_id</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">delete_session_cb</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Process the SAML Logout Response / Logout Request sent by the IdP.</span>
+
+<span class="sd">        :param keep_local_session: When false will destroy the local session, otherwise will destroy it</span>
+<span class="sd">        :type keep_local_session: bool</span>
+
+<span class="sd">        :param request_id: The ID of the LogoutRequest sent by this SP to the IdP</span>
+<span class="sd">        :type request_id: string</span>
+
+<span class="sd">        :returns: Redirection url</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span> <span class="o">=</span> <span class="p">[]</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_error_reason</span> <span class="o">=</span> <span class="kc">None</span>
+
+        <span class="n">get_data</span> <span class="o">=</span> <span class="s1">&#39;get_data&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span> <span class="ow">and</span> <span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="p">[</span><span class="s1">&#39;get_data&#39;</span><span class="p">]</span>
+        <span class="k">if</span> <span class="n">get_data</span> <span class="ow">and</span> <span class="s1">&#39;SAMLResponse&#39;</span> <span class="ow">in</span> <span class="n">get_data</span><span class="p">:</span>
+            <span class="n">logout_response</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">logout_response_class</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="p">,</span> <span class="n">get_data</span><span class="p">[</span><span class="s1">&#39;SAMLResponse&#39;</span><span class="p">])</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_last_response</span> <span class="o">=</span> <span class="n">logout_response</span><span class="o">.</span><span class="n">get_xml</span><span class="p">()</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">validate_response_signature</span><span class="p">(</span><span class="n">get_data</span><span class="p">):</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;invalid_logout_response_signature&#39;</span><span class="p">)</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;Signature validation failed. Logout Response rejected&#39;</span><span class="p">)</span>
+            <span class="k">elif</span> <span class="ow">not</span> <span class="n">logout_response</span><span class="o">.</span><span class="n">is_valid</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="p">,</span> <span class="n">request_id</span><span class="p">):</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;invalid_logout_response&#39;</span><span class="p">)</span>
+            <span class="k">elif</span> <span class="n">logout_response</span><span class="o">.</span><span class="n">get_status</span><span class="p">()</span> <span class="o">!=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">STATUS_SUCCESS</span><span class="p">:</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;logout_not_success&#39;</span><span class="p">)</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_last_message_id</span> <span class="o">=</span> <span class="n">logout_response</span><span class="o">.</span><span class="n">id</span>
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">keep_local_session</span><span class="p">:</span>
+                    <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">delete_local_session</span><span class="p">(</span><span class="n">delete_session_cb</span><span class="p">)</span>
+
+        <span class="k">elif</span> <span class="n">get_data</span> <span class="ow">and</span> <span class="s1">&#39;SAMLRequest&#39;</span> <span class="ow">in</span> <span class="n">get_data</span><span class="p">:</span>
+            <span class="n">logout_request</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">logout_request_class</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="p">,</span> <span class="n">get_data</span><span class="p">[</span><span class="s1">&#39;SAMLRequest&#39;</span><span class="p">])</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_last_request</span> <span class="o">=</span> <span class="n">logout_request</span><span class="o">.</span><span class="n">get_xml</span><span class="p">()</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">validate_request_signature</span><span class="p">(</span><span class="n">get_data</span><span class="p">):</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s2">&quot;invalid_logout_request_signature&quot;</span><span class="p">)</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;Signature validation failed. Logout Request rejected&#39;</span><span class="p">)</span>
+            <span class="k">elif</span> <span class="ow">not</span> <span class="n">logout_request</span><span class="o">.</span><span class="n">is_valid</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="p">):</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;invalid_logout_request&#39;</span><span class="p">)</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">keep_local_session</span><span class="p">:</span>
+                    <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">delete_local_session</span><span class="p">(</span><span class="n">delete_session_cb</span><span class="p">)</span>
+
+                <span class="n">in_response_to</span> <span class="o">=</span> <span class="n">logout_request</span><span class="o">.</span><span class="n">id</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_last_message_id</span> <span class="o">=</span> <span class="n">logout_request</span><span class="o">.</span><span class="n">id</span>
+                <span class="n">response_builder</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">logout_response_class</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="p">)</span>
+                <span class="n">response_builder</span><span class="o">.</span><span class="n">build</span><span class="p">(</span><span class="n">in_response_to</span><span class="p">)</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_last_response</span> <span class="o">=</span> <span class="n">response_builder</span><span class="o">.</span><span class="n">get_xml</span><span class="p">()</span>
+                <span class="n">logout_response</span> <span class="o">=</span> <span class="n">response_builder</span><span class="o">.</span><span class="n">get_response</span><span class="p">()</span>
+
+                <span class="n">parameters</span> <span class="o">=</span> <span class="p">{</span><span class="s1">&#39;SAMLResponse&#39;</span><span class="p">:</span> <span class="n">logout_response</span><span class="p">}</span>
+                <span class="k">if</span> <span class="s1">&#39;RelayState&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="p">[</span><span class="s1">&#39;get_data&#39;</span><span class="p">]:</span>
+                    <span class="n">parameters</span><span class="p">[</span><span class="s1">&#39;RelayState&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="p">[</span><span class="s1">&#39;get_data&#39;</span><span class="p">][</span><span class="s1">&#39;RelayState&#39;</span><span class="p">]</span>
+
+                <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
+                <span class="k">if</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;logoutResponseSigned&#39;</span><span class="p">]:</span>
+                    <span class="bp">self</span><span class="o">.</span><span class="n">add_response_signature</span><span class="p">(</span><span class="n">parameters</span><span class="p">,</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;signatureAlgorithm&#39;</span><span class="p">])</span>
+
+                <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">redirect_to</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">get_slo_response_url</span><span class="p">(),</span> <span class="n">parameters</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;invalid_binding&#39;</span><span class="p">)</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                <span class="s1">&#39;SAML LogoutRequest/LogoutResponse not found. Only supported HTTP_REDIRECT Binding&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SAML_LOGOUTMESSAGE_NOT_FOUND</span>
+            <span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.redirect_to"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.redirect_to">[docs]</a>    <span class="k">def</span> <span class="nf">redirect_to</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">url</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">parameters</span><span class="o">=</span><span class="p">{}):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Redirects the user to the URL passed by parameter or to the URL that we defined in our SSO Request.</span>
+
+<span class="sd">        :param url: The target URL to redirect the user</span>
+<span class="sd">        :type url: string</span>
+<span class="sd">        :param parameters: Extra parameters to be passed as part of the URL</span>
+<span class="sd">        :type parameters: dict</span>
+
+<span class="sd">        :returns: Redirection URL</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="n">url</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">and</span> <span class="s1">&#39;RelayState&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="p">[</span><span class="s1">&#39;get_data&#39;</span><span class="p">]:</span>
+            <span class="n">url</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="p">[</span><span class="s1">&#39;get_data&#39;</span><span class="p">][</span><span class="s1">&#39;RelayState&#39;</span><span class="p">]</span>
+        <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">redirect</span><span class="p">(</span><span class="n">url</span><span class="p">,</span> <span class="n">parameters</span><span class="p">,</span> <span class="n">request_data</span><span class="o">=</span><span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.is_authenticated"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.is_authenticated">[docs]</a>    <span class="k">def</span> <span class="nf">is_authenticated</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Checks if the user is authenticated or not.</span>
+
+<span class="sd">        :returns: True if is authenticated, False if not</span>
+<span class="sd">        :rtype: bool</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_authenticated</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_attributes"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_attributes">[docs]</a>    <span class="k">def</span> <span class="nf">get_attributes</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the set of SAML attributes.</span>
+
+<span class="sd">        :returns: SAML attributes</span>
+<span class="sd">        :rtype: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_attributes</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_friendlyname_attributes"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_friendlyname_attributes">[docs]</a>    <span class="k">def</span> <span class="nf">get_friendlyname_attributes</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the set of SAML attributes indexed by FiendlyName.</span>
+
+<span class="sd">        :returns: SAML attributes</span>
+<span class="sd">        :rtype: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_friendlyname_attributes</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_nameid"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid">[docs]</a>    <span class="k">def</span> <span class="nf">get_nameid</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the nameID.</span>
+
+<span class="sd">        :returns: NameID</span>
+<span class="sd">        :rtype: string|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_nameid</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_nameid_format"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_format">[docs]</a>    <span class="k">def</span> <span class="nf">get_nameid_format</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the nameID Format.</span>
+
+<span class="sd">        :returns: NameID Format</span>
+<span class="sd">        :rtype: string|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_nameid_format</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_nameid_nq"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_nq">[docs]</a>    <span class="k">def</span> <span class="nf">get_nameid_nq</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the nameID NameQualifier of the Assertion.</span>
+
+<span class="sd">        :returns: NameID NameQualifier</span>
+<span class="sd">        :rtype: string|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_nameid_nq</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_nameid_spnq"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_spnq">[docs]</a>    <span class="k">def</span> <span class="nf">get_nameid_spnq</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the nameID SP NameQualifier of the Assertion.</span>
+
+<span class="sd">        :returns: NameID SP NameQualifier</span>
+<span class="sd">        :rtype: string|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_nameid_spnq</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_session_index"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_session_index">[docs]</a>    <span class="k">def</span> <span class="nf">get_session_index</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the SessionIndex from the AuthnStatement.</span>
+<span class="sd">        :returns: The SessionIndex of the assertion</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_index</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_session_expiration"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_session_expiration">[docs]</a>    <span class="k">def</span> <span class="nf">get_session_expiration</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the SessionNotOnOrAfter from the AuthnStatement.</span>
+<span class="sd">        :returns: The SessionNotOnOrAfter of the assertion</span>
+<span class="sd">        :rtype: unix/posix timestamp|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_session_expiration</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_last_assertion_not_on_or_after"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_not_on_or_after">[docs]</a>    <span class="k">def</span> <span class="nf">get_last_assertion_not_on_or_after</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        The NotOnOrAfter value of the valid SubjectConfirmationData node</span>
+<span class="sd">        (if any) of the last assertion processed</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_last_assertion_not_on_or_after</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_errors"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_errors">[docs]</a>    <span class="k">def</span> <span class="nf">get_errors</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns a list with code errors if something went wrong</span>
+
+<span class="sd">        :returns: List of errors</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_last_error_reason"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_error_reason">[docs]</a>    <span class="k">def</span> <span class="nf">get_last_error_reason</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the reason for the last error</span>
+
+<span class="sd">        :returns: Reason of the last error</span>
+<span class="sd">        :rtype: None | string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_error_reason</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_attribute"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_attribute">[docs]</a>    <span class="k">def</span> <span class="nf">get_attribute</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">name</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the requested SAML attribute.</span>
+
+<span class="sd">        :param name: Name of the attribute</span>
+<span class="sd">        :type name: string</span>
+
+<span class="sd">        :returns: Attribute value(s) if exists or None</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">name</span><span class="p">,</span> <span class="n">compat</span><span class="o">.</span><span class="n">str_type</span><span class="p">)</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_attributes</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">name</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_friendlyname_attribute"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_friendlyname_attribute">[docs]</a>    <span class="k">def</span> <span class="nf">get_friendlyname_attribute</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">friendlyname</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the requested SAML attribute searched by FriendlyName.</span>
+
+<span class="sd">        :param friendlyname: FriendlyName of the attribute</span>
+<span class="sd">        :type friendlyname: string</span>
+
+<span class="sd">        :returns: Attribute value(s) if exists or None</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">friendlyname</span><span class="p">,</span> <span class="n">compat</span><span class="o">.</span><span class="n">str_type</span><span class="p">)</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_friendlyname_attributes</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">friendlyname</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_last_request_id"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_request_id">[docs]</a>    <span class="k">def</span> <span class="nf">get_last_request_id</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        :returns: The ID of the last Request SAML message generated.</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_last_request_id</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_last_message_id"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_message_id">[docs]</a>    <span class="k">def</span> <span class="nf">get_last_message_id</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        :returns: The ID of the last Response SAML message processed.</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_last_message_id</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_last_assertion_id"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_id">[docs]</a>    <span class="k">def</span> <span class="nf">get_last_assertion_id</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        :returns: The ID of the last assertion processed.</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_last_assertion_id</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_last_assertion_issue_instant"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_issue_instant">[docs]</a>    <span class="k">def</span> <span class="nf">get_last_assertion_issue_instant</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        :returns: The IssueInstant of the last assertion processed.</span>
+<span class="sd">        :rtype: unix/posix timestamp|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_last_assertion_issue_instant</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_last_authn_contexts"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_authn_contexts">[docs]</a>    <span class="k">def</span> <span class="nf">get_last_authn_contexts</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        :returns: The list of authentication contexts sent in the last SAML Response.</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_last_authn_contexts</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_last_response_in_response_to"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_response_in_response_to">[docs]</a>    <span class="k">def</span> <span class="nf">get_last_response_in_response_to</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        :returns: InResponseTo attribute of the last Response SAML processed or None if it is not present.</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_last_response_in_response_to</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.login"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.login">[docs]</a>    <span class="k">def</span> <span class="nf">login</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">return_to</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">force_authn</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">is_passive</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">set_nameid_policy</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span> <span class="n">name_id_value_req</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Initiates the SSO process.</span>
+
+<span class="sd">        :param return_to: Optional argument. The target URL the user should be redirected to after login.</span>
+<span class="sd">        :type return_to: string</span>
+
+<span class="sd">        :param force_authn: Optional argument. When true the AuthNRequest will set the ForceAuthn=&#39;true&#39;.</span>
+<span class="sd">        :type force_authn: bool</span>
+
+<span class="sd">        :param is_passive: Optional argument. When true the AuthNRequest will set the Ispassive=&#39;true&#39;.</span>
+<span class="sd">        :type is_passive: bool</span>
+
+<span class="sd">        :param set_nameid_policy: Optional argument. When true the AuthNRequest will set a nameIdPolicy element.</span>
+<span class="sd">        :type set_nameid_policy: bool</span>
+
+<span class="sd">        :param name_id_value_req: Optional argument. Indicates to the IdP the subject that should be authenticated</span>
+<span class="sd">        :type name_id_value_req: string</span>
+
+<span class="sd">        :returns: Redirection URL</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">authn_request</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">authn_request_class</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="p">,</span> <span class="n">force_authn</span><span class="p">,</span> <span class="n">is_passive</span><span class="p">,</span> <span class="n">set_nameid_policy</span><span class="p">,</span> <span class="n">name_id_value_req</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_request</span> <span class="o">=</span> <span class="n">authn_request</span><span class="o">.</span><span class="n">get_xml</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_request_id</span> <span class="o">=</span> <span class="n">authn_request</span><span class="o">.</span><span class="n">get_id</span><span class="p">()</span>
+
+        <span class="n">saml_request</span> <span class="o">=</span> <span class="n">authn_request</span><span class="o">.</span><span class="n">get_request</span><span class="p">()</span>
+        <span class="n">parameters</span> <span class="o">=</span> <span class="p">{</span><span class="s1">&#39;SAMLRequest&#39;</span><span class="p">:</span> <span class="n">saml_request</span><span class="p">}</span>
+
+        <span class="k">if</span> <span class="n">return_to</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">parameters</span><span class="p">[</span><span class="s1">&#39;RelayState&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">return_to</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">parameters</span><span class="p">[</span><span class="s1">&#39;RelayState&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_no_query</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="p">)</span>
+
+        <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
+        <span class="k">if</span> <span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;authnRequestsSigned&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">):</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">add_request_signature</span><span class="p">(</span><span class="n">parameters</span><span class="p">,</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;signatureAlgorithm&#39;</span><span class="p">])</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">redirect_to</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">get_sso_url</span><span class="p">(),</span> <span class="n">parameters</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.logout"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.logout">[docs]</a>    <span class="k">def</span> <span class="nf">logout</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">return_to</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">name_id</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">session_index</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">nq</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">name_id_format</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">spnq</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Initiates the SLO process.</span>
+
+<span class="sd">        :param return_to: Optional argument. The target URL the user should be redirected to after logout.</span>
+<span class="sd">        :type return_to: string</span>
+
+<span class="sd">        :param name_id: The NameID that will be set in the LogoutRequest.</span>
+<span class="sd">        :type name_id: string</span>
+
+<span class="sd">        :param session_index: SessionIndex that identifies the session of the user.</span>
+<span class="sd">        :type session_index: string</span>
+
+<span class="sd">        :param nq: IDP Name Qualifier</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param name_id_format: The NameID Format that will be set in the LogoutRequest.</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param spnq: SP Name Qualifier</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :returns: Redirection URL</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">slo_url</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_slo_url</span><span class="p">()</span>
+        <span class="k">if</span> <span class="n">slo_url</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                <span class="s1">&#39;The IdP does not support Single Log Out&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SAML_SINGLE_LOGOUT_NOT_SUPPORTED</span>
+            <span class="p">)</span>
+
+        <span class="k">if</span> <span class="n">name_id</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">and</span> <span class="bp">self</span><span class="o">.</span><span class="n">_nameid</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">name_id</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_nameid</span>
+
+        <span class="k">if</span> <span class="n">name_id_format</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">and</span> <span class="bp">self</span><span class="o">.</span><span class="n">_nameid_format</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">name_id_format</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_nameid_format</span>
+
+        <span class="n">logout_request</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">logout_request_class</span><span class="p">(</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="p">,</span>
+            <span class="n">name_id</span><span class="o">=</span><span class="n">name_id</span><span class="p">,</span>
+            <span class="n">session_index</span><span class="o">=</span><span class="n">session_index</span><span class="p">,</span>
+            <span class="n">nq</span><span class="o">=</span><span class="n">nq</span><span class="p">,</span>
+            <span class="n">name_id_format</span><span class="o">=</span><span class="n">name_id_format</span><span class="p">,</span>
+            <span class="n">spnq</span><span class="o">=</span><span class="n">spnq</span>
+        <span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_request</span> <span class="o">=</span> <span class="n">logout_request</span><span class="o">.</span><span class="n">get_xml</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_last_request_id</span> <span class="o">=</span> <span class="n">logout_request</span><span class="o">.</span><span class="n">id</span>
+
+        <span class="n">parameters</span> <span class="o">=</span> <span class="p">{</span><span class="s1">&#39;SAMLRequest&#39;</span><span class="p">:</span> <span class="n">logout_request</span><span class="o">.</span><span class="n">get_request</span><span class="p">()}</span>
+        <span class="k">if</span> <span class="n">return_to</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">parameters</span><span class="p">[</span><span class="s1">&#39;RelayState&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">return_to</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">parameters</span><span class="p">[</span><span class="s1">&#39;RelayState&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_no_query</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="p">)</span>
+
+        <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
+        <span class="k">if</span> <span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;logoutRequestSigned&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">):</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">add_request_signature</span><span class="p">(</span><span class="n">parameters</span><span class="p">,</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;signatureAlgorithm&#39;</span><span class="p">])</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">redirect_to</span><span class="p">(</span><span class="n">slo_url</span><span class="p">,</span> <span class="n">parameters</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_sso_url"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_sso_url">[docs]</a>    <span class="k">def</span> <span class="nf">get_sso_url</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the SSO URL.</span>
+
+<span class="sd">        :returns: An URL, the SSO endpoint of the IdP</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_idp_sso_url</span><span class="p">()</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_slo_url"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_slo_url">[docs]</a>    <span class="k">def</span> <span class="nf">get_slo_url</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the SLO URL.</span>
+
+<span class="sd">        :returns: An URL, the SLO endpoint of the IdP</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_idp_slo_url</span><span class="p">()</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_slo_response_url"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_slo_response_url">[docs]</a>    <span class="k">def</span> <span class="nf">get_slo_response_url</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the SLO return URL for IdP-initiated logout.</span>
+
+<span class="sd">        :returns: an URL, the SLO return endpoint of the IdP</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_idp_slo_response_url</span><span class="p">()</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.add_request_signature"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.add_request_signature">[docs]</a>    <span class="k">def</span> <span class="nf">add_request_signature</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">request_data</span><span class="p">,</span> <span class="n">sign_algorithm</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Builds the Signature of the SAML Request.</span>
+
+<span class="sd">        :param request_data: The Request parameters</span>
+<span class="sd">        :type request_data: dict</span>
+
+<span class="sd">        :param sign_algorithm: Signature algorithm method</span>
+<span class="sd">        :type sign_algorithm: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_build_signature</span><span class="p">(</span><span class="n">request_data</span><span class="p">,</span> <span class="s1">&#39;SAMLRequest&#39;</span><span class="p">,</span> <span class="n">sign_algorithm</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.add_response_signature"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.add_response_signature">[docs]</a>    <span class="k">def</span> <span class="nf">add_response_signature</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">response_data</span><span class="p">,</span> <span class="n">sign_algorithm</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Builds the Signature of the SAML Response.</span>
+<span class="sd">        :param response_data: The Response parameters</span>
+<span class="sd">        :type response_data: dict</span>
+
+<span class="sd">        :param sign_algorithm: Signature algorithm method</span>
+<span class="sd">        :type sign_algorithm: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_build_signature</span><span class="p">(</span><span class="n">response_data</span><span class="p">,</span> <span class="s1">&#39;SAMLResponse&#39;</span><span class="p">,</span> <span class="n">sign_algorithm</span><span class="p">)</span></div>
+
+    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">_build_sign_query_from_qs</span><span class="p">(</span><span class="n">query_string</span><span class="p">,</span> <span class="n">saml_type</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Build sign query from query string</span>
+
+<span class="sd">        :param query_string: The query string</span>
+<span class="sd">        :type query_string: str</span>
+
+<span class="sd">        :param saml_type: The target URL the user should be redirected to</span>
+<span class="sd">        :type saml_type: string SAMLRequest | SAMLResponse</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">args</span> <span class="o">=</span> <span class="p">(</span><span class="s1">&#39;</span><span class="si">%s</span><span class="s1">=&#39;</span> <span class="o">%</span> <span class="n">saml_type</span><span class="p">,</span> <span class="s1">&#39;RelayState=&#39;</span><span class="p">,</span> <span class="s1">&#39;SigAlg=&#39;</span><span class="p">)</span>
+        <span class="n">parts</span> <span class="o">=</span> <span class="n">query_string</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s1">&#39;&amp;&#39;</span><span class="p">)</span>
+        <span class="c1"># Join in the order of arguments rather than the original order of parts.</span>
+        <span class="k">return</span> <span class="s1">&#39;&amp;&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">part</span> <span class="k">for</span> <span class="n">arg</span> <span class="ow">in</span> <span class="n">args</span> <span class="k">for</span> <span class="n">part</span> <span class="ow">in</span> <span class="n">parts</span> <span class="k">if</span> <span class="n">part</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="n">arg</span><span class="p">))</span>
+
+    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">_build_sign_query</span><span class="p">(</span><span class="n">saml_data</span><span class="p">,</span> <span class="n">relay_state</span><span class="p">,</span> <span class="n">algorithm</span><span class="p">,</span> <span class="n">saml_type</span><span class="p">,</span> <span class="n">lowercase_urlencoding</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Build sign query</span>
+
+<span class="sd">        :param saml_data: The Request data</span>
+<span class="sd">        :type saml_data: str</span>
+
+<span class="sd">        :param relay_state: The Relay State</span>
+<span class="sd">        :type relay_state: str</span>
+
+<span class="sd">        :param algorithm: The Signature Algorithm</span>
+<span class="sd">        :type algorithm: str</span>
+
+<span class="sd">        :param saml_type: The target URL the user should be redirected to</span>
+<span class="sd">        :type saml_type: string  SAMLRequest | SAMLResponse</span>
+
+<span class="sd">        :param lowercase_urlencoding: lowercase or no</span>
+<span class="sd">        :type lowercase_urlencoding: boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">sign_data</span> <span class="o">=</span> <span class="p">[</span><span class="s1">&#39;</span><span class="si">%s</span><span class="s1">=</span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">saml_type</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">escape_url</span><span class="p">(</span><span class="n">saml_data</span><span class="p">,</span> <span class="n">lowercase_urlencoding</span><span class="p">))]</span>
+        <span class="k">if</span> <span class="n">relay_state</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">sign_data</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;RelayState=</span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">escape_url</span><span class="p">(</span><span class="n">relay_state</span><span class="p">,</span> <span class="n">lowercase_urlencoding</span><span class="p">))</span>
+        <span class="n">sign_data</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;SigAlg=</span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">escape_url</span><span class="p">(</span><span class="n">algorithm</span><span class="p">,</span> <span class="n">lowercase_urlencoding</span><span class="p">))</span>
+        <span class="k">return</span> <span class="s1">&#39;&amp;&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">sign_data</span><span class="p">)</span>
+
+    <span class="k">def</span> <span class="nf">_build_signature</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">data</span><span class="p">,</span> <span class="n">saml_type</span><span class="p">,</span> <span class="n">sign_algorithm</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Builds the Signature</span>
+<span class="sd">        :param data: The Request data</span>
+<span class="sd">        :type data: dict</span>
+
+<span class="sd">        :param saml_type: The target URL the user should be redirected to</span>
+<span class="sd">        :type saml_type: string  SAMLRequest | SAMLResponse</span>
+
+<span class="sd">        :param sign_algorithm: Signature algorithm method</span>
+<span class="sd">        :type sign_algorithm: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">assert</span> <span class="n">saml_type</span> <span class="ow">in</span> <span class="p">(</span><span class="s1">&#39;SAMLRequest&#39;</span><span class="p">,</span> <span class="s1">&#39;SAMLResponse&#39;</span><span class="p">)</span>
+        <span class="n">key</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_settings</span><span class="p">()</span><span class="o">.</span><span class="n">get_sp_key</span><span class="p">()</span>
+
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">key</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                <span class="s2">&quot;Trying to sign the </span><span class="si">%s</span><span class="s2"> but can&#39;t load the SP private key.&quot;</span> <span class="o">%</span> <span class="n">saml_type</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">PRIVATE_KEY_NOT_FOUND</span>
+            <span class="p">)</span>
+
+        <span class="n">msg</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_build_sign_query</span><span class="p">(</span><span class="n">data</span><span class="p">[</span><span class="n">saml_type</span><span class="p">],</span>
+                                     <span class="n">data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;RelayState&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">),</span>
+                                     <span class="n">sign_algorithm</span><span class="p">,</span>
+                                     <span class="n">saml_type</span><span class="p">)</span>
+
+        <span class="n">sign_algorithm_transform_map</span> <span class="o">=</span> <span class="p">{</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">DSA_SHA1</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">DSA_SHA1</span><span class="p">,</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA1</span><span class="p">,</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">,</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA384</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA384</span><span class="p">,</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA512</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA512</span>
+        <span class="p">}</span>
+        <span class="n">sign_algorithm_transform</span> <span class="o">=</span> <span class="n">sign_algorithm_transform_map</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">sign_algorithm</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">)</span>
+
+        <span class="n">signature</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">sign_binary</span><span class="p">(</span><span class="n">msg</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">sign_algorithm_transform</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">())</span>
+        <span class="n">data</span><span class="p">[</span><span class="s1">&#39;Signature&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">b64encode</span><span class="p">(</span><span class="n">signature</span><span class="p">)</span>
+        <span class="n">data</span><span class="p">[</span><span class="s1">&#39;SigAlg&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">sign_algorithm</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.validate_request_signature"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.validate_request_signature">[docs]</a>    <span class="k">def</span> <span class="nf">validate_request_signature</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">request_data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Validate Request Signature</span>
+
+<span class="sd">        :param request_data: The Request data</span>
+<span class="sd">        :type request_data: dict</span>
+
+<span class="sd">        &quot;&quot;&quot;</span>
+
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_validate_signature</span><span class="p">(</span><span class="n">request_data</span><span class="p">,</span> <span class="s1">&#39;SAMLRequest&#39;</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.validate_response_signature"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.validate_response_signature">[docs]</a>    <span class="k">def</span> <span class="nf">validate_response_signature</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">request_data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Validate Response Signature</span>
+
+<span class="sd">        :param request_data: The Request data</span>
+<span class="sd">        :type request_data: dict</span>
+
+<span class="sd">        &quot;&quot;&quot;</span>
+
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_validate_signature</span><span class="p">(</span><span class="n">request_data</span><span class="p">,</span> <span class="s1">&#39;SAMLResponse&#39;</span><span class="p">)</span></div>
+
+    <span class="k">def</span> <span class="nf">_validate_signature</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">data</span><span class="p">,</span> <span class="n">saml_type</span><span class="p">,</span> <span class="n">raise_exceptions</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Validate Signature</span>
+
+<span class="sd">        :param data: The Request data</span>
+<span class="sd">        :type data: dict</span>
+
+<span class="sd">        :param cert: The certificate to check signature</span>
+<span class="sd">        :type cert: str</span>
+
+<span class="sd">        :param saml_type: The target URL the user should be redirected to</span>
+<span class="sd">        :type saml_type: string  SAMLRequest | SAMLResponse</span>
+
+<span class="sd">        :param raise_exceptions: Whether to return false on failure or raise an exception</span>
+<span class="sd">        :type raise_exceptions: Boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">try</span><span class="p">:</span>
+            <span class="n">signature</span> <span class="o">=</span> <span class="n">data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;Signature&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">signature</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+                <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_strict</span><span class="p">()</span> <span class="ow">and</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;wantMessagesSigned&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">):</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;The </span><span class="si">%s</span><span class="s1"> is not signed. Rejected.&#39;</span> <span class="o">%</span> <span class="n">saml_type</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">NO_SIGNED_MESSAGE</span>
+                    <span class="p">)</span>
+                <span class="k">return</span> <span class="kc">True</span>
+
+            <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_settings</span><span class="p">()</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
+
+            <span class="n">exists_x509cert</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_settings</span><span class="p">()</span><span class="o">.</span><span class="n">get_idp_cert</span><span class="p">()</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span>
+            <span class="n">exists_multix509sign</span> <span class="o">=</span> <span class="s1">&#39;x509certMulti&#39;</span> <span class="ow">in</span> <span class="n">idp_data</span> <span class="ow">and</span> \
+                <span class="s1">&#39;signing&#39;</span> <span class="ow">in</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">]</span> <span class="ow">and</span> \
+                <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;signing&#39;</span><span class="p">]</span>
+
+            <span class="k">if</span> <span class="ow">not</span> <span class="p">(</span><span class="n">exists_x509cert</span> <span class="ow">or</span> <span class="n">exists_multix509sign</span><span class="p">):</span>
+                <span class="n">error_msg</span> <span class="o">=</span> <span class="s1">&#39;In order to validate the sign on the </span><span class="si">%s</span><span class="s1">, the x509cert of the IdP is required&#39;</span> <span class="o">%</span> <span class="n">saml_type</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">error_msg</span><span class="p">)</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                    <span class="n">error_msg</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">CERT_NOT_FOUND</span>
+                <span class="p">)</span>
+
+            <span class="n">sign_alg</span> <span class="o">=</span> <span class="n">data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;SigAlg&#39;</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span><span class="p">)</span>
+            <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">sign_alg</span><span class="p">,</span> <span class="nb">bytes</span><span class="p">):</span>
+                <span class="n">sign_alg</span> <span class="o">=</span> <span class="n">sign_alg</span><span class="o">.</span><span class="n">decode</span><span class="p">(</span><span class="s1">&#39;utf8&#39;</span><span class="p">)</span>
+
+            <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
+            <span class="n">reject_deprecated_alg</span> <span class="o">=</span> <span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;rejectDeprecatedAlgorithm&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">reject_deprecated_alg</span><span class="p">:</span>
+                <span class="k">if</span> <span class="n">sign_alg</span> <span class="ow">in</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">DEPRECATED_ALGORITHMS</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;Deprecated signature algorithm found: </span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="n">sign_alg</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">DEPRECATED_SIGNATURE_METHOD</span>
+                    <span class="p">)</span>
+
+            <span class="n">query_string</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;query_string&#39;</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">query_string</span> <span class="ow">and</span> <span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;validate_signature_from_qs&#39;</span><span class="p">):</span>
+                <span class="n">signed_query</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_build_sign_query_from_qs</span><span class="p">(</span><span class="n">query_string</span><span class="p">,</span> <span class="n">saml_type</span><span class="p">)</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">lowercase_urlencoding</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_request_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;lowercase_urlencoding&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+                <span class="n">signed_query</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_build_sign_query</span><span class="p">(</span><span class="n">data</span><span class="p">[</span><span class="n">saml_type</span><span class="p">],</span>
+                                                      <span class="n">data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;RelayState&#39;</span><span class="p">),</span>
+                                                      <span class="n">sign_alg</span><span class="p">,</span>
+                                                      <span class="n">saml_type</span><span class="p">,</span>
+                                                      <span class="n">lowercase_urlencoding</span><span class="p">)</span>
+
+            <span class="k">if</span> <span class="n">exists_multix509sign</span><span class="p">:</span>
+                <span class="k">for</span> <span class="n">cert</span> <span class="ow">in</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;signing&#39;</span><span class="p">]:</span>
+                    <span class="k">if</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">validate_binary_sign</span><span class="p">(</span><span class="n">signed_query</span><span class="p">,</span>
+                                                                 <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">b64decode</span><span class="p">(</span><span class="n">signature</span><span class="p">),</span>
+                                                                 <span class="n">cert</span><span class="p">,</span>
+                                                                 <span class="n">sign_alg</span><span class="p">):</span>
+                        <span class="k">return</span> <span class="kc">True</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;Signature validation failed. </span><span class="si">%s</span><span class="s1"> rejected&#39;</span> <span class="o">%</span> <span class="n">saml_type</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">INVALID_SIGNATURE</span>
+                <span class="p">)</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">cert</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_settings</span><span class="p">()</span><span class="o">.</span><span class="n">get_idp_cert</span><span class="p">()</span>
+
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">validate_binary_sign</span><span class="p">(</span><span class="n">signed_query</span><span class="p">,</span>
+                                                                 <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">b64decode</span><span class="p">(</span><span class="n">signature</span><span class="p">),</span>
+                                                                 <span class="n">cert</span><span class="p">,</span>
+                                                                 <span class="n">sign_alg</span><span class="p">,</span>
+                                                                 <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">()):</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;Signature validation failed. </span><span class="si">%s</span><span class="s1"> rejected&#39;</span> <span class="o">%</span> <span class="n">saml_type</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">INVALID_SIGNATURE</span>
+                    <span class="p">)</span>
+            <span class="k">return</span> <span class="kc">True</span>
+        <span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_error_reason</span> <span class="o">=</span> <span class="nb">str</span><span class="p">(</span><span class="n">e</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">raise_exceptions</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="n">e</span>
+            <span class="k">return</span> <span class="kc">False</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_last_response_xml"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_response_xml">[docs]</a>    <span class="k">def</span> <span class="nf">get_last_response_xml</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">pretty_print_if_possible</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Retrieves the raw XML (decrypted) of the last SAML response,</span>
+<span class="sd">        or the last Logout Response generated or processed</span>
+<span class="sd">        :returns: SAML response XML</span>
+<span class="sd">        :rtype: string|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">response</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">_last_response</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_last_response</span><span class="p">,</span> <span class="n">compat</span><span class="o">.</span><span class="n">str_type</span><span class="p">):</span>
+                <span class="n">response</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_last_response</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">response</span> <span class="o">=</span> <span class="n">tostring</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_last_response</span><span class="p">,</span> <span class="n">encoding</span><span class="o">=</span><span class="s1">&#39;unicode&#39;</span><span class="p">,</span> <span class="n">pretty_print</span><span class="o">=</span><span class="n">pretty_print_if_possible</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">response</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_last_request_xml"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_request_xml">[docs]</a>    <span class="k">def</span> <span class="nf">get_last_request_xml</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Retrieves the raw XML sent in the last SAML request</span>
+<span class="sd">        :returns: SAML request XML</span>
+<span class="sd">        :rtype: string|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_last_request</span> <span class="ow">or</span> <span class="kc">None</span></div></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/authn_request.html b/docs/saml2/_modules/onelogin/saml2/authn_request.html
new file mode 100644
index 00000000..b72bd675
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/authn_request.html
@@ -0,0 +1,265 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.authn_request &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.authn_request</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.authn_request</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; OneLogin_Saml2_Authn_Request class</span>
+
+
+<span class="sd">AuthNRequest class of SAML Python Toolkit.</span>
+
+<span class="sd">&quot;&quot;&quot;</span>
+
+<span class="kn">from</span> <span class="nn">onelogin.saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.xml_templates</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Templates</span>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_Authn_Request"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Authn_Request">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Authn_Request</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+
+<span class="sd">    This class handles an AuthNRequest. It builds an</span>
+<span class="sd">    AuthNRequest object.</span>
+
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">,</span> <span class="n">force_authn</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">is_passive</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">set_nameid_policy</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span> <span class="n">name_id_value_req</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Constructs the AuthnRequest object.</span>
+
+<span class="sd">        :param settings: OSetting data</span>
+<span class="sd">        :type settings: OneLogin_Saml2_Settings</span>
+
+<span class="sd">        :param force_authn: Optional argument. When true the AuthNRequest will set the ForceAuthn=&#39;true&#39;.</span>
+<span class="sd">        :type force_authn: bool</span>
+
+<span class="sd">        :param is_passive: Optional argument. When true the AuthNRequest will set the Ispassive=&#39;true&#39;.</span>
+<span class="sd">        :type is_passive: bool</span>
+
+<span class="sd">        :param set_nameid_policy: Optional argument. When true the AuthNRequest will set a nameIdPolicy element.</span>
+<span class="sd">        :type set_nameid_policy: bool</span>
+
+<span class="sd">        :param name_id_value_req: Optional argument. Indicates to the IdP the subject that should be authenticated</span>
+<span class="sd">        :type name_id_value_req: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span> <span class="o">=</span> <span class="n">settings</span>
+
+        <span class="n">sp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_sp_data</span><span class="p">()</span>
+        <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
+        <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">_id</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_generate_request_id</span><span class="p">()</span>
+        <span class="n">issue_instant</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_time_to_SAML</span><span class="p">(</span><span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">now</span><span class="p">())</span>
+
+        <span class="n">destination</span> <span class="o">=</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;singleSignOnService&#39;</span><span class="p">][</span><span class="s1">&#39;url&#39;</span><span class="p">]</span>
+
+        <span class="n">provider_name_str</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="n">organization_data</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">get_organization</span><span class="p">()</span>
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">organization_data</span><span class="p">,</span> <span class="nb">dict</span><span class="p">)</span> <span class="ow">and</span> <span class="n">organization_data</span><span class="p">:</span>
+            <span class="n">langs</span> <span class="o">=</span> <span class="n">organization_data</span>
+            <span class="k">if</span> <span class="s1">&#39;en-US&#39;</span> <span class="ow">in</span> <span class="n">langs</span><span class="p">:</span>
+                <span class="n">lang</span> <span class="o">=</span> <span class="s1">&#39;en-US&#39;</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">lang</span> <span class="o">=</span> <span class="nb">sorted</span><span class="p">(</span><span class="n">langs</span><span class="p">)[</span><span class="mi">0</span><span class="p">]</span>
+
+            <span class="n">display_name</span> <span class="o">=</span> <span class="s1">&#39;displayname&#39;</span> <span class="ow">in</span> <span class="n">organization_data</span><span class="p">[</span><span class="n">lang</span><span class="p">]</span> <span class="ow">and</span> <span class="n">organization_data</span><span class="p">[</span><span class="n">lang</span><span class="p">][</span><span class="s1">&#39;displayname&#39;</span><span class="p">]</span>
+            <span class="k">if</span> <span class="n">display_name</span><span class="p">:</span>
+                <span class="n">provider_name_str</span> <span class="o">=</span> <span class="s2">&quot;</span><span class="se">\n</span><span class="s2">&quot;</span> <span class="o">+</span> <span class="s1">&#39;    ProviderName=&quot;</span><span class="si">%s</span><span class="s1">&quot;&#39;</span> <span class="o">%</span> <span class="n">organization_data</span><span class="p">[</span><span class="n">lang</span><span class="p">][</span><span class="s1">&#39;displayname&#39;</span><span class="p">]</span>
+
+        <span class="n">force_authn_str</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="k">if</span> <span class="n">force_authn</span> <span class="ow">is</span> <span class="kc">True</span><span class="p">:</span>
+            <span class="n">force_authn_str</span> <span class="o">=</span> <span class="s2">&quot;</span><span class="se">\n</span><span class="s2">&quot;</span> <span class="o">+</span> <span class="s1">&#39;    ForceAuthn=&quot;true&quot;&#39;</span>
+
+        <span class="n">is_passive_str</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="k">if</span> <span class="n">is_passive</span> <span class="ow">is</span> <span class="kc">True</span><span class="p">:</span>
+            <span class="n">is_passive_str</span> <span class="o">=</span> <span class="s2">&quot;</span><span class="se">\n</span><span class="s2">&quot;</span> <span class="o">+</span> <span class="s1">&#39;    IsPassive=&quot;true&quot;&#39;</span>
+
+        <span class="n">subject_str</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="k">if</span> <span class="n">name_id_value_req</span><span class="p">:</span>
+            <span class="n">subject_str</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;</span>
+<span class="s2">    &lt;saml:Subject&gt;</span>
+<span class="s2">        &lt;saml:NameID Format=&quot;</span><span class="si">%s</span><span class="s2">&quot;&gt;</span><span class="si">%s</span><span class="s2">&lt;/saml:NameID&gt;</span>
+<span class="s2">        &lt;saml:SubjectConfirmation Method=&quot;urn:oasis:names:tc:SAML:2.0:cm:bearer&quot;&gt;&lt;/saml:SubjectConfirmation&gt;</span>
+<span class="s2">    &lt;/saml:Subject&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="p">(</span><span class="n">sp_data</span><span class="p">[</span><span class="s1">&#39;NameIDFormat&#39;</span><span class="p">],</span> <span class="n">name_id_value_req</span><span class="p">)</span>
+
+        <span class="n">nameid_policy_str</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="k">if</span> <span class="n">set_nameid_policy</span><span class="p">:</span>
+            <span class="n">name_id_policy_format</span> <span class="o">=</span> <span class="n">sp_data</span><span class="p">[</span><span class="s1">&#39;NameIDFormat&#39;</span><span class="p">]</span>
+            <span class="k">if</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;wantNameIdEncrypted&#39;</span><span class="p">]:</span>
+                <span class="n">name_id_policy_format</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NAMEID_ENCRYPTED</span>
+
+            <span class="n">nameid_policy_str</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;</span>
+<span class="s2">    &lt;samlp:NameIDPolicy</span>
+<span class="s2">        Format=&quot;</span><span class="si">%s</span><span class="s2">&quot;</span>
+<span class="s2">        AllowCreate=&quot;true&quot; /&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="n">name_id_policy_format</span>
+
+        <span class="n">requested_authn_context_str</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="k">if</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;requestedAuthnContext&#39;</span><span class="p">]</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">False</span><span class="p">:</span>
+            <span class="n">authn_comparison</span> <span class="o">=</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;requestedAuthnContextComparison&#39;</span><span class="p">]</span>
+
+            <span class="k">if</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;requestedAuthnContext&#39;</span><span class="p">]</span> <span class="ow">is</span> <span class="kc">True</span><span class="p">:</span>
+                <span class="n">requested_authn_context_str</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;    &lt;samlp:RequestedAuthnContext Comparison=&quot;</span><span class="si">%s</span><span class="s2">&quot;&gt;</span>
+<span class="s2">        &lt;saml:AuthnContextClassRef&gt;urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport&lt;/saml:AuthnContextClassRef&gt;</span>
+<span class="s2">    &lt;/samlp:RequestedAuthnContext&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="n">authn_comparison</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">requested_authn_context_str</span> <span class="o">=</span> <span class="s1">&#39;     &lt;samlp:RequestedAuthnContext Comparison=&quot;</span><span class="si">%s</span><span class="s1">&quot;&gt;&#39;</span> <span class="o">%</span> <span class="n">authn_comparison</span>
+                <span class="k">for</span> <span class="n">authn_context</span> <span class="ow">in</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;requestedAuthnContext&#39;</span><span class="p">]:</span>
+                    <span class="n">requested_authn_context_str</span> <span class="o">+=</span> <span class="s1">&#39;&lt;saml:AuthnContextClassRef&gt;</span><span class="si">%s</span><span class="s1">&lt;/saml:AuthnContextClassRef&gt;&#39;</span> <span class="o">%</span> <span class="n">authn_context</span>
+                <span class="n">requested_authn_context_str</span> <span class="o">+=</span> <span class="s1">&#39;    &lt;/samlp:RequestedAuthnContext&gt;&#39;</span>
+
+        <span class="n">attr_consuming_service_str</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="k">if</span> <span class="s1">&#39;attributeConsumingService&#39;</span> <span class="ow">in</span> <span class="n">sp_data</span> <span class="ow">and</span> <span class="n">sp_data</span><span class="p">[</span><span class="s1">&#39;attributeConsumingService&#39;</span><span class="p">]:</span>
+            <span class="n">attr_consuming_service_str</span> <span class="o">=</span> <span class="s2">&quot;</span><span class="se">\n</span><span class="s2">    AttributeConsumingServiceIndex=</span><span class="se">\&quot;</span><span class="si">%s</span><span class="se">\&quot;</span><span class="s2">&quot;</span> <span class="o">%</span> <span class="n">sp_data</span><span class="p">[</span><span class="s1">&#39;attributeConsumingService&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;index&#39;</span><span class="p">,</span> <span class="s1">&#39;1&#39;</span><span class="p">)</span>
+
+        <span class="n">request</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Templates</span><span class="o">.</span><span class="n">AUTHN_REQUEST</span> <span class="o">%</span> \
+            <span class="p">{</span>
+                <span class="s1">&#39;id&#39;</span><span class="p">:</span> <span class="bp">self</span><span class="o">.</span><span class="n">_id</span><span class="p">,</span>
+                <span class="s1">&#39;provider_name&#39;</span><span class="p">:</span> <span class="n">provider_name_str</span><span class="p">,</span>
+                <span class="s1">&#39;force_authn_str&#39;</span><span class="p">:</span> <span class="n">force_authn_str</span><span class="p">,</span>
+                <span class="s1">&#39;is_passive_str&#39;</span><span class="p">:</span> <span class="n">is_passive_str</span><span class="p">,</span>
+                <span class="s1">&#39;issue_instant&#39;</span><span class="p">:</span> <span class="n">issue_instant</span><span class="p">,</span>
+                <span class="s1">&#39;destination&#39;</span><span class="p">:</span> <span class="n">destination</span><span class="p">,</span>
+                <span class="s1">&#39;assertion_url&#39;</span><span class="p">:</span> <span class="n">sp_data</span><span class="p">[</span><span class="s1">&#39;assertionConsumerService&#39;</span><span class="p">][</span><span class="s1">&#39;url&#39;</span><span class="p">],</span>
+                <span class="s1">&#39;entity_id&#39;</span><span class="p">:</span> <span class="n">sp_data</span><span class="p">[</span><span class="s1">&#39;entityId&#39;</span><span class="p">],</span>
+                <span class="s1">&#39;subject_str&#39;</span><span class="p">:</span> <span class="n">subject_str</span><span class="p">,</span>
+                <span class="s1">&#39;nameid_policy_str&#39;</span><span class="p">:</span> <span class="n">nameid_policy_str</span><span class="p">,</span>
+                <span class="s1">&#39;requested_authn_context_str&#39;</span><span class="p">:</span> <span class="n">requested_authn_context_str</span><span class="p">,</span>
+                <span class="s1">&#39;attr_consuming_service_str&#39;</span><span class="p">:</span> <span class="n">attr_consuming_service_str</span><span class="p">,</span>
+                <span class="s1">&#39;acs_binding&#39;</span><span class="p">:</span> <span class="n">sp_data</span><span class="p">[</span><span class="s1">&#39;assertionConsumerService&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;binding&#39;</span><span class="p">,</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST&#39;</span><span class="p">)</span>
+            <span class="p">}</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">_authn_request</span> <span class="o">=</span> <span class="n">request</span>
+
+    <span class="k">def</span> <span class="nf">_generate_request_id</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Generate an unique request ID.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">generate_unique_id</span><span class="p">()</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Authn_Request.get_request"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Authn_Request.get_request">[docs]</a>    <span class="k">def</span> <span class="nf">get_request</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">deflate</span><span class="o">=</span><span class="kc">True</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns unsigned AuthnRequest.</span>
+<span class="sd">        :param deflate: It makes the deflate process optional</span>
+<span class="sd">        :type: bool</span>
+<span class="sd">        :return: AuthnRequest maybe deflated and base64 encoded</span>
+<span class="sd">        :rtype: str object</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="n">deflate</span><span class="p">:</span>
+            <span class="n">request</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">deflate_and_base64_encode</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_authn_request</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">request</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">b64encode</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_authn_request</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">request</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Authn_Request.get_id"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Authn_Request.get_id">[docs]</a>    <span class="k">def</span> <span class="nf">get_id</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the AuthNRequest ID.</span>
+<span class="sd">        :return: AuthNRequest ID</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_id</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Authn_Request.get_xml"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Authn_Request.get_xml">[docs]</a>    <span class="k">def</span> <span class="nf">get_xml</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the XML that will be sent as part of the request</span>
+<span class="sd">        :return: XML request body</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_authn_request</span></div></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/compat.html b/docs/saml2/_modules/onelogin/saml2/compat.html
new file mode 100644
index 00000000..0497cf19
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/compat.html
@@ -0,0 +1,166 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.compat &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.compat</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.compat</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; py3 compatibility class</span>
+
+
+<span class="sd">&quot;&quot;&quot;</span>
+
+<span class="kn">from</span> <span class="nn">__future__</span> <span class="kn">import</span> <span class="n">absolute_import</span><span class="p">,</span> <span class="n">print_function</span><span class="p">,</span> <span class="n">with_statement</span>
+
+<span class="k">try</span><span class="p">:</span>
+    <span class="n">basestring</span>
+<span class="k">except</span> <span class="ne">NameError</span><span class="p">:</span>
+    <span class="n">basestring</span> <span class="o">=</span> <span class="nb">str</span>
+
+<span class="k">try</span><span class="p">:</span>
+    <span class="n">unicode</span>
+<span class="k">except</span> <span class="ne">NameError</span><span class="p">:</span>
+    <span class="n">unicode</span> <span class="o">=</span> <span class="nb">str</span>
+
+
+<span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="sa">b</span><span class="s1">&#39;&#39;</span><span class="p">,</span> <span class="nb">type</span><span class="p">(</span><span class="s1">&#39;&#39;</span><span class="p">)):</span>  <span class="c1"># py 2.x</span>
+    <span class="n">text_types</span> <span class="o">=</span> <span class="p">(</span><span class="n">basestring</span><span class="p">,)</span>  <span class="c1"># noqa</span>
+    <span class="n">bytes_type</span> <span class="o">=</span> <span class="nb">bytes</span>
+    <span class="n">str_type</span> <span class="o">=</span> <span class="n">basestring</span>  <span class="c1"># noqa</span>
+
+    <span class="k">def</span> <span class="nf">utf8</span><span class="p">(</span><span class="n">data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;  return utf8-encoded string &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">data</span><span class="p">,</span> <span class="n">basestring</span><span class="p">):</span>
+            <span class="k">return</span> <span class="n">data</span><span class="o">.</span><span class="n">decode</span><span class="p">(</span><span class="s2">&quot;utf8&quot;</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">unicode</span><span class="p">(</span><span class="n">data</span><span class="p">)</span>
+
+    <span class="k">def</span> <span class="nf">to_string</span><span class="p">(</span><span class="n">data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot; return string &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">data</span><span class="p">,</span> <span class="n">unicode</span><span class="p">):</span>
+            <span class="k">return</span> <span class="n">data</span><span class="o">.</span><span class="n">encode</span><span class="p">(</span><span class="s2">&quot;utf8&quot;</span><span class="p">)</span>
+        <span class="k">return</span> <span class="nb">str</span><span class="p">(</span><span class="n">data</span><span class="p">)</span>
+
+    <span class="k">def</span> <span class="nf">to_bytes</span><span class="p">(</span><span class="n">data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot; return bytes &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">data</span><span class="p">,</span> <span class="n">unicode</span><span class="p">):</span>
+            <span class="k">return</span> <span class="n">data</span><span class="o">.</span><span class="n">encode</span><span class="p">(</span><span class="s2">&quot;utf8&quot;</span><span class="p">)</span>
+        <span class="k">return</span> <span class="nb">str</span><span class="p">(</span><span class="n">data</span><span class="p">)</span>
+
+<span class="k">else</span><span class="p">:</span>  <span class="c1"># py 3.x</span>
+    <span class="n">text_types</span> <span class="o">=</span> <span class="p">(</span><span class="nb">bytes</span><span class="p">,</span> <span class="nb">str</span><span class="p">)</span>
+    <span class="n">bytes_type</span> <span class="o">=</span> <span class="nb">bytes</span>
+    <span class="n">str_type</span> <span class="o">=</span> <span class="nb">str</span>
+
+<div class="viewcode-block" id="utf8"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.compat.utf8">[docs]</a>    <span class="k">def</span> <span class="nf">utf8</span><span class="p">(</span><span class="n">data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot; return utf8-encoded string &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">data</span><span class="p">,</span> <span class="nb">bytes</span><span class="p">):</span>
+            <span class="k">return</span> <span class="n">data</span><span class="o">.</span><span class="n">decode</span><span class="p">(</span><span class="s2">&quot;utf8&quot;</span><span class="p">)</span>
+        <span class="k">return</span> <span class="nb">str</span><span class="p">(</span><span class="n">data</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="to_string"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.compat.to_string">[docs]</a>    <span class="k">def</span> <span class="nf">to_string</span><span class="p">(</span><span class="n">data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;convert to string&quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">data</span><span class="p">,</span> <span class="nb">bytes</span><span class="p">):</span>
+            <span class="k">return</span> <span class="n">data</span><span class="o">.</span><span class="n">decode</span><span class="p">(</span><span class="s2">&quot;utf8&quot;</span><span class="p">)</span>
+        <span class="k">return</span> <span class="nb">str</span><span class="p">(</span><span class="n">data</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="to_bytes"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.compat.to_bytes">[docs]</a>    <span class="k">def</span> <span class="nf">to_bytes</span><span class="p">(</span><span class="n">data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;return bytes&quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">data</span><span class="p">,</span> <span class="nb">str</span><span class="p">):</span>
+            <span class="k">return</span> <span class="n">data</span><span class="o">.</span><span class="n">encode</span><span class="p">(</span><span class="s2">&quot;utf8&quot;</span><span class="p">)</span>
+        <span class="k">return</span> <span class="nb">bytes</span><span class="p">(</span><span class="n">data</span><span class="p">)</span></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/constants.html b/docs/saml2/_modules/onelogin/saml2/constants.html
new file mode 100644
index 00000000..299831bb
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/constants.html
@@ -0,0 +1,218 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.constants &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.constants</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.constants</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; OneLogin_Saml2_Constants class</span>
+
+
+<span class="sd">Constants class of SAML Python Toolkit.</span>
+
+<span class="sd">&quot;&quot;&quot;</span>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_Constants"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Constants</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+
+<span class="sd">    This class defines all the constants that will be used</span>
+<span class="sd">    in the SAML Python Toolkit.</span>
+
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="c1"># Value added to the current time in time condition validations</span>
+    <span class="n">ALLOWED_CLOCK_DRIFT</span> <span class="o">=</span> <span class="mi">300</span>
+
+    <span class="c1"># NameID Formats</span>
+    <span class="n">NAMEID_EMAIL_ADDRESS</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress&#39;</span>
+    <span class="n">NAMEID_X509_SUBJECT_NAME</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName&#39;</span>
+    <span class="n">NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName&#39;</span>
+    <span class="n">NAMEID_UNSPECIFIED</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified&#39;</span>
+    <span class="n">NAMEID_KERBEROS</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos&#39;</span>
+    <span class="n">NAMEID_ENTITY</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:nameid-format:entity&#39;</span>
+    <span class="n">NAMEID_TRANSIENT</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:nameid-format:transient&#39;</span>
+    <span class="n">NAMEID_PERSISTENT</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:nameid-format:persistent&#39;</span>
+    <span class="n">NAMEID_ENCRYPTED</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted&#39;</span>
+
+    <span class="c1"># Attribute Name Formats</span>
+    <span class="n">ATTRNAME_FORMAT_UNSPECIFIED</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified&#39;</span>
+    <span class="n">ATTRNAME_FORMAT_URI</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:attrname-format:uri&#39;</span>
+    <span class="n">ATTRNAME_FORMAT_BASIC</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:attrname-format:basic&#39;</span>
+
+    <span class="c1"># Namespaces</span>
+    <span class="n">NS_SAML</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:assertion&#39;</span>
+    <span class="n">NS_SAMLP</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:protocol&#39;</span>
+    <span class="n">NS_SOAP</span> <span class="o">=</span> <span class="s1">&#39;http://schemas.xmlsoap.org/soap/envelope/&#39;</span>
+    <span class="n">NS_MD</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:metadata&#39;</span>
+    <span class="n">NS_XS</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/XMLSchema&#39;</span>
+    <span class="n">NS_XSI</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/XMLSchema-instance&#39;</span>
+    <span class="n">NS_XENC</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmlenc#&#39;</span>
+    <span class="n">NS_DS</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2000/09/xmldsig#&#39;</span>
+
+    <span class="c1"># Namespace Prefixes</span>
+    <span class="n">NS_PREFIX_SAML</span> <span class="o">=</span> <span class="s1">&#39;saml&#39;</span>
+    <span class="n">NS_PREFIX_SAMLP</span> <span class="o">=</span> <span class="s1">&#39;samlp&#39;</span>
+    <span class="n">NS_PREFIX_MD</span> <span class="o">=</span> <span class="s1">&#39;md&#39;</span>
+    <span class="n">NS_PREFIX_XS</span> <span class="o">=</span> <span class="s1">&#39;xs&#39;</span>
+    <span class="n">NS_PREFIX_XSI</span> <span class="o">=</span> <span class="s1">&#39;xsi&#39;</span>
+    <span class="n">NS_PREFIX_XSD</span> <span class="o">=</span> <span class="s1">&#39;xsd&#39;</span>
+    <span class="n">NS_PREFIX_XENC</span> <span class="o">=</span> <span class="s1">&#39;xenc&#39;</span>
+    <span class="n">NS_PREFIX_DS</span> <span class="o">=</span> <span class="s1">&#39;ds&#39;</span>
+
+    <span class="c1"># Prefix:Namespace Mappings</span>
+    <span class="n">NSMAP</span> <span class="o">=</span> <span class="p">{</span>
+        <span class="n">NS_PREFIX_SAMLP</span><span class="p">:</span> <span class="n">NS_SAMLP</span><span class="p">,</span>
+        <span class="n">NS_PREFIX_SAML</span><span class="p">:</span> <span class="n">NS_SAML</span><span class="p">,</span>
+        <span class="n">NS_PREFIX_DS</span><span class="p">:</span> <span class="n">NS_DS</span><span class="p">,</span>
+        <span class="n">NS_PREFIX_XENC</span><span class="p">:</span> <span class="n">NS_XENC</span><span class="p">,</span>
+        <span class="n">NS_PREFIX_MD</span><span class="p">:</span> <span class="n">NS_MD</span>
+    <span class="p">}</span>
+
+    <span class="c1"># Bindings</span>
+    <span class="n">BINDING_HTTP_POST</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST&#39;</span>
+    <span class="n">BINDING_HTTP_REDIRECT</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect&#39;</span>
+    <span class="n">BINDING_HTTP_ARTIFACT</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact&#39;</span>
+    <span class="n">BINDING_SOAP</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:bindings:SOAP&#39;</span>
+    <span class="n">BINDING_DEFLATE</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:bindings:URL-Encoding:DEFLATE&#39;</span>
+
+    <span class="c1"># Auth Context Class</span>
+    <span class="n">AC_UNSPECIFIED</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified&#39;</span>
+    <span class="n">AC_PASSWORD</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:ac:classes:Password&#39;</span>
+    <span class="n">AC_PASSWORD_PROTECTED</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport&#39;</span>
+    <span class="n">AC_X509</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:ac:classes:X509&#39;</span>
+    <span class="n">AC_SMARTCARD</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard&#39;</span>
+    <span class="n">AC_KERBEROS</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos&#39;</span>
+
+    <span class="c1"># Subject Confirmation</span>
+    <span class="n">CM_BEARER</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:cm:bearer&#39;</span>
+    <span class="n">CM_HOLDER_KEY</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:cm:holder-of-key&#39;</span>
+    <span class="n">CM_SENDER_VOUCHES</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:cm:sender-vouches&#39;</span>
+
+    <span class="c1"># Status Codes</span>
+    <span class="n">STATUS_SUCCESS</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:status:Success&#39;</span>
+    <span class="n">STATUS_REQUESTER</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:status:Requester&#39;</span>
+    <span class="n">STATUS_RESPONDER</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:status:Responder&#39;</span>
+    <span class="n">STATUS_VERSION_MISMATCH</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:status:VersionMismatch&#39;</span>
+    <span class="n">STATUS_NO_PASSIVE</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:status:NoPassive&#39;</span>
+    <span class="n">STATUS_PARTIAL_LOGOUT</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:status:PartialLogout&#39;</span>
+    <span class="n">STATUS_PROXY_COUNT_EXCEEDED</span> <span class="o">=</span> <span class="s1">&#39;urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded&#39;</span>
+
+    <span class="c1"># Sign &amp; Crypto</span>
+    <span class="n">SHA1</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2000/09/xmldsig#sha1&#39;</span>
+    <span class="n">SHA256</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmlenc#sha256&#39;</span>
+    <span class="n">SHA384</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmldsig-more#sha384&#39;</span>
+    <span class="n">SHA512</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmlenc#sha512&#39;</span>
+
+    <span class="n">DSA_SHA1</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2000/09/xmldsig#dsa-sha1&#39;</span>
+    <span class="n">RSA_SHA1</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2000/09/xmldsig#rsa-sha1&#39;</span>
+    <span class="n">RSA_SHA256</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmldsig-more#rsa-sha256&#39;</span>
+    <span class="n">RSA_SHA384</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmldsig-more#rsa-sha384&#39;</span>
+    <span class="n">RSA_SHA512</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmldsig-more#rsa-sha512&#39;</span>
+
+    <span class="c1"># Enc</span>
+    <span class="n">TRIPLEDES_CBC</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmlenc#tripledes-cbc&#39;</span>
+    <span class="n">AES128_CBC</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmlenc#aes128-cbc&#39;</span>
+    <span class="n">AES192_CBC</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmlenc#aes192-cbc&#39;</span>
+    <span class="n">AES256_CBC</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmlenc#aes256-cbc&#39;</span>
+    <span class="n">RSA_1_5</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmlenc#rsa-1_5&#39;</span>
+    <span class="n">RSA_OAEP_MGF1P</span> <span class="o">=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p&#39;</span>
+
+    <span class="c1"># Define here the deprecated algorithms</span>
+    <span class="n">DEPRECATED_ALGORITHMS</span> <span class="o">=</span> <span class="p">[</span><span class="n">DSA_SHA1</span><span class="p">,</span> <span class="n">RSA_SHA1</span><span class="p">,</span> <span class="n">SHA1</span><span class="p">]</span></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/errors.html b/docs/saml2/_modules/onelogin/saml2/errors.html
new file mode 100644
index 00000000..77b1c1f7
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/errors.html
@@ -0,0 +1,228 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.errors &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.errors</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.errors</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; OneLogin_Saml2_Error class</span>
+
+
+<span class="sd">Error class of SAML Python Toolkit.</span>
+
+<span class="sd">Defines common Error codes and has a custom initializator.</span>
+
+<span class="sd">&quot;&quot;&quot;</span>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_Error"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Error</span><span class="p">(</span><span class="ne">Exception</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+
+<span class="sd">    This class implements a custom Exception handler.</span>
+<span class="sd">    Defines custom error codes.</span>
+
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="c1"># Errors</span>
+    <span class="n">SETTINGS_FILE_NOT_FOUND</span> <span class="o">=</span> <span class="mi">0</span>
+    <span class="n">SETTINGS_INVALID_SYNTAX</span> <span class="o">=</span> <span class="mi">1</span>
+    <span class="n">SETTINGS_INVALID</span> <span class="o">=</span> <span class="mi">2</span>
+    <span class="n">METADATA_SP_INVALID</span> <span class="o">=</span> <span class="mi">3</span>
+    <span class="c1"># SP_CERTS_NOT_FOUND is deprecated, use CERT_NOT_FOUND instead</span>
+    <span class="n">SP_CERTS_NOT_FOUND</span> <span class="o">=</span> <span class="mi">4</span>
+    <span class="n">CERT_NOT_FOUND</span> <span class="o">=</span> <span class="mi">4</span>
+    <span class="n">REDIRECT_INVALID_URL</span> <span class="o">=</span> <span class="mi">5</span>
+    <span class="n">PUBLIC_CERT_FILE_NOT_FOUND</span> <span class="o">=</span> <span class="mi">6</span>
+    <span class="n">PRIVATE_KEY_FILE_NOT_FOUND</span> <span class="o">=</span> <span class="mi">7</span>
+    <span class="n">SAML_RESPONSE_NOT_FOUND</span> <span class="o">=</span> <span class="mi">8</span>
+    <span class="n">SAML_LOGOUTMESSAGE_NOT_FOUND</span> <span class="o">=</span> <span class="mi">9</span>
+    <span class="n">SAML_LOGOUTREQUEST_INVALID</span> <span class="o">=</span> <span class="mi">10</span>
+    <span class="n">SAML_LOGOUTRESPONSE_INVALID</span> <span class="o">=</span> <span class="mi">11</span>
+    <span class="n">SAML_SINGLE_LOGOUT_NOT_SUPPORTED</span> <span class="o">=</span> <span class="mi">12</span>
+    <span class="n">PRIVATE_KEY_NOT_FOUND</span> <span class="o">=</span> <span class="mi">13</span>
+    <span class="n">UNSUPPORTED_SETTINGS_OBJECT</span> <span class="o">=</span> <span class="mi">14</span>
+
+    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">message</span><span class="p">,</span> <span class="n">code</span><span class="o">=</span><span class="mi">0</span><span class="p">,</span> <span class="n">errors</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Initializes the Exception instance.</span>
+
+<span class="sd">        Arguments are:</span>
+<span class="sd">            * (str)   message.   Describes the error.</span>
+<span class="sd">            * (int)   code.      The code error (defined in the error class).</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">code</span><span class="p">,</span> <span class="nb">int</span><span class="p">)</span>
+
+        <span class="k">if</span> <span class="n">errors</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">message</span> <span class="o">=</span> <span class="n">message</span> <span class="o">%</span> <span class="n">errors</span>
+
+        <span class="ne">Exception</span><span class="o">.</span><span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">message</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">code</span> <span class="o">=</span> <span class="n">code</span></div>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_ValidationError"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_ValidationError</span><span class="p">(</span><span class="ne">Exception</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">    This class implements another custom Exception handler, related</span>
+<span class="sd">    to exceptions that happens during validation process.</span>
+<span class="sd">    Defines custom error codes .</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="c1"># Validation Errors</span>
+    <span class="n">UNSUPPORTED_SAML_VERSION</span> <span class="o">=</span> <span class="mi">0</span>
+    <span class="n">MISSING_ID</span> <span class="o">=</span> <span class="mi">1</span>
+    <span class="n">WRONG_NUMBER_OF_ASSERTIONS</span> <span class="o">=</span> <span class="mi">2</span>
+    <span class="n">MISSING_STATUS</span> <span class="o">=</span> <span class="mi">3</span>
+    <span class="n">MISSING_STATUS_CODE</span> <span class="o">=</span> <span class="mi">4</span>
+    <span class="n">STATUS_CODE_IS_NOT_SUCCESS</span> <span class="o">=</span> <span class="mi">5</span>
+    <span class="n">WRONG_SIGNED_ELEMENT</span> <span class="o">=</span> <span class="mi">6</span>
+    <span class="n">ID_NOT_FOUND_IN_SIGNED_ELEMENT</span> <span class="o">=</span> <span class="mi">7</span>
+    <span class="n">DUPLICATED_ID_IN_SIGNED_ELEMENTS</span> <span class="o">=</span> <span class="mi">8</span>
+    <span class="n">INVALID_SIGNED_ELEMENT</span> <span class="o">=</span> <span class="mi">9</span>
+    <span class="n">DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS</span> <span class="o">=</span> <span class="mi">10</span>
+    <span class="n">UNEXPECTED_SIGNED_ELEMENTS</span> <span class="o">=</span> <span class="mi">11</span>
+    <span class="n">WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE</span> <span class="o">=</span> <span class="mi">12</span>
+    <span class="n">WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION</span> <span class="o">=</span> <span class="mi">13</span>
+    <span class="n">INVALID_XML_FORMAT</span> <span class="o">=</span> <span class="mi">14</span>
+    <span class="n">WRONG_INRESPONSETO</span> <span class="o">=</span> <span class="mi">15</span>
+    <span class="n">NO_ENCRYPTED_ASSERTION</span> <span class="o">=</span> <span class="mi">16</span>
+    <span class="n">NO_ENCRYPTED_NAMEID</span> <span class="o">=</span> <span class="mi">17</span>
+    <span class="n">MISSING_CONDITIONS</span> <span class="o">=</span> <span class="mi">18</span>
+    <span class="n">ASSERTION_TOO_EARLY</span> <span class="o">=</span> <span class="mi">19</span>
+    <span class="n">ASSERTION_EXPIRED</span> <span class="o">=</span> <span class="mi">20</span>
+    <span class="n">WRONG_NUMBER_OF_AUTHSTATEMENTS</span> <span class="o">=</span> <span class="mi">21</span>
+    <span class="n">NO_ATTRIBUTESTATEMENT</span> <span class="o">=</span> <span class="mi">22</span>
+    <span class="n">ENCRYPTED_ATTRIBUTES</span> <span class="o">=</span> <span class="mi">23</span>
+    <span class="n">WRONG_DESTINATION</span> <span class="o">=</span> <span class="mi">24</span>
+    <span class="n">EMPTY_DESTINATION</span> <span class="o">=</span> <span class="mi">25</span>
+    <span class="n">WRONG_AUDIENCE</span> <span class="o">=</span> <span class="mi">26</span>
+    <span class="n">ISSUER_MULTIPLE_IN_RESPONSE</span> <span class="o">=</span> <span class="mi">27</span>
+    <span class="n">ISSUER_NOT_FOUND_IN_ASSERTION</span> <span class="o">=</span> <span class="mi">28</span>
+    <span class="n">WRONG_ISSUER</span> <span class="o">=</span> <span class="mi">29</span>
+    <span class="n">SESSION_EXPIRED</span> <span class="o">=</span> <span class="mi">30</span>
+    <span class="n">WRONG_SUBJECTCONFIRMATION</span> <span class="o">=</span> <span class="mi">31</span>
+    <span class="n">NO_SIGNED_MESSAGE</span> <span class="o">=</span> <span class="mi">32</span>
+    <span class="n">NO_SIGNED_ASSERTION</span> <span class="o">=</span> <span class="mi">33</span>
+    <span class="n">NO_SIGNATURE_FOUND</span> <span class="o">=</span> <span class="mi">34</span>
+    <span class="n">KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA</span> <span class="o">=</span> <span class="mi">35</span>
+    <span class="n">CHILDREN_NODE_NOT_FOUND_IN_KEYINFO</span> <span class="o">=</span> <span class="mi">36</span>
+    <span class="n">UNSUPPORTED_RETRIEVAL_METHOD</span> <span class="o">=</span> <span class="mi">37</span>
+    <span class="n">NO_NAMEID</span> <span class="o">=</span> <span class="mi">38</span>
+    <span class="n">EMPTY_NAMEID</span> <span class="o">=</span> <span class="mi">39</span>
+    <span class="n">SP_NAME_QUALIFIER_NAME_MISMATCH</span> <span class="o">=</span> <span class="mi">40</span>
+    <span class="n">DUPLICATED_ATTRIBUTE_NAME_FOUND</span> <span class="o">=</span> <span class="mi">41</span>
+    <span class="n">INVALID_SIGNATURE</span> <span class="o">=</span> <span class="mi">42</span>
+    <span class="n">WRONG_NUMBER_OF_SIGNATURES</span> <span class="o">=</span> <span class="mi">43</span>
+    <span class="n">RESPONSE_EXPIRED</span> <span class="o">=</span> <span class="mi">44</span>
+    <span class="n">AUTHN_CONTEXT_MISMATCH</span> <span class="o">=</span> <span class="mi">45</span>
+    <span class="n">DEPRECATED_SIGNATURE_METHOD</span> <span class="o">=</span> <span class="mi">46</span>
+    <span class="n">DEPRECATED_DIGEST_METHOD</span> <span class="o">=</span> <span class="mi">47</span>
+
+    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">message</span><span class="p">,</span> <span class="n">code</span><span class="o">=</span><span class="mi">0</span><span class="p">,</span> <span class="n">errors</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Initializes the Exception instance.</span>
+<span class="sd">        Arguments are:</span>
+<span class="sd">            * (str)   message.   Describes the error.</span>
+<span class="sd">            * (int)   code.      The code error (defined in the error class).</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">code</span><span class="p">,</span> <span class="nb">int</span><span class="p">)</span>
+
+        <span class="k">if</span> <span class="n">errors</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">message</span> <span class="o">=</span> <span class="n">message</span> <span class="o">%</span> <span class="n">errors</span>
+
+        <span class="ne">Exception</span><span class="o">.</span><span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">message</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">code</span> <span class="o">=</span> <span class="n">code</span></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/idp_metadata_parser.html b/docs/saml2/_modules/onelogin/saml2/idp_metadata_parser.html
new file mode 100644
index 00000000..a4ee1098
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/idp_metadata_parser.html
@@ -0,0 +1,380 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.idp_metadata_parser &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.idp_metadata_parser</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.idp_metadata_parser</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; OneLogin_Saml2_IdPMetadataParser class</span>
+<span class="sd">Metadata class of SAML Python Toolkit.</span>
+<span class="sd">&quot;&quot;&quot;</span>
+
+
+<span class="kn">from</span> <span class="nn">copy</span> <span class="kn">import</span> <span class="n">deepcopy</span>
+
+<span class="k">try</span><span class="p">:</span>
+    <span class="kn">import</span> <span class="nn">urllib.request</span> <span class="k">as</span> <span class="nn">urllib2</span>
+<span class="k">except</span> <span class="ne">ImportError</span><span class="p">:</span>
+    <span class="kn">import</span> <span class="nn">urllib2</span>
+
+<span class="kn">import</span> <span class="nn">ssl</span>
+
+<span class="kn">from</span> <span class="nn">onelogin.saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.xml_utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_XML</span>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_IdPMetadataParser"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_IdPMetadataParser</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">    A class that contain methods related to obtaining and parsing metadata from IdP</span>
+
+<span class="sd">    This class does not validate in any way the URL that is introduced,</span>
+<span class="sd">    make sure to validate it properly before use it in a get_metadata method.</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_IdPMetadataParser.get_metadata"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.get_metadata">[docs]</a>    <span class="nd">@classmethod</span>
+    <span class="k">def</span> <span class="nf">get_metadata</span><span class="p">(</span><span class="bp">cls</span><span class="p">,</span> <span class="n">url</span><span class="p">,</span> <span class="n">validate_cert</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span> <span class="n">timeout</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">headers</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the metadata XML from the provided URL</span>
+<span class="sd">        :param url: Url where the XML of the Identity Provider Metadata is published.</span>
+<span class="sd">        :type url: string</span>
+
+<span class="sd">        :param validate_cert: If the url uses https schema, that flag enables or not the verification of the associated certificate.</span>
+<span class="sd">        :type validate_cert: bool</span>
+
+<span class="sd">        :param timeout: Timeout in seconds to wait for metadata response</span>
+<span class="sd">        :type timeout: int</span>
+<span class="sd">        :param headers: Extra headers to send in the request</span>
+<span class="sd">        :type headers: dict</span>
+
+<span class="sd">        :returns: metadata XML</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">valid</span> <span class="o">=</span> <span class="kc">False</span>
+
+        <span class="n">request</span> <span class="o">=</span> <span class="n">urllib2</span><span class="o">.</span><span class="n">Request</span><span class="p">(</span><span class="n">url</span><span class="p">,</span> <span class="n">headers</span><span class="o">=</span><span class="n">headers</span> <span class="ow">or</span> <span class="p">{})</span>
+
+        <span class="k">if</span> <span class="n">validate_cert</span><span class="p">:</span>
+            <span class="n">response</span> <span class="o">=</span> <span class="n">urllib2</span><span class="o">.</span><span class="n">urlopen</span><span class="p">(</span><span class="n">request</span><span class="p">,</span> <span class="n">timeout</span><span class="o">=</span><span class="n">timeout</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">ctx</span> <span class="o">=</span> <span class="n">ssl</span><span class="o">.</span><span class="n">create_default_context</span><span class="p">()</span>
+            <span class="n">ctx</span><span class="o">.</span><span class="n">check_hostname</span> <span class="o">=</span> <span class="kc">False</span>
+            <span class="n">ctx</span><span class="o">.</span><span class="n">verify_mode</span> <span class="o">=</span> <span class="n">ssl</span><span class="o">.</span><span class="n">CERT_NONE</span>
+            <span class="n">response</span> <span class="o">=</span> <span class="n">urllib2</span><span class="o">.</span><span class="n">urlopen</span><span class="p">(</span><span class="n">request</span><span class="p">,</span> <span class="n">context</span><span class="o">=</span><span class="n">ctx</span><span class="p">,</span> <span class="n">timeout</span><span class="o">=</span><span class="n">timeout</span><span class="p">)</span>
+        <span class="n">xml</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">read</span><span class="p">()</span>
+
+        <span class="k">if</span> <span class="n">xml</span><span class="p">:</span>
+            <span class="k">try</span><span class="p">:</span>
+                <span class="n">dom</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="n">xml</span><span class="p">)</span>
+                <span class="n">idp_descriptor_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s1">&#39;//md:IDPSSODescriptor&#39;</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">idp_descriptor_nodes</span><span class="p">:</span>
+                    <span class="n">valid</span> <span class="o">=</span> <span class="kc">True</span>
+            <span class="k">except</span> <span class="ne">Exception</span><span class="p">:</span>
+                <span class="k">pass</span>
+
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">valid</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s1">&#39;Not valid IdP XML found from URL: </span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">url</span><span class="p">))</span>
+
+        <span class="k">return</span> <span class="n">xml</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_IdPMetadataParser.parse_remote"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.parse_remote">[docs]</a>    <span class="nd">@classmethod</span>
+    <span class="k">def</span> <span class="nf">parse_remote</span><span class="p">(</span><span class="bp">cls</span><span class="p">,</span> <span class="n">url</span><span class="p">,</span> <span class="n">validate_cert</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span> <span class="n">entity_id</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">timeout</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the metadata XML from the provided URL and parse it, returning a dict with extracted data</span>
+<span class="sd">        :param url: Url where the XML of the Identity Provider Metadata is published.</span>
+<span class="sd">        :type url: string</span>
+
+<span class="sd">        :param validate_cert: If the url uses https schema, that flag enables or not the verification of the associated certificate.</span>
+<span class="sd">        :type validate_cert: bool</span>
+
+<span class="sd">        :param entity_id: Specify the entity_id of the EntityDescriptor that you want to parse a XML</span>
+<span class="sd">                          that contains multiple EntityDescriptor.</span>
+<span class="sd">        :type entity_id: string</span>
+
+<span class="sd">        :param timeout: Timeout in seconds to wait for metadata response</span>
+<span class="sd">        :type timeout: int</span>
+
+<span class="sd">        :returns: settings dict with extracted data</span>
+<span class="sd">        :rtype: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">idp_metadata</span> <span class="o">=</span> <span class="bp">cls</span><span class="o">.</span><span class="n">get_metadata</span><span class="p">(</span><span class="n">url</span><span class="p">,</span> <span class="n">validate_cert</span><span class="p">,</span> <span class="n">timeout</span><span class="p">,</span> <span class="n">headers</span><span class="o">=</span><span class="n">kwargs</span><span class="o">.</span><span class="n">pop</span><span class="p">(</span><span class="s1">&#39;headers&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">))</span>
+        <span class="k">return</span> <span class="bp">cls</span><span class="o">.</span><span class="n">parse</span><span class="p">(</span><span class="n">idp_metadata</span><span class="p">,</span> <span class="n">entity_id</span><span class="o">=</span><span class="n">entity_id</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_IdPMetadataParser.parse"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.parse">[docs]</a>    <span class="nd">@classmethod</span>
+    <span class="k">def</span> <span class="nf">parse</span><span class="p">(</span>
+            <span class="bp">cls</span><span class="p">,</span>
+            <span class="n">idp_metadata</span><span class="p">,</span>
+            <span class="n">required_sso_binding</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">BINDING_HTTP_REDIRECT</span><span class="p">,</span>
+            <span class="n">required_slo_binding</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">BINDING_HTTP_REDIRECT</span><span class="p">,</span>
+            <span class="n">entity_id</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Parses the Identity Provider metadata and return a dict with extracted data.</span>
+
+<span class="sd">        If there are multiple &lt;IDPSSODescriptor&gt; tags, parse only the first.</span>
+
+<span class="sd">        Parses only those SSO endpoints with the same binding as given by</span>
+<span class="sd">        the `required_sso_binding` parameter.</span>
+
+<span class="sd">        Parses only those SLO endpoints with the same binding as given by</span>
+<span class="sd">        the `required_slo_binding` parameter.</span>
+
+<span class="sd">        If the metadata specifies multiple SSO endpoints with the required</span>
+<span class="sd">        binding, extract only the first (the same holds true for SLO</span>
+<span class="sd">        endpoints).</span>
+
+<span class="sd">        :param idp_metadata: XML of the Identity Provider Metadata.</span>
+<span class="sd">        :type idp_metadata: string</span>
+
+<span class="sd">        :param required_sso_binding: Parse only POST or REDIRECT SSO endpoints.</span>
+<span class="sd">        :type required_sso_binding: one of OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT</span>
+<span class="sd">            or OneLogin_Saml2_Constants.BINDING_HTTP_POST</span>
+
+<span class="sd">        :param required_slo_binding: Parse only POST or REDIRECT SLO endpoints.</span>
+<span class="sd">        :type required_slo_binding: one of OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT</span>
+<span class="sd">            or OneLogin_Saml2_Constants.BINDING_HTTP_POST</span>
+
+<span class="sd">        :param entity_id: Specify the entity_id of the EntityDescriptor that you want to parse a XML</span>
+<span class="sd">                          that contains multiple EntityDescriptor.</span>
+<span class="sd">        :type entity_id: string</span>
+
+<span class="sd">        :returns: settings dict with extracted data</span>
+<span class="sd">        :rtype: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">data</span> <span class="o">=</span> <span class="p">{}</span>
+
+        <span class="n">dom</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="n">idp_metadata</span><span class="p">)</span>
+        <span class="n">idp_entity_id</span> <span class="o">=</span> <span class="n">want_authn_requests_signed</span> <span class="o">=</span> <span class="n">idp_name_id_format</span> <span class="o">=</span> <span class="n">idp_sso_url</span> <span class="o">=</span> <span class="n">idp_slo_url</span> <span class="o">=</span> <span class="n">certs</span> <span class="o">=</span> <span class="kc">None</span>
+
+        <span class="n">entity_desc_path</span> <span class="o">=</span> <span class="s1">&#39;//md:EntityDescriptor&#39;</span>
+        <span class="k">if</span> <span class="n">entity_id</span><span class="p">:</span>
+            <span class="n">entity_desc_path</span> <span class="o">+=</span> <span class="s2">&quot;[@entityID=&#39;</span><span class="si">%s</span><span class="s2">&#39;]&quot;</span> <span class="o">%</span> <span class="n">entity_id</span>
+        <span class="n">entity_descriptor_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="n">entity_desc_path</span><span class="p">)</span>
+
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">entity_descriptor_nodes</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="n">entity_descriptor_node</span> <span class="o">=</span> <span class="n">entity_descriptor_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
+            <span class="n">idp_descriptor_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">entity_descriptor_node</span><span class="p">,</span> <span class="s1">&#39;./md:IDPSSODescriptor&#39;</span><span class="p">)</span>
+            <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">idp_descriptor_nodes</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+                <span class="n">idp_descriptor_node</span> <span class="o">=</span> <span class="n">idp_descriptor_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
+
+                <span class="n">idp_entity_id</span> <span class="o">=</span> <span class="n">entity_descriptor_node</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;entityID&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+
+                <span class="n">want_authn_requests_signed</span> <span class="o">=</span> <span class="n">idp_descriptor_node</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;WantAuthnRequestsSigned&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+
+                <span class="n">name_id_format_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">idp_descriptor_node</span><span class="p">,</span> <span class="s1">&#39;./md:NameIDFormat&#39;</span><span class="p">)</span>
+                <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">name_id_format_nodes</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+                    <span class="n">idp_name_id_format</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">name_id_format_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
+
+                <span class="n">sso_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span>
+                    <span class="n">idp_descriptor_node</span><span class="p">,</span>
+                    <span class="s2">&quot;./md:SingleSignOnService[@Binding=&#39;</span><span class="si">%s</span><span class="s2">&#39;]&quot;</span> <span class="o">%</span> <span class="n">required_sso_binding</span>
+                <span class="p">)</span>
+
+                <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">sso_nodes</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+                    <span class="n">idp_sso_url</span> <span class="o">=</span> <span class="n">sso_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;Location&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+
+                <span class="n">slo_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span>
+                    <span class="n">idp_descriptor_node</span><span class="p">,</span>
+                    <span class="s2">&quot;./md:SingleLogoutService[@Binding=&#39;</span><span class="si">%s</span><span class="s2">&#39;]&quot;</span> <span class="o">%</span> <span class="n">required_slo_binding</span>
+                <span class="p">)</span>
+
+                <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">slo_nodes</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+                    <span class="n">idp_slo_url</span> <span class="o">=</span> <span class="n">slo_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;Location&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+
+                <span class="n">signing_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">idp_descriptor_node</span><span class="p">,</span> <span class="s2">&quot;./md:KeyDescriptor[not(contains(@use, &#39;encryption&#39;))]/ds:KeyInfo/ds:X509Data/ds:X509Certificate&quot;</span><span class="p">)</span>
+                <span class="n">encryption_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">idp_descriptor_node</span><span class="p">,</span> <span class="s2">&quot;./md:KeyDescriptor[not(contains(@use, &#39;signing&#39;))]/ds:KeyInfo/ds:X509Data/ds:X509Certificate&quot;</span><span class="p">)</span>
+
+                <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">signing_nodes</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">encryption_nodes</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+                    <span class="n">certs</span> <span class="o">=</span> <span class="p">{}</span>
+                    <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">signing_nodes</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+                        <span class="n">certs</span><span class="p">[</span><span class="s1">&#39;signing&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="p">[]</span>
+                        <span class="k">for</span> <span class="n">cert_node</span> <span class="ow">in</span> <span class="n">signing_nodes</span><span class="p">:</span>
+                            <span class="n">certs</span><span class="p">[</span><span class="s1">&#39;signing&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">cert_node</span><span class="p">)</span><span class="o">.</span><span class="n">split</span><span class="p">()))</span>
+                    <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">encryption_nodes</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+                        <span class="n">certs</span><span class="p">[</span><span class="s1">&#39;encryption&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="p">[]</span>
+                        <span class="k">for</span> <span class="n">cert_node</span> <span class="ow">in</span> <span class="n">encryption_nodes</span><span class="p">:</span>
+                            <span class="n">certs</span><span class="p">[</span><span class="s1">&#39;encryption&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">cert_node</span><span class="p">)</span><span class="o">.</span><span class="n">split</span><span class="p">()))</span>
+
+                <span class="n">data</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="p">{}</span>
+
+                <span class="k">if</span> <span class="n">idp_entity_id</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+                    <span class="n">data</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">][</span><span class="s1">&#39;entityId&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">idp_entity_id</span>
+
+                <span class="k">if</span> <span class="n">idp_sso_url</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+                    <span class="n">data</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">][</span><span class="s1">&#39;singleSignOnService&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="p">{}</span>
+                    <span class="n">data</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">][</span><span class="s1">&#39;singleSignOnService&#39;</span><span class="p">][</span><span class="s1">&#39;url&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">idp_sso_url</span>
+                    <span class="n">data</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">][</span><span class="s1">&#39;singleSignOnService&#39;</span><span class="p">][</span><span class="s1">&#39;binding&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">required_sso_binding</span>
+
+                <span class="k">if</span> <span class="n">idp_slo_url</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+                    <span class="n">data</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">][</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="p">{}</span>
+                    <span class="n">data</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">][</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s1">&#39;url&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">idp_slo_url</span>
+                    <span class="n">data</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">][</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s1">&#39;binding&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">required_slo_binding</span>
+
+                <span class="k">if</span> <span class="n">want_authn_requests_signed</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+                    <span class="n">data</span><span class="p">[</span><span class="s1">&#39;security&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="p">{}</span>
+                    <span class="n">data</span><span class="p">[</span><span class="s1">&#39;security&#39;</span><span class="p">][</span><span class="s1">&#39;authnRequestsSigned&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">want_authn_requests_signed</span> <span class="o">==</span> <span class="s2">&quot;true&quot;</span>
+
+                <span class="k">if</span> <span class="n">idp_name_id_format</span><span class="p">:</span>
+                    <span class="n">data</span><span class="p">[</span><span class="s1">&#39;sp&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="p">{}</span>
+                    <span class="n">data</span><span class="p">[</span><span class="s1">&#39;sp&#39;</span><span class="p">][</span><span class="s1">&#39;NameIDFormat&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">idp_name_id_format</span>
+
+                <span class="k">if</span> <span class="n">certs</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+                    <span class="k">if</span> <span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="n">certs</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span> <span class="ow">and</span>
+                        <span class="p">((</span><span class="s1">&#39;signing&#39;</span> <span class="ow">in</span> <span class="n">certs</span> <span class="ow">and</span> <span class="nb">len</span><span class="p">(</span><span class="n">certs</span><span class="p">[</span><span class="s1">&#39;signing&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">1</span><span class="p">)</span> <span class="ow">or</span>
+                         <span class="p">(</span><span class="s1">&#39;encryption&#39;</span> <span class="ow">in</span> <span class="n">certs</span> <span class="ow">and</span> <span class="nb">len</span><span class="p">(</span><span class="n">certs</span><span class="p">[</span><span class="s1">&#39;encryption&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">1</span><span class="p">)))</span> <span class="ow">or</span> \
+                        <span class="p">((</span><span class="s1">&#39;signing&#39;</span> <span class="ow">in</span> <span class="n">certs</span> <span class="ow">and</span> <span class="nb">len</span><span class="p">(</span><span class="n">certs</span><span class="p">[</span><span class="s1">&#39;signing&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">1</span><span class="p">)</span> <span class="ow">and</span>
+                         <span class="p">(</span><span class="s1">&#39;encryption&#39;</span> <span class="ow">in</span> <span class="n">certs</span> <span class="ow">and</span> <span class="nb">len</span><span class="p">(</span><span class="n">certs</span><span class="p">[</span><span class="s1">&#39;encryption&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">1</span> <span class="ow">and</span>
+                         <span class="n">certs</span><span class="p">[</span><span class="s1">&#39;signing&#39;</span><span class="p">][</span><span class="mi">0</span><span class="p">]</span> <span class="o">==</span> <span class="n">certs</span><span class="p">[</span><span class="s1">&#39;encryption&#39;</span><span class="p">][</span><span class="mi">0</span><span class="p">])):</span>
+                        <span class="k">if</span> <span class="s1">&#39;signing&#39;</span> <span class="ow">in</span> <span class="n">certs</span><span class="p">:</span>
+                            <span class="n">data</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">][</span><span class="s1">&#39;x509cert&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">certs</span><span class="p">[</span><span class="s1">&#39;signing&#39;</span><span class="p">][</span><span class="mi">0</span><span class="p">]</span>
+                        <span class="k">else</span><span class="p">:</span>
+                            <span class="n">data</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">][</span><span class="s1">&#39;x509cert&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">certs</span><span class="p">[</span><span class="s1">&#39;encryption&#39;</span><span class="p">][</span><span class="mi">0</span><span class="p">]</span>
+                    <span class="k">else</span><span class="p">:</span>
+                        <span class="n">data</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">][</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">certs</span>
+        <span class="k">return</span> <span class="n">data</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_IdPMetadataParser.merge_settings"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.merge_settings">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">merge_settings</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="n">new_metadata_settings</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Will update the settings with the provided new settings data extracted from the IdP metadata</span>
+<span class="sd">        :param settings: Current settings dict data</span>
+<span class="sd">        :type settings: dict</span>
+<span class="sd">        :param new_metadata_settings: Settings to be merged (extracted from IdP metadata after parsing)</span>
+<span class="sd">        :type new_metadata_settings: dict</span>
+<span class="sd">        :returns: merged settings</span>
+<span class="sd">        :rtype: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">for</span> <span class="n">d</span> <span class="ow">in</span> <span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="n">new_metadata_settings</span><span class="p">):</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">d</span><span class="p">,</span> <span class="nb">dict</span><span class="p">):</span>
+                <span class="k">raise</span> <span class="ne">TypeError</span><span class="p">(</span><span class="s1">&#39;Both arguments must be dictionaries.&#39;</span><span class="p">)</span>
+
+        <span class="c1"># Guarantee to not modify original data (`settings.copy()` would not</span>
+        <span class="c1"># be sufficient, as it&#39;s just a shallow copy).</span>
+        <span class="n">result_settings</span> <span class="o">=</span> <span class="n">deepcopy</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span>
+
+        <span class="c1"># previously I will take care of cert stuff</span>
+        <span class="k">if</span> <span class="s1">&#39;idp&#39;</span> <span class="ow">in</span> <span class="n">new_metadata_settings</span> <span class="ow">and</span> <span class="s1">&#39;idp&#39;</span> <span class="ow">in</span> <span class="n">result_settings</span><span class="p">:</span>
+            <span class="k">if</span> <span class="n">new_metadata_settings</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;x509cert&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span> <span class="ow">and</span> <span class="n">result_settings</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">):</span>
+                <span class="k">del</span> <span class="n">result_settings</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">][</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">]</span>
+            <span class="k">if</span> <span class="n">new_metadata_settings</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span> <span class="ow">and</span> <span class="n">result_settings</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;x509cert&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">):</span>
+                <span class="k">del</span> <span class="n">result_settings</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">][</span><span class="s1">&#39;x509cert&#39;</span><span class="p">]</span>
+
+        <span class="c1"># Merge `new_metadata_settings` into `result_settings`.</span>
+        <span class="n">dict_deep_merge</span><span class="p">(</span><span class="n">result_settings</span><span class="p">,</span> <span class="n">new_metadata_settings</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">result_settings</span></div></div>
+
+
+<div class="viewcode-block" id="dict_deep_merge"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.dict_deep_merge">[docs]</a><span class="k">def</span> <span class="nf">dict_deep_merge</span><span class="p">(</span><span class="n">a</span><span class="p">,</span> <span class="n">b</span><span class="p">,</span> <span class="n">path</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;Deep-merge dictionary `b` into dictionary `a`.</span>
+
+<span class="sd">    Kudos to http://stackoverflow.com/a/7205107/145400</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+    <span class="k">if</span> <span class="n">path</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+        <span class="n">path</span> <span class="o">=</span> <span class="p">[]</span>
+    <span class="k">for</span> <span class="n">key</span> <span class="ow">in</span> <span class="n">b</span><span class="p">:</span>
+        <span class="k">if</span> <span class="n">key</span> <span class="ow">in</span> <span class="n">a</span><span class="p">:</span>
+            <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">a</span><span class="p">[</span><span class="n">key</span><span class="p">],</span> <span class="nb">dict</span><span class="p">)</span> <span class="ow">and</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">b</span><span class="p">[</span><span class="n">key</span><span class="p">],</span> <span class="nb">dict</span><span class="p">):</span>
+                <span class="n">dict_deep_merge</span><span class="p">(</span><span class="n">a</span><span class="p">[</span><span class="n">key</span><span class="p">],</span> <span class="n">b</span><span class="p">[</span><span class="n">key</span><span class="p">],</span> <span class="n">path</span> <span class="o">+</span> <span class="p">[</span><span class="nb">str</span><span class="p">(</span><span class="n">key</span><span class="p">)])</span>
+            <span class="k">elif</span> <span class="n">a</span><span class="p">[</span><span class="n">key</span><span class="p">]</span> <span class="o">==</span> <span class="n">b</span><span class="p">[</span><span class="n">key</span><span class="p">]:</span>
+                <span class="c1"># Key conflict, but equal value.</span>
+                <span class="k">pass</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="c1"># Key/value conflict. Prioritize b over a.</span>
+                <span class="n">a</span><span class="p">[</span><span class="n">key</span><span class="p">]</span> <span class="o">=</span> <span class="n">b</span><span class="p">[</span><span class="n">key</span><span class="p">]</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">a</span><span class="p">[</span><span class="n">key</span><span class="p">]</span> <span class="o">=</span> <span class="n">b</span><span class="p">[</span><span class="n">key</span><span class="p">]</span>
+    <span class="k">return</span> <span class="n">a</span></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/logout_request.html b/docs/saml2/_modules/onelogin/saml2/logout_request.html
new file mode 100644
index 00000000..bdc48e77
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/logout_request.html
@@ -0,0 +1,465 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.logout_request &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.logout_request</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.logout_request</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; OneLogin_Saml2_Logout_Request class</span>
+
+
+<span class="sd">Logout Request class of SAML Python Toolkit.</span>
+
+<span class="sd">&quot;&quot;&quot;</span>
+
+<span class="kn">from</span> <span class="nn">onelogin.saml2</span> <span class="kn">import</span> <span class="n">compat</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">,</span> <span class="n">OneLogin_Saml2_ValidationError</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.xml_templates</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Templates</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.xml_utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_XML</span>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Request">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Logout_Request</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+
+<span class="sd">    This class handles a Logout Request.</span>
+
+<span class="sd">    Builds a Logout Response object and validates it.</span>
+
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">,</span> <span class="n">request</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">name_id</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">session_index</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">nq</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">name_id_format</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">spnq</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Constructs the Logout Request object.</span>
+
+<span class="sd">        :param settings: Setting data</span>
+<span class="sd">        :type settings: OneLogin_Saml2_Settings</span>
+
+<span class="sd">        :param request: Optional. A LogoutRequest to be loaded instead build one.</span>
+<span class="sd">        :type request: string</span>
+
+<span class="sd">        :param name_id: The NameID that will be set in the LogoutRequest.</span>
+<span class="sd">        :type name_id: string</span>
+
+<span class="sd">        :param session_index: SessionIndex that identifies the session of the user.</span>
+<span class="sd">        :type session_index: string</span>
+
+<span class="sd">        :param nq: IDP Name Qualifier</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param name_id_format: The NameID Format that will be set in the LogoutRequest.</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param spnq: SP Name Qualifier</span>
+<span class="sd">        :type: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span> <span class="o">=</span> <span class="n">settings</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_error</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">id</span> <span class="o">=</span> <span class="kc">None</span>
+
+        <span class="k">if</span> <span class="n">request</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">sp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_sp_data</span><span class="p">()</span>
+            <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
+            <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
+
+            <span class="bp">self</span><span class="o">.</span><span class="n">id</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_generate_request_id</span><span class="p">()</span>
+
+            <span class="n">issue_instant</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_time_to_SAML</span><span class="p">(</span><span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">now</span><span class="p">())</span>
+
+            <span class="n">cert</span> <span class="o">=</span> <span class="kc">None</span>
+            <span class="k">if</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;nameIdEncrypted&#39;</span><span class="p">]:</span>
+                <span class="n">exists_multix509enc</span> <span class="o">=</span> <span class="s1">&#39;x509certMulti&#39;</span> <span class="ow">in</span> <span class="n">idp_data</span> <span class="ow">and</span> \
+                    <span class="s1">&#39;encryption&#39;</span> <span class="ow">in</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">]</span> <span class="ow">and</span> \
+                    <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;encryption&#39;</span><span class="p">]</span>
+                <span class="k">if</span> <span class="n">exists_multix509enc</span><span class="p">:</span>
+                    <span class="n">cert</span> <span class="o">=</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;encryption&#39;</span><span class="p">][</span><span class="mi">0</span><span class="p">]</span>
+                <span class="k">else</span><span class="p">:</span>
+                    <span class="n">cert</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_idp_cert</span><span class="p">()</span>
+
+            <span class="k">if</span> <span class="n">name_id</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">name_id_format</span> <span class="ow">and</span> <span class="n">sp_data</span><span class="p">[</span><span class="s1">&#39;NameIDFormat&#39;</span><span class="p">]</span> <span class="o">!=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NAMEID_UNSPECIFIED</span><span class="p">:</span>
+                    <span class="n">name_id_format</span> <span class="o">=</span> <span class="n">sp_data</span><span class="p">[</span><span class="s1">&#39;NameIDFormat&#39;</span><span class="p">]</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">name_id</span> <span class="o">=</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;entityId&#39;</span><span class="p">]</span>
+                <span class="n">name_id_format</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NAMEID_ENTITY</span>
+
+            <span class="c1"># From saml-core-2.0-os 8.3.6, when the entity Format is used:</span>
+            <span class="c1"># &quot;The NameQualifier, SPNameQualifier, and SPProvidedID attributes</span>
+            <span class="c1"># MUST be omitted.</span>
+            <span class="k">if</span> <span class="n">name_id_format</span> <span class="ow">and</span> <span class="n">name_id_format</span> <span class="o">==</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NAMEID_ENTITY</span><span class="p">:</span>
+                <span class="n">nq</span> <span class="o">=</span> <span class="kc">None</span>
+                <span class="n">spnq</span> <span class="o">=</span> <span class="kc">None</span>
+
+            <span class="c1"># NameID Format UNSPECIFIED omitted</span>
+            <span class="k">if</span> <span class="n">name_id_format</span> <span class="ow">and</span> <span class="n">name_id_format</span> <span class="o">==</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NAMEID_UNSPECIFIED</span><span class="p">:</span>
+                <span class="n">name_id_format</span> <span class="o">=</span> <span class="kc">None</span>
+
+            <span class="n">name_id_obj</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">generate_name_id</span><span class="p">(</span>
+                <span class="n">name_id</span><span class="p">,</span>
+                <span class="n">spnq</span><span class="p">,</span>
+                <span class="n">name_id_format</span><span class="p">,</span>
+                <span class="n">cert</span><span class="p">,</span>
+                <span class="kc">False</span><span class="p">,</span>
+                <span class="n">nq</span>
+            <span class="p">)</span>
+
+            <span class="k">if</span> <span class="n">session_index</span><span class="p">:</span>
+                <span class="n">session_index_str</span> <span class="o">=</span> <span class="s1">&#39;&lt;samlp:SessionIndex&gt;</span><span class="si">%s</span><span class="s1">&lt;/samlp:SessionIndex&gt;&#39;</span> <span class="o">%</span> <span class="n">session_index</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">session_index_str</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+
+            <span class="n">logout_request</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Templates</span><span class="o">.</span><span class="n">LOGOUT_REQUEST</span> <span class="o">%</span> \
+                <span class="p">{</span>
+                    <span class="s1">&#39;id&#39;</span><span class="p">:</span> <span class="bp">self</span><span class="o">.</span><span class="n">id</span><span class="p">,</span>
+                    <span class="s1">&#39;issue_instant&#39;</span><span class="p">:</span> <span class="n">issue_instant</span><span class="p">,</span>
+                    <span class="s1">&#39;single_logout_url&#39;</span><span class="p">:</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_idp_slo_url</span><span class="p">(),</span>
+                    <span class="s1">&#39;entity_id&#39;</span><span class="p">:</span> <span class="n">sp_data</span><span class="p">[</span><span class="s1">&#39;entityId&#39;</span><span class="p">],</span>
+                    <span class="s1">&#39;name_id&#39;</span><span class="p">:</span> <span class="n">name_id_obj</span><span class="p">,</span>
+                    <span class="s1">&#39;session_index&#39;</span><span class="p">:</span> <span class="n">session_index_str</span><span class="p">,</span>
+                <span class="p">}</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">logout_request</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">decode_base64_and_inflate</span><span class="p">(</span><span class="n">request</span><span class="p">,</span> <span class="n">ignore_zip</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">id</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_id</span><span class="p">(</span><span class="n">logout_request</span><span class="p">)</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">_logout_request</span> <span class="o">=</span> <span class="n">compat</span><span class="o">.</span><span class="n">to_string</span><span class="p">(</span><span class="n">logout_request</span><span class="p">)</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_request"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Request.get_request">[docs]</a>    <span class="k">def</span> <span class="nf">get_request</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">deflate</span><span class="o">=</span><span class="kc">True</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the Logout Request deflated, base64encoded</span>
+<span class="sd">        :param deflate: It makes the deflate process optional</span>
+<span class="sd">        :type: bool</span>
+<span class="sd">        :return: Logout Request maybe deflated and base64 encoded</span>
+<span class="sd">        :rtype: str object</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="n">deflate</span><span class="p">:</span>
+            <span class="n">request</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">deflate_and_base64_encode</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_logout_request</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">request</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">b64encode</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_logout_request</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">request</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_xml"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Request.get_xml">[docs]</a>    <span class="k">def</span> <span class="nf">get_xml</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the XML that will be sent as part of the request</span>
+<span class="sd">        or that was received at the SP</span>
+<span class="sd">        :return: XML request body</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_logout_request</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_id"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Request.get_id">[docs]</a>    <span class="nd">@classmethod</span>
+    <span class="k">def</span> <span class="nf">get_id</span><span class="p">(</span><span class="bp">cls</span><span class="p">,</span> <span class="n">request</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the ID of the Logout Request</span>
+<span class="sd">        :param request: Logout Request Message</span>
+<span class="sd">        :type request: string|DOMDocument</span>
+<span class="sd">        :return: string ID</span>
+<span class="sd">        :rtype: str object</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+
+        <span class="n">elem</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="n">request</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">elem</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;ID&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_nameid_data"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Request.get_nameid_data">[docs]</a>    <span class="nd">@classmethod</span>
+    <span class="k">def</span> <span class="nf">get_nameid_data</span><span class="p">(</span><span class="bp">cls</span><span class="p">,</span> <span class="n">request</span><span class="p">,</span> <span class="n">key</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the NameID Data of the the Logout Request</span>
+<span class="sd">        :param request: Logout Request Message</span>
+<span class="sd">        :type request: string|DOMDocument</span>
+<span class="sd">        :param key: The SP key</span>
+<span class="sd">        :type key: string</span>
+<span class="sd">        :return: Name ID Data (Value, Format, NameQualifier, SPNameQualifier)</span>
+<span class="sd">        :rtype: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">elem</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="n">request</span><span class="p">)</span>
+        <span class="n">name_id</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="n">encrypted_entries</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="s1">&#39;/samlp:LogoutRequest/saml:EncryptedID&#39;</span><span class="p">)</span>
+
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">encrypted_entries</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
+            <span class="k">if</span> <span class="n">key</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                    <span class="s1">&#39;Private Key is required in order to decrypt the NameID, check settings&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">PRIVATE_KEY_NOT_FOUND</span>
+                <span class="p">)</span>
+
+            <span class="n">encrypted_data_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="s1">&#39;/samlp:LogoutRequest/saml:EncryptedID/xenc:EncryptedData&#39;</span><span class="p">)</span>
+            <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">encrypted_data_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
+                <span class="n">encrypted_data</span> <span class="o">=</span> <span class="n">encrypted_data_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
+                <span class="n">name_id</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">decrypt_element</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">,</span> <span class="n">key</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">entries</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="s1">&#39;/samlp:LogoutRequest/saml:NameID&#39;</span><span class="p">)</span>
+            <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">entries</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
+                <span class="n">name_id</span> <span class="o">=</span> <span class="n">entries</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
+
+        <span class="k">if</span> <span class="n">name_id</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                <span class="s1">&#39;NameID not found in the Logout Request&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">NO_NAMEID</span>
+            <span class="p">)</span>
+
+        <span class="n">name_id_data</span> <span class="o">=</span> <span class="p">{</span>
+            <span class="s1">&#39;Value&#39;</span><span class="p">:</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">name_id</span><span class="p">)</span>
+        <span class="p">}</span>
+        <span class="k">for</span> <span class="n">attr</span> <span class="ow">in</span> <span class="p">[</span><span class="s1">&#39;Format&#39;</span><span class="p">,</span> <span class="s1">&#39;SPNameQualifier&#39;</span><span class="p">,</span> <span class="s1">&#39;NameQualifier&#39;</span><span class="p">]:</span>
+            <span class="k">if</span> <span class="n">attr</span> <span class="ow">in</span> <span class="n">name_id</span><span class="o">.</span><span class="n">attrib</span><span class="p">:</span>
+                <span class="n">name_id_data</span><span class="p">[</span><span class="n">attr</span><span class="p">]</span> <span class="o">=</span> <span class="n">name_id</span><span class="o">.</span><span class="n">attrib</span><span class="p">[</span><span class="n">attr</span><span class="p">]</span>
+
+        <span class="k">return</span> <span class="n">name_id_data</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_nameid"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Request.get_nameid">[docs]</a>    <span class="nd">@classmethod</span>
+    <span class="k">def</span> <span class="nf">get_nameid</span><span class="p">(</span><span class="bp">cls</span><span class="p">,</span> <span class="n">request</span><span class="p">,</span> <span class="n">key</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the NameID of the Logout Request Message</span>
+<span class="sd">        :param request: Logout Request Message</span>
+<span class="sd">        :type request: string|DOMDocument</span>
+<span class="sd">        :param key: The SP key</span>
+<span class="sd">        :type key: string</span>
+<span class="sd">        :return: Name ID Value</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">name_id</span> <span class="o">=</span> <span class="bp">cls</span><span class="o">.</span><span class="n">get_nameid_data</span><span class="p">(</span><span class="n">request</span><span class="p">,</span> <span class="n">key</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">name_id</span><span class="p">[</span><span class="s1">&#39;Value&#39;</span><span class="p">]</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_nameid_format"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Request.get_nameid_format">[docs]</a>    <span class="nd">@classmethod</span>
+    <span class="k">def</span> <span class="nf">get_nameid_format</span><span class="p">(</span><span class="bp">cls</span><span class="p">,</span> <span class="n">request</span><span class="p">,</span> <span class="n">key</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the NameID Format of the Logout Request Message</span>
+<span class="sd">        :param request: Logout Request Message</span>
+<span class="sd">        :type request: string|DOMDocument</span>
+<span class="sd">        :param key: The SP key</span>
+<span class="sd">        :type key: string</span>
+<span class="sd">        :return: Name ID Format</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">name_id_format</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="n">name_id_data</span> <span class="o">=</span> <span class="bp">cls</span><span class="o">.</span><span class="n">get_nameid_data</span><span class="p">(</span><span class="n">request</span><span class="p">,</span> <span class="n">key</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">name_id_data</span> <span class="ow">and</span> <span class="s1">&#39;Format&#39;</span> <span class="ow">in</span> <span class="n">name_id_data</span><span class="o">.</span><span class="n">keys</span><span class="p">():</span>
+            <span class="n">name_id_format</span> <span class="o">=</span> <span class="n">name_id_data</span><span class="p">[</span><span class="s1">&#39;Format&#39;</span><span class="p">]</span>
+        <span class="k">return</span> <span class="n">name_id_format</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_issuer"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Request.get_issuer">[docs]</a>    <span class="nd">@classmethod</span>
+    <span class="k">def</span> <span class="nf">get_issuer</span><span class="p">(</span><span class="bp">cls</span><span class="p">,</span> <span class="n">request</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the Issuer of the Logout Request Message</span>
+<span class="sd">        :param request: Logout Request Message</span>
+<span class="sd">        :type request: string|DOMDocument</span>
+<span class="sd">        :return: The Issuer</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+
+        <span class="n">elem</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="n">request</span><span class="p">)</span>
+        <span class="n">issuer</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="n">issuer_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="s1">&#39;/samlp:LogoutRequest/saml:Issuer&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">issuer_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
+            <span class="n">issuer</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">issuer_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
+        <span class="k">return</span> <span class="n">issuer</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_session_indexes"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Request.get_session_indexes">[docs]</a>    <span class="nd">@classmethod</span>
+    <span class="k">def</span> <span class="nf">get_session_indexes</span><span class="p">(</span><span class="bp">cls</span><span class="p">,</span> <span class="n">request</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the SessionIndexes from the Logout Request</span>
+<span class="sd">        :param request: Logout Request Message</span>
+<span class="sd">        :type request: string|DOMDocument</span>
+<span class="sd">        :return: The SessionIndex value</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+
+        <span class="n">elem</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="n">request</span><span class="p">)</span>
+        <span class="n">session_indexes</span> <span class="o">=</span> <span class="p">[]</span>
+        <span class="n">session_index_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="s1">&#39;/samlp:LogoutRequest/samlp:SessionIndex&#39;</span><span class="p">)</span>
+        <span class="k">for</span> <span class="n">session_index_node</span> <span class="ow">in</span> <span class="n">session_index_nodes</span><span class="p">:</span>
+            <span class="n">session_indexes</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">session_index_node</span><span class="p">))</span>
+        <span class="k">return</span> <span class="n">session_indexes</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.is_valid"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Request.is_valid">[docs]</a>    <span class="k">def</span> <span class="nf">is_valid</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">request_data</span><span class="p">,</span> <span class="n">raise_exceptions</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Checks if the Logout Request received is valid</span>
+<span class="sd">        :param request_data: Request Data</span>
+<span class="sd">        :type request_data: dict</span>
+
+<span class="sd">        :param raise_exceptions: Whether to return false on failure or raise an exception</span>
+<span class="sd">        :type raise_exceptions: Boolean</span>
+
+<span class="sd">        :return: If the Logout Request is or not valid</span>
+<span class="sd">        :rtype: boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_error</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="k">try</span><span class="p">:</span>
+            <span class="n">root</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_logout_request</span><span class="p">)</span>
+
+            <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
+            <span class="n">idp_entity_id</span> <span class="o">=</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;entityId&#39;</span><span class="p">]</span>
+
+            <span class="n">get_data</span> <span class="o">=</span> <span class="p">(</span><span class="s1">&#39;get_data&#39;</span> <span class="ow">in</span> <span class="n">request_data</span> <span class="ow">and</span> <span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;get_data&#39;</span><span class="p">])</span> <span class="ow">or</span> <span class="nb">dict</span><span class="p">()</span>
+
+            <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_strict</span><span class="p">():</span>
+                <span class="n">res</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">validate_xml</span><span class="p">(</span><span class="n">root</span><span class="p">,</span> <span class="s1">&#39;saml-schema-protocol-2.0.xsd&#39;</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">())</span>
+                <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">res</span><span class="p">,</span> <span class="nb">str</span><span class="p">):</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">INVALID_XML_FORMAT</span>
+                    <span class="p">)</span>
+
+                <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
+
+                <span class="n">current_url</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_no_query</span><span class="p">(</span><span class="n">request_data</span><span class="p">)</span>
+
+                <span class="c1"># Check NotOnOrAfter</span>
+                <span class="k">if</span> <span class="n">root</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;NotOnOrAfter&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">):</span>
+                    <span class="n">na</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">root</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;NotOnOrAfter&#39;</span><span class="p">))</span>
+                    <span class="k">if</span> <span class="n">na</span> <span class="o">&lt;=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">now</span><span class="p">():</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;Could not validate timestamp: expired. Check system clock.)&#39;</span><span class="p">,</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">RESPONSE_EXPIRED</span>
+                        <span class="p">)</span>
+
+                <span class="c1"># Check destination</span>
+                <span class="n">destination</span> <span class="o">=</span> <span class="n">root</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;Destination&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">destination</span><span class="p">:</span>
+                    <span class="k">if</span> <span class="ow">not</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">normalize_url</span><span class="p">(</span><span class="n">url</span><span class="o">=</span><span class="n">destination</span><span class="p">)</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">normalize_url</span><span class="p">(</span><span class="n">url</span><span class="o">=</span><span class="n">current_url</span><span class="p">)):</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;The LogoutRequest was received at &#39;</span>
+                            <span class="s1">&#39;</span><span class="si">%(currentURL)s</span><span class="s1"> instead of </span><span class="si">%(destination)s</span><span class="s1">&#39;</span> <span class="o">%</span>
+                            <span class="p">{</span>
+                                <span class="s1">&#39;currentURL&#39;</span><span class="p">:</span> <span class="n">current_url</span><span class="p">,</span>
+                                <span class="s1">&#39;destination&#39;</span><span class="p">:</span> <span class="n">destination</span><span class="p">,</span>
+                            <span class="p">},</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_DESTINATION</span>
+                        <span class="p">)</span>
+
+                <span class="c1"># Check issuer</span>
+                <span class="n">issuer</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_issuer</span><span class="p">(</span><span class="n">root</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">issuer</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span> <span class="ow">and</span> <span class="n">issuer</span> <span class="o">!=</span> <span class="n">idp_entity_id</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;Invalid issuer in the Logout Request (expected </span><span class="si">%(idpEntityId)s</span><span class="s1">, got </span><span class="si">%(issuer)s</span><span class="s1">)&#39;</span> <span class="o">%</span>
+                        <span class="p">{</span>
+                            <span class="s1">&#39;idpEntityId&#39;</span><span class="p">:</span> <span class="n">idp_entity_id</span><span class="p">,</span>
+                            <span class="s1">&#39;issuer&#39;</span><span class="p">:</span> <span class="n">issuer</span>
+                        <span class="p">},</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_ISSUER</span>
+                    <span class="p">)</span>
+
+                <span class="k">if</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;wantMessagesSigned&#39;</span><span class="p">]:</span>
+                    <span class="k">if</span> <span class="s1">&#39;Signature&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">get_data</span><span class="p">:</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;The Message of the Logout Request is not signed and the SP require it&#39;</span><span class="p">,</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">NO_SIGNED_MESSAGE</span>
+                        <span class="p">)</span>
+
+            <span class="k">return</span> <span class="kc">True</span>
+        <span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">err</span><span class="p">:</span>
+            <span class="c1"># pylint: disable=R0801</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_error</span> <span class="o">=</span> <span class="nb">str</span><span class="p">(</span><span class="n">err</span><span class="p">)</span>
+            <span class="n">debug</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">()</span>
+            <span class="k">if</span> <span class="n">debug</span><span class="p">:</span>
+                <span class="nb">print</span><span class="p">(</span><span class="n">err</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">raise_exceptions</span><span class="p">:</span>
+                <span class="k">raise</span>
+            <span class="k">return</span> <span class="kc">False</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_error"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Request.get_error">[docs]</a>    <span class="k">def</span> <span class="nf">get_error</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        After executing a validation process, if it fails this method returns the cause</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_error</span></div>
+
+    <span class="k">def</span> <span class="nf">_generate_request_id</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Generate an unique logout request ID.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">generate_unique_id</span><span class="p">()</span></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/logout_response.html b/docs/saml2/_modules/onelogin/saml2/logout_response.html
new file mode 100644
index 00000000..a403dc35
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/logout_response.html
@@ -0,0 +1,321 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.logout_response &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.logout_response</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.logout_response</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; OneLogin_Saml2_Logout_Response class</span>
+
+
+<span class="sd">Logout Response class of SAML Python Toolkit.</span>
+
+<span class="sd">&quot;&quot;&quot;</span>
+
+<span class="kn">from</span> <span class="nn">onelogin.saml2</span> <span class="kn">import</span> <span class="n">compat</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span><span class="p">,</span> <span class="n">OneLogin_Saml2_ValidationError</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.xml_templates</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Templates</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.xml_utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_XML</span>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Response">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Logout_Response</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+
+<span class="sd">    This class  handles a Logout Response. It Builds or parses a Logout Response object</span>
+<span class="sd">    and validates it.</span>
+
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">,</span> <span class="n">response</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Constructs a Logout Response object (Initialize params from settings</span>
+<span class="sd">        and if provided load the Logout Response.</span>
+
+<span class="sd">        Arguments are:</span>
+<span class="sd">            * (OneLogin_Saml2_Settings)   settings. Setting data</span>
+<span class="sd">            * (string)                    response. An UUEncoded SAML Logout</span>
+<span class="sd">                                                    response from the IdP.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span> <span class="o">=</span> <span class="n">settings</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_error</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">id</span> <span class="o">=</span> <span class="kc">None</span>
+
+        <span class="k">if</span> <span class="n">response</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_logout_response</span> <span class="o">=</span> <span class="n">compat</span><span class="o">.</span><span class="n">to_string</span><span class="p">(</span><span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">decode_base64_and_inflate</span><span class="p">(</span><span class="n">response</span><span class="p">,</span> <span class="n">ignore_zip</span><span class="o">=</span><span class="kc">True</span><span class="p">))</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">document</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_logout_response</span><span class="p">)</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">id</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;ID&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response.get_issuer"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Response.get_issuer">[docs]</a>    <span class="k">def</span> <span class="nf">get_issuer</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the Issuer of the Logout Response Message</span>
+<span class="sd">        :return: The Issuer</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">issuer</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="n">issuer_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query</span><span class="p">(</span><span class="s1">&#39;/samlp:LogoutResponse/saml:Issuer&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">issuer_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
+            <span class="n">issuer</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">issuer_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
+        <span class="k">return</span> <span class="n">issuer</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response.get_status"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Response.get_status">[docs]</a>    <span class="k">def</span> <span class="nf">get_status</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the Status</span>
+<span class="sd">        :return: The Status</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">entries</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query</span><span class="p">(</span><span class="s1">&#39;/samlp:LogoutResponse/samlp:Status/samlp:StatusCode&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">entries</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="k">return</span> <span class="kc">None</span>
+        <span class="n">status</span> <span class="o">=</span> <span class="n">entries</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">attrib</span><span class="p">[</span><span class="s1">&#39;Value&#39;</span><span class="p">]</span>
+        <span class="k">return</span> <span class="n">status</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response.is_valid"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Response.is_valid">[docs]</a>    <span class="k">def</span> <span class="nf">is_valid</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">request_data</span><span class="p">,</span> <span class="n">request_id</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">raise_exceptions</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Determines if the SAML LogoutResponse is valid</span>
+<span class="sd">        :param request_id: The ID of the LogoutRequest sent by this SP to the IdP</span>
+<span class="sd">        :type request_id: string</span>
+
+<span class="sd">        :param raise_exceptions: Whether to return false on failure or raise an exception</span>
+<span class="sd">        :type raise_exceptions: Boolean</span>
+
+<span class="sd">        :return: Returns if the SAML LogoutResponse is or not valid</span>
+<span class="sd">        :rtype: boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_error</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="k">try</span><span class="p">:</span>
+            <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
+            <span class="n">idp_entity_id</span> <span class="o">=</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;entityId&#39;</span><span class="p">]</span>
+            <span class="n">get_data</span> <span class="o">=</span> <span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;get_data&#39;</span><span class="p">]</span>
+
+            <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_strict</span><span class="p">():</span>
+                <span class="n">res</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">validate_xml</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">,</span> <span class="s1">&#39;saml-schema-protocol-2.0.xsd&#39;</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">())</span>
+                <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">res</span><span class="p">,</span> <span class="nb">str</span><span class="p">):</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">INVALID_XML_FORMAT</span>
+                    <span class="p">)</span>
+
+                <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
+
+                <span class="c1"># Check if the InResponseTo of the Logout Response matches the ID of the Logout Request (requestId) if provided</span>
+                <span class="n">in_response_to</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_in_response_to</span><span class="p">()</span>
+                <span class="k">if</span> <span class="n">request_id</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span> <span class="ow">and</span> <span class="n">in_response_to</span> <span class="ow">and</span> <span class="n">in_response_to</span> <span class="o">!=</span> <span class="n">request_id</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;The InResponseTo of the Logout Response: </span><span class="si">%s</span><span class="s1">, does not match the ID of the Logout request sent by the SP: </span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">in_response_to</span><span class="p">,</span> <span class="n">request_id</span><span class="p">),</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_INRESPONSETO</span>
+                    <span class="p">)</span>
+
+                <span class="c1"># Check issuer</span>
+                <span class="n">issuer</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_issuer</span><span class="p">()</span>
+                <span class="k">if</span> <span class="n">issuer</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span> <span class="ow">and</span> <span class="n">issuer</span> <span class="o">!=</span> <span class="n">idp_entity_id</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;Invalid issuer in the Logout Response (expected </span><span class="si">%(idpEntityId)s</span><span class="s1">, got </span><span class="si">%(issuer)s</span><span class="s1">)&#39;</span> <span class="o">%</span>
+                        <span class="p">{</span>
+                            <span class="s1">&#39;idpEntityId&#39;</span><span class="p">:</span> <span class="n">idp_entity_id</span><span class="p">,</span>
+                            <span class="s1">&#39;issuer&#39;</span><span class="p">:</span> <span class="n">issuer</span>
+                        <span class="p">},</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_ISSUER</span>
+                    <span class="p">)</span>
+
+                <span class="n">current_url</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_no_query</span><span class="p">(</span><span class="n">request_data</span><span class="p">)</span>
+
+                <span class="c1"># Check destination</span>
+                <span class="n">destination</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;Destination&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">destination</span><span class="p">:</span>
+                    <span class="k">if</span> <span class="ow">not</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">normalize_url</span><span class="p">(</span><span class="n">url</span><span class="o">=</span><span class="n">destination</span><span class="p">)</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">normalize_url</span><span class="p">(</span><span class="n">url</span><span class="o">=</span><span class="n">current_url</span><span class="p">)):</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;The LogoutResponse was received at </span><span class="si">%s</span><span class="s1"> instead of </span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">current_url</span><span class="p">,</span> <span class="n">destination</span><span class="p">),</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_DESTINATION</span>
+                        <span class="p">)</span>
+
+                <span class="k">if</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;wantMessagesSigned&#39;</span><span class="p">]:</span>
+                    <span class="k">if</span> <span class="s1">&#39;Signature&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">get_data</span><span class="p">:</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;The Message of the Logout Response is not signed and the SP require it&#39;</span><span class="p">,</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">NO_SIGNED_MESSAGE</span>
+                        <span class="p">)</span>
+            <span class="k">return</span> <span class="kc">True</span>
+        <span class="c1"># pylint: disable=R0801</span>
+        <span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">err</span><span class="p">:</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_error</span> <span class="o">=</span> <span class="nb">str</span><span class="p">(</span><span class="n">err</span><span class="p">)</span>
+            <span class="n">debug</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">()</span>
+            <span class="k">if</span> <span class="n">debug</span><span class="p">:</span>
+                <span class="nb">print</span><span class="p">(</span><span class="n">err</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">raise_exceptions</span><span class="p">:</span>
+                <span class="k">raise</span>
+            <span class="k">return</span> <span class="kc">False</span></div>
+
+    <span class="k">def</span> <span class="nf">_query</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">query</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Extracts a node from the Etree (Logout Response Message)</span>
+<span class="sd">        :param query: Xpath Expression</span>
+<span class="sd">        :type query: string</span>
+<span class="sd">        :return: The queried node</span>
+<span class="sd">        :rtype: Element</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">,</span> <span class="n">query</span><span class="p">)</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response.build"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Response.build">[docs]</a>    <span class="k">def</span> <span class="nf">build</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">in_response_to</span><span class="p">,</span> <span class="n">status</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">STATUS_SUCCESS</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Creates a Logout Response object.</span>
+<span class="sd">        :param in_response_to: InResponseTo value for the Logout Response.</span>
+<span class="sd">        :type in_response_to: string</span>
+<span class="sd">        :param: status: The status of the response</span>
+<span class="sd">        :type: status: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">sp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_sp_data</span><span class="p">()</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">id</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_generate_request_id</span><span class="p">()</span>
+
+        <span class="n">issue_instant</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_time_to_SAML</span><span class="p">(</span><span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">now</span><span class="p">())</span>
+
+        <span class="n">logout_response</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Templates</span><span class="o">.</span><span class="n">LOGOUT_RESPONSE</span> <span class="o">%</span> <span class="p">{</span>
+            <span class="s2">&quot;id&quot;</span><span class="p">:</span> <span class="bp">self</span><span class="o">.</span><span class="n">id</span><span class="p">,</span>
+            <span class="s2">&quot;issue_instant&quot;</span><span class="p">:</span> <span class="n">issue_instant</span><span class="p">,</span>
+            <span class="s2">&quot;destination&quot;</span><span class="p">:</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_idp_slo_response_url</span><span class="p">(),</span>
+            <span class="s2">&quot;in_response_to&quot;</span><span class="p">:</span> <span class="n">in_response_to</span><span class="p">,</span>
+            <span class="s2">&quot;entity_id&quot;</span><span class="p">:</span> <span class="n">sp_data</span><span class="p">[</span><span class="s2">&quot;entityId&quot;</span><span class="p">],</span>
+            <span class="s2">&quot;status&quot;</span><span class="p">:</span> <span class="n">status</span><span class="p">,</span>
+        <span class="p">}</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">_logout_response</span> <span class="o">=</span> <span class="n">logout_response</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response.get_in_response_to"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Response.get_in_response_to">[docs]</a>    <span class="k">def</span> <span class="nf">get_in_response_to</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the ID of the LogoutRequest which this response is in response to</span>
+<span class="sd">        :returns: ID of LogoutRequest this LogoutResponse is in response to or None if it is not present</span>
+<span class="sd">        :rtype: str</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;InResponseTo&#39;</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response.get_response"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Response.get_response">[docs]</a>    <span class="k">def</span> <span class="nf">get_response</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">deflate</span><span class="o">=</span><span class="kc">True</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns a Logout Response object.</span>
+<span class="sd">        :param deflate: It makes the deflate process optional</span>
+<span class="sd">        :type: bool</span>
+<span class="sd">        :return: Logout Response maybe deflated and base64 encoded</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="n">deflate</span><span class="p">:</span>
+            <span class="n">response</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">deflate_and_base64_encode</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_logout_response</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">response</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">b64encode</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_logout_response</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">response</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response.get_error"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Response.get_error">[docs]</a>    <span class="k">def</span> <span class="nf">get_error</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        After executing a validation process, if it fails this method returns the cause</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_error</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response.get_xml"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Logout_Response.get_xml">[docs]</a>    <span class="k">def</span> <span class="nf">get_xml</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the XML that will be sent as part of the response</span>
+<span class="sd">        or that was received at the SP</span>
+<span class="sd">        :return: XML response body</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_logout_response</span></div>
+
+    <span class="k">def</span> <span class="nf">_generate_request_id</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Generate an unique logout response ID.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">generate_unique_id</span><span class="p">()</span></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/metadata.html b/docs/saml2/_modules/onelogin/saml2/metadata.html
new file mode 100644
index 00000000..cf74b78c
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/metadata.html
@@ -0,0 +1,365 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.metadata &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.metadata</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.metadata</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; OneLoginSaml2Metadata class</span>
+
+
+<span class="sd">Metadata class of SAML Python Toolkit.</span>
+
+<span class="sd">&quot;&quot;&quot;</span>
+
+<span class="kn">from</span> <span class="nn">time</span> <span class="kn">import</span> <span class="n">gmtime</span><span class="p">,</span> <span class="n">strftime</span><span class="p">,</span> <span class="n">time</span>
+<span class="kn">from</span> <span class="nn">datetime</span> <span class="kn">import</span> <span class="n">datetime</span>
+
+<span class="kn">from</span> <span class="nn">onelogin.saml2</span> <span class="kn">import</span> <span class="n">compat</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.xml_templates</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Templates</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.xml_utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_XML</span>
+
+<span class="k">try</span><span class="p">:</span>
+    <span class="n">basestring</span>
+<span class="k">except</span> <span class="ne">NameError</span><span class="p">:</span>
+    <span class="n">basestring</span> <span class="o">=</span> <span class="nb">str</span>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_Metadata"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Metadata</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+
+<span class="sd">    A class that contains methods related to the metadata of the SP</span>
+
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="n">TIME_VALID</span> <span class="o">=</span> <span class="mi">172800</span>   <span class="c1"># 2 days</span>
+    <span class="n">TIME_CACHED</span> <span class="o">=</span> <span class="mi">604800</span>  <span class="c1"># 1 week</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Metadata.builder"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.builder">[docs]</a>    <span class="nd">@classmethod</span>
+    <span class="k">def</span> <span class="nf">builder</span><span class="p">(</span><span class="bp">cls</span><span class="p">,</span> <span class="n">sp</span><span class="p">,</span> <span class="n">authnsign</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">wsign</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">valid_until</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">cache_duration</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">contacts</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">organization</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Builds the metadata of the SP</span>
+
+<span class="sd">        :param sp: The SP data</span>
+<span class="sd">        :type sp: string</span>
+
+<span class="sd">        :param authnsign: authnRequestsSigned attribute</span>
+<span class="sd">        :type authnsign: string</span>
+
+<span class="sd">        :param wsign: wantAssertionsSigned attribute</span>
+<span class="sd">        :type wsign: string</span>
+
+<span class="sd">        :param valid_until: Metadata&#39;s expiry date</span>
+<span class="sd">        :type valid_until: string|DateTime|Timestamp</span>
+
+<span class="sd">        :param cache_duration: Duration of the cache in seconds</span>
+<span class="sd">        :type cache_duration: int|string</span>
+
+<span class="sd">        :param contacts: Contacts info</span>
+<span class="sd">        :type contacts: dict</span>
+
+<span class="sd">        :param organization: Organization info</span>
+<span class="sd">        :type organization: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="n">valid_until</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">valid_until</span> <span class="o">=</span> <span class="nb">int</span><span class="p">(</span><span class="n">time</span><span class="p">())</span> <span class="o">+</span> <span class="bp">cls</span><span class="o">.</span><span class="n">TIME_VALID</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">valid_until</span><span class="p">,</span> <span class="n">basestring</span><span class="p">):</span>
+            <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">valid_until</span><span class="p">,</span> <span class="n">datetime</span><span class="p">):</span>
+                <span class="n">valid_until_time</span> <span class="o">=</span> <span class="n">valid_until</span><span class="o">.</span><span class="n">timetuple</span><span class="p">()</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">valid_until_time</span> <span class="o">=</span> <span class="n">gmtime</span><span class="p">(</span><span class="n">valid_until</span><span class="p">)</span>
+            <span class="n">valid_until_str</span> <span class="o">=</span> <span class="n">strftime</span><span class="p">(</span><span class="sa">r</span><span class="s1">&#39;%Y-%m-</span><span class="si">%d</span><span class="s1">T%H:%M:%SZ&#39;</span><span class="p">,</span> <span class="n">valid_until_time</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">valid_until_str</span> <span class="o">=</span> <span class="n">valid_until</span>
+
+        <span class="k">if</span> <span class="n">cache_duration</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">cache_duration</span> <span class="o">=</span> <span class="bp">cls</span><span class="o">.</span><span class="n">TIME_CACHED</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">cache_duration</span><span class="p">,</span> <span class="n">compat</span><span class="o">.</span><span class="n">str_type</span><span class="p">):</span>
+            <span class="n">cache_duration_str</span> <span class="o">=</span> <span class="s1">&#39;PT</span><span class="si">%s</span><span class="s1">S&#39;</span> <span class="o">%</span> <span class="n">cache_duration</span>  <span class="c1"># Period of Time x Seconds</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">cache_duration_str</span> <span class="o">=</span> <span class="n">cache_duration</span>
+
+        <span class="k">if</span> <span class="n">contacts</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">contacts</span> <span class="o">=</span> <span class="p">{}</span>
+        <span class="k">if</span> <span class="n">organization</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">organization</span> <span class="o">=</span> <span class="p">{}</span>
+
+        <span class="n">sls</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="k">if</span> <span class="s1">&#39;singleLogoutService&#39;</span> <span class="ow">in</span> <span class="n">sp</span> <span class="ow">and</span> <span class="s1">&#39;url&#39;</span> <span class="ow">in</span> <span class="n">sp</span><span class="p">[</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">]:</span>
+            <span class="n">sls</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Templates</span><span class="o">.</span><span class="n">MD_SLS</span> <span class="o">%</span> \
+                <span class="p">{</span>
+                    <span class="s1">&#39;binding&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s1">&#39;binding&#39;</span><span class="p">],</span>
+                    <span class="s1">&#39;location&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s1">&#39;url&#39;</span><span class="p">],</span>
+                <span class="p">}</span>
+
+        <span class="n">str_authnsign</span> <span class="o">=</span> <span class="s1">&#39;true&#39;</span> <span class="k">if</span> <span class="n">authnsign</span> <span class="k">else</span> <span class="s1">&#39;false&#39;</span>
+        <span class="n">str_wsign</span> <span class="o">=</span> <span class="s1">&#39;true&#39;</span> <span class="k">if</span> <span class="n">wsign</span> <span class="k">else</span> <span class="s1">&#39;false&#39;</span>
+
+        <span class="n">str_organization</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">organization</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="n">organization_names</span> <span class="o">=</span> <span class="p">[]</span>
+            <span class="n">organization_displaynames</span> <span class="o">=</span> <span class="p">[]</span>
+            <span class="n">organization_urls</span> <span class="o">=</span> <span class="p">[]</span>
+            <span class="k">for</span> <span class="p">(</span><span class="n">lang</span><span class="p">,</span> <span class="n">info</span><span class="p">)</span> <span class="ow">in</span> <span class="n">organization</span><span class="o">.</span><span class="n">items</span><span class="p">():</span>
+                <span class="n">organization_names</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s2">&quot;&quot;&quot;        &lt;md:OrganizationName xml:lang=&quot;</span><span class="si">%s</span><span class="s2">&quot;&gt;</span><span class="si">%s</span><span class="s2">&lt;/md:OrganizationName&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="p">(</span><span class="n">lang</span><span class="p">,</span> <span class="n">info</span><span class="p">[</span><span class="s1">&#39;name&#39;</span><span class="p">]))</span>
+                <span class="n">organization_displaynames</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s2">&quot;&quot;&quot;        &lt;md:OrganizationDisplayName xml:lang=&quot;</span><span class="si">%s</span><span class="s2">&quot;&gt;</span><span class="si">%s</span><span class="s2">&lt;/md:OrganizationDisplayName&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="p">(</span><span class="n">lang</span><span class="p">,</span> <span class="n">info</span><span class="p">[</span><span class="s1">&#39;displayname&#39;</span><span class="p">]))</span>
+                <span class="n">organization_urls</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s2">&quot;&quot;&quot;        &lt;md:OrganizationURL xml:lang=&quot;</span><span class="si">%s</span><span class="s2">&quot;&gt;</span><span class="si">%s</span><span class="s2">&lt;/md:OrganizationURL&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="p">(</span><span class="n">lang</span><span class="p">,</span> <span class="n">info</span><span class="p">[</span><span class="s1">&#39;url&#39;</span><span class="p">]))</span>
+            <span class="n">org_data</span> <span class="o">=</span> <span class="s1">&#39;</span><span class="se">\n</span><span class="s1">&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">organization_names</span><span class="p">)</span> <span class="o">+</span> <span class="s1">&#39;</span><span class="se">\n</span><span class="s1">&#39;</span> <span class="o">+</span> <span class="s1">&#39;</span><span class="se">\n</span><span class="s1">&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">organization_displaynames</span><span class="p">)</span> <span class="o">+</span> <span class="s1">&#39;</span><span class="se">\n</span><span class="s1">&#39;</span> <span class="o">+</span> <span class="s1">&#39;</span><span class="se">\n</span><span class="s1">&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">organization_urls</span><span class="p">)</span>
+            <span class="n">str_organization</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;    &lt;md:Organization&gt;</span><span class="se">\n</span><span class="si">%(org)s</span><span class="se">\n</span><span class="s2">    &lt;/md:Organization&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="p">{</span><span class="s1">&#39;org&#39;</span><span class="p">:</span> <span class="n">org_data</span><span class="p">}</span>
+
+        <span class="n">str_contacts</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">contacts</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="n">contacts_info</span> <span class="o">=</span> <span class="p">[]</span>
+            <span class="k">for</span> <span class="p">(</span><span class="n">ctype</span><span class="p">,</span> <span class="n">info</span><span class="p">)</span> <span class="ow">in</span> <span class="n">contacts</span><span class="o">.</span><span class="n">items</span><span class="p">():</span>
+                <span class="n">contact</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Templates</span><span class="o">.</span><span class="n">MD_CONTACT_PERSON</span> <span class="o">%</span> \
+                    <span class="p">{</span>
+                        <span class="s1">&#39;type&#39;</span><span class="p">:</span> <span class="n">ctype</span><span class="p">,</span>
+                        <span class="s1">&#39;name&#39;</span><span class="p">:</span> <span class="n">info</span><span class="p">[</span><span class="s1">&#39;givenName&#39;</span><span class="p">],</span>
+                        <span class="s1">&#39;email&#39;</span><span class="p">:</span> <span class="n">info</span><span class="p">[</span><span class="s1">&#39;emailAddress&#39;</span><span class="p">],</span>
+                    <span class="p">}</span>
+                <span class="n">contacts_info</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">contact</span><span class="p">)</span>
+            <span class="n">str_contacts</span> <span class="o">=</span> <span class="s1">&#39;</span><span class="se">\n</span><span class="s1">&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">contacts_info</span><span class="p">)</span>
+
+        <span class="n">str_attribute_consuming_service</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="k">if</span> <span class="s1">&#39;attributeConsumingService&#39;</span> <span class="ow">in</span> <span class="n">sp</span> <span class="ow">and</span> <span class="nb">len</span><span class="p">(</span><span class="n">sp</span><span class="p">[</span><span class="s1">&#39;attributeConsumingService&#39;</span><span class="p">]):</span>
+            <span class="n">attr_cs_desc_str</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+            <span class="k">if</span> <span class="s2">&quot;serviceDescription&quot;</span> <span class="ow">in</span> <span class="n">sp</span><span class="p">[</span><span class="s1">&#39;attributeConsumingService&#39;</span><span class="p">]:</span>
+                <span class="n">attr_cs_desc_str</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;            &lt;md:ServiceDescription xml:lang=&quot;en&quot;&gt;</span><span class="si">%s</span><span class="s2">&lt;/md:ServiceDescription&gt;</span>
+<span class="s2">&quot;&quot;&quot;</span> <span class="o">%</span> <span class="n">sp</span><span class="p">[</span><span class="s1">&#39;attributeConsumingService&#39;</span><span class="p">][</span><span class="s1">&#39;serviceDescription&#39;</span><span class="p">]</span>
+
+            <span class="n">requested_attribute_data</span> <span class="o">=</span> <span class="p">[]</span>
+            <span class="k">for</span> <span class="n">req_attribs</span> <span class="ow">in</span> <span class="n">sp</span><span class="p">[</span><span class="s1">&#39;attributeConsumingService&#39;</span><span class="p">][</span><span class="s1">&#39;requestedAttributes&#39;</span><span class="p">]:</span>
+                <span class="n">req_attr_nameformat_str</span> <span class="o">=</span> <span class="n">req_attr_friendlyname_str</span> <span class="o">=</span> <span class="n">req_attr_isrequired_str</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+                <span class="n">req_attr_aux_str</span> <span class="o">=</span> <span class="s1">&#39; /&gt;&#39;</span>
+
+                <span class="k">if</span> <span class="s1">&#39;nameFormat&#39;</span> <span class="ow">in</span> <span class="n">req_attribs</span><span class="o">.</span><span class="n">keys</span><span class="p">()</span> <span class="ow">and</span> <span class="n">req_attribs</span><span class="p">[</span><span class="s1">&#39;nameFormat&#39;</span><span class="p">]:</span>
+                    <span class="n">req_attr_nameformat_str</span> <span class="o">=</span> <span class="s2">&quot; NameFormat=</span><span class="se">\&quot;</span><span class="si">%s</span><span class="se">\&quot;</span><span class="s2">&quot;</span> <span class="o">%</span> <span class="n">req_attribs</span><span class="p">[</span><span class="s1">&#39;nameFormat&#39;</span><span class="p">]</span>
+                <span class="k">if</span> <span class="s1">&#39;friendlyName&#39;</span> <span class="ow">in</span> <span class="n">req_attribs</span><span class="o">.</span><span class="n">keys</span><span class="p">()</span> <span class="ow">and</span> <span class="n">req_attribs</span><span class="p">[</span><span class="s1">&#39;friendlyName&#39;</span><span class="p">]:</span>
+                    <span class="n">req_attr_friendlyname_str</span> <span class="o">=</span> <span class="s2">&quot; FriendlyName=</span><span class="se">\&quot;</span><span class="si">%s</span><span class="se">\&quot;</span><span class="s2">&quot;</span> <span class="o">%</span> <span class="n">req_attribs</span><span class="p">[</span><span class="s1">&#39;friendlyName&#39;</span><span class="p">]</span>
+                <span class="k">if</span> <span class="s1">&#39;isRequired&#39;</span> <span class="ow">in</span> <span class="n">req_attribs</span><span class="o">.</span><span class="n">keys</span><span class="p">()</span> <span class="ow">and</span> <span class="n">req_attribs</span><span class="p">[</span><span class="s1">&#39;isRequired&#39;</span><span class="p">]:</span>
+                    <span class="n">req_attr_isrequired_str</span> <span class="o">=</span> <span class="s2">&quot; isRequired=</span><span class="se">\&quot;</span><span class="si">%s</span><span class="se">\&quot;</span><span class="s2">&quot;</span> <span class="o">%</span> <span class="s1">&#39;true&#39;</span> <span class="k">if</span> <span class="n">req_attribs</span><span class="p">[</span><span class="s1">&#39;isRequired&#39;</span><span class="p">]</span> <span class="k">else</span> <span class="s1">&#39;false&#39;</span>
+                <span class="k">if</span> <span class="s1">&#39;attributeValue&#39;</span> <span class="ow">in</span> <span class="n">req_attribs</span><span class="o">.</span><span class="n">keys</span><span class="p">()</span> <span class="ow">and</span> <span class="n">req_attribs</span><span class="p">[</span><span class="s1">&#39;attributeValue&#39;</span><span class="p">]:</span>
+                    <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">req_attribs</span><span class="p">[</span><span class="s1">&#39;attributeValue&#39;</span><span class="p">],</span> <span class="n">basestring</span><span class="p">):</span>
+                        <span class="n">req_attribs</span><span class="p">[</span><span class="s1">&#39;attributeValue&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="p">[</span><span class="n">req_attribs</span><span class="p">[</span><span class="s1">&#39;attributeValue&#39;</span><span class="p">]]</span>
+
+                    <span class="n">req_attr_aux_str</span> <span class="o">=</span> <span class="s2">&quot;&gt;&quot;</span>
+                    <span class="k">for</span> <span class="n">attrValue</span> <span class="ow">in</span> <span class="n">req_attribs</span><span class="p">[</span><span class="s1">&#39;attributeValue&#39;</span><span class="p">]:</span>
+                        <span class="n">req_attr_aux_str</span> <span class="o">+=</span> <span class="s2">&quot;&quot;&quot;</span>
+<span class="s2">                &lt;saml:AttributeValue xmlns:saml=&quot;urn:oasis:names:tc:SAML:2.0:assertion&quot;&gt;</span><span class="si">%(attributeValue)s</span><span class="s2">&lt;/saml:AttributeValue&gt;&quot;&quot;&quot;</span> <span class="o">%</span> \
+                            <span class="p">{</span>
+                                <span class="s1">&#39;attributeValue&#39;</span><span class="p">:</span> <span class="n">attrValue</span>
+                            <span class="p">}</span>
+                    <span class="n">req_attr_aux_str</span> <span class="o">+=</span> <span class="s2">&quot;&quot;&quot;</span>
+<span class="s2">            &lt;/md:RequestedAttribute&gt;&quot;&quot;&quot;</span>
+
+                <span class="n">requested_attribute</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;            &lt;md:RequestedAttribute Name=&quot;</span><span class="si">%(req_attr_name)s</span><span class="s2">&quot;</span><span class="si">%(req_attr_nameformat_str)s%(req_attr_friendlyname_str)s%(req_attr_isrequired_str)s%(req_attr_aux_str)s</span><span class="s2">&quot;&quot;&quot;</span> <span class="o">%</span> \
+                    <span class="p">{</span>
+                        <span class="s1">&#39;req_attr_name&#39;</span><span class="p">:</span> <span class="n">req_attribs</span><span class="p">[</span><span class="s1">&#39;name&#39;</span><span class="p">],</span>
+                        <span class="s1">&#39;req_attr_nameformat_str&#39;</span><span class="p">:</span> <span class="n">req_attr_nameformat_str</span><span class="p">,</span>
+                        <span class="s1">&#39;req_attr_friendlyname_str&#39;</span><span class="p">:</span> <span class="n">req_attr_friendlyname_str</span><span class="p">,</span>
+                        <span class="s1">&#39;req_attr_isrequired_str&#39;</span><span class="p">:</span> <span class="n">req_attr_isrequired_str</span><span class="p">,</span>
+                        <span class="s1">&#39;req_attr_aux_str&#39;</span><span class="p">:</span> <span class="n">req_attr_aux_str</span>
+                    <span class="p">}</span>
+
+                <span class="n">requested_attribute_data</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">requested_attribute</span><span class="p">)</span>
+
+            <span class="n">str_attribute_consuming_service</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;        &lt;md:AttributeConsumingService index=&quot;</span><span class="si">%(attribute_consuming_service_index)s</span><span class="s2">&quot;&gt;</span>
+<span class="s2">            &lt;md:ServiceName xml:lang=&quot;en&quot;&gt;</span><span class="si">%(service_name)s</span><span class="s2">&lt;/md:ServiceName&gt;</span>
+<span class="si">%(attr_cs_desc)s%(requested_attribute_str)s</span>
+<span class="s2">        &lt;/md:AttributeConsumingService&gt;</span>
+<span class="s2">&quot;&quot;&quot;</span> <span class="o">%</span> \
+                <span class="p">{</span>
+                    <span class="s1">&#39;service_name&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s1">&#39;attributeConsumingService&#39;</span><span class="p">][</span><span class="s1">&#39;serviceName&#39;</span><span class="p">],</span>
+                    <span class="s1">&#39;attr_cs_desc&#39;</span><span class="p">:</span> <span class="n">attr_cs_desc_str</span><span class="p">,</span>
+                    <span class="s1">&#39;attribute_consuming_service_index&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s1">&#39;attributeConsumingService&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;index&#39;</span><span class="p">,</span> <span class="s1">&#39;1&#39;</span><span class="p">),</span>
+                    <span class="s1">&#39;requested_attribute_str&#39;</span><span class="p">:</span> <span class="s1">&#39;</span><span class="se">\n</span><span class="s1">&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">requested_attribute_data</span><span class="p">)</span>
+                <span class="p">}</span>
+
+        <span class="n">metadata</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Templates</span><span class="o">.</span><span class="n">MD_ENTITY_DESCRIPTOR</span> <span class="o">%</span> \
+            <span class="p">{</span>
+                <span class="s1">&#39;valid&#39;</span><span class="p">:</span> <span class="p">(</span><span class="s1">&#39;validUntil=&quot;</span><span class="si">%s</span><span class="s1">&quot;&#39;</span> <span class="o">%</span> <span class="n">valid_until_str</span><span class="p">)</span> <span class="k">if</span> <span class="n">valid_until_str</span> <span class="k">else</span> <span class="s1">&#39;&#39;</span><span class="p">,</span>
+                <span class="s1">&#39;cache&#39;</span><span class="p">:</span> <span class="p">(</span><span class="s1">&#39;cacheDuration=&quot;</span><span class="si">%s</span><span class="s1">&quot;&#39;</span> <span class="o">%</span> <span class="n">cache_duration_str</span><span class="p">)</span> <span class="k">if</span> <span class="n">cache_duration_str</span> <span class="k">else</span> <span class="s1">&#39;&#39;</span><span class="p">,</span>
+                <span class="s1">&#39;entity_id&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s1">&#39;entityId&#39;</span><span class="p">],</span>
+                <span class="s1">&#39;authnsign&#39;</span><span class="p">:</span> <span class="n">str_authnsign</span><span class="p">,</span>
+                <span class="s1">&#39;wsign&#39;</span><span class="p">:</span> <span class="n">str_wsign</span><span class="p">,</span>
+                <span class="s1">&#39;name_id_format&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s1">&#39;NameIDFormat&#39;</span><span class="p">],</span>
+                <span class="s1">&#39;binding&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s1">&#39;assertionConsumerService&#39;</span><span class="p">][</span><span class="s1">&#39;binding&#39;</span><span class="p">],</span>
+                <span class="s1">&#39;location&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s1">&#39;assertionConsumerService&#39;</span><span class="p">][</span><span class="s1">&#39;url&#39;</span><span class="p">],</span>
+                <span class="s1">&#39;sls&#39;</span><span class="p">:</span> <span class="n">sls</span><span class="p">,</span>
+                <span class="s1">&#39;organization&#39;</span><span class="p">:</span> <span class="n">str_organization</span><span class="p">,</span>
+                <span class="s1">&#39;contacts&#39;</span><span class="p">:</span> <span class="n">str_contacts</span><span class="p">,</span>
+                <span class="s1">&#39;attribute_consuming_service&#39;</span><span class="p">:</span> <span class="n">str_attribute_consuming_service</span>
+            <span class="p">}</span>
+
+        <span class="k">return</span> <span class="n">metadata</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Metadata.sign_metadata"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.sign_metadata">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">sign_metadata</span><span class="p">(</span><span class="n">metadata</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="n">sign_algorithm</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">,</span> <span class="n">digest_algorithm</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">SHA256</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Signs the metadata with the key/cert provided</span>
+
+<span class="sd">        :param metadata: SAML Metadata XML</span>
+<span class="sd">        :type metadata: string</span>
+
+<span class="sd">        :param key: x509 key</span>
+<span class="sd">        :type key: string</span>
+
+<span class="sd">        :param cert: x509 cert</span>
+<span class="sd">        :type cert: string</span>
+
+<span class="sd">        :returns: Signed Metadata</span>
+<span class="sd">        :rtype: string</span>
+
+<span class="sd">        :param sign_algorithm: Signature algorithm method</span>
+<span class="sd">        :type sign_algorithm: string</span>
+
+<span class="sd">        :param digest_algorithm: Digest algorithm method</span>
+<span class="sd">        :type digest_algorithm: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">add_sign</span><span class="p">(</span><span class="n">metadata</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="kc">False</span><span class="p">,</span> <span class="n">sign_algorithm</span><span class="p">,</span> <span class="n">digest_algorithm</span><span class="p">)</span></div>
+
+    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">_add_x509_key_descriptors</span><span class="p">(</span><span class="n">root</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="n">signing</span><span class="p">):</span>
+        <span class="n">key_descriptor</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">make_child</span><span class="p">(</span><span class="n">root</span><span class="p">,</span> <span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}KeyDescriptor&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_MD</span><span class="p">)</span>
+        <span class="n">root</span><span class="o">.</span><span class="n">remove</span><span class="p">(</span><span class="n">key_descriptor</span><span class="p">)</span>
+        <span class="n">root</span><span class="o">.</span><span class="n">insert</span><span class="p">(</span><span class="mi">0</span><span class="p">,</span> <span class="n">key_descriptor</span><span class="p">)</span>
+        <span class="n">key_info</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">make_child</span><span class="p">(</span><span class="n">key_descriptor</span><span class="p">,</span> <span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}KeyInfo&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_DS</span><span class="p">)</span>
+        <span class="n">key_data</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">make_child</span><span class="p">(</span><span class="n">key_info</span><span class="p">,</span> <span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}X509Data&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_DS</span><span class="p">)</span>
+
+        <span class="n">x509_certificate</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">make_child</span><span class="p">(</span><span class="n">key_data</span><span class="p">,</span> <span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}X509Certificate&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_DS</span><span class="p">)</span>
+        <span class="n">x509_certificate</span><span class="o">.</span><span class="n">text</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">format_cert</span><span class="p">(</span><span class="n">cert</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+        <span class="n">key_descriptor</span><span class="o">.</span><span class="n">set</span><span class="p">(</span><span class="s1">&#39;use&#39;</span><span class="p">,</span> <span class="p">(</span><span class="s1">&#39;encryption&#39;</span><span class="p">,</span> <span class="s1">&#39;signing&#39;</span><span class="p">)[</span><span class="n">signing</span><span class="p">])</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Metadata.add_x509_key_descriptors"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.add_x509_key_descriptors">[docs]</a>    <span class="nd">@classmethod</span>
+    <span class="k">def</span> <span class="nf">add_x509_key_descriptors</span><span class="p">(</span><span class="bp">cls</span><span class="p">,</span> <span class="n">metadata</span><span class="p">,</span> <span class="n">cert</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">add_encryption</span><span class="o">=</span><span class="kc">True</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Adds the x509 descriptors (sign/encryption) to the metadata</span>
+<span class="sd">        The same cert will be used for sign/encrypt</span>
+
+<span class="sd">        :param metadata: SAML Metadata XML</span>
+<span class="sd">        :type metadata: string</span>
+
+<span class="sd">        :param cert: x509 cert</span>
+<span class="sd">        :type cert: string</span>
+
+<span class="sd">        :param add_encryption: Determines if the KeyDescriptor[use=&quot;encryption&quot;] should be added.</span>
+<span class="sd">        :type add_encryption: boolean</span>
+
+<span class="sd">        :returns: Metadata with KeyDescriptors</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="n">cert</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">or</span> <span class="n">cert</span> <span class="o">==</span> <span class="s1">&#39;&#39;</span><span class="p">:</span>
+            <span class="k">return</span> <span class="n">metadata</span>
+        <span class="k">try</span><span class="p">:</span>
+            <span class="n">root</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="n">metadata</span><span class="p">)</span>
+        <span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s1">&#39;Error parsing metadata. &#39;</span> <span class="o">+</span> <span class="nb">str</span><span class="p">(</span><span class="n">e</span><span class="p">))</span>
+
+        <span class="k">assert</span> <span class="n">root</span><span class="o">.</span><span class="n">tag</span> <span class="o">==</span> <span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}EntityDescriptor&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_MD</span>
+        <span class="k">try</span><span class="p">:</span>
+            <span class="n">sp_sso_descriptor</span> <span class="o">=</span> <span class="nb">next</span><span class="p">(</span><span class="n">root</span><span class="o">.</span><span class="n">iterfind</span><span class="p">(</span><span class="s1">&#39;.//md:SPSSODescriptor&#39;</span><span class="p">,</span> <span class="n">namespaces</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NSMAP</span><span class="p">))</span>
+        <span class="k">except</span> <span class="ne">StopIteration</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s1">&#39;Malformed metadata.&#39;</span><span class="p">)</span>
+
+        <span class="k">if</span> <span class="n">add_encryption</span><span class="p">:</span>
+            <span class="bp">cls</span><span class="o">.</span><span class="n">_add_x509_key_descriptors</span><span class="p">(</span><span class="n">sp_sso_descriptor</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+        <span class="bp">cls</span><span class="o">.</span><span class="n">_add_x509_key_descriptors</span><span class="p">(</span><span class="n">sp_sso_descriptor</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="kc">True</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_string</span><span class="p">(</span><span class="n">root</span><span class="p">)</span></div></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/response.html b/docs/saml2/_modules/onelogin/saml2/response.html
new file mode 100644
index 00000000..5babc977
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/response.html
@@ -0,0 +1,1054 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.response &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.response</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.response</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; OneLogin_Saml2_Response class</span>
+
+
+<span class="sd">SAML Response class of SAML Python Toolkit.</span>
+
+<span class="sd">&quot;&quot;&quot;</span>
+
+<span class="kn">from</span> <span class="nn">copy</span> <span class="kn">import</span> <span class="n">deepcopy</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">,</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">,</span> <span class="n">return_false_on_exception</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.xml_utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_XML</span>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Response</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+
+<span class="sd">    This class handles a SAML Response. It parses or validates</span>
+<span class="sd">    a Logout Response object.</span>
+
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">,</span> <span class="n">response</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Constructs the response object.</span>
+
+<span class="sd">        :param settings: The setting info</span>
+<span class="sd">        :type settings: OneLogin_Saml2_Setting object</span>
+
+<span class="sd">        :param response: The base64 encoded, XML string containing the samlp:Response</span>
+<span class="sd">        :type response: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span> <span class="o">=</span> <span class="n">settings</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_error</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">response</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">b64decode</span><span class="p">(</span><span class="n">response</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">document</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">response</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">decrypted_document</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">valid_scd_not_on_or_after</span> <span class="o">=</span> <span class="kc">None</span>
+
+        <span class="c1"># Quick check for the presence of EncryptedAssertion</span>
+        <span class="n">encrypted_assertion_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query</span><span class="p">(</span><span class="s1">&#39;/samlp:Response/saml:EncryptedAssertion&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">encrypted_assertion_nodes</span><span class="p">:</span>
+            <span class="n">decrypted_document</span> <span class="o">=</span> <span class="n">deepcopy</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">)</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span> <span class="o">=</span> <span class="kc">True</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">decrypted_document</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_decrypt_assertion</span><span class="p">(</span><span class="n">decrypted_document</span><span class="p">)</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.is_valid"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.is_valid">[docs]</a>    <span class="k">def</span> <span class="nf">is_valid</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">request_data</span><span class="p">,</span> <span class="n">request_id</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">raise_exceptions</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Validates the response object.</span>
+
+<span class="sd">        :param request_data: Request Data</span>
+<span class="sd">        :type request_data: dict</span>
+
+<span class="sd">        :param request_id: Optional argument. The ID of the AuthNRequest sent by this SP to the IdP</span>
+<span class="sd">        :type request_id: string</span>
+
+<span class="sd">        :param raise_exceptions: Whether to return false on failure or raise an exception</span>
+<span class="sd">        :type raise_exceptions: Boolean</span>
+
+<span class="sd">        :returns: True if the SAML Response is valid, False if not</span>
+<span class="sd">        :rtype: bool</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_error</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="k">try</span><span class="p">:</span>
+            <span class="c1"># Checks SAML version</span>
+            <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;Version&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span> <span class="o">!=</span> <span class="s1">&#39;2.0&#39;</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;Unsupported SAML version&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">UNSUPPORTED_SAML_VERSION</span>
+                <span class="p">)</span>
+
+            <span class="c1"># Checks that ID exists</span>
+            <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;ID&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;Missing ID attribute on SAML Response&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">MISSING_ID</span>
+                <span class="p">)</span>
+
+            <span class="c1"># Checks that the response has the SUCCESS status</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">check_status</span><span class="p">()</span>
+
+            <span class="c1"># Checks that the response only has one assertion</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">validate_num_assertions</span><span class="p">():</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;SAML Response must contain 1 assertion&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_NUMBER_OF_ASSERTIONS</span>
+                <span class="p">)</span>
+
+            <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
+            <span class="n">idp_entity_id</span> <span class="o">=</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;entityId&#39;</span><span class="p">]</span>
+            <span class="n">sp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_sp_data</span><span class="p">()</span>
+            <span class="n">sp_entity_id</span> <span class="o">=</span> <span class="n">sp_data</span><span class="p">[</span><span class="s1">&#39;entityId&#39;</span><span class="p">]</span>
+
+            <span class="n">signed_elements</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">process_signed_elements</span><span class="p">()</span>
+
+            <span class="n">has_signed_response</span> <span class="o">=</span> <span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}Response&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_SAMLP</span> <span class="ow">in</span> <span class="n">signed_elements</span>
+            <span class="n">has_signed_assertion</span> <span class="o">=</span> <span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}Assertion&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_SAML</span> <span class="ow">in</span> <span class="n">signed_elements</span>
+
+            <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_strict</span><span class="p">():</span>
+                <span class="n">no_valid_xml_msg</span> <span class="o">=</span> <span class="s1">&#39;Invalid SAML Response. Not match the saml-schema-protocol-2.0.xsd&#39;</span>
+                <span class="n">res</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">validate_xml</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">,</span> <span class="s1">&#39;saml-schema-protocol-2.0.xsd&#39;</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">())</span>
+                <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">res</span><span class="p">,</span> <span class="nb">str</span><span class="p">):</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="n">no_valid_xml_msg</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">INVALID_XML_FORMAT</span>
+                    <span class="p">)</span>
+
+                <span class="c1"># If encrypted, check also the decrypted document</span>
+                <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span><span class="p">:</span>
+                    <span class="n">res</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">validate_xml</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">decrypted_document</span><span class="p">,</span> <span class="s1">&#39;saml-schema-protocol-2.0.xsd&#39;</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">())</span>
+                    <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">res</span><span class="p">,</span> <span class="nb">str</span><span class="p">):</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="n">no_valid_xml_msg</span><span class="p">,</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">INVALID_XML_FORMAT</span>
+                        <span class="p">)</span>
+
+                <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
+                <span class="n">current_url</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_no_query</span><span class="p">(</span><span class="n">request_data</span><span class="p">)</span>
+
+                <span class="c1"># Check if the InResponseTo of the Response matchs the ID of the AuthNRequest (requestId) if provided</span>
+                <span class="n">in_response_to</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_in_response_to</span><span class="p">()</span>
+                <span class="k">if</span> <span class="n">in_response_to</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span> <span class="ow">and</span> <span class="n">request_id</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+                    <span class="k">if</span> <span class="n">in_response_to</span> <span class="o">!=</span> <span class="n">request_id</span><span class="p">:</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;The InResponseTo of the Response: </span><span class="si">%s</span><span class="s1">, does not match the ID of the AuthNRequest sent by the SP: </span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">in_response_to</span><span class="p">,</span> <span class="n">request_id</span><span class="p">),</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_INRESPONSETO</span>
+                        <span class="p">)</span>
+
+                <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span> <span class="ow">and</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;wantAssertionsEncrypted&#39;</span><span class="p">]:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;The assertion of the Response is not encrypted and the SP require it&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">NO_ENCRYPTED_ASSERTION</span>
+                    <span class="p">)</span>
+
+                <span class="k">if</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;wantNameIdEncrypted&#39;</span><span class="p">]:</span>
+                    <span class="n">encrypted_nameid_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:Subject/saml:EncryptedID/xenc:EncryptedData&#39;</span><span class="p">)</span>
+                    <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">encrypted_nameid_nodes</span><span class="p">)</span> <span class="o">!=</span> <span class="mi">1</span><span class="p">:</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;The NameID of the Response is not encrypted and the SP require it&#39;</span><span class="p">,</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">NO_ENCRYPTED_NAMEID</span>
+                        <span class="p">)</span>
+
+                <span class="c1"># Checks that a Conditions element exists</span>
+                <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">check_one_condition</span><span class="p">():</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;The Assertion must include a Conditions element&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">MISSING_CONDITIONS</span>
+                    <span class="p">)</span>
+
+                <span class="c1"># Validates Assertion timestamps</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">validate_timestamps</span><span class="p">(</span><span class="n">raise_exceptions</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span>
+
+                <span class="c1"># Checks that an AuthnStatement element exists and is unique</span>
+                <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">check_one_authnstatement</span><span class="p">():</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;The Assertion must include an AuthnStatement element&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_NUMBER_OF_AUTHSTATEMENTS</span>
+                    <span class="p">)</span>
+
+                <span class="c1"># Checks that the response has all of the AuthnContexts that we provided in the request.</span>
+                <span class="c1"># Only check if failOnAuthnContextMismatch is true and requestedAuthnContext is set to a list.</span>
+                <span class="n">requested_authn_contexts</span> <span class="o">=</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;requestedAuthnContext&#39;</span><span class="p">]</span>
+                <span class="k">if</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;failOnAuthnContextMismatch&#39;</span><span class="p">]</span> <span class="ow">and</span> <span class="n">requested_authn_contexts</span> <span class="ow">and</span> <span class="n">requested_authn_contexts</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">True</span><span class="p">:</span>
+                    <span class="n">authn_contexts</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_authn_contexts</span><span class="p">()</span>
+                    <span class="n">unmatched_contexts</span> <span class="o">=</span> <span class="nb">set</span><span class="p">(</span><span class="n">authn_contexts</span><span class="p">)</span><span class="o">.</span><span class="n">difference</span><span class="p">(</span><span class="n">requested_authn_contexts</span><span class="p">)</span>
+                    <span class="k">if</span> <span class="n">unmatched_contexts</span><span class="p">:</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;The AuthnContext &quot;</span><span class="si">%s</span><span class="s1">&quot; was not a requested context &quot;</span><span class="si">%s</span><span class="s1">&quot;&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="s1">&#39;, &#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">unmatched_contexts</span><span class="p">),</span> <span class="s1">&#39;, &#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">requested_authn_contexts</span><span class="p">)),</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">AUTHN_CONTEXT_MISMATCH</span>
+                        <span class="p">)</span>
+
+                <span class="c1"># Checks that there is at least one AttributeStatement if required</span>
+                <span class="n">attribute_statement_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:AttributeStatement&#39;</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;wantAttributeStatement&#39;</span><span class="p">,</span> <span class="kc">True</span><span class="p">)</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">attribute_statement_nodes</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;There is no AttributeStatement on the Response&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">NO_ATTRIBUTESTATEMENT</span>
+                    <span class="p">)</span>
+
+                <span class="n">encrypted_attributes_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:AttributeStatement/saml:EncryptedAttribute&#39;</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">encrypted_attributes_nodes</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;There is an EncryptedAttribute in the Response and this SP not support them&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">ENCRYPTED_ATTRIBUTES</span>
+                    <span class="p">)</span>
+
+                <span class="c1"># Checks destination</span>
+                <span class="n">destination</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;Destination&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">destination</span><span class="p">:</span>
+                    <span class="k">if</span> <span class="ow">not</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">normalize_url</span><span class="p">(</span><span class="n">url</span><span class="o">=</span><span class="n">destination</span><span class="p">)</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">normalize_url</span><span class="p">(</span><span class="n">url</span><span class="o">=</span><span class="n">current_url</span><span class="p">)):</span>
+                        <span class="c1"># TODO: Review if following lines are required, since we can control the</span>
+                        <span class="c1"># request_data</span>
+                        <span class="c1">#  current_url_routed = OneLogin_Saml2_Utils.get_self_routed_url_no_query(request_data)</span>
+                        <span class="c1">#  if not destination.startswith(current_url_routed):</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;The response was received at </span><span class="si">%s</span><span class="s1"> instead of </span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">current_url</span><span class="p">,</span> <span class="n">destination</span><span class="p">),</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_DESTINATION</span>
+                        <span class="p">)</span>
+                <span class="k">elif</span> <span class="n">destination</span> <span class="o">==</span> <span class="s1">&#39;&#39;</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;The response has an empty Destination value&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">EMPTY_DESTINATION</span>
+                    <span class="p">)</span>
+                <span class="c1"># Checks audience</span>
+                <span class="n">valid_audiences</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_audiences</span><span class="p">()</span>
+                <span class="k">if</span> <span class="n">valid_audiences</span> <span class="ow">and</span> <span class="n">sp_entity_id</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">valid_audiences</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;</span><span class="si">%s</span><span class="s1"> is not a valid audience for this Response&#39;</span> <span class="o">%</span> <span class="n">sp_entity_id</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_AUDIENCE</span>
+                    <span class="p">)</span>
+
+                <span class="c1"># Checks the issuers</span>
+                <span class="n">issuers</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_issuers</span><span class="p">()</span>
+                <span class="k">for</span> <span class="n">issuer</span> <span class="ow">in</span> <span class="n">issuers</span><span class="p">:</span>
+                    <span class="k">if</span> <span class="n">issuer</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">or</span> <span class="n">issuer</span> <span class="o">!=</span> <span class="n">idp_entity_id</span><span class="p">:</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;Invalid issuer in the Assertion/Response (expected </span><span class="si">%(idpEntityId)s</span><span class="s1">, got </span><span class="si">%(issuer)s</span><span class="s1">)&#39;</span> <span class="o">%</span>
+                            <span class="p">{</span>
+                                <span class="s1">&#39;idpEntityId&#39;</span><span class="p">:</span> <span class="n">idp_entity_id</span><span class="p">,</span>
+                                <span class="s1">&#39;issuer&#39;</span><span class="p">:</span> <span class="n">issuer</span>
+                            <span class="p">},</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_ISSUER</span>
+                        <span class="p">)</span>
+
+                <span class="c1"># Checks the session Expiration</span>
+                <span class="n">session_expiration</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_session_not_on_or_after</span><span class="p">()</span>
+                <span class="k">if</span> <span class="n">session_expiration</span> <span class="ow">and</span> <span class="n">session_expiration</span> <span class="o">&lt;=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">now</span><span class="p">():</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;The attributes have expired, based on the SessionNotOnOrAfter of the AttributeStatement of this Response&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">SESSION_EXPIRED</span>
+                    <span class="p">)</span>
+
+                <span class="c1"># Checks the SubjectConfirmation, at least one SubjectConfirmation must be valid</span>
+                <span class="n">any_subject_confirmation</span> <span class="o">=</span> <span class="kc">False</span>
+                <span class="n">subject_confirmation_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:Subject/saml:SubjectConfirmation&#39;</span><span class="p">)</span>
+
+                <span class="k">for</span> <span class="n">scn</span> <span class="ow">in</span> <span class="n">subject_confirmation_nodes</span><span class="p">:</span>
+                    <span class="n">method</span> <span class="o">=</span> <span class="n">scn</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;Method&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+                    <span class="k">if</span> <span class="n">method</span> <span class="ow">and</span> <span class="n">method</span> <span class="o">!=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">CM_BEARER</span><span class="p">:</span>
+                        <span class="k">continue</span>
+                    <span class="n">sc_data</span> <span class="o">=</span> <span class="n">scn</span><span class="o">.</span><span class="n">find</span><span class="p">(</span><span class="s1">&#39;saml:SubjectConfirmationData&#39;</span><span class="p">,</span> <span class="n">namespaces</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NSMAP</span><span class="p">)</span>
+                    <span class="k">if</span> <span class="n">sc_data</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+                        <span class="k">continue</span>
+                    <span class="k">else</span><span class="p">:</span>
+                        <span class="n">irt</span> <span class="o">=</span> <span class="n">sc_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;InResponseTo&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+                        <span class="k">if</span> <span class="n">in_response_to</span> <span class="ow">and</span> <span class="n">irt</span> <span class="ow">and</span> <span class="n">irt</span> <span class="o">!=</span> <span class="n">in_response_to</span><span class="p">:</span>
+                            <span class="k">continue</span>
+                        <span class="n">recipient</span> <span class="o">=</span> <span class="n">sc_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;Recipient&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+                        <span class="k">if</span> <span class="n">recipient</span> <span class="ow">and</span> <span class="n">current_url</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">recipient</span><span class="p">:</span>
+                            <span class="k">continue</span>
+                        <span class="n">nooa</span> <span class="o">=</span> <span class="n">sc_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;NotOnOrAfter&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+                        <span class="k">if</span> <span class="n">nooa</span><span class="p">:</span>
+                            <span class="n">parsed_nooa</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">nooa</span><span class="p">)</span>
+                            <span class="k">if</span> <span class="n">parsed_nooa</span> <span class="o">&lt;=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">now</span><span class="p">():</span>
+                                <span class="k">continue</span>
+                        <span class="n">nb</span> <span class="o">=</span> <span class="n">sc_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;NotBefore&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+                        <span class="k">if</span> <span class="n">nb</span><span class="p">:</span>
+                            <span class="n">parsed_nb</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">nb</span><span class="p">)</span>
+                            <span class="k">if</span> <span class="n">parsed_nb</span> <span class="o">&gt;</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">now</span><span class="p">():</span>
+                                <span class="k">continue</span>
+
+                        <span class="k">if</span> <span class="n">nooa</span><span class="p">:</span>
+                            <span class="bp">self</span><span class="o">.</span><span class="n">valid_scd_not_on_or_after</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">nooa</span><span class="p">)</span>
+
+                        <span class="n">any_subject_confirmation</span> <span class="o">=</span> <span class="kc">True</span>
+                        <span class="k">break</span>
+
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">any_subject_confirmation</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;A valid SubjectConfirmation was not found on this Response&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_SUBJECTCONFIRMATION</span>
+                    <span class="p">)</span>
+
+                <span class="k">if</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;wantAssertionsSigned&#39;</span><span class="p">]</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">has_signed_assertion</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;The Assertion of the Response is not signed and the SP require it&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">NO_SIGNED_ASSERTION</span>
+                    <span class="p">)</span>
+
+                <span class="k">if</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;wantMessagesSigned&#39;</span><span class="p">]</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">has_signed_response</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;The Message of the Response is not signed and the SP require it&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">NO_SIGNED_MESSAGE</span>
+                    <span class="p">)</span>
+
+            <span class="k">if</span> <span class="ow">not</span> <span class="n">signed_elements</span> <span class="ow">or</span> <span class="p">(</span><span class="ow">not</span> <span class="n">has_signed_response</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">has_signed_assertion</span><span class="p">):</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;No Signature found. SAML Response rejected&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">NO_SIGNATURE_FOUND</span>
+                <span class="p">)</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">cert</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_idp_cert</span><span class="p">()</span>
+                <span class="n">fingerprint</span> <span class="o">=</span> <span class="n">idp_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;certFingerprint&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">fingerprint</span><span class="p">:</span>
+                    <span class="n">fingerprint</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">format_finger_print</span><span class="p">(</span><span class="n">fingerprint</span><span class="p">)</span>
+                <span class="n">fingerprintalg</span> <span class="o">=</span> <span class="n">idp_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;certFingerprintAlgorithm&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+
+                <span class="n">multicerts</span> <span class="o">=</span> <span class="kc">None</span>
+                <span class="k">if</span> <span class="s1">&#39;x509certMulti&#39;</span> <span class="ow">in</span> <span class="n">idp_data</span> <span class="ow">and</span> <span class="s1">&#39;signing&#39;</span> <span class="ow">in</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">]</span> <span class="ow">and</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;signing&#39;</span><span class="p">]:</span>
+                    <span class="n">multicerts</span> <span class="o">=</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;signing&#39;</span><span class="p">]</span>
+
+                <span class="c1"># If find a Signature on the Response, validates it checking the original response</span>
+                <span class="k">if</span> <span class="n">has_signed_response</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">validate_sign</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="n">fingerprint</span><span class="p">,</span> <span class="n">fingerprintalg</span><span class="p">,</span> <span class="n">xpath</span><span class="o">=</span><span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">RESPONSE_SIGNATURE_XPATH</span><span class="p">,</span> <span class="n">multicerts</span><span class="o">=</span><span class="n">multicerts</span><span class="p">,</span> <span class="n">raise_exceptions</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;Signature validation failed. SAML Response rejected&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">INVALID_SIGNATURE</span>
+                    <span class="p">)</span>
+
+                <span class="n">document_check_assertion</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">decrypted_document</span> <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span> <span class="k">else</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span>
+                <span class="k">if</span> <span class="n">has_signed_assertion</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">validate_sign</span><span class="p">(</span><span class="n">document_check_assertion</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="n">fingerprint</span><span class="p">,</span> <span class="n">fingerprintalg</span><span class="p">,</span> <span class="n">xpath</span><span class="o">=</span><span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">ASSERTION_SIGNATURE_XPATH</span><span class="p">,</span> <span class="n">multicerts</span><span class="o">=</span><span class="n">multicerts</span><span class="p">,</span> <span class="n">raise_exceptions</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;Signature validation failed. SAML Response rejected&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">INVALID_SIGNATURE</span>
+                    <span class="p">)</span>
+
+            <span class="k">return</span> <span class="kc">True</span>
+        <span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">err</span><span class="p">:</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_error</span> <span class="o">=</span> <span class="nb">str</span><span class="p">(</span><span class="n">err</span><span class="p">)</span>
+            <span class="n">debug</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">()</span>
+            <span class="k">if</span> <span class="n">debug</span><span class="p">:</span>
+                <span class="nb">print</span><span class="p">(</span><span class="n">err</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">raise_exceptions</span><span class="p">:</span>
+                <span class="k">raise</span>
+            <span class="k">return</span> <span class="kc">False</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.check_status"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.check_status">[docs]</a>    <span class="k">def</span> <span class="nf">check_status</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Check if the status of the response is success or not</span>
+
+<span class="sd">        :raises: Exception. If the status is not success</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">status</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_status</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">)</span>
+        <span class="n">code</span> <span class="o">=</span> <span class="n">status</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;code&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">code</span> <span class="ow">and</span> <span class="n">code</span> <span class="o">!=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">STATUS_SUCCESS</span><span class="p">:</span>
+            <span class="n">splited_code</span> <span class="o">=</span> <span class="n">code</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s1">&#39;:&#39;</span><span class="p">)</span>
+            <span class="n">printable_code</span> <span class="o">=</span> <span class="n">splited_code</span><span class="o">.</span><span class="n">pop</span><span class="p">()</span>
+            <span class="n">status_exception_msg</span> <span class="o">=</span> <span class="s1">&#39;The status code of the Response was not Success, was </span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="n">printable_code</span>
+            <span class="n">status_msg</span> <span class="o">=</span> <span class="n">status</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;msg&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">status_msg</span><span class="p">:</span>
+                <span class="n">status_exception_msg</span> <span class="o">+=</span> <span class="s1">&#39; -&gt; &#39;</span> <span class="o">+</span> <span class="n">status_msg</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                <span class="n">status_exception_msg</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">STATUS_CODE_IS_NOT_SUCCESS</span>
+            <span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.check_one_condition"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.check_one_condition">[docs]</a>    <span class="k">def</span> <span class="nf">check_one_condition</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Checks that the samlp:Response/saml:Assertion/saml:Conditions element exists and is unique.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">condition_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:Conditions&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">condition_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
+            <span class="k">return</span> <span class="kc">True</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">return</span> <span class="kc">False</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.check_one_authnstatement"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.check_one_authnstatement">[docs]</a>    <span class="k">def</span> <span class="nf">check_one_authnstatement</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Checks that the samlp:Response/saml:Assertion/saml:AuthnStatement element exists and is unique.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">authnstatement_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:AuthnStatement&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">authnstatement_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
+            <span class="k">return</span> <span class="kc">True</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">return</span> <span class="kc">False</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_audiences"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_audiences">[docs]</a>    <span class="k">def</span> <span class="nf">get_audiences</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the audiences</span>
+
+<span class="sd">        :returns: The valid audiences for the SAML Response</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">audience_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:Conditions/saml:AudienceRestriction/saml:Audience&#39;</span><span class="p">)</span>
+        <span class="k">return</span> <span class="p">[</span><span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">node</span><span class="p">)</span> <span class="k">for</span> <span class="n">node</span> <span class="ow">in</span> <span class="n">audience_nodes</span> <span class="k">if</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">node</span><span class="p">)</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">]</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_authn_contexts"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_authn_contexts">[docs]</a>    <span class="k">def</span> <span class="nf">get_authn_contexts</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the authentication contexts</span>
+
+<span class="sd">        :returns: The authentication classes for the SAML Response</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">authn_context_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:AuthnStatement/saml:AuthnContext/saml:AuthnContextClassRef&#39;</span><span class="p">)</span>
+        <span class="k">return</span> <span class="p">[</span><span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">node</span><span class="p">)</span> <span class="k">for</span> <span class="n">node</span> <span class="ow">in</span> <span class="n">authn_context_nodes</span><span class="p">]</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_in_response_to"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_in_response_to">[docs]</a>    <span class="k">def</span> <span class="nf">get_in_response_to</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the ID of the request which this response is in response to</span>
+<span class="sd">        :returns: ID of AuthNRequest this Response is in response to or None if it is not present</span>
+<span class="sd">        :rtype: str</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;InResponseTo&#39;</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_issuers"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_issuers">[docs]</a>    <span class="k">def</span> <span class="nf">get_issuers</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the issuers (from message and from assertion)</span>
+
+<span class="sd">        :returns: The issuers</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">issuers</span> <span class="o">=</span> <span class="nb">set</span><span class="p">()</span>
+
+        <span class="n">message_issuer_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">,</span> <span class="s1">&#39;/samlp:Response/saml:Issuer&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">message_issuer_nodes</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">message_issuer_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
+                <span class="n">issuer_value</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">message_issuer_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
+                <span class="k">if</span> <span class="n">issuer_value</span><span class="p">:</span>
+                    <span class="n">issuers</span><span class="o">.</span><span class="n">add</span><span class="p">(</span><span class="n">issuer_value</span><span class="p">)</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;Issuer of the Response is multiple.&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">ISSUER_MULTIPLE_IN_RESPONSE</span>
+                <span class="p">)</span>
+
+        <span class="n">assertion_issuer_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:Issuer&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">assertion_issuer_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
+            <span class="n">issuer_value</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">assertion_issuer_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
+            <span class="k">if</span> <span class="n">issuer_value</span><span class="p">:</span>
+                <span class="n">issuers</span><span class="o">.</span><span class="n">add</span><span class="p">(</span><span class="n">issuer_value</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                <span class="s1">&#39;Issuer of the Assertion not found or multiple.&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">ISSUER_NOT_FOUND_IN_ASSERTION</span>
+            <span class="p">)</span>
+
+        <span class="k">return</span> <span class="nb">list</span><span class="p">(</span><span class="nb">set</span><span class="p">(</span><span class="n">issuers</span><span class="p">))</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_nameid_data"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_nameid_data">[docs]</a>    <span class="k">def</span> <span class="nf">get_nameid_data</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the NameID Data provided by the SAML Response from the IdP</span>
+
+<span class="sd">        :returns: Name ID Data (Value, Format, NameQualifier, SPNameQualifier)</span>
+<span class="sd">        :rtype: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">nameid</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="n">nameid_data</span> <span class="o">=</span> <span class="p">{}</span>
+
+        <span class="n">encrypted_id_data_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:Subject/saml:EncryptedID/xenc:EncryptedData&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">encrypted_id_data_nodes</span><span class="p">:</span>
+            <span class="n">encrypted_data</span> <span class="o">=</span> <span class="n">encrypted_id_data_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
+            <span class="n">key</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_sp_key</span><span class="p">()</span>
+            <span class="n">nameid</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">decrypt_element</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">,</span> <span class="n">key</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">nameid_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:Subject/saml:NameID&#39;</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">nameid_nodes</span><span class="p">:</span>
+                <span class="n">nameid</span> <span class="o">=</span> <span class="n">nameid_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
+
+        <span class="n">is_strict</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_strict</span><span class="p">()</span>
+        <span class="n">want_nameid</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;wantNameId&#39;</span><span class="p">,</span> <span class="kc">True</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">nameid</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="k">if</span> <span class="n">is_strict</span> <span class="ow">and</span> <span class="n">want_nameid</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;NameID not found in the assertion of the Response&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">NO_NAMEID</span>
+                <span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">if</span> <span class="n">is_strict</span> <span class="ow">and</span> <span class="n">want_nameid</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">nameid</span><span class="p">):</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;An empty NameID value found&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">EMPTY_NAMEID</span>
+                <span class="p">)</span>
+
+            <span class="n">nameid_data</span> <span class="o">=</span> <span class="p">{</span><span class="s1">&#39;Value&#39;</span><span class="p">:</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">nameid</span><span class="p">)}</span>
+            <span class="k">for</span> <span class="n">attr</span> <span class="ow">in</span> <span class="p">[</span><span class="s1">&#39;Format&#39;</span><span class="p">,</span> <span class="s1">&#39;SPNameQualifier&#39;</span><span class="p">,</span> <span class="s1">&#39;NameQualifier&#39;</span><span class="p">]:</span>
+                <span class="n">value</span> <span class="o">=</span> <span class="n">nameid</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">attr</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">value</span><span class="p">:</span>
+                    <span class="k">if</span> <span class="n">is_strict</span> <span class="ow">and</span> <span class="n">attr</span> <span class="o">==</span> <span class="s1">&#39;SPNameQualifier&#39;</span><span class="p">:</span>
+                        <span class="n">sp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_sp_data</span><span class="p">()</span>
+                        <span class="n">sp_entity_id</span> <span class="o">=</span> <span class="n">sp_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;entityId&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+                        <span class="k">if</span> <span class="n">sp_entity_id</span> <span class="o">!=</span> <span class="n">value</span><span class="p">:</span>
+                            <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                                <span class="s1">&#39;The SPNameQualifier value mistmatch the SP entityID value.&#39;</span><span class="p">,</span>
+                                <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">SP_NAME_QUALIFIER_NAME_MISMATCH</span>
+                            <span class="p">)</span>
+
+                    <span class="n">nameid_data</span><span class="p">[</span><span class="n">attr</span><span class="p">]</span> <span class="o">=</span> <span class="n">value</span>
+        <span class="k">return</span> <span class="n">nameid_data</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_nameid"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_nameid">[docs]</a>    <span class="k">def</span> <span class="nf">get_nameid</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the NameID provided by the SAML Response from the IdP</span>
+
+<span class="sd">        :returns: NameID (value)</span>
+<span class="sd">        :rtype: string|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">nameid_value</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="n">nameid_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_nameid_data</span><span class="p">()</span>
+        <span class="k">if</span> <span class="n">nameid_data</span> <span class="ow">and</span> <span class="s1">&#39;Value&#39;</span> <span class="ow">in</span> <span class="n">nameid_data</span><span class="o">.</span><span class="n">keys</span><span class="p">():</span>
+            <span class="n">nameid_value</span> <span class="o">=</span> <span class="n">nameid_data</span><span class="p">[</span><span class="s1">&#39;Value&#39;</span><span class="p">]</span>
+        <span class="k">return</span> <span class="n">nameid_value</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_nameid_format"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_nameid_format">[docs]</a>    <span class="k">def</span> <span class="nf">get_nameid_format</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the NameID Format provided by the SAML Response from the IdP</span>
+
+<span class="sd">        :returns: NameID Format</span>
+<span class="sd">        :rtype: string|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">nameid_format</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="n">nameid_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_nameid_data</span><span class="p">()</span>
+        <span class="k">if</span> <span class="n">nameid_data</span> <span class="ow">and</span> <span class="s1">&#39;Format&#39;</span> <span class="ow">in</span> <span class="n">nameid_data</span><span class="o">.</span><span class="n">keys</span><span class="p">():</span>
+            <span class="n">nameid_format</span> <span class="o">=</span> <span class="n">nameid_data</span><span class="p">[</span><span class="s1">&#39;Format&#39;</span><span class="p">]</span>
+        <span class="k">return</span> <span class="n">nameid_format</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_nameid_nq"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_nameid_nq">[docs]</a>    <span class="k">def</span> <span class="nf">get_nameid_nq</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the NameID NameQualifier provided by the SAML Response from the IdP</span>
+
+<span class="sd">        :returns: NameID NameQualifier</span>
+<span class="sd">        :rtype: string|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">nameid_nq</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="n">nameid_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_nameid_data</span><span class="p">()</span>
+        <span class="k">if</span> <span class="n">nameid_data</span> <span class="ow">and</span> <span class="s1">&#39;NameQualifier&#39;</span> <span class="ow">in</span> <span class="n">nameid_data</span><span class="o">.</span><span class="n">keys</span><span class="p">():</span>
+            <span class="n">nameid_nq</span> <span class="o">=</span> <span class="n">nameid_data</span><span class="p">[</span><span class="s1">&#39;NameQualifier&#39;</span><span class="p">]</span>
+        <span class="k">return</span> <span class="n">nameid_nq</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_nameid_spnq"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_nameid_spnq">[docs]</a>    <span class="k">def</span> <span class="nf">get_nameid_spnq</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the NameID SP NameQualifier provided by the SAML response from the IdP.</span>
+
+<span class="sd">        :returns: NameID SP NameQualifier</span>
+<span class="sd">        :rtype: string|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">nameid_spnq</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="n">nameid_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_nameid_data</span><span class="p">()</span>
+        <span class="k">if</span> <span class="n">nameid_data</span> <span class="ow">and</span> <span class="s1">&#39;SPNameQualifier&#39;</span> <span class="ow">in</span> <span class="n">nameid_data</span><span class="o">.</span><span class="n">keys</span><span class="p">():</span>
+            <span class="n">nameid_spnq</span> <span class="o">=</span> <span class="n">nameid_data</span><span class="p">[</span><span class="s1">&#39;SPNameQualifier&#39;</span><span class="p">]</span>
+        <span class="k">return</span> <span class="n">nameid_spnq</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_session_not_on_or_after"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_session_not_on_or_after">[docs]</a>    <span class="k">def</span> <span class="nf">get_session_not_on_or_after</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the SessionNotOnOrAfter from the AuthnStatement</span>
+<span class="sd">        Could be used to set the local session expiration</span>
+
+<span class="sd">        :returns: The SessionNotOnOrAfter value</span>
+<span class="sd">        :rtype: time|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">not_on_or_after</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="n">authn_statement_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:AuthnStatement[@SessionNotOnOrAfter]&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">authn_statement_nodes</span><span class="p">:</span>
+            <span class="n">not_on_or_after</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">authn_statement_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;SessionNotOnOrAfter&#39;</span><span class="p">))</span>
+        <span class="k">return</span> <span class="n">not_on_or_after</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_assertion_not_on_or_after"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_assertion_not_on_or_after">[docs]</a>    <span class="k">def</span> <span class="nf">get_assertion_not_on_or_after</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the NotOnOrAfter value of the valid SubjectConfirmationData node if any</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">valid_scd_not_on_or_after</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_session_index"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_session_index">[docs]</a>    <span class="k">def</span> <span class="nf">get_session_index</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the SessionIndex from the AuthnStatement</span>
+<span class="sd">        Could be used to be stored in the local session in order</span>
+<span class="sd">        to be used in a future Logout Request that the SP could</span>
+<span class="sd">        send to the SP, to set what specific session must be deleted</span>
+
+<span class="sd">        :returns: The SessionIndex value</span>
+<span class="sd">        :rtype: string|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">session_index</span> <span class="o">=</span> <span class="kc">None</span>
+        <span class="n">authn_statement_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:AuthnStatement[@SessionIndex]&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">authn_statement_nodes</span><span class="p">:</span>
+            <span class="n">session_index</span> <span class="o">=</span> <span class="n">authn_statement_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;SessionIndex&#39;</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">session_index</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_attributes"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_attributes">[docs]</a>    <span class="k">def</span> <span class="nf">get_attributes</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the Attributes from the AttributeStatement element.</span>
+<span class="sd">        EncryptedAttributes are not supported</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_get_attributes</span><span class="p">(</span><span class="s1">&#39;Name&#39;</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_friendlyname_attributes"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_friendlyname_attributes">[docs]</a>    <span class="k">def</span> <span class="nf">get_friendlyname_attributes</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the Attributes from the AttributeStatement element indexed by FiendlyName.</span>
+<span class="sd">        EncryptedAttributes are not supported</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_get_attributes</span><span class="p">(</span><span class="s1">&#39;FriendlyName&#39;</span><span class="p">)</span></div>
+
+    <span class="k">def</span> <span class="nf">_get_attributes</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">attr_name</span><span class="p">):</span>
+        <span class="n">allow_duplicates</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;allowRepeatAttributeName&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+        <span class="n">attributes</span> <span class="o">=</span> <span class="p">{}</span>
+        <span class="n">attribute_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:AttributeStatement/saml:Attribute&#39;</span><span class="p">)</span>
+        <span class="k">for</span> <span class="n">attribute_node</span> <span class="ow">in</span> <span class="n">attribute_nodes</span><span class="p">:</span>
+            <span class="n">attr_key</span> <span class="o">=</span> <span class="n">attribute_node</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">attr_name</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">attr_key</span><span class="p">:</span>
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">allow_duplicates</span> <span class="ow">and</span> <span class="n">attr_key</span> <span class="ow">in</span> <span class="n">attributes</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;Found an Attribute element with duplicated &#39;</span> <span class="o">+</span> <span class="n">attr_name</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">DUPLICATED_ATTRIBUTE_NAME_FOUND</span>
+                    <span class="p">)</span>
+
+                <span class="n">values</span> <span class="o">=</span> <span class="p">[]</span>
+                <span class="k">for</span> <span class="n">attr</span> <span class="ow">in</span> <span class="n">attribute_node</span><span class="o">.</span><span class="n">iterchildren</span><span class="p">(</span><span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}AttributeValue&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NSMAP</span><span class="p">[</span><span class="s1">&#39;saml&#39;</span><span class="p">]):</span>
+                    <span class="n">attr_text</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">attr</span><span class="p">)</span>
+                    <span class="k">if</span> <span class="n">attr_text</span><span class="p">:</span>
+                        <span class="n">attr_text</span> <span class="o">=</span> <span class="n">attr_text</span><span class="o">.</span><span class="n">strip</span><span class="p">()</span>
+                        <span class="k">if</span> <span class="n">attr_text</span><span class="p">:</span>
+                            <span class="n">values</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">attr_text</span><span class="p">)</span>
+
+                    <span class="c1"># Parse any nested NameID children</span>
+                    <span class="k">for</span> <span class="n">nameid</span> <span class="ow">in</span> <span class="n">attr</span><span class="o">.</span><span class="n">iterchildren</span><span class="p">(</span><span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}NameID&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NSMAP</span><span class="p">[</span><span class="s1">&#39;saml&#39;</span><span class="p">]):</span>
+                        <span class="n">values</span><span class="o">.</span><span class="n">append</span><span class="p">({</span>
+                            <span class="s1">&#39;NameID&#39;</span><span class="p">:</span> <span class="p">{</span>
+                                <span class="s1">&#39;Format&#39;</span><span class="p">:</span> <span class="n">nameid</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;Format&#39;</span><span class="p">),</span>
+                                <span class="s1">&#39;NameQualifier&#39;</span><span class="p">:</span> <span class="n">nameid</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;NameQualifier&#39;</span><span class="p">),</span>
+                                <span class="s1">&#39;value&#39;</span><span class="p">:</span> <span class="n">nameid</span><span class="o">.</span><span class="n">text</span>
+                            <span class="p">}</span>
+                        <span class="p">})</span>
+                <span class="k">if</span> <span class="n">attr_key</span> <span class="ow">in</span> <span class="n">attributes</span><span class="p">:</span>
+                    <span class="n">attributes</span><span class="p">[</span><span class="n">attr_key</span><span class="p">]</span><span class="o">.</span><span class="n">extend</span><span class="p">(</span><span class="n">values</span><span class="p">)</span>
+                <span class="k">else</span><span class="p">:</span>
+                    <span class="n">attributes</span><span class="p">[</span><span class="n">attr_key</span><span class="p">]</span> <span class="o">=</span> <span class="n">values</span>
+        <span class="k">return</span> <span class="n">attributes</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.validate_num_assertions"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.validate_num_assertions">[docs]</a>    <span class="k">def</span> <span class="nf">validate_num_assertions</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Verifies that the document only contains a single Assertion (encrypted or not)</span>
+
+<span class="sd">        :returns: True if only 1 assertion encrypted or not</span>
+<span class="sd">        :rtype: bool</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">encrypted_assertion_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">,</span> <span class="s1">&#39;//saml:EncryptedAssertion&#39;</span><span class="p">)</span>
+        <span class="n">assertion_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">,</span> <span class="s1">&#39;//saml:Assertion&#39;</span><span class="p">)</span>
+
+        <span class="n">valid</span> <span class="o">=</span> <span class="nb">len</span><span class="p">(</span><span class="n">encrypted_assertion_nodes</span><span class="p">)</span> <span class="o">+</span> <span class="nb">len</span><span class="p">(</span><span class="n">assertion_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span>
+
+        <span class="k">if</span> <span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span><span class="p">):</span>
+            <span class="n">assertion_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">decrypted_document</span><span class="p">,</span> <span class="s1">&#39;//saml:Assertion&#39;</span><span class="p">)</span>
+            <span class="n">valid</span> <span class="o">=</span> <span class="n">valid</span> <span class="ow">and</span> <span class="nb">len</span><span class="p">(</span><span class="n">assertion_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span>
+
+        <span class="k">return</span> <span class="n">valid</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.process_signed_elements"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.process_signed_elements">[docs]</a>    <span class="k">def</span> <span class="nf">process_signed_elements</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Verifies the signature nodes:</span>
+<span class="sd">         - Checks that are Response or Assertion</span>
+<span class="sd">         - Check that IDs and reference URI are unique and consistent.</span>
+
+<span class="sd">        :returns: The signed elements tag names</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">sign_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query</span><span class="p">(</span><span class="s1">&#39;//ds:Signature&#39;</span><span class="p">)</span>
+
+        <span class="n">signed_elements</span> <span class="o">=</span> <span class="p">[]</span>
+        <span class="n">verified_seis</span> <span class="o">=</span> <span class="p">[]</span>
+        <span class="n">verified_ids</span> <span class="o">=</span> <span class="p">[]</span>
+        <span class="n">response_tag</span> <span class="o">=</span> <span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}Response&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_SAMLP</span>
+        <span class="n">assertion_tag</span> <span class="o">=</span> <span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}Assertion&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_SAML</span>
+
+        <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
+        <span class="n">reject_deprecated_alg</span> <span class="o">=</span> <span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;rejectDeprecatedAlgorithm&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+
+        <span class="k">for</span> <span class="n">sign_node</span> <span class="ow">in</span> <span class="n">sign_nodes</span><span class="p">:</span>
+            <span class="n">signed_element</span> <span class="o">=</span> <span class="n">sign_node</span><span class="o">.</span><span class="n">getparent</span><span class="p">()</span><span class="o">.</span><span class="n">tag</span>
+            <span class="k">if</span> <span class="n">signed_element</span> <span class="o">!=</span> <span class="n">response_tag</span> <span class="ow">and</span> <span class="n">signed_element</span> <span class="o">!=</span> <span class="n">assertion_tag</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;Invalid Signature Element </span><span class="si">%s</span><span class="s1"> SAML Response rejected&#39;</span> <span class="o">%</span> <span class="n">signed_element</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_SIGNED_ELEMENT</span>
+                <span class="p">)</span>
+
+            <span class="k">if</span> <span class="ow">not</span> <span class="n">sign_node</span><span class="o">.</span><span class="n">getparent</span><span class="p">()</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;ID&#39;</span><span class="p">):</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;Signed Element must contain an ID. SAML Response rejected&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">ID_NOT_FOUND_IN_SIGNED_ELEMENT</span>
+                <span class="p">)</span>
+
+            <span class="n">id_value</span> <span class="o">=</span> <span class="n">sign_node</span><span class="o">.</span><span class="n">getparent</span><span class="p">()</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;ID&#39;</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">id_value</span> <span class="ow">in</span> <span class="n">verified_ids</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;Duplicated ID. SAML Response rejected&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">DUPLICATED_ID_IN_SIGNED_ELEMENTS</span>
+                <span class="p">)</span>
+            <span class="n">verified_ids</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">id_value</span><span class="p">)</span>
+
+            <span class="c1"># Check that reference URI matches the parent ID and no duplicate References or IDs</span>
+            <span class="n">ref</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">sign_node</span><span class="p">,</span> <span class="s1">&#39;.//ds:Reference&#39;</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">ref</span><span class="p">:</span>
+                <span class="n">ref</span> <span class="o">=</span> <span class="n">ref</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
+                <span class="k">if</span> <span class="n">ref</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;URI&#39;</span><span class="p">):</span>
+                    <span class="n">sei</span> <span class="o">=</span> <span class="n">ref</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;URI&#39;</span><span class="p">)[</span><span class="mi">1</span><span class="p">:]</span>
+
+                    <span class="k">if</span> <span class="n">sei</span> <span class="o">!=</span> <span class="n">id_value</span><span class="p">:</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;Found an invalid Signed Element. SAML Response rejected&#39;</span><span class="p">,</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">INVALID_SIGNED_ELEMENT</span>
+                        <span class="p">)</span>
+
+                    <span class="k">if</span> <span class="n">sei</span> <span class="ow">in</span> <span class="n">verified_seis</span><span class="p">:</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;Duplicated Reference URI. SAML Response rejected&#39;</span><span class="p">,</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS</span>
+                        <span class="p">)</span>
+                    <span class="n">verified_seis</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">sei</span><span class="p">)</span>
+
+            <span class="c1"># Check the signature and digest algorithm</span>
+            <span class="k">if</span> <span class="n">reject_deprecated_alg</span><span class="p">:</span>
+                <span class="n">sig_method_node</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">sign_node</span><span class="p">,</span> <span class="s1">&#39;.//ds:SignatureMethod&#39;</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">sig_method_node</span><span class="p">:</span>
+                    <span class="n">sig_method</span> <span class="o">=</span> <span class="n">sig_method_node</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s2">&quot;Algorithm&quot;</span><span class="p">)</span>
+                    <span class="k">if</span> <span class="n">sig_method</span> <span class="ow">in</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">DEPRECATED_ALGORITHMS</span><span class="p">:</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;Deprecated signature algorithm found: </span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="n">sig_method</span><span class="p">,</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">DEPRECATED_SIGNATURE_METHOD</span>
+                        <span class="p">)</span>
+
+                <span class="n">dig_method_node</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">sign_node</span><span class="p">,</span> <span class="s1">&#39;.//ds:DigestMethod&#39;</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">dig_method_node</span><span class="p">:</span>
+                    <span class="n">dig_method</span> <span class="o">=</span> <span class="n">dig_method_node</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s2">&quot;Algorithm&quot;</span><span class="p">)</span>
+                    <span class="k">if</span> <span class="n">dig_method</span> <span class="ow">in</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">DEPRECATED_ALGORITHMS</span><span class="p">:</span>
+                        <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                            <span class="s1">&#39;Deprecated digest algorithm found: </span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="n">dig_method</span><span class="p">,</span>
+                            <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">DEPRECATED_DIGEST_METHOD</span>
+                        <span class="p">)</span>
+
+            <span class="n">signed_elements</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">signed_element</span><span class="p">)</span>
+
+        <span class="k">if</span> <span class="n">signed_elements</span><span class="p">:</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">validate_signed_elements</span><span class="p">(</span><span class="n">signed_elements</span><span class="p">,</span> <span class="n">raise_exceptions</span><span class="o">=</span><span class="kc">True</span><span class="p">):</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;Found an unexpected Signature Element. SAML Response rejected&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">UNEXPECTED_SIGNED_ELEMENTS</span>
+                <span class="p">)</span>
+        <span class="k">return</span> <span class="n">signed_elements</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.validate_signed_elements"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.validate_signed_elements">[docs]</a>    <span class="nd">@return_false_on_exception</span>
+    <span class="k">def</span> <span class="nf">validate_signed_elements</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">signed_elements</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Verifies that the document has the expected signed nodes.</span>
+
+<span class="sd">        :param signed_elements: The signed elements to be checked</span>
+<span class="sd">        :type signed_elements: list</span>
+<span class="sd">        :param raise_exceptions: Whether to return false on failure or raise an exception</span>
+<span class="sd">        :type raise_exceptions: Boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">signed_elements</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">2</span><span class="p">:</span>
+            <span class="k">return</span> <span class="kc">False</span>
+
+        <span class="n">response_tag</span> <span class="o">=</span> <span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}Response&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_SAMLP</span>
+        <span class="n">assertion_tag</span> <span class="o">=</span> <span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}Assertion&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_SAML</span>
+
+        <span class="k">if</span> <span class="p">(</span><span class="n">response_tag</span> <span class="ow">in</span> <span class="n">signed_elements</span> <span class="ow">and</span> <span class="n">signed_elements</span><span class="o">.</span><span class="n">count</span><span class="p">(</span><span class="n">response_tag</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">1</span><span class="p">)</span> <span class="ow">or</span> \
+           <span class="p">(</span><span class="n">assertion_tag</span> <span class="ow">in</span> <span class="n">signed_elements</span> <span class="ow">and</span> <span class="n">signed_elements</span><span class="o">.</span><span class="n">count</span><span class="p">(</span><span class="n">assertion_tag</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">1</span><span class="p">)</span> <span class="ow">or</span> \
+           <span class="p">(</span><span class="n">response_tag</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">signed_elements</span> <span class="ow">and</span> <span class="n">assertion_tag</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">signed_elements</span><span class="p">):</span>
+            <span class="k">return</span> <span class="kc">False</span>
+
+        <span class="c1"># Check that the signed elements found here, are the ones that will be verified</span>
+        <span class="c1"># by OneLogin_Saml2_Utils.validate_sign</span>
+        <span class="k">if</span> <span class="n">response_tag</span> <span class="ow">in</span> <span class="n">signed_elements</span><span class="p">:</span>
+            <span class="n">expected_signature_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">RESPONSE_SIGNATURE_XPATH</span><span class="p">)</span>
+            <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">expected_signature_nodes</span><span class="p">)</span> <span class="o">!=</span> <span class="mi">1</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;Unexpected number of Response signatures found. SAML Response rejected.&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE</span>
+                <span class="p">)</span>
+
+        <span class="k">if</span> <span class="n">assertion_tag</span> <span class="ow">in</span> <span class="n">signed_elements</span><span class="p">:</span>
+            <span class="n">expected_signature_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query</span><span class="p">(</span><span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">ASSERTION_SIGNATURE_XPATH</span><span class="p">)</span>
+            <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">expected_signature_nodes</span><span class="p">)</span> <span class="o">!=</span> <span class="mi">1</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;Unexpected number of Assertion signatures found. SAML Response rejected.&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION</span>
+                <span class="p">)</span>
+
+        <span class="k">return</span> <span class="kc">True</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.validate_timestamps"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.validate_timestamps">[docs]</a>    <span class="nd">@return_false_on_exception</span>
+    <span class="k">def</span> <span class="nf">validate_timestamps</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Verifies that the document is valid according to Conditions Element</span>
+
+<span class="sd">        :returns: True if the condition is valid, False otherwise</span>
+<span class="sd">        :rtype: bool</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">conditions_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;/saml:Conditions&#39;</span><span class="p">)</span>
+
+        <span class="k">for</span> <span class="n">conditions_node</span> <span class="ow">in</span> <span class="n">conditions_nodes</span><span class="p">:</span>
+            <span class="n">nb_attr</span> <span class="o">=</span> <span class="n">conditions_node</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;NotBefore&#39;</span><span class="p">)</span>
+            <span class="n">nooa_attr</span> <span class="o">=</span> <span class="n">conditions_node</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;NotOnOrAfter&#39;</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">nb_attr</span> <span class="ow">and</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">nb_attr</span><span class="p">)</span> <span class="o">&gt;</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">now</span><span class="p">()</span> <span class="o">+</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">ALLOWED_CLOCK_DRIFT</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;Could not validate timestamp: not yet valid. Check system clock.&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">ASSERTION_TOO_EARLY</span>
+                <span class="p">)</span>
+            <span class="k">if</span> <span class="n">nooa_attr</span> <span class="ow">and</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">nooa_attr</span><span class="p">)</span> <span class="o">+</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">ALLOWED_CLOCK_DRIFT</span> <span class="o">&lt;=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">now</span><span class="p">():</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;Could not validate timestamp: expired. Check system clock.&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">ASSERTION_EXPIRED</span>
+                <span class="p">)</span>
+        <span class="k">return</span> <span class="kc">True</span></div>
+
+    <span class="k">def</span> <span class="nf">_query_assertion</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">xpath_expr</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Extracts nodes that match the query from the Assertion</span>
+
+<span class="sd">        :param xpath_expr: Xpath Expresion</span>
+<span class="sd">        :type xpath_expr: String</span>
+
+<span class="sd">        :returns: The queried nodes</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+
+        <span class="n">assertion_expr</span> <span class="o">=</span> <span class="s1">&#39;/saml:Assertion&#39;</span>
+        <span class="n">signature_expr</span> <span class="o">=</span> <span class="s1">&#39;/ds:Signature/ds:SignedInfo/ds:Reference&#39;</span>
+        <span class="n">signed_assertion_query</span> <span class="o">=</span> <span class="s1">&#39;/samlp:Response&#39;</span> <span class="o">+</span> <span class="n">assertion_expr</span> <span class="o">+</span> <span class="n">signature_expr</span>
+        <span class="n">assertion_reference_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query</span><span class="p">(</span><span class="n">signed_assertion_query</span><span class="p">)</span>
+        <span class="n">tagid</span> <span class="o">=</span> <span class="kc">None</span>
+
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">assertion_reference_nodes</span><span class="p">:</span>
+            <span class="c1"># Check if the message is signed</span>
+            <span class="n">signed_message_query</span> <span class="o">=</span> <span class="s1">&#39;/samlp:Response&#39;</span> <span class="o">+</span> <span class="n">signature_expr</span>
+            <span class="n">message_reference_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query</span><span class="p">(</span><span class="n">signed_message_query</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">message_reference_nodes</span><span class="p">:</span>
+                <span class="n">message_id</span> <span class="o">=</span> <span class="n">message_reference_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;URI&#39;</span><span class="p">)</span>
+                <span class="n">final_query</span> <span class="o">=</span> <span class="s2">&quot;/samlp:Response[@ID=$tagid]/&quot;</span>
+                <span class="n">tagid</span> <span class="o">=</span> <span class="n">message_id</span><span class="p">[</span><span class="mi">1</span><span class="p">:]</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">final_query</span> <span class="o">=</span> <span class="s2">&quot;/samlp:Response&quot;</span>
+            <span class="n">final_query</span> <span class="o">+=</span> <span class="n">assertion_expr</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">assertion_id</span> <span class="o">=</span> <span class="n">assertion_reference_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;URI&#39;</span><span class="p">)</span>
+            <span class="n">final_query</span> <span class="o">=</span> <span class="s1">&#39;/samlp:Response&#39;</span> <span class="o">+</span> <span class="n">assertion_expr</span> <span class="o">+</span> <span class="s2">&quot;[@ID=$tagid]&quot;</span>
+            <span class="n">tagid</span> <span class="o">=</span> <span class="n">assertion_id</span><span class="p">[</span><span class="mi">1</span><span class="p">:]</span>
+        <span class="n">final_query</span> <span class="o">+=</span> <span class="n">xpath_expr</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query</span><span class="p">(</span><span class="n">final_query</span><span class="p">,</span> <span class="n">tagid</span><span class="p">)</span>
+
+    <span class="k">def</span> <span class="nf">_query</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">query</span><span class="p">,</span> <span class="n">tagid</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Extracts nodes that match the query from the Response</span>
+
+<span class="sd">        :param query: Xpath Expresion</span>
+<span class="sd">        :type query: String</span>
+
+<span class="sd">        :param tagid: Tag ID</span>
+<span class="sd">        :type query: String</span>
+
+<span class="sd">        :returns: The queried nodes</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span><span class="p">:</span>
+            <span class="n">document</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">decrypted_document</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">document</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span>
+        <span class="k">return</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">document</span><span class="p">,</span> <span class="n">query</span><span class="p">,</span> <span class="kc">None</span><span class="p">,</span> <span class="n">tagid</span><span class="p">)</span>
+
+    <span class="k">def</span> <span class="nf">_decrypt_assertion</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">xml</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Decrypts the Assertion</span>
+
+<span class="sd">        :raises: Exception if no private key available</span>
+<span class="sd">        :param xml: Encrypted Assertion</span>
+<span class="sd">        :type xml: Element</span>
+<span class="sd">        :returns: Decrypted Assertion</span>
+<span class="sd">        :rtype: Element</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">key</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">get_sp_key</span><span class="p">()</span>
+        <span class="n">debug</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">()</span>
+
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">key</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                <span class="s1">&#39;No private key available to decrypt the assertion, check settings&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">PRIVATE_KEY_NOT_FOUND</span>
+            <span class="p">)</span>
+
+        <span class="n">encrypted_assertion_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="s1">&#39;/samlp:Response/saml:EncryptedAssertion&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">encrypted_assertion_nodes</span><span class="p">:</span>
+            <span class="n">encrypted_data_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">encrypted_assertion_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">],</span> <span class="s1">&#39;//saml:EncryptedAssertion/xenc:EncryptedData&#39;</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">encrypted_data_nodes</span><span class="p">:</span>
+                <span class="n">keyinfo</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">encrypted_assertion_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">],</span> <span class="s1">&#39;//saml:EncryptedAssertion/xenc:EncryptedData/ds:KeyInfo&#39;</span><span class="p">)</span>
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">keyinfo</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;No KeyInfo present, invalid Assertion&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA</span>
+                    <span class="p">)</span>
+                <span class="n">keyinfo</span> <span class="o">=</span> <span class="n">keyinfo</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
+                <span class="n">children</span> <span class="o">=</span> <span class="n">keyinfo</span><span class="o">.</span><span class="n">getchildren</span><span class="p">()</span>
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">children</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                        <span class="s1">&#39;KeyInfo has no children nodes, invalid Assertion&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">CHILDREN_NODE_NOT_FOUND_IN_KEYINFO</span>
+                    <span class="p">)</span>
+                <span class="k">for</span> <span class="n">child</span> <span class="ow">in</span> <span class="n">children</span><span class="p">:</span>
+                    <span class="k">if</span> <span class="s1">&#39;RetrievalMethod&#39;</span> <span class="ow">in</span> <span class="n">child</span><span class="o">.</span><span class="n">tag</span><span class="p">:</span>
+                        <span class="k">if</span> <span class="n">child</span><span class="o">.</span><span class="n">attrib</span><span class="p">[</span><span class="s1">&#39;Type&#39;</span><span class="p">]</span> <span class="o">!=</span> <span class="s1">&#39;http://www.w3.org/2001/04/xmlenc#EncryptedKey&#39;</span><span class="p">:</span>
+                            <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                                <span class="s1">&#39;Unsupported Retrieval Method found&#39;</span><span class="p">,</span>
+                                <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">UNSUPPORTED_RETRIEVAL_METHOD</span>
+                            <span class="p">)</span>
+                        <span class="n">uri</span> <span class="o">=</span> <span class="n">child</span><span class="o">.</span><span class="n">attrib</span><span class="p">[</span><span class="s1">&#39;URI&#39;</span><span class="p">]</span>
+                        <span class="k">if</span> <span class="ow">not</span> <span class="n">uri</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="s1">&#39;#&#39;</span><span class="p">):</span>
+                            <span class="k">break</span>
+                        <span class="n">uri</span> <span class="o">=</span> <span class="n">uri</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s1">&#39;#&#39;</span><span class="p">)[</span><span class="mi">1</span><span class="p">]</span>
+                        <span class="n">encrypted_key</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">encrypted_assertion_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">],</span> <span class="s1">&#39;./xenc:EncryptedKey[@Id=$tagid]&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">,</span> <span class="n">uri</span><span class="p">)</span>
+                        <span class="k">if</span> <span class="n">encrypted_key</span><span class="p">:</span>
+                            <span class="n">keyinfo</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">encrypted_key</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
+
+                <span class="n">encrypted_data</span> <span class="o">=</span> <span class="n">encrypted_data_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
+                <span class="n">decrypted</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">decrypt_element</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">debug</span><span class="o">=</span><span class="n">debug</span><span class="p">,</span> <span class="n">inplace</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span>
+                <span class="n">xml</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="n">encrypted_assertion_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">],</span> <span class="n">decrypted</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">xml</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_error"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_error">[docs]</a>    <span class="k">def</span> <span class="nf">get_error</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        After executing a validation process, if it fails this method returns the cause</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_error</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_xml_document"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_xml_document">[docs]</a>    <span class="k">def</span> <span class="nf">get_xml_document</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the SAML Response document (If contains an encrypted assertion, decrypts it)</span>
+
+<span class="sd">        :return: Decrypted XML response document</span>
+<span class="sd">        :rtype: DOMDocument</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span><span class="p">:</span>
+            <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">decrypted_document</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_id"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_id">[docs]</a>    <span class="k">def</span> <span class="nf">get_id</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        :returns: the ID of the response</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;ID&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_assertion_id"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_assertion_id">[docs]</a>    <span class="k">def</span> <span class="nf">get_assertion_id</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        :returns: the ID of the assertion in the response</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">validate_num_assertions</span><span class="p">():</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                <span class="s1">&#39;SAML Response must contain 1 assertion&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_NUMBER_OF_ASSERTIONS</span>
+            <span class="p">)</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;&#39;</span><span class="p">)[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;ID&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Response.get_assertion_issue_instant"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Response.get_assertion_issue_instant">[docs]</a>    <span class="k">def</span> <span class="nf">get_assertion_issue_instant</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        :returns: the IssueInstant of the assertion in the response</span>
+<span class="sd">        :rtype: unix/posix timestamp|None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">validate_num_assertions</span><span class="p">():</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                <span class="s1">&#39;SAML Response must contain 1 assertion&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_NUMBER_OF_ASSERTIONS</span>
+            <span class="p">)</span>
+        <span class="n">issue_instant</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_query_assertion</span><span class="p">(</span><span class="s1">&#39;&#39;</span><span class="p">)[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;IssueInstant&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">issue_instant</span><span class="p">)</span></div></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/settings.html b/docs/saml2/_modules/onelogin/saml2/settings.html
new file mode 100644
index 00000000..70185c17
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/settings.html
@@ -0,0 +1,961 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.settings &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.settings</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.settings</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; OneLogin_Saml2_Settings class</span>
+
+<span class="sd">Copyright (c) 2010-2021 OneLogin, Inc.</span>
+<span class="sd">MIT License</span>
+
+<span class="sd">Setting class of OneLogin&#39;s Python Toolkit.</span>
+
+<span class="sd">&quot;&quot;&quot;</span>
+<span class="kn">from</span> <span class="nn">time</span> <span class="kn">import</span> <span class="n">time</span>
+<span class="kn">import</span> <span class="nn">re</span>
+<span class="kn">from</span> <span class="nn">os.path</span> <span class="kn">import</span> <span class="n">dirname</span><span class="p">,</span> <span class="n">exists</span><span class="p">,</span> <span class="n">join</span><span class="p">,</span> <span class="n">sep</span>
+
+<span class="kn">from</span> <span class="nn">onelogin.saml2</span> <span class="kn">import</span> <span class="n">compat</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.errors</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Error</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.metadata</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Metadata</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.xml_utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_XML</span>
+
+<span class="k">try</span><span class="p">:</span>
+    <span class="kn">import</span> <span class="nn">ujson</span> <span class="k">as</span> <span class="nn">json</span>
+<span class="k">except</span> <span class="ne">ImportError</span><span class="p">:</span>
+    <span class="kn">import</span> <span class="nn">json</span>
+
+<span class="k">try</span><span class="p">:</span>
+    <span class="n">basestring</span>
+<span class="k">except</span> <span class="ne">NameError</span><span class="p">:</span>
+    <span class="n">basestring</span> <span class="o">=</span> <span class="nb">str</span>
+
+<span class="c1"># Regex from Django Software Foundation and individual contributors.</span>
+<span class="c1"># Released under a BSD 3-Clause License</span>
+<span class="n">url_regex</span> <span class="o">=</span> <span class="n">re</span><span class="o">.</span><span class="n">compile</span><span class="p">(</span>
+    <span class="sa">r</span><span class="s1">&#39;^(?:[a-z0-9\.\-]*)://&#39;</span>  <span class="c1"># scheme is validated separately</span>
+    <span class="sa">r</span><span class="s1">&#39;(?:(?:[A-Z0-9_](?:[A-Z0-9-_]{0,61}[A-Z0-9_])?\.)+(?:[A-Z]{2,6}\.?|[A-Z0-9-]{2,}\.?)|&#39;</span>  <span class="c1"># domain...</span>
+    <span class="sa">r</span><span class="s1">&#39;localhost|&#39;</span>  <span class="c1"># localhost...</span>
+    <span class="sa">r</span><span class="s1">&#39;\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}|&#39;</span>  <span class="c1"># ...or ipv4</span>
+    <span class="sa">r</span><span class="s1">&#39;\[?[A-F0-9]*:[A-F0-9:]+\]?)&#39;</span>  <span class="c1"># ...or ipv6</span>
+    <span class="sa">r</span><span class="s1">&#39;(?::\d+)?&#39;</span>  <span class="c1"># optional port</span>
+    <span class="sa">r</span><span class="s1">&#39;(?:/?|[/?]\S+)$&#39;</span><span class="p">,</span> <span class="n">re</span><span class="o">.</span><span class="n">IGNORECASE</span><span class="p">)</span>
+<span class="n">url_regex_single_label_domain</span> <span class="o">=</span> <span class="n">re</span><span class="o">.</span><span class="n">compile</span><span class="p">(</span>
+    <span class="sa">r</span><span class="s1">&#39;^(?:[a-z0-9\.\-]*)://&#39;</span>  <span class="c1"># scheme is validated separately</span>
+    <span class="sa">r</span><span class="s1">&#39;(?:(?:[A-Z0-9_](?:[A-Z0-9-_]{0,61}[A-Z0-9_])?\.)+(?:[A-Z]{2,6}\.?|[A-Z0-9-]{2,}\.?)|&#39;</span>  <span class="c1"># domain...</span>
+    <span class="sa">r</span><span class="s1">&#39;(?:[A-Z0-9_](?:[A-Z0-9-_]{0,61}[A-Z0-9_]))|&#39;</span>  <span class="c1"># single-label-domain</span>
+    <span class="sa">r</span><span class="s1">&#39;localhost|&#39;</span>  <span class="c1"># localhost...</span>
+    <span class="sa">r</span><span class="s1">&#39;\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}|&#39;</span>  <span class="c1"># ...or ipv4</span>
+    <span class="sa">r</span><span class="s1">&#39;\[?[A-F0-9]*:[A-F0-9:]+\]?)&#39;</span>  <span class="c1"># ...or ipv6</span>
+    <span class="sa">r</span><span class="s1">&#39;(?::\d+)?&#39;</span>  <span class="c1"># optional port</span>
+    <span class="sa">r</span><span class="s1">&#39;(?:/?|[/?]\S+)$&#39;</span><span class="p">,</span> <span class="n">re</span><span class="o">.</span><span class="n">IGNORECASE</span><span class="p">)</span>
+<span class="n">url_schemes</span> <span class="o">=</span> <span class="p">[</span><span class="s1">&#39;http&#39;</span><span class="p">,</span> <span class="s1">&#39;https&#39;</span><span class="p">,</span> <span class="s1">&#39;ftp&#39;</span><span class="p">,</span> <span class="s1">&#39;ftps&#39;</span><span class="p">]</span>
+
+
+<div class="viewcode-block" id="validate_url"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.validate_url">[docs]</a><span class="k">def</span> <span class="nf">validate_url</span><span class="p">(</span><span class="n">url</span><span class="p">,</span> <span class="n">allow_single_label_domain</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">    Auxiliary method to validate an urllib</span>
+<span class="sd">    :param url: An url to be validated</span>
+<span class="sd">    :type url: string</span>
+<span class="sd">    :param allow_single_label_domain: In order to allow or not single label domain</span>
+<span class="sd">    :type url: bool</span>
+<span class="sd">    :returns: True if the url is valid</span>
+<span class="sd">    :rtype: bool</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="n">scheme</span> <span class="o">=</span> <span class="n">url</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s1">&#39;://&#39;</span><span class="p">)[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">lower</span><span class="p">()</span>
+    <span class="k">if</span> <span class="n">scheme</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">url_schemes</span><span class="p">:</span>
+        <span class="k">return</span> <span class="kc">False</span>
+    <span class="k">if</span> <span class="n">allow_single_label_domain</span><span class="p">:</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="nb">bool</span><span class="p">(</span><span class="n">url_regex_single_label_domain</span><span class="o">.</span><span class="n">search</span><span class="p">(</span><span class="n">url</span><span class="p">)):</span>
+            <span class="k">return</span> <span class="kc">False</span>
+    <span class="k">else</span><span class="p">:</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="nb">bool</span><span class="p">(</span><span class="n">url_regex</span><span class="o">.</span><span class="n">search</span><span class="p">(</span><span class="n">url</span><span class="p">)):</span>
+            <span class="k">return</span> <span class="kc">False</span>
+    <span class="k">return</span> <span class="kc">True</span></div>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Settings</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+
+<span class="sd">    Handles the settings of the Python toolkits.</span>
+
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="n">metadata_class</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Metadata</span>
+
+    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">custom_base_path</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">sp_validation_only</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Initializes the settings:</span>
+<span class="sd">        - Sets the paths of the different folders</span>
+<span class="sd">        - Loads settings info from settings file or array/object provided</span>
+
+<span class="sd">        :param settings: SAML Toolkit Settings</span>
+<span class="sd">        :type settings: dict</span>
+
+<span class="sd">        :param custom_base_path: Path where are stored the settings file and the cert folder</span>
+<span class="sd">        :type custom_base_path: string</span>
+
+<span class="sd">        :param sp_validation_only: Avoid the IdP validation</span>
+<span class="sd">        :type sp_validation_only: boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_sp_validation_only</span> <span class="o">=</span> <span class="n">sp_validation_only</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_paths</span> <span class="o">=</span> <span class="p">{}</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_strict</span> <span class="o">=</span> <span class="kc">True</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_debug</span> <span class="o">=</span> <span class="kc">False</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span> <span class="o">=</span> <span class="p">{}</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span> <span class="o">=</span> <span class="p">{}</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span> <span class="o">=</span> <span class="p">{}</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_contacts</span> <span class="o">=</span> <span class="p">{}</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_organization</span> <span class="o">=</span> <span class="p">{}</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span> <span class="o">=</span> <span class="p">[]</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">_load_paths</span><span class="p">(</span><span class="n">base_path</span><span class="o">=</span><span class="n">custom_base_path</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_update_paths</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span>
+
+        <span class="k">if</span> <span class="n">settings</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="k">try</span><span class="p">:</span>
+                <span class="n">valid</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_load_settings_from_file</span><span class="p">()</span>
+            <span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="n">e</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="n">valid</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                    <span class="s1">&#39;Invalid dict settings at the file: </span><span class="si">%s</span><span class="s1">&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SETTINGS_INVALID</span><span class="p">,</span>
+                    <span class="s1">&#39;,&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_errors</span><span class="p">)</span>
+                <span class="p">)</span>
+        <span class="k">elif</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="nb">dict</span><span class="p">):</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">_load_settings_from_dict</span><span class="p">(</span><span class="n">settings</span><span class="p">):</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                    <span class="s1">&#39;Invalid dict settings: </span><span class="si">%s</span><span class="s1">&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SETTINGS_INVALID</span><span class="p">,</span>
+                    <span class="s1">&#39;,&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_errors</span><span class="p">)</span>
+                <span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                <span class="s1">&#39;Unsupported settings object&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">UNSUPPORTED_SETTINGS_OBJECT</span>
+            <span class="p">)</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">format_idp_cert</span><span class="p">()</span>
+        <span class="k">if</span> <span class="s1">&#39;x509certMulti&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="p">:</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">format_idp_cert_multi</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">format_sp_cert</span><span class="p">()</span>
+        <span class="k">if</span> <span class="s1">&#39;x509certNew&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="p">:</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">format_sp_cert_new</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">format_sp_key</span><span class="p">()</span>
+
+    <span class="k">def</span> <span class="nf">_load_paths</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">base_path</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Set the paths of the different folders</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="n">base_path</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">base_path</span> <span class="o">=</span> <span class="n">dirname</span><span class="p">(</span><span class="n">dirname</span><span class="p">(</span><span class="n">dirname</span><span class="p">(</span><span class="vm">__file__</span><span class="p">)))</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">base_path</span><span class="o">.</span><span class="n">endswith</span><span class="p">(</span><span class="n">sep</span><span class="p">):</span>
+            <span class="n">base_path</span> <span class="o">+=</span> <span class="n">sep</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_paths</span> <span class="o">=</span> <span class="p">{</span>
+            <span class="s1">&#39;base&#39;</span><span class="p">:</span> <span class="n">base_path</span><span class="p">,</span>
+            <span class="s1">&#39;cert&#39;</span><span class="p">:</span> <span class="n">base_path</span> <span class="o">+</span> <span class="s1">&#39;certs&#39;</span> <span class="o">+</span> <span class="n">sep</span><span class="p">,</span>
+            <span class="s1">&#39;lib&#39;</span><span class="p">:</span> <span class="n">dirname</span><span class="p">(</span><span class="vm">__file__</span><span class="p">)</span> <span class="o">+</span> <span class="n">sep</span>
+        <span class="p">}</span>
+
+    <span class="k">def</span> <span class="nf">_update_paths</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Set custom paths if necessary</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="nb">dict</span><span class="p">):</span>
+            <span class="k">return</span>
+
+        <span class="k">if</span> <span class="s1">&#39;custom_base_path&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">:</span>
+            <span class="n">base_path</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s1">&#39;custom_base_path&#39;</span><span class="p">]</span>
+            <span class="n">base_path</span> <span class="o">=</span> <span class="n">join</span><span class="p">(</span><span class="n">dirname</span><span class="p">(</span><span class="vm">__file__</span><span class="p">),</span> <span class="n">base_path</span><span class="p">)</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_load_paths</span><span class="p">(</span><span class="n">base_path</span><span class="p">)</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_base_path"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_base_path">[docs]</a>    <span class="k">def</span> <span class="nf">get_base_path</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns base path</span>
+
+<span class="sd">        :return: The base toolkit folder path</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_paths</span><span class="p">[</span><span class="s1">&#39;base&#39;</span><span class="p">]</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_cert_path"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_cert_path">[docs]</a>    <span class="k">def</span> <span class="nf">get_cert_path</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns cert path</span>
+
+<span class="sd">        :return: The cert folder path</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_paths</span><span class="p">[</span><span class="s1">&#39;cert&#39;</span><span class="p">]</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.set_cert_path"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.set_cert_path">[docs]</a>    <span class="k">def</span> <span class="nf">set_cert_path</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Set a new cert path</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_paths</span><span class="p">[</span><span class="s1">&#39;cert&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">path</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_lib_path"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_lib_path">[docs]</a>    <span class="k">def</span> <span class="nf">get_lib_path</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns lib path</span>
+
+<span class="sd">        :return: The library folder path</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_paths</span><span class="p">[</span><span class="s1">&#39;lib&#39;</span><span class="p">]</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_schemas_path"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_schemas_path">[docs]</a>    <span class="k">def</span> <span class="nf">get_schemas_path</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns schema path</span>
+
+<span class="sd">        :return: The schema folder path</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_paths</span><span class="p">[</span><span class="s1">&#39;lib&#39;</span><span class="p">]</span> <span class="o">+</span> <span class="s1">&#39;schemas/&#39;</span></div>
+
+    <span class="k">def</span> <span class="nf">_load_settings_from_dict</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Loads settings info from a settings Dict</span>
+
+<span class="sd">        :param settings: SAML Toolkit Settings</span>
+<span class="sd">        :type settings: dict</span>
+
+<span class="sd">        :returns: True if the settings info is valid</span>
+<span class="sd">        :rtype: boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">errors</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">check_settings</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">errors</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span> <span class="o">=</span> <span class="p">[]</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s1">&#39;sp&#39;</span><span class="p">]</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;idp&#39;</span><span class="p">,</span> <span class="p">{})</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_strict</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;strict&#39;</span><span class="p">,</span> <span class="kc">True</span><span class="p">)</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_debug</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;debug&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_security</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;security&#39;</span><span class="p">,</span> <span class="p">{})</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_contacts</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;contactPerson&#39;</span><span class="p">,</span> <span class="p">{})</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_organization</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;organization&#39;</span><span class="p">,</span> <span class="p">{})</span>
+
+            <span class="bp">self</span><span class="o">.</span><span class="n">_add_default_values</span><span class="p">()</span>
+            <span class="k">return</span> <span class="kc">True</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span> <span class="o">=</span> <span class="n">errors</span>
+        <span class="k">return</span> <span class="kc">False</span>
+
+    <span class="k">def</span> <span class="nf">_load_settings_from_file</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Loads settings info from the settings json file</span>
+
+<span class="sd">        :returns: True if the settings info is valid</span>
+<span class="sd">        :rtype: boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">filename</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_base_path</span><span class="p">()</span> <span class="o">+</span> <span class="s1">&#39;settings.json&#39;</span>
+
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">exists</span><span class="p">(</span><span class="n">filename</span><span class="p">):</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                <span class="s1">&#39;Settings file not found: </span><span class="si">%s</span><span class="s1">&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SETTINGS_FILE_NOT_FOUND</span><span class="p">,</span>
+                <span class="n">filename</span>
+            <span class="p">)</span>
+
+        <span class="c1"># In the php toolkit instead of being a json file it is a php file and</span>
+        <span class="c1"># it is directly included</span>
+        <span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="n">filename</span><span class="p">,</span> <span class="s1">&#39;r&#39;</span><span class="p">)</span> <span class="k">as</span> <span class="n">json_data</span><span class="p">:</span>
+            <span class="n">settings</span> <span class="o">=</span> <span class="n">json</span><span class="o">.</span><span class="n">loads</span><span class="p">(</span><span class="n">json_data</span><span class="o">.</span><span class="n">read</span><span class="p">())</span>
+
+        <span class="n">advanced_filename</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_base_path</span><span class="p">()</span> <span class="o">+</span> <span class="s1">&#39;advanced_settings.json&#39;</span>
+        <span class="k">if</span> <span class="n">exists</span><span class="p">(</span><span class="n">advanced_filename</span><span class="p">):</span>
+            <span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="n">advanced_filename</span><span class="p">,</span> <span class="s1">&#39;r&#39;</span><span class="p">)</span> <span class="k">as</span> <span class="n">json_data</span><span class="p">:</span>
+                <span class="n">settings</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="n">json</span><span class="o">.</span><span class="n">loads</span><span class="p">(</span><span class="n">json_data</span><span class="o">.</span><span class="n">read</span><span class="p">()))</span>  <span class="c1"># Merge settings</span>
+
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_load_settings_from_dict</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span>
+
+    <span class="k">def</span> <span class="nf">_add_default_values</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Add default values if the settings info is not complete</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;assertionConsumerService&#39;</span><span class="p">,</span> <span class="p">{})</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="p">[</span><span class="s1">&#39;assertionConsumerService&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;binding&#39;</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">BINDING_HTTP_POST</span><span class="p">)</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;attributeConsumingService&#39;</span><span class="p">,</span> <span class="p">{})</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">,</span> <span class="p">{})</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="p">[</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;binding&#39;</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">BINDING_HTTP_REDIRECT</span><span class="p">)</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">,</span> <span class="p">{})</span>
+
+        <span class="c1"># Related to nameID</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;NameIDFormat&#39;</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NAMEID_UNSPECIFIED</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;nameIdEncrypted&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+
+        <span class="c1"># Metadata format</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;metadataValidUntil&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>  <span class="c1"># None means use default</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;metadataCacheDuration&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>  <span class="c1"># None means use default</span>
+
+        <span class="c1"># Sign provided</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;authnRequestsSigned&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;logoutRequestSigned&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;logoutResponseSigned&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;signMetadata&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+
+        <span class="c1"># Sign expected</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;wantMessagesSigned&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;wantAssertionsSigned&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+
+        <span class="c1"># NameID element expected</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;wantNameId&#39;</span><span class="p">,</span> <span class="kc">True</span><span class="p">)</span>
+
+        <span class="c1"># Encrypt expected</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;wantAssertionsEncrypted&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;wantNameIdEncrypted&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+
+        <span class="c1"># Signature Algorithm</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;signatureAlgorithm&#39;</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">)</span>
+
+        <span class="c1"># Digest Algorithm</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;digestAlgorithm&#39;</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">SHA256</span><span class="p">)</span>
+
+        <span class="c1"># Reject Deprecated Algorithms</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;rejectDeprecatedAlgorithm&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+
+        <span class="c1"># AttributeStatement required by default</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;wantAttributeStatement&#39;</span><span class="p">,</span> <span class="kc">True</span><span class="p">)</span>
+
+        <span class="c1"># Disallow duplicate attribute names by default</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;allowRepeatAttributeName&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;x509cert&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;certFingerprint&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;certFingerprintAlgorithm&#39;</span><span class="p">,</span> <span class="s1">&#39;sha1&#39;</span><span class="p">)</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;x509cert&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;privateKey&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;requestedAuthnContext&#39;</span><span class="p">,</span> <span class="kc">True</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;requestedAuthnContextComparison&#39;</span><span class="p">,</span> <span class="s1">&#39;exact&#39;</span><span class="p">)</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="o">.</span><span class="n">setdefault</span><span class="p">(</span><span class="s1">&#39;failOnAuthnContextMismatch&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">)</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.check_settings"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_settings">[docs]</a>    <span class="k">def</span> <span class="nf">check_settings</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Checks the settings info.</span>
+
+<span class="sd">        :param settings: Dict with settings data</span>
+<span class="sd">        :type settings: dict</span>
+
+<span class="sd">        :returns: Errors found on the settings data</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="nb">dict</span><span class="p">)</span>
+
+        <span class="n">errors</span> <span class="o">=</span> <span class="p">[]</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="nb">dict</span><span class="p">)</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;invalid_syntax&#39;</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">_sp_validation_only</span><span class="p">:</span>
+                <span class="n">errors</span> <span class="o">+=</span> <span class="bp">self</span><span class="o">.</span><span class="n">check_idp_settings</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span>
+            <span class="n">sp_errors</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">check_sp_settings</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span>
+            <span class="n">errors</span> <span class="o">+=</span> <span class="n">sp_errors</span>
+
+        <span class="k">return</span> <span class="n">errors</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.check_idp_settings"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_idp_settings">[docs]</a>    <span class="k">def</span> <span class="nf">check_idp_settings</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Checks the IdP settings info.</span>
+<span class="sd">        :param settings: Dict with settings data</span>
+<span class="sd">        :type settings: dict</span>
+<span class="sd">        :returns: Errors found on the IdP settings data</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="nb">dict</span><span class="p">)</span>
+
+        <span class="n">errors</span> <span class="o">=</span> <span class="p">[]</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="nb">dict</span><span class="p">)</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;invalid_syntax&#39;</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="n">settings</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;idp&#39;</span><span class="p">):</span>
+                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;idp_not_found&#39;</span><span class="p">)</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">allow_single_domain_urls</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_get_allow_single_label_domain</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span>
+                <span class="n">idp</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s1">&#39;idp&#39;</span><span class="p">]</span>
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">idp</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;entityId&#39;</span><span class="p">):</span>
+                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;idp_entityId_not_found&#39;</span><span class="p">)</span>
+
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">idp</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;singleSignOnService&#39;</span><span class="p">,</span> <span class="p">{})</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;url&#39;</span><span class="p">):</span>
+                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;idp_sso_not_found&#39;</span><span class="p">)</span>
+                <span class="k">elif</span> <span class="ow">not</span> <span class="n">validate_url</span><span class="p">(</span><span class="n">idp</span><span class="p">[</span><span class="s1">&#39;singleSignOnService&#39;</span><span class="p">][</span><span class="s1">&#39;url&#39;</span><span class="p">],</span> <span class="n">allow_single_domain_urls</span><span class="p">):</span>
+                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;idp_sso_url_invalid&#39;</span><span class="p">)</span>
+
+                <span class="n">slo_url</span> <span class="o">=</span> <span class="n">idp</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">,</span> <span class="p">{})</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;url&#39;</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">slo_url</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">validate_url</span><span class="p">(</span><span class="n">slo_url</span><span class="p">,</span> <span class="n">allow_single_domain_urls</span><span class="p">):</span>
+                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;idp_slo_url_invalid&#39;</span><span class="p">)</span>
+
+                <span class="k">if</span> <span class="s1">&#39;security&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">:</span>
+                    <span class="n">security</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s1">&#39;security&#39;</span><span class="p">]</span>
+
+                    <span class="n">exists_x509</span> <span class="o">=</span> <span class="nb">bool</span><span class="p">(</span><span class="n">idp</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;x509cert&#39;</span><span class="p">))</span>
+                    <span class="n">exists_fingerprint</span> <span class="o">=</span> <span class="nb">bool</span><span class="p">(</span><span class="n">idp</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;certFingerprint&#39;</span><span class="p">))</span>
+
+                    <span class="n">exists_multix509sign</span> <span class="o">=</span> <span class="s1">&#39;x509certMulti&#39;</span> <span class="ow">in</span> <span class="n">idp</span> <span class="ow">and</span> \
+                        <span class="s1">&#39;signing&#39;</span> <span class="ow">in</span> <span class="n">idp</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">]</span> <span class="ow">and</span> \
+                        <span class="n">idp</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;signing&#39;</span><span class="p">]</span>
+                    <span class="n">exists_multix509enc</span> <span class="o">=</span> <span class="s1">&#39;x509certMulti&#39;</span> <span class="ow">in</span> <span class="n">idp</span> <span class="ow">and</span> \
+                        <span class="s1">&#39;encryption&#39;</span> <span class="ow">in</span> <span class="n">idp</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">]</span> <span class="ow">and</span> \
+                        <span class="n">idp</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;encryption&#39;</span><span class="p">]</span>
+
+                    <span class="n">want_assert_sign</span> <span class="o">=</span> <span class="nb">bool</span><span class="p">(</span><span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;wantAssertionsSigned&#39;</span><span class="p">))</span>
+                    <span class="n">want_mes_signed</span> <span class="o">=</span> <span class="nb">bool</span><span class="p">(</span><span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;wantMessagesSigned&#39;</span><span class="p">))</span>
+                    <span class="n">nameid_enc</span> <span class="o">=</span> <span class="nb">bool</span><span class="p">(</span><span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;nameIdEncrypted&#39;</span><span class="p">))</span>
+
+                    <span class="k">if</span> <span class="p">(</span><span class="n">want_assert_sign</span> <span class="ow">or</span> <span class="n">want_mes_signed</span><span class="p">)</span> <span class="ow">and</span> \
+                            <span class="ow">not</span> <span class="p">(</span><span class="n">exists_x509</span> <span class="ow">or</span> <span class="n">exists_fingerprint</span> <span class="ow">or</span> <span class="n">exists_multix509sign</span><span class="p">):</span>
+                        <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;idp_cert_or_fingerprint_not_found_and_required&#39;</span><span class="p">)</span>
+                    <span class="k">if</span> <span class="n">nameid_enc</span> <span class="ow">and</span> <span class="ow">not</span> <span class="p">(</span><span class="n">exists_x509</span> <span class="ow">or</span> <span class="n">exists_multix509enc</span><span class="p">):</span>
+                        <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;idp_cert_not_found_and_required&#39;</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">errors</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.check_sp_settings"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_sp_settings">[docs]</a>    <span class="k">def</span> <span class="nf">check_sp_settings</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Checks the SP settings info.</span>
+<span class="sd">        :param settings: Dict with settings data</span>
+<span class="sd">        :type settings: dict</span>
+<span class="sd">        :returns: Errors found on the SP settings data</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="nb">dict</span><span class="p">)</span>
+
+        <span class="n">errors</span> <span class="o">=</span> <span class="p">[]</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="nb">dict</span><span class="p">)</span> <span class="ow">or</span> <span class="ow">not</span> <span class="n">settings</span><span class="p">:</span>
+            <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;invalid_syntax&#39;</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="n">settings</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;sp&#39;</span><span class="p">):</span>
+                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_not_found&#39;</span><span class="p">)</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">allow_single_domain_urls</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_get_allow_single_label_domain</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span>
+                <span class="c1"># check_sp_certs uses self._sp so I add it</span>
+                <span class="n">old_sp</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span>
+                <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s1">&#39;sp&#39;</span><span class="p">]</span>
+
+                <span class="n">sp</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s1">&#39;sp&#39;</span><span class="p">]</span>
+                <span class="n">security</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;security&#39;</span><span class="p">,</span> <span class="p">{})</span>
+
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">sp</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;entityId&#39;</span><span class="p">):</span>
+                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_entityId_not_found&#39;</span><span class="p">)</span>
+
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">sp</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;assertionConsumerService&#39;</span><span class="p">,</span> <span class="p">{})</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;url&#39;</span><span class="p">):</span>
+                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_acs_not_found&#39;</span><span class="p">)</span>
+                <span class="k">elif</span> <span class="ow">not</span> <span class="n">validate_url</span><span class="p">(</span><span class="n">sp</span><span class="p">[</span><span class="s1">&#39;assertionConsumerService&#39;</span><span class="p">][</span><span class="s1">&#39;url&#39;</span><span class="p">],</span> <span class="n">allow_single_domain_urls</span><span class="p">):</span>
+                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_acs_url_invalid&#39;</span><span class="p">)</span>
+
+                <span class="k">if</span> <span class="n">sp</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;attributeConsumingService&#39;</span><span class="p">):</span>
+                    <span class="n">attributeConsumingService</span> <span class="o">=</span> <span class="n">sp</span><span class="p">[</span><span class="s1">&#39;attributeConsumingService&#39;</span><span class="p">]</span>
+                    <span class="k">if</span> <span class="s1">&#39;serviceName&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">attributeConsumingService</span><span class="p">:</span>
+                        <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_attributeConsumingService_serviceName_not_found&#39;</span><span class="p">)</span>
+                    <span class="k">elif</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">attributeConsumingService</span><span class="p">[</span><span class="s1">&#39;serviceName&#39;</span><span class="p">],</span> <span class="n">basestring</span><span class="p">):</span>
+                        <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_attributeConsumingService_serviceName_type_invalid&#39;</span><span class="p">)</span>
+
+                    <span class="k">if</span> <span class="s1">&#39;requestedAttributes&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">attributeConsumingService</span><span class="p">:</span>
+                        <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_attributeConsumingService_requestedAttributes_not_found&#39;</span><span class="p">)</span>
+                    <span class="k">elif</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">attributeConsumingService</span><span class="p">[</span><span class="s1">&#39;requestedAttributes&#39;</span><span class="p">],</span> <span class="nb">list</span><span class="p">):</span>
+                        <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_attributeConsumingService_serviceName_type_invalid&#39;</span><span class="p">)</span>
+                    <span class="k">else</span><span class="p">:</span>
+                        <span class="k">for</span> <span class="n">req_attrib</span> <span class="ow">in</span> <span class="n">attributeConsumingService</span><span class="p">[</span><span class="s1">&#39;requestedAttributes&#39;</span><span class="p">]:</span>
+                            <span class="k">if</span> <span class="s1">&#39;name&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">req_attrib</span><span class="p">:</span>
+                                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_attributeConsumingService_requestedAttributes_name_not_found&#39;</span><span class="p">)</span>
+                            <span class="k">if</span> <span class="s1">&#39;name&#39;</span> <span class="ow">in</span> <span class="n">req_attrib</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">req_attrib</span><span class="p">[</span><span class="s1">&#39;name&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">strip</span><span class="p">():</span>
+                                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_attributeConsumingService_requestedAttributes_name_invalid&#39;</span><span class="p">)</span>
+                            <span class="k">if</span> <span class="s1">&#39;attributeValue&#39;</span> <span class="ow">in</span> <span class="n">req_attrib</span> <span class="ow">and</span> <span class="nb">type</span><span class="p">(</span><span class="n">req_attrib</span><span class="p">[</span><span class="s1">&#39;attributeValue&#39;</span><span class="p">])</span> <span class="o">!=</span> <span class="nb">list</span><span class="p">:</span>
+                                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_attributeConsumingService_requestedAttributes_attributeValue_type_invalid&#39;</span><span class="p">)</span>
+                            <span class="k">if</span> <span class="s1">&#39;isRequired&#39;</span> <span class="ow">in</span> <span class="n">req_attrib</span> <span class="ow">and</span> <span class="nb">type</span><span class="p">(</span><span class="n">req_attrib</span><span class="p">[</span><span class="s1">&#39;isRequired&#39;</span><span class="p">])</span> <span class="o">!=</span> <span class="nb">bool</span><span class="p">:</span>
+                                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_attributeConsumingService_requestedAttributes_isRequired_type_invalid&#39;</span><span class="p">)</span>
+
+                    <span class="k">if</span> <span class="s2">&quot;serviceDescription&quot;</span> <span class="ow">in</span> <span class="n">attributeConsumingService</span> <span class="ow">and</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">attributeConsumingService</span><span class="p">[</span><span class="s1">&#39;serviceDescription&#39;</span><span class="p">],</span> <span class="n">basestring</span><span class="p">):</span>
+                        <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_attributeConsumingService_serviceDescription_type_invalid&#39;</span><span class="p">)</span>
+
+                <span class="n">slo_url</span> <span class="o">=</span> <span class="n">sp</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">,</span> <span class="p">{})</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;url&#39;</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">slo_url</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">validate_url</span><span class="p">(</span><span class="n">slo_url</span><span class="p">,</span> <span class="n">allow_single_domain_urls</span><span class="p">):</span>
+                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_sls_url_invalid&#39;</span><span class="p">)</span>
+
+                <span class="k">if</span> <span class="s1">&#39;signMetadata&#39;</span> <span class="ow">in</span> <span class="n">security</span> <span class="ow">and</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">security</span><span class="p">[</span><span class="s1">&#39;signMetadata&#39;</span><span class="p">],</span> <span class="nb">dict</span><span class="p">):</span>
+                    <span class="k">if</span> <span class="s1">&#39;keyFileName&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;signMetadata&#39;</span><span class="p">]</span> <span class="ow">or</span> \
+                            <span class="s1">&#39;certFileName&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;signMetadata&#39;</span><span class="p">]:</span>
+                        <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_signMetadata_invalid&#39;</span><span class="p">)</span>
+
+                <span class="n">authn_sign</span> <span class="o">=</span> <span class="nb">bool</span><span class="p">(</span><span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;authnRequestsSigned&#39;</span><span class="p">))</span>
+                <span class="n">logout_req_sign</span> <span class="o">=</span> <span class="nb">bool</span><span class="p">(</span><span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;logoutRequestSigned&#39;</span><span class="p">))</span>
+                <span class="n">logout_res_sign</span> <span class="o">=</span> <span class="nb">bool</span><span class="p">(</span><span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;logoutResponseSigned&#39;</span><span class="p">))</span>
+                <span class="n">want_assert_enc</span> <span class="o">=</span> <span class="nb">bool</span><span class="p">(</span><span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;wantAssertionsEncrypted&#39;</span><span class="p">))</span>
+                <span class="n">want_nameid_enc</span> <span class="o">=</span> <span class="nb">bool</span><span class="p">(</span><span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;wantNameIdEncrypted&#39;</span><span class="p">))</span>
+
+                <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">check_sp_certs</span><span class="p">():</span>
+                    <span class="k">if</span> <span class="n">authn_sign</span> <span class="ow">or</span> <span class="n">logout_req_sign</span> <span class="ow">or</span> <span class="n">logout_res_sign</span> <span class="ow">or</span> \
+                       <span class="n">want_assert_enc</span> <span class="ow">or</span> <span class="n">want_nameid_enc</span><span class="p">:</span>
+                        <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;sp_cert_not_found_and_required&#39;</span><span class="p">)</span>
+
+            <span class="k">if</span> <span class="s1">&#39;contactPerson&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">:</span>
+                <span class="n">types</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s1">&#39;contactPerson&#39;</span><span class="p">]</span>
+                <span class="n">valid_types</span> <span class="o">=</span> <span class="p">[</span><span class="s1">&#39;technical&#39;</span><span class="p">,</span> <span class="s1">&#39;support&#39;</span><span class="p">,</span> <span class="s1">&#39;administrative&#39;</span><span class="p">,</span> <span class="s1">&#39;billing&#39;</span><span class="p">,</span> <span class="s1">&#39;other&#39;</span><span class="p">]</span>
+                <span class="k">for</span> <span class="n">c_type</span> <span class="ow">in</span> <span class="n">types</span><span class="p">:</span>
+                    <span class="k">if</span> <span class="n">c_type</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">valid_types</span><span class="p">:</span>
+                        <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;contact_type_invalid&#39;</span><span class="p">)</span>
+                        <span class="k">break</span>
+
+                <span class="k">for</span> <span class="n">c_type</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">[</span><span class="s1">&#39;contactPerson&#39;</span><span class="p">]:</span>
+                    <span class="n">contact</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s1">&#39;contactPerson&#39;</span><span class="p">][</span><span class="n">c_type</span><span class="p">]</span>
+                    <span class="k">if</span> <span class="p">(</span><span class="s1">&#39;givenName&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">contact</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">contact</span><span class="p">[</span><span class="s1">&#39;givenName&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">)</span> <span class="ow">or</span> \
+                            <span class="p">(</span><span class="s1">&#39;emailAddress&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">contact</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">contact</span><span class="p">[</span><span class="s1">&#39;emailAddress&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">):</span>
+                        <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;contact_not_enought_data&#39;</span><span class="p">)</span>
+                        <span class="k">break</span>
+
+            <span class="k">if</span> <span class="s1">&#39;organization&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">:</span>
+                <span class="k">for</span> <span class="n">org</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">[</span><span class="s1">&#39;organization&#39;</span><span class="p">]:</span>
+                    <span class="n">organization</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s1">&#39;organization&#39;</span><span class="p">][</span><span class="n">org</span><span class="p">]</span>
+                    <span class="k">if</span> <span class="p">(</span><span class="s1">&#39;name&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">organization</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">organization</span><span class="p">[</span><span class="s1">&#39;name&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">)</span> <span class="ow">or</span> \
+                        <span class="p">(</span><span class="s1">&#39;displayname&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">organization</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">organization</span><span class="p">[</span><span class="s1">&#39;displayname&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">)</span> <span class="ow">or</span> \
+                            <span class="p">(</span><span class="s1">&#39;url&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">organization</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">organization</span><span class="p">[</span><span class="s1">&#39;url&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">):</span>
+                        <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;organization_not_enought_data&#39;</span><span class="p">)</span>
+                        <span class="k">break</span>
+        <span class="c1"># Restores the value that had the self._sp</span>
+        <span class="k">if</span> <span class="s1">&#39;old_sp&#39;</span> <span class="ow">in</span> <span class="nb">locals</span><span class="p">():</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span> <span class="o">=</span> <span class="n">old_sp</span>
+
+        <span class="k">return</span> <span class="n">errors</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.check_sp_certs"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_sp_certs">[docs]</a>    <span class="k">def</span> <span class="nf">check_sp_certs</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Checks if the x509 certs of the SP exists and are valid.</span>
+<span class="sd">        :returns: If the x509 certs of the SP exists and are valid</span>
+<span class="sd">        :rtype: boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">key</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_sp_key</span><span class="p">()</span>
+        <span class="n">cert</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_sp_cert</span><span class="p">()</span>
+        <span class="k">return</span> <span class="n">key</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span> <span class="ow">and</span> <span class="n">cert</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_idp_sso_url"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_sso_url">[docs]</a>    <span class="k">def</span> <span class="nf">get_idp_sso_url</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the IdP SSO URL.</span>
+
+<span class="sd">        :returns: An URL, the SSO endpoint of the IdP</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
+        <span class="k">return</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;singleSignOnService&#39;</span><span class="p">][</span><span class="s1">&#39;url&#39;</span><span class="p">]</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_idp_slo_url"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_slo_url">[docs]</a>    <span class="k">def</span> <span class="nf">get_idp_slo_url</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the IdP SLO URL.</span>
+
+<span class="sd">        :returns: An URL, the SLO endpoint of the IdP</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
+        <span class="k">if</span> <span class="s1">&#39;url&#39;</span> <span class="ow">in</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">]:</span>
+            <span class="k">return</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s1">&#39;url&#39;</span><span class="p">]</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_idp_slo_response_url"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_slo_response_url">[docs]</a>    <span class="k">def</span> <span class="nf">get_idp_slo_response_url</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the IdP SLO return URL for IdP-initiated logout.</span>
+
+<span class="sd">        :returns: an URL, the SLO return endpoint of the IdP</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
+        <span class="k">if</span> <span class="s1">&#39;url&#39;</span> <span class="ow">in</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">]:</span>
+            <span class="k">return</span> <span class="n">idp_data</span><span class="p">[</span><span class="s1">&#39;singleLogoutService&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;responseUrl&#39;</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_idp_slo_url</span><span class="p">())</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_sp_key"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_key">[docs]</a>    <span class="k">def</span> <span class="nf">get_sp_key</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the x509 private key of the SP.</span>
+<span class="sd">        :returns: SP private key</span>
+<span class="sd">        :rtype: string or None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">key</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;privateKey&#39;</span><span class="p">)</span>
+        <span class="n">key_file_name</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_paths</span><span class="p">[</span><span class="s1">&#39;cert&#39;</span><span class="p">]</span> <span class="o">+</span> <span class="s1">&#39;sp.key&#39;</span>
+
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">key</span> <span class="ow">and</span> <span class="n">exists</span><span class="p">(</span><span class="n">key_file_name</span><span class="p">):</span>
+            <span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="n">key_file_name</span><span class="p">)</span> <span class="k">as</span> <span class="n">f</span><span class="p">:</span>
+                <span class="n">key</span> <span class="o">=</span> <span class="n">f</span><span class="o">.</span><span class="n">read</span><span class="p">()</span>
+
+        <span class="k">return</span> <span class="n">key</span> <span class="ow">or</span> <span class="kc">None</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_sp_cert"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_cert">[docs]</a>    <span class="k">def</span> <span class="nf">get_sp_cert</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the x509 public cert of the SP.</span>
+<span class="sd">        :returns: SP public cert</span>
+<span class="sd">        :rtype: string or None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">cert</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;x509cert&#39;</span><span class="p">)</span>
+        <span class="n">cert_file_name</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_paths</span><span class="p">[</span><span class="s1">&#39;cert&#39;</span><span class="p">]</span> <span class="o">+</span> <span class="s1">&#39;sp.crt&#39;</span>
+
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">cert</span> <span class="ow">and</span> <span class="n">exists</span><span class="p">(</span><span class="n">cert_file_name</span><span class="p">):</span>
+            <span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="n">cert_file_name</span><span class="p">)</span> <span class="k">as</span> <span class="n">f</span><span class="p">:</span>
+                <span class="n">cert</span> <span class="o">=</span> <span class="n">f</span><span class="o">.</span><span class="n">read</span><span class="p">()</span>
+
+        <span class="k">return</span> <span class="n">cert</span> <span class="ow">or</span> <span class="kc">None</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_sp_cert_new"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_cert_new">[docs]</a>    <span class="k">def</span> <span class="nf">get_sp_cert_new</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the x509 public of the SP planned</span>
+<span class="sd">        to be used soon instead the other public cert</span>
+<span class="sd">        :returns: SP public cert new</span>
+<span class="sd">        :rtype: string or None</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">cert</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;x509certNew&#39;</span><span class="p">)</span>
+        <span class="n">cert_file_name</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_paths</span><span class="p">[</span><span class="s1">&#39;cert&#39;</span><span class="p">]</span> <span class="o">+</span> <span class="s1">&#39;sp_new.crt&#39;</span>
+
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">cert</span> <span class="ow">and</span> <span class="n">exists</span><span class="p">(</span><span class="n">cert_file_name</span><span class="p">):</span>
+            <span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="n">cert_file_name</span><span class="p">)</span> <span class="k">as</span> <span class="n">f</span><span class="p">:</span>
+                <span class="n">cert</span> <span class="o">=</span> <span class="n">f</span><span class="o">.</span><span class="n">read</span><span class="p">()</span>
+
+        <span class="k">return</span> <span class="n">cert</span> <span class="ow">or</span> <span class="kc">None</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_idp_cert"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_cert">[docs]</a>    <span class="k">def</span> <span class="nf">get_idp_cert</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the x509 public cert of the IdP.</span>
+<span class="sd">        :returns: IdP public cert</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">cert</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;x509cert&#39;</span><span class="p">)</span>
+        <span class="n">cert_file_name</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_cert_path</span><span class="p">()</span> <span class="o">+</span> <span class="s1">&#39;idp.crt&#39;</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">cert</span> <span class="ow">and</span> <span class="n">exists</span><span class="p">(</span><span class="n">cert_file_name</span><span class="p">):</span>
+            <span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="n">cert_file_name</span><span class="p">)</span> <span class="k">as</span> <span class="n">f</span><span class="p">:</span>
+                <span class="n">cert</span> <span class="o">=</span> <span class="n">f</span><span class="o">.</span><span class="n">read</span><span class="p">()</span>
+        <span class="k">return</span> <span class="n">cert</span> <span class="ow">or</span> <span class="kc">None</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_idp_data"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_data">[docs]</a>    <span class="k">def</span> <span class="nf">get_idp_data</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the IdP data.</span>
+
+<span class="sd">        :returns: IdP info</span>
+<span class="sd">        :rtype: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_sp_data"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_data">[docs]</a>    <span class="k">def</span> <span class="nf">get_sp_data</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the SP data.</span>
+
+<span class="sd">        :returns: SP info</span>
+<span class="sd">        :rtype: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_security_data"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_security_data">[docs]</a>    <span class="k">def</span> <span class="nf">get_security_data</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets security data.</span>
+
+<span class="sd">        :returns: Security info</span>
+<span class="sd">        :rtype: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_security</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_contacts"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_contacts">[docs]</a>    <span class="k">def</span> <span class="nf">get_contacts</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets contact data.</span>
+
+<span class="sd">        :returns: Contacts info</span>
+<span class="sd">        :rtype: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_contacts</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_organization"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_organization">[docs]</a>    <span class="k">def</span> <span class="nf">get_organization</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets organization data.</span>
+
+<span class="sd">        :returns: Organization info</span>
+<span class="sd">        :rtype: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_organization</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_sp_metadata"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_metadata">[docs]</a>    <span class="k">def</span> <span class="nf">get_sp_metadata</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets the SP metadata. The XML representation.</span>
+<span class="sd">        :returns: SP metadata (xml)</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">metadata</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">metadata_class</span><span class="o">.</span><span class="n">builder</span><span class="p">(</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;authnRequestsSigned&#39;</span><span class="p">],</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;wantAssertionsSigned&#39;</span><span class="p">],</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;metadataValidUntil&#39;</span><span class="p">],</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;metadataCacheDuration&#39;</span><span class="p">],</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">get_contacts</span><span class="p">(),</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_organization</span><span class="p">()</span>
+        <span class="p">)</span>
+
+        <span class="n">add_encryption</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;wantNameIdEncrypted&#39;</span><span class="p">]</span> <span class="ow">or</span> <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;wantAssertionsEncrypted&#39;</span><span class="p">]</span>
+
+        <span class="n">cert_new</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_sp_cert_new</span><span class="p">()</span>
+        <span class="n">metadata</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">metadata_class</span><span class="o">.</span><span class="n">add_x509_key_descriptors</span><span class="p">(</span><span class="n">metadata</span><span class="p">,</span> <span class="n">cert_new</span><span class="p">,</span> <span class="n">add_encryption</span><span class="p">)</span>
+
+        <span class="n">cert</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_sp_cert</span><span class="p">()</span>
+        <span class="n">metadata</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">metadata_class</span><span class="o">.</span><span class="n">add_x509_key_descriptors</span><span class="p">(</span><span class="n">metadata</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="n">add_encryption</span><span class="p">)</span>
+
+        <span class="c1"># Sign metadata</span>
+        <span class="k">if</span> <span class="s1">&#39;signMetadata&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_security</span> <span class="ow">and</span> <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;signMetadata&#39;</span><span class="p">]</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">False</span><span class="p">:</span>
+            <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;signMetadata&#39;</span><span class="p">]</span> <span class="ow">is</span> <span class="kc">True</span><span class="p">:</span>
+                <span class="c1"># Use the SP&#39;s normal key to sign the metadata:</span>
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">cert</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                        <span class="s1">&#39;Cannot sign metadata: missing SP public key certificate.&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">PUBLIC_CERT_FILE_NOT_FOUND</span>
+                    <span class="p">)</span>
+                <span class="n">cert_metadata</span> <span class="o">=</span> <span class="n">cert</span>
+                <span class="n">key_metadata</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_sp_key</span><span class="p">()</span>
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">key_metadata</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                        <span class="s1">&#39;Cannot sign metadata: missing SP private key.&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">PRIVATE_KEY_FILE_NOT_FOUND</span>
+                    <span class="p">)</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="c1"># Use a custom key to sign the metadata:</span>
+                <span class="k">if</span> <span class="p">(</span><span class="s1">&#39;keyFileName&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;signMetadata&#39;</span><span class="p">]</span> <span class="ow">or</span>
+                        <span class="s1">&#39;certFileName&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;signMetadata&#39;</span><span class="p">]):</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                        <span class="s1">&#39;Invalid Setting: signMetadata value of the sp is not valid&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SETTINGS_INVALID_SYNTAX</span>
+                    <span class="p">)</span>
+                <span class="n">key_file_name</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;signMetadata&#39;</span><span class="p">][</span><span class="s1">&#39;keyFileName&#39;</span><span class="p">]</span>
+                <span class="n">cert_file_name</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;signMetadata&#39;</span><span class="p">][</span><span class="s1">&#39;certFileName&#39;</span><span class="p">]</span>
+                <span class="n">key_metadata_file</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_paths</span><span class="p">[</span><span class="s1">&#39;cert&#39;</span><span class="p">]</span> <span class="o">+</span> <span class="n">key_file_name</span>
+                <span class="n">cert_metadata_file</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_paths</span><span class="p">[</span><span class="s1">&#39;cert&#39;</span><span class="p">]</span> <span class="o">+</span> <span class="n">cert_file_name</span>
+
+                <span class="k">try</span><span class="p">:</span>
+                    <span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="n">key_metadata_file</span><span class="p">,</span> <span class="s1">&#39;r&#39;</span><span class="p">)</span> <span class="k">as</span> <span class="n">f_metadata_key</span><span class="p">:</span>
+                        <span class="n">key_metadata</span> <span class="o">=</span> <span class="n">f_metadata_key</span><span class="o">.</span><span class="n">read</span><span class="p">()</span>
+                <span class="k">except</span> <span class="ne">IOError</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                        <span class="s1">&#39;Private key file not readable: </span><span class="si">%s</span><span class="s1">&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">PRIVATE_KEY_FILE_NOT_FOUND</span><span class="p">,</span>
+                        <span class="n">key_metadata_file</span>
+                    <span class="p">)</span>
+
+                <span class="k">try</span><span class="p">:</span>
+                    <span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="n">cert_metadata_file</span><span class="p">,</span> <span class="s1">&#39;r&#39;</span><span class="p">)</span> <span class="k">as</span> <span class="n">f_metadata_cert</span><span class="p">:</span>
+                        <span class="n">cert_metadata</span> <span class="o">=</span> <span class="n">f_metadata_cert</span><span class="o">.</span><span class="n">read</span><span class="p">()</span>
+                <span class="k">except</span> <span class="ne">IOError</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                        <span class="s1">&#39;Public cert file not readable: </span><span class="si">%s</span><span class="s1">&#39;</span><span class="p">,</span>
+                        <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">PUBLIC_CERT_FILE_NOT_FOUND</span><span class="p">,</span>
+                        <span class="n">cert_metadata_file</span>
+                    <span class="p">)</span>
+
+            <span class="n">signature_algorithm</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;signatureAlgorithm&#39;</span><span class="p">]</span>
+            <span class="n">digest_algorithm</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">_security</span><span class="p">[</span><span class="s1">&#39;digestAlgorithm&#39;</span><span class="p">]</span>
+
+            <span class="n">metadata</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">metadata_class</span><span class="o">.</span><span class="n">sign_metadata</span><span class="p">(</span><span class="n">metadata</span><span class="p">,</span> <span class="n">key_metadata</span><span class="p">,</span> <span class="n">cert_metadata</span><span class="p">,</span> <span class="n">signature_algorithm</span><span class="p">,</span> <span class="n">digest_algorithm</span><span class="p">)</span>
+
+        <span class="k">return</span> <span class="n">metadata</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.validate_metadata"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.validate_metadata">[docs]</a>    <span class="k">def</span> <span class="nf">validate_metadata</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">xml</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Validates an XML SP Metadata.</span>
+
+<span class="sd">        :param xml: Metadata&#39;s XML that will be validate</span>
+<span class="sd">        :type xml: string</span>
+
+<span class="sd">        :returns: The list of found errors</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">compat</span><span class="o">.</span><span class="n">text_types</span><span class="p">)</span>
+
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">xml</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s1">&#39;Empty string supplied as input&#39;</span><span class="p">)</span>
+
+        <span class="n">errors</span> <span class="o">=</span> <span class="p">[]</span>
+        <span class="n">root</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">validate_xml</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="s1">&#39;saml-schema-metadata-2.0.xsd&#39;</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">_debug</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">root</span><span class="p">,</span> <span class="nb">str</span><span class="p">):</span>
+            <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">root</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">if</span> <span class="n">root</span><span class="o">.</span><span class="n">tag</span> <span class="o">!=</span> <span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}EntityDescriptor&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_MD</span><span class="p">:</span>
+                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;noEntityDescriptor_xml&#39;</span><span class="p">)</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="k">if</span> <span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="n">root</span><span class="o">.</span><span class="n">findall</span><span class="p">(</span><span class="s1">&#39;.//md:SPSSODescriptor&#39;</span><span class="p">,</span> <span class="n">namespaces</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NSMAP</span><span class="p">)))</span> <span class="o">!=</span> <span class="mi">1</span><span class="p">:</span>
+                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;onlySPSSODescriptor_allowed_xml&#39;</span><span class="p">)</span>
+                <span class="k">else</span><span class="p">:</span>
+                    <span class="n">valid_until</span><span class="p">,</span> <span class="n">cache_duration</span> <span class="o">=</span> <span class="n">root</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;validUntil&#39;</span><span class="p">),</span> <span class="n">root</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;cacheDuration&#39;</span><span class="p">)</span>
+
+                    <span class="k">if</span> <span class="n">valid_until</span><span class="p">:</span>
+                        <span class="n">valid_until</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">valid_until</span><span class="p">)</span>
+                    <span class="n">expire_time</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_expire_time</span><span class="p">(</span><span class="n">cache_duration</span><span class="p">,</span> <span class="n">valid_until</span><span class="p">)</span>
+                    <span class="k">if</span> <span class="n">expire_time</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span> <span class="ow">and</span> <span class="nb">int</span><span class="p">(</span><span class="n">time</span><span class="p">())</span> <span class="o">&gt;</span> <span class="nb">int</span><span class="p">(</span><span class="n">expire_time</span><span class="p">):</span>
+                        <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s1">&#39;expired_xml&#39;</span><span class="p">)</span>
+
+        <span class="c1"># TODO: Validate Sign</span>
+
+        <span class="k">return</span> <span class="n">errors</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.format_idp_cert"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_idp_cert">[docs]</a>    <span class="k">def</span> <span class="nf">format_idp_cert</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Formats the IdP cert.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="p">[</span><span class="s1">&#39;x509cert&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">format_cert</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="p">[</span><span class="s1">&#39;x509cert&#39;</span><span class="p">])</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.format_idp_cert_multi"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_idp_cert_multi">[docs]</a>    <span class="k">def</span> <span class="nf">format_idp_cert_multi</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Formats the Multple IdP certs.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="s1">&#39;x509certMulti&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="p">:</span>
+            <span class="k">if</span> <span class="s1">&#39;signing&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">]:</span>
+                <span class="k">for</span> <span class="n">idx</span> <span class="ow">in</span> <span class="nb">range</span><span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;signing&#39;</span><span class="p">])):</span>
+                    <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;signing&#39;</span><span class="p">][</span><span class="n">idx</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">format_cert</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;signing&#39;</span><span class="p">][</span><span class="n">idx</span><span class="p">])</span>
+
+            <span class="k">if</span> <span class="s1">&#39;encryption&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">]:</span>
+                <span class="k">for</span> <span class="n">idx</span> <span class="ow">in</span> <span class="nb">range</span><span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;encryption&#39;</span><span class="p">])):</span>
+                    <span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;encryption&#39;</span><span class="p">][</span><span class="n">idx</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">format_cert</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_idp</span><span class="p">[</span><span class="s1">&#39;x509certMulti&#39;</span><span class="p">][</span><span class="s1">&#39;encryption&#39;</span><span class="p">][</span><span class="n">idx</span><span class="p">])</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.format_sp_cert"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_cert">[docs]</a>    <span class="k">def</span> <span class="nf">format_sp_cert</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Formats the SP cert.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="p">[</span><span class="s1">&#39;x509cert&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">format_cert</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="p">[</span><span class="s1">&#39;x509cert&#39;</span><span class="p">])</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.format_sp_cert_new"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_cert_new">[docs]</a>    <span class="k">def</span> <span class="nf">format_sp_cert_new</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Formats the SP cert.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="p">[</span><span class="s1">&#39;x509certNew&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">format_cert</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="p">[</span><span class="s1">&#39;x509certNew&#39;</span><span class="p">])</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.format_sp_key"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_key">[docs]</a>    <span class="k">def</span> <span class="nf">format_sp_key</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Formats the private key.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="p">[</span><span class="s1">&#39;privateKey&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">format_private_key</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_sp</span><span class="p">[</span><span class="s1">&#39;privateKey&#39;</span><span class="p">])</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_errors"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_errors">[docs]</a>    <span class="k">def</span> <span class="nf">get_errors</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns an array with the errors, the array is empty when the settings is ok.</span>
+
+<span class="sd">        :returns: Errors</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_errors</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.set_strict"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.set_strict">[docs]</a>    <span class="k">def</span> <span class="nf">set_strict</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Activates or deactivates the strict mode.</span>
+
+<span class="sd">        :param value: Strict parameter</span>
+<span class="sd">        :type value: boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">value</span><span class="p">,</span> <span class="nb">bool</span><span class="p">)</span>
+
+        <span class="bp">self</span><span class="o">.</span><span class="n">_strict</span> <span class="o">=</span> <span class="n">value</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.is_strict"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.is_strict">[docs]</a>    <span class="k">def</span> <span class="nf">is_strict</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns if the &#39;strict&#39; mode is active.</span>
+
+<span class="sd">        :returns: Strict parameter</span>
+<span class="sd">        :rtype: boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_strict</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Settings.is_debug_active"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.is_debug_active">[docs]</a>    <span class="k">def</span> <span class="nf">is_debug_active</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns if the debug is active.</span>
+
+<span class="sd">        :returns: Debug parameter</span>
+<span class="sd">        :rtype: boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_debug</span></div>
+
+    <span class="k">def</span> <span class="nf">_get_allow_single_label_domain</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">):</span>
+        <span class="n">security</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;security&#39;</span><span class="p">,</span> <span class="p">{})</span>
+        <span class="k">return</span> <span class="s1">&#39;allowSingleLabelDomains&#39;</span> <span class="ow">in</span> <span class="n">security</span><span class="o">.</span><span class="n">keys</span><span class="p">()</span> <span class="ow">and</span> <span class="n">security</span><span class="p">[</span><span class="s1">&#39;allowSingleLabelDomains&#39;</span><span class="p">]</span></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/utils.html b/docs/saml2/_modules/onelogin/saml2/utils.html
new file mode 100644
index 00000000..623a06f6
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/utils.html
@@ -0,0 +1,1173 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.utils &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.utils</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.utils</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; OneLogin_Saml2_Utils class</span>
+
+
+<span class="sd">Auxiliary class of SAML Python Toolkit.</span>
+
+<span class="sd">&quot;&quot;&quot;</span>
+
+<span class="kn">import</span> <span class="nn">base64</span>
+<span class="kn">import</span> <span class="nn">warnings</span>
+<span class="kn">from</span> <span class="nn">copy</span> <span class="kn">import</span> <span class="n">deepcopy</span>
+<span class="kn">import</span> <span class="nn">calendar</span>
+<span class="kn">from</span> <span class="nn">datetime</span> <span class="kn">import</span> <span class="n">datetime</span>
+<span class="kn">from</span> <span class="nn">hashlib</span> <span class="kn">import</span> <span class="n">sha1</span><span class="p">,</span> <span class="n">sha256</span><span class="p">,</span> <span class="n">sha384</span><span class="p">,</span> <span class="n">sha512</span>
+<span class="kn">from</span> <span class="nn">isodate</span> <span class="kn">import</span> <span class="n">parse_duration</span> <span class="k">as</span> <span class="n">duration_parser</span>
+<span class="kn">import</span> <span class="nn">re</span>
+<span class="kn">from</span> <span class="nn">textwrap</span> <span class="kn">import</span> <span class="n">wrap</span>
+<span class="kn">from</span> <span class="nn">functools</span> <span class="kn">import</span> <span class="n">wraps</span>
+<span class="kn">from</span> <span class="nn">uuid</span> <span class="kn">import</span> <span class="n">uuid4</span>
+<span class="kn">from</span> <span class="nn">xml.dom.minidom</span> <span class="kn">import</span> <span class="n">Element</span>
+<span class="kn">import</span> <span class="nn">zlib</span>
+<span class="kn">import</span> <span class="nn">xmlsec</span>
+
+<span class="kn">from</span> <span class="nn">onelogin.saml2</span> <span class="kn">import</span> <span class="n">compat</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.errors</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">,</span> <span class="n">OneLogin_Saml2_ValidationError</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.xml_utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_XML</span>
+
+
+<span class="k">try</span><span class="p">:</span>
+    <span class="kn">from</span> <span class="nn">urllib.parse</span> <span class="kn">import</span> <span class="n">quote_plus</span><span class="p">,</span> <span class="n">urlsplit</span><span class="p">,</span> <span class="n">urlunsplit</span>  <span class="c1"># py3</span>
+<span class="k">except</span> <span class="ne">ImportError</span><span class="p">:</span>
+    <span class="kn">from</span> <span class="nn">urlparse</span> <span class="kn">import</span> <span class="n">urlsplit</span><span class="p">,</span> <span class="n">urlunsplit</span>
+    <span class="kn">from</span> <span class="nn">urllib</span> <span class="kn">import</span> <span class="n">quote_plus</span>  <span class="c1"># py2</span>
+
+
+<div class="viewcode-block" id="return_false_on_exception"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.return_false_on_exception">[docs]</a><span class="k">def</span> <span class="nf">return_false_on_exception</span><span class="p">(</span><span class="n">func</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">    Decorator. When applied to a function, it will, by default, suppress any exceptions</span>
+<span class="sd">    raised by that function and return False. It may be overridden by passing a</span>
+<span class="sd">    &quot;raise_exceptions&quot; keyword argument when calling the wrapped function.</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+    <span class="nd">@wraps</span><span class="p">(</span><span class="n">func</span><span class="p">)</span>
+    <span class="k">def</span> <span class="nf">exceptfalse</span><span class="p">(</span><span class="o">*</span><span class="n">args</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">):</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">kwargs</span><span class="o">.</span><span class="n">pop</span><span class="p">(</span><span class="s1">&#39;raise_exceptions&#39;</span><span class="p">,</span> <span class="kc">False</span><span class="p">):</span>
+            <span class="k">try</span><span class="p">:</span>
+                <span class="k">return</span> <span class="n">func</span><span class="p">(</span><span class="o">*</span><span class="n">args</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">)</span>
+            <span class="k">except</span> <span class="ne">Exception</span><span class="p">:</span>
+                <span class="k">return</span> <span class="kc">False</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">return</span> <span class="n">func</span><span class="p">(</span><span class="o">*</span><span class="n">args</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">)</span>
+    <span class="k">return</span> <span class="n">exceptfalse</span></div>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Utils</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+
+<span class="sd">    Auxiliary class that contains several utility methods to parse time,</span>
+<span class="sd">    urls, add sign, encrypt, decrypt, sign validation, handle xml ...</span>
+
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="n">RESPONSE_SIGNATURE_XPATH</span> <span class="o">=</span> <span class="s1">&#39;/samlp:Response/ds:Signature&#39;</span>
+    <span class="n">ASSERTION_SIGNATURE_XPATH</span> <span class="o">=</span> <span class="s1">&#39;/samlp:Response/saml:Assertion/ds:Signature&#39;</span>
+
+    <span class="n">TIME_FORMAT</span> <span class="o">=</span> <span class="s2">&quot;%Y-%m-</span><span class="si">%d</span><span class="s2">T%H:%M:%SZ&quot;</span>
+    <span class="n">TIME_FORMAT_2</span> <span class="o">=</span> <span class="s2">&quot;%Y-%m-</span><span class="si">%d</span><span class="s2">T%H:%M:%S.</span><span class="si">%f</span><span class="s2">Z&quot;</span>
+    <span class="n">TIME_FORMAT_WITH_FRAGMENT</span> <span class="o">=</span> <span class="n">re</span><span class="o">.</span><span class="n">compile</span><span class="p">(</span><span class="sa">r</span><span class="s1">&#39;^(\d{4,4}-\d{2,2}-\d{2,2}T\d{2,2}:\d{2,2}:\d{2,2})(\.\d*)?Z?$&#39;</span><span class="p">)</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.escape_url"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.escape_url">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">escape_url</span><span class="p">(</span><span class="n">url</span><span class="p">,</span> <span class="n">lowercase_urlencoding</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        escape the non-safe symbols in url</span>
+<span class="sd">        The encoding used by ADFS 3.0 is not compatible with</span>
+<span class="sd">        python&#39;s quote_plus (ADFS produces lower case hex numbers and quote_plus produces</span>
+<span class="sd">        upper case hex numbers)</span>
+<span class="sd">        :param url: the url to escape</span>
+<span class="sd">        :type url: str</span>
+
+<span class="sd">        :param lowercase_urlencoding: lowercase or no</span>
+<span class="sd">        :type lowercase_urlencoding: boolean</span>
+
+<span class="sd">        :return: the escaped url</span>
+<span class="sd">        :rtype str</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">encoded</span> <span class="o">=</span> <span class="n">quote_plus</span><span class="p">(</span><span class="n">url</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">re</span><span class="o">.</span><span class="n">sub</span><span class="p">(</span><span class="sa">r</span><span class="s2">&quot;%[A-F0-9]</span><span class="si">{2}</span><span class="s2">&quot;</span><span class="p">,</span> <span class="k">lambda</span> <span class="n">m</span><span class="p">:</span> <span class="n">m</span><span class="o">.</span><span class="n">group</span><span class="p">(</span><span class="mi">0</span><span class="p">)</span><span class="o">.</span><span class="n">lower</span><span class="p">(),</span> <span class="n">encoded</span><span class="p">)</span> <span class="k">if</span> <span class="n">lowercase_urlencoding</span> <span class="k">else</span> <span class="n">encoded</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.b64encode"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.b64encode">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">b64encode</span><span class="p">(</span><span class="n">data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;base64 encode&quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="n">compat</span><span class="o">.</span><span class="n">to_string</span><span class="p">(</span><span class="n">base64</span><span class="o">.</span><span class="n">b64encode</span><span class="p">(</span><span class="n">compat</span><span class="o">.</span><span class="n">to_bytes</span><span class="p">(</span><span class="n">data</span><span class="p">)))</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.b64decode"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.b64decode">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">b64decode</span><span class="p">(</span><span class="n">data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;base64 decode&quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="n">base64</span><span class="o">.</span><span class="n">b64decode</span><span class="p">(</span><span class="n">data</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.decode_base64_and_inflate"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.decode_base64_and_inflate">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">decode_base64_and_inflate</span><span class="p">(</span><span class="n">value</span><span class="p">,</span> <span class="n">ignore_zip</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        base64 decodes and then inflates according to RFC1951</span>
+<span class="sd">        :param value: a deflated and encoded string</span>
+<span class="sd">        :type value: string</span>
+<span class="sd">        :param ignore_zip: ignore zip errors</span>
+<span class="sd">        :returns: the string after decoding and inflating</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">encoded</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">b64decode</span><span class="p">(</span><span class="n">value</span><span class="p">)</span>
+        <span class="k">try</span><span class="p">:</span>
+            <span class="k">return</span> <span class="n">zlib</span><span class="o">.</span><span class="n">decompress</span><span class="p">(</span><span class="n">encoded</span><span class="p">,</span> <span class="o">-</span><span class="mi">15</span><span class="p">)</span>
+        <span class="k">except</span> <span class="n">zlib</span><span class="o">.</span><span class="n">error</span><span class="p">:</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="n">ignore_zip</span><span class="p">:</span>
+                <span class="k">raise</span>
+        <span class="k">return</span> <span class="n">encoded</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.deflate_and_base64_encode"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.deflate_and_base64_encode">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">deflate_and_base64_encode</span><span class="p">(</span><span class="n">value</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Deflates and then base64 encodes a string</span>
+<span class="sd">        :param value: The string to deflate and encode</span>
+<span class="sd">        :type value: string</span>
+<span class="sd">        :returns: The deflated and encoded string</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">b64encode</span><span class="p">(</span><span class="n">zlib</span><span class="o">.</span><span class="n">compress</span><span class="p">(</span><span class="n">compat</span><span class="o">.</span><span class="n">to_bytes</span><span class="p">(</span><span class="n">value</span><span class="p">))[</span><span class="mi">2</span><span class="p">:</span><span class="o">-</span><span class="mi">4</span><span class="p">])</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.format_cert"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.format_cert">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">format_cert</span><span class="p">(</span><span class="n">cert</span><span class="p">,</span> <span class="n">heads</span><span class="o">=</span><span class="kc">True</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns a x509 cert (adding header &amp; footer if required).</span>
+
+<span class="sd">        :param cert: A x509 unformatted cert</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param heads: True if we want to include head and footer</span>
+<span class="sd">        :type: boolean</span>
+
+<span class="sd">        :returns: Formatted cert</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">x509_cert</span> <span class="o">=</span> <span class="n">cert</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39;</span><span class="se">\x0D</span><span class="s1">&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+        <span class="n">x509_cert</span> <span class="o">=</span> <span class="n">x509_cert</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39;</span><span class="se">\r</span><span class="s1">&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+        <span class="n">x509_cert</span> <span class="o">=</span> <span class="n">x509_cert</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39;</span><span class="se">\n</span><span class="s1">&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">x509_cert</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="n">x509_cert</span> <span class="o">=</span> <span class="n">x509_cert</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39;-----BEGIN CERTIFICATE-----&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+            <span class="n">x509_cert</span> <span class="o">=</span> <span class="n">x509_cert</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39;-----END CERTIFICATE-----&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+            <span class="n">x509_cert</span> <span class="o">=</span> <span class="n">x509_cert</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39; &#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+
+            <span class="k">if</span> <span class="n">heads</span><span class="p">:</span>
+                <span class="n">x509_cert</span> <span class="o">=</span> <span class="s2">&quot;-----BEGIN CERTIFICATE-----</span><span class="se">\n</span><span class="s2">&quot;</span> <span class="o">+</span> <span class="s2">&quot;</span><span class="se">\n</span><span class="s2">&quot;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">wrap</span><span class="p">(</span><span class="n">x509_cert</span><span class="p">,</span> <span class="mi">64</span><span class="p">))</span> <span class="o">+</span> <span class="s2">&quot;</span><span class="se">\n</span><span class="s2">-----END CERTIFICATE-----</span><span class="se">\n</span><span class="s2">&quot;</span>
+
+        <span class="k">return</span> <span class="n">x509_cert</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.format_private_key"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.format_private_key">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">format_private_key</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="n">heads</span><span class="o">=</span><span class="kc">True</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns a private key (adding header &amp; footer if required).</span>
+
+<span class="sd">        :param key A private key</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param heads: True if we want to include head and footer</span>
+<span class="sd">        :type: boolean</span>
+
+<span class="sd">        :returns: Formated private key</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">private_key</span> <span class="o">=</span> <span class="n">key</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39;</span><span class="se">\x0D</span><span class="s1">&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+        <span class="n">private_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39;</span><span class="se">\r</span><span class="s1">&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+        <span class="n">private_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39;</span><span class="se">\n</span><span class="s1">&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">private_key</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="k">if</span> <span class="n">private_key</span><span class="o">.</span><span class="n">find</span><span class="p">(</span><span class="s1">&#39;-----BEGIN PRIVATE KEY-----&#39;</span><span class="p">)</span> <span class="o">!=</span> <span class="o">-</span><span class="mi">1</span><span class="p">:</span>
+                <span class="n">private_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39;-----BEGIN PRIVATE KEY-----&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+                <span class="n">private_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39;-----END PRIVATE KEY-----&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+                <span class="n">private_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39; &#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">heads</span><span class="p">:</span>
+                    <span class="n">private_key</span> <span class="o">=</span> <span class="s2">&quot;-----BEGIN PRIVATE KEY-----</span><span class="se">\n</span><span class="s2">&quot;</span> <span class="o">+</span> <span class="s2">&quot;</span><span class="se">\n</span><span class="s2">&quot;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">wrap</span><span class="p">(</span><span class="n">private_key</span><span class="p">,</span> <span class="mi">64</span><span class="p">))</span> <span class="o">+</span> <span class="s2">&quot;</span><span class="se">\n</span><span class="s2">-----END PRIVATE KEY-----</span><span class="se">\n</span><span class="s2">&quot;</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">private_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39;-----BEGIN RSA PRIVATE KEY-----&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+                <span class="n">private_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39;-----END RSA PRIVATE KEY-----&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+                <span class="n">private_key</span> <span class="o">=</span> <span class="n">private_key</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39; &#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">heads</span><span class="p">:</span>
+                    <span class="n">private_key</span> <span class="o">=</span> <span class="s2">&quot;-----BEGIN RSA PRIVATE KEY-----</span><span class="se">\n</span><span class="s2">&quot;</span> <span class="o">+</span> <span class="s2">&quot;</span><span class="se">\n</span><span class="s2">&quot;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">wrap</span><span class="p">(</span><span class="n">private_key</span><span class="p">,</span> <span class="mi">64</span><span class="p">))</span> <span class="o">+</span> <span class="s2">&quot;</span><span class="se">\n</span><span class="s2">-----END RSA PRIVATE KEY-----</span><span class="se">\n</span><span class="s2">&quot;</span>
+        <span class="k">return</span> <span class="n">private_key</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.redirect"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.redirect">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">redirect</span><span class="p">(</span><span class="n">url</span><span class="p">,</span> <span class="n">parameters</span><span class="o">=</span><span class="p">{},</span> <span class="n">request_data</span><span class="o">=</span><span class="p">{}):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Executes a redirection to the provided url (or return the target url).</span>
+
+<span class="sd">        :param url: The target url</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param parameters: Extra parameters to be passed as part of the url</span>
+<span class="sd">        :type: dict</span>
+
+<span class="sd">        :param request_data: The request as a dict</span>
+<span class="sd">        :type: dict</span>
+
+<span class="sd">        :returns: Url</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">url</span><span class="p">,</span> <span class="n">compat</span><span class="o">.</span><span class="n">str_type</span><span class="p">)</span>
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">parameters</span><span class="p">,</span> <span class="nb">dict</span><span class="p">)</span>
+
+        <span class="k">if</span> <span class="n">url</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="s1">&#39;/&#39;</span><span class="p">):</span>
+            <span class="n">url</span> <span class="o">=</span> <span class="s1">&#39;</span><span class="si">%s%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_host</span><span class="p">(</span><span class="n">request_data</span><span class="p">),</span> <span class="n">url</span><span class="p">)</span>
+
+        <span class="c1"># Verify that the URL is to a http or https site.</span>
+        <span class="k">if</span> <span class="n">re</span><span class="o">.</span><span class="n">search</span><span class="p">(</span><span class="s1">&#39;^https?://&#39;</span><span class="p">,</span> <span class="n">url</span><span class="p">,</span> <span class="n">flags</span><span class="o">=</span><span class="n">re</span><span class="o">.</span><span class="n">IGNORECASE</span><span class="p">)</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                <span class="s1">&#39;Redirect to invalid URL: &#39;</span> <span class="o">+</span> <span class="n">url</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">REDIRECT_INVALID_URL</span>
+            <span class="p">)</span>
+
+        <span class="c1"># Add encoded parameters</span>
+        <span class="k">if</span> <span class="n">url</span><span class="o">.</span><span class="n">find</span><span class="p">(</span><span class="s1">&#39;?&#39;</span><span class="p">)</span> <span class="o">&lt;</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="n">param_prefix</span> <span class="o">=</span> <span class="s1">&#39;?&#39;</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">param_prefix</span> <span class="o">=</span> <span class="s1">&#39;&amp;&#39;</span>
+
+        <span class="k">for</span> <span class="n">name</span><span class="p">,</span> <span class="n">value</span> <span class="ow">in</span> <span class="n">parameters</span><span class="o">.</span><span class="n">items</span><span class="p">():</span>
+
+            <span class="k">if</span> <span class="n">value</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+                <span class="n">param</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">escape_url</span><span class="p">(</span><span class="n">name</span><span class="p">)</span>
+            <span class="k">elif</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">value</span><span class="p">,</span> <span class="nb">list</span><span class="p">):</span>
+                <span class="n">param</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+                <span class="k">for</span> <span class="n">val</span> <span class="ow">in</span> <span class="n">value</span><span class="p">:</span>
+                    <span class="n">param</span> <span class="o">+=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">escape_url</span><span class="p">(</span><span class="n">name</span><span class="p">)</span> <span class="o">+</span> <span class="s1">&#39;[]=&#39;</span> <span class="o">+</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">escape_url</span><span class="p">(</span><span class="n">val</span><span class="p">)</span> <span class="o">+</span> <span class="s1">&#39;&amp;&#39;</span>
+                <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">param</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+                    <span class="n">param</span> <span class="o">=</span> <span class="n">param</span><span class="p">[</span><span class="mi">0</span><span class="p">:</span><span class="o">-</span><span class="mi">1</span><span class="p">]</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">param</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">escape_url</span><span class="p">(</span><span class="n">name</span><span class="p">)</span> <span class="o">+</span> <span class="s1">&#39;=&#39;</span> <span class="o">+</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">escape_url</span><span class="p">(</span><span class="n">value</span><span class="p">)</span>
+
+            <span class="k">if</span> <span class="n">param</span><span class="p">:</span>
+                <span class="n">url</span> <span class="o">+=</span> <span class="n">param_prefix</span> <span class="o">+</span> <span class="n">param</span>
+                <span class="n">param_prefix</span> <span class="o">=</span> <span class="s1">&#39;&amp;&#39;</span>
+
+        <span class="k">return</span> <span class="n">url</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.get_self_url_host"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_host">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">get_self_url_host</span><span class="p">(</span><span class="n">request_data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the protocol + the current host + the port (if different than</span>
+<span class="sd">        common ports).</span>
+
+<span class="sd">        :param request_data: The request as a dict</span>
+<span class="sd">        :type: dict</span>
+
+<span class="sd">        :return: Url</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">current_host</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_host</span><span class="p">(</span><span class="n">request_data</span><span class="p">)</span>
+        <span class="n">protocol</span> <span class="o">=</span> <span class="s1">&#39;https&#39;</span> <span class="k">if</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">is_https</span><span class="p">(</span><span class="n">request_data</span><span class="p">)</span> <span class="k">else</span> <span class="s1">&#39;http&#39;</span>
+
+        <span class="k">if</span> <span class="n">request_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;server_port&#39;</span><span class="p">)</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">warnings</span><span class="o">.</span><span class="n">warn</span><span class="p">(</span>
+                <span class="s1">&#39;The server_port key in request data is deprecated. &#39;</span>
+                <span class="s1">&#39;The http_host key should include a port, if required.&#39;</span><span class="p">,</span>
+                <span class="n">category</span><span class="o">=</span><span class="ne">DeprecationWarning</span><span class="p">,</span>
+            <span class="p">)</span>
+            <span class="n">port_suffix</span> <span class="o">=</span> <span class="s1">&#39;:</span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;server_port&#39;</span><span class="p">]</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="n">current_host</span><span class="o">.</span><span class="n">endswith</span><span class="p">(</span><span class="n">port_suffix</span><span class="p">):</span>
+                <span class="k">if</span> <span class="ow">not</span> <span class="p">((</span><span class="n">protocol</span> <span class="o">==</span> <span class="s1">&#39;https&#39;</span> <span class="ow">and</span> <span class="n">port_suffix</span> <span class="o">==</span> <span class="s1">&#39;:443&#39;</span><span class="p">)</span> <span class="ow">or</span> <span class="p">(</span><span class="n">protocol</span> <span class="o">==</span> <span class="s1">&#39;http&#39;</span> <span class="ow">and</span> <span class="n">port_suffix</span> <span class="o">==</span> <span class="s1">&#39;:80&#39;</span><span class="p">)):</span>
+                    <span class="n">current_host</span> <span class="o">+=</span> <span class="n">port_suffix</span>
+
+        <span class="k">return</span> <span class="s1">&#39;</span><span class="si">%s</span><span class="s1">://</span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">protocol</span><span class="p">,</span> <span class="n">current_host</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.get_self_host"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_host">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">get_self_host</span><span class="p">(</span><span class="n">request_data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the current host (which may include a port number part).</span>
+
+<span class="sd">        :param request_data: The request as a dict</span>
+<span class="sd">        :type: dict</span>
+
+<span class="sd">        :return: The current host</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="s1">&#39;http_host&#39;</span> <span class="ow">in</span> <span class="n">request_data</span><span class="p">:</span>
+            <span class="k">return</span> <span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;http_host&#39;</span><span class="p">]</span>
+        <span class="k">elif</span> <span class="s1">&#39;server_name&#39;</span> <span class="ow">in</span> <span class="n">request_data</span><span class="p">:</span>
+            <span class="n">warnings</span><span class="o">.</span><span class="n">warn</span><span class="p">(</span><span class="s2">&quot;The server_name key in request data is undocumented &amp; deprecated.&quot;</span><span class="p">,</span> <span class="n">category</span><span class="o">=</span><span class="ne">DeprecationWarning</span><span class="p">)</span>
+            <span class="k">return</span> <span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;server_name&#39;</span><span class="p">]</span>
+        <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s1">&#39;No hostname defined&#39;</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.is_https"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.is_https">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">is_https</span><span class="p">(</span><span class="n">request_data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Checks if https or http.</span>
+
+<span class="sd">        :param request_data: The request as a dict</span>
+<span class="sd">        :type: dict</span>
+
+<span class="sd">        :return: False if https is not active</span>
+<span class="sd">        :rtype: boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">is_https</span> <span class="o">=</span> <span class="s1">&#39;https&#39;</span> <span class="ow">in</span> <span class="n">request_data</span> <span class="ow">and</span> <span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;https&#39;</span><span class="p">]</span> <span class="o">!=</span> <span class="s1">&#39;off&#39;</span>
+        <span class="c1"># TODO: this use of server_port should be removed too</span>
+        <span class="n">is_https</span> <span class="o">=</span> <span class="n">is_https</span> <span class="ow">or</span> <span class="p">(</span><span class="s1">&#39;server_port&#39;</span> <span class="ow">in</span> <span class="n">request_data</span> <span class="ow">and</span> <span class="nb">str</span><span class="p">(</span><span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;server_port&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="s1">&#39;443&#39;</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">is_https</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.get_self_url_no_query"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_no_query">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">get_self_url_no_query</span><span class="p">(</span><span class="n">request_data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the URL of the current host + current view.</span>
+
+<span class="sd">        :param request_data: The request as a dict</span>
+<span class="sd">        :type: dict</span>
+
+<span class="sd">        :return: The url of current host + current view</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">self_url_host</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_host</span><span class="p">(</span><span class="n">request_data</span><span class="p">)</span>
+        <span class="n">script_name</span> <span class="o">=</span> <span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;script_name&#39;</span><span class="p">]</span>
+        <span class="k">if</span> <span class="n">script_name</span><span class="p">:</span>
+            <span class="k">if</span> <span class="n">script_name</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="o">!=</span> <span class="s1">&#39;/&#39;</span><span class="p">:</span>
+                <span class="n">script_name</span> <span class="o">=</span> <span class="s1">&#39;/&#39;</span> <span class="o">+</span> <span class="n">script_name</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">script_name</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="n">self_url_no_query</span> <span class="o">=</span> <span class="n">self_url_host</span> <span class="o">+</span> <span class="n">script_name</span>
+        <span class="k">if</span> <span class="s1">&#39;path_info&#39;</span> <span class="ow">in</span> <span class="n">request_data</span><span class="p">:</span>
+            <span class="n">self_url_no_query</span> <span class="o">+=</span> <span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;path_info&#39;</span><span class="p">]</span>
+
+        <span class="k">return</span> <span class="n">self_url_no_query</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.get_self_routed_url_no_query"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_routed_url_no_query">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">get_self_routed_url_no_query</span><span class="p">(</span><span class="n">request_data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the routed URL of the current host + current view.</span>
+
+<span class="sd">        :param request_data: The request as a dict</span>
+<span class="sd">        :type: dict</span>
+
+<span class="sd">        :return: The url of current host + current view</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">self_url_host</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_host</span><span class="p">(</span><span class="n">request_data</span><span class="p">)</span>
+        <span class="n">route</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="k">if</span> <span class="s1">&#39;request_uri&#39;</span> <span class="ow">in</span> <span class="n">request_data</span> <span class="ow">and</span> <span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;request_uri&#39;</span><span class="p">]:</span>
+            <span class="n">route</span> <span class="o">=</span> <span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;request_uri&#39;</span><span class="p">]</span>
+            <span class="k">if</span> <span class="s1">&#39;query_string&#39;</span> <span class="ow">in</span> <span class="n">request_data</span> <span class="ow">and</span> <span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;query_string&#39;</span><span class="p">]:</span>
+                <span class="n">route</span> <span class="o">=</span> <span class="n">route</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;query_string&#39;</span><span class="p">],</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+
+        <span class="k">return</span> <span class="n">self_url_host</span> <span class="o">+</span> <span class="n">route</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.get_self_url"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">get_self_url</span><span class="p">(</span><span class="n">request_data</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns the URL of the current host + current view + query.</span>
+
+<span class="sd">        :param request_data: The request as a dict</span>
+<span class="sd">        :type: dict</span>
+
+<span class="sd">        :return: The url of current host + current view + query</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">self_url_host</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_host</span><span class="p">(</span><span class="n">request_data</span><span class="p">)</span>
+
+        <span class="n">request_uri</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="k">if</span> <span class="s1">&#39;request_uri&#39;</span> <span class="ow">in</span> <span class="n">request_data</span><span class="p">:</span>
+            <span class="n">request_uri</span> <span class="o">=</span> <span class="n">request_data</span><span class="p">[</span><span class="s1">&#39;request_uri&#39;</span><span class="p">]</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="n">request_uri</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="s1">&#39;/&#39;</span><span class="p">):</span>
+                <span class="n">match</span> <span class="o">=</span> <span class="n">re</span><span class="o">.</span><span class="n">search</span><span class="p">(</span><span class="s1">&#39;^https?://[^/]*(/.*)&#39;</span><span class="p">,</span> <span class="n">request_uri</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">match</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+                    <span class="n">request_uri</span> <span class="o">=</span> <span class="n">match</span><span class="o">.</span><span class="n">groups</span><span class="p">()[</span><span class="mi">0</span><span class="p">]</span>
+
+        <span class="k">return</span> <span class="n">self_url_host</span> <span class="o">+</span> <span class="n">request_uri</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.generate_unique_id"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.generate_unique_id">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">generate_unique_id</span><span class="p">():</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Generates an unique string (used for example as ID for assertions).</span>
+
+<span class="sd">        :return: A unique string</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="s1">&#39;ONELOGIN_</span><span class="si">%s</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="n">sha1</span><span class="p">(</span><span class="n">compat</span><span class="o">.</span><span class="n">to_bytes</span><span class="p">(</span><span class="n">uuid4</span><span class="p">()</span><span class="o">.</span><span class="n">hex</span><span class="p">))</span><span class="o">.</span><span class="n">hexdigest</span><span class="p">()</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.parse_time_to_SAML"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_time_to_SAML">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">parse_time_to_SAML</span><span class="p">(</span><span class="n">time</span><span class="p">):</span>
+<span class="w">        </span><span class="sa">r</span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Converts a UNIX timestamp to SAML2 timestamp on the form</span>
+<span class="sd">        yyyy-mm-ddThh:mm:ss(\.s+)?Z.</span>
+
+<span class="sd">        :param time: The time we should convert (DateTime).</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :return: SAML2 timestamp.</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">data</span> <span class="o">=</span> <span class="n">datetime</span><span class="o">.</span><span class="n">utcfromtimestamp</span><span class="p">(</span><span class="nb">float</span><span class="p">(</span><span class="n">time</span><span class="p">))</span>
+        <span class="k">return</span> <span class="n">data</span><span class="o">.</span><span class="n">strftime</span><span class="p">(</span><span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">TIME_FORMAT</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.parse_SAML_to_time"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_SAML_to_time">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">parse_SAML_to_time</span><span class="p">(</span><span class="n">timestr</span><span class="p">):</span>
+<span class="w">        </span><span class="sa">r</span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Converts a SAML2 timestamp on the form yyyy-mm-ddThh:mm:ss(\.s+)?Z</span>
+<span class="sd">        to a UNIX timestamp. The sub-second part is ignored.</span>
+
+<span class="sd">        :param timestr: The time we should convert (SAML Timestamp).</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :return: Converted to a unix timestamp.</span>
+<span class="sd">        :rtype: int</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">try</span><span class="p">:</span>
+            <span class="n">data</span> <span class="o">=</span> <span class="n">datetime</span><span class="o">.</span><span class="n">strptime</span><span class="p">(</span><span class="n">timestr</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">TIME_FORMAT</span><span class="p">)</span>
+        <span class="k">except</span> <span class="ne">ValueError</span><span class="p">:</span>
+            <span class="k">try</span><span class="p">:</span>
+                <span class="n">data</span> <span class="o">=</span> <span class="n">datetime</span><span class="o">.</span><span class="n">strptime</span><span class="p">(</span><span class="n">timestr</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">TIME_FORMAT_2</span><span class="p">)</span>
+            <span class="k">except</span> <span class="ne">ValueError</span><span class="p">:</span>
+                <span class="n">elem</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">TIME_FORMAT_WITH_FRAGMENT</span><span class="o">.</span><span class="n">match</span><span class="p">(</span><span class="n">timestr</span><span class="p">)</span>
+                <span class="k">if</span> <span class="ow">not</span> <span class="n">elem</span><span class="p">:</span>
+                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s2">&quot;time data </span><span class="si">%s</span><span class="s2"> does not match format </span><span class="si">%s</span><span class="s2">&quot;</span> <span class="o">%</span> <span class="p">(</span><span class="n">timestr</span><span class="p">,</span> <span class="sa">r</span><span class="s1">&#39;yyyy-mm-ddThh:mm:ss(\.s+)?Z&#39;</span><span class="p">))</span>
+                <span class="n">data</span> <span class="o">=</span> <span class="n">datetime</span><span class="o">.</span><span class="n">strptime</span><span class="p">(</span><span class="n">elem</span><span class="o">.</span><span class="n">groups</span><span class="p">()[</span><span class="mi">0</span><span class="p">]</span> <span class="o">+</span> <span class="s2">&quot;Z&quot;</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">TIME_FORMAT</span><span class="p">)</span>
+
+        <span class="k">return</span> <span class="n">calendar</span><span class="o">.</span><span class="n">timegm</span><span class="p">(</span><span class="n">data</span><span class="o">.</span><span class="n">utctimetuple</span><span class="p">())</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.now"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.now">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">now</span><span class="p">():</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        :return: unix timestamp of actual time.</span>
+<span class="sd">        :rtype: int</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="n">calendar</span><span class="o">.</span><span class="n">timegm</span><span class="p">(</span><span class="n">datetime</span><span class="o">.</span><span class="n">utcnow</span><span class="p">()</span><span class="o">.</span><span class="n">utctimetuple</span><span class="p">())</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.parse_duration"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_duration">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">parse_duration</span><span class="p">(</span><span class="n">duration</span><span class="p">,</span> <span class="n">timestamp</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Interprets a ISO8601 duration value relative to a given timestamp.</span>
+
+<span class="sd">        :param duration: The duration, as a string.</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param timestamp: The unix timestamp we should apply the duration to.</span>
+<span class="sd">                          Optional, default to the current time.</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :return: The new timestamp, after the duration is applied.</span>
+<span class="sd">        :rtype: int</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">duration</span><span class="p">,</span> <span class="n">compat</span><span class="o">.</span><span class="n">str_type</span><span class="p">)</span>
+        <span class="k">assert</span> <span class="n">timestamp</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">or</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">timestamp</span><span class="p">,</span> <span class="nb">int</span><span class="p">)</span>
+
+        <span class="n">timedelta</span> <span class="o">=</span> <span class="n">duration_parser</span><span class="p">(</span><span class="n">duration</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">timestamp</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">data</span> <span class="o">=</span> <span class="n">datetime</span><span class="o">.</span><span class="n">utcnow</span><span class="p">()</span> <span class="o">+</span> <span class="n">timedelta</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">data</span> <span class="o">=</span> <span class="n">datetime</span><span class="o">.</span><span class="n">utcfromtimestamp</span><span class="p">(</span><span class="n">timestamp</span><span class="p">)</span> <span class="o">+</span> <span class="n">timedelta</span>
+        <span class="k">return</span> <span class="n">calendar</span><span class="o">.</span><span class="n">timegm</span><span class="p">(</span><span class="n">data</span><span class="o">.</span><span class="n">utctimetuple</span><span class="p">())</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.get_expire_time"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_expire_time">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">get_expire_time</span><span class="p">(</span><span class="n">cache_duration</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">valid_until</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Compares 2 dates and returns the earliest.</span>
+
+<span class="sd">        :param cache_duration: The duration, as a string.</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param valid_until: The valid until date, as a string or as a timestamp</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :return: The expiration time.</span>
+<span class="sd">        :rtype: int</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">expire_time</span> <span class="o">=</span> <span class="kc">None</span>
+
+        <span class="k">if</span> <span class="n">cache_duration</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">expire_time</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_duration</span><span class="p">(</span><span class="n">cache_duration</span><span class="p">)</span>
+
+        <span class="k">if</span> <span class="n">valid_until</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">valid_until</span><span class="p">,</span> <span class="nb">int</span><span class="p">):</span>
+                <span class="n">valid_until_time</span> <span class="o">=</span> <span class="n">valid_until</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">valid_until_time</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">valid_until</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">expire_time</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">or</span> <span class="n">expire_time</span> <span class="o">&gt;</span> <span class="n">valid_until_time</span><span class="p">:</span>
+                <span class="n">expire_time</span> <span class="o">=</span> <span class="n">valid_until_time</span>
+
+        <span class="k">if</span> <span class="n">expire_time</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="k">return</span> <span class="s1">&#39;</span><span class="si">%d</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="n">expire_time</span>
+        <span class="k">return</span> <span class="kc">None</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.delete_local_session"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.delete_local_session">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">delete_local_session</span><span class="p">(</span><span class="n">callback</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Deletes the local session.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+
+        <span class="k">if</span> <span class="n">callback</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">callback</span><span class="p">()</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.calculate_x509_fingerprint"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.calculate_x509_fingerprint">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">calculate_x509_fingerprint</span><span class="p">(</span><span class="n">x509_cert</span><span class="p">,</span> <span class="n">alg</span><span class="o">=</span><span class="s1">&#39;sha1&#39;</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Calculates the fingerprint of a formatted x509cert.</span>
+
+<span class="sd">        :param x509_cert: x509 cert formatted</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param alg: The algorithm to build the fingerprint</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :returns: fingerprint</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">x509_cert</span><span class="p">,</span> <span class="n">compat</span><span class="o">.</span><span class="n">str_type</span><span class="p">)</span>
+
+        <span class="n">lines</span> <span class="o">=</span> <span class="n">x509_cert</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s1">&#39;</span><span class="se">\n</span><span class="s1">&#39;</span><span class="p">)</span>
+        <span class="n">data</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="n">inData</span> <span class="o">=</span> <span class="kc">False</span>
+
+        <span class="k">for</span> <span class="n">line</span> <span class="ow">in</span> <span class="n">lines</span><span class="p">:</span>
+            <span class="c1"># Remove &#39;\r&#39; from end of line if present.</span>
+            <span class="n">line</span> <span class="o">=</span> <span class="n">line</span><span class="o">.</span><span class="n">rstrip</span><span class="p">()</span>
+            <span class="k">if</span> <span class="ow">not</span> <span class="n">inData</span><span class="p">:</span>
+                <span class="k">if</span> <span class="n">line</span> <span class="o">==</span> <span class="s1">&#39;-----BEGIN CERTIFICATE-----&#39;</span><span class="p">:</span>
+                    <span class="n">inData</span> <span class="o">=</span> <span class="kc">True</span>
+                <span class="k">elif</span> <span class="n">line</span> <span class="o">==</span> <span class="s1">&#39;-----BEGIN PUBLIC KEY-----&#39;</span> <span class="ow">or</span> <span class="n">line</span> <span class="o">==</span> <span class="s1">&#39;-----BEGIN RSA PRIVATE KEY-----&#39;</span><span class="p">:</span>
+                    <span class="c1"># This isn&#39;t an X509 certificate.</span>
+                    <span class="k">return</span> <span class="kc">None</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="k">if</span> <span class="n">line</span> <span class="o">==</span> <span class="s1">&#39;-----END CERTIFICATE-----&#39;</span><span class="p">:</span>
+                    <span class="k">break</span>
+
+                <span class="c1"># Append the current line to the certificate data.</span>
+                <span class="n">data</span> <span class="o">+=</span> <span class="n">line</span>
+
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">data</span><span class="p">:</span>
+            <span class="k">return</span> <span class="kc">None</span>
+
+        <span class="n">decoded_data</span> <span class="o">=</span> <span class="n">base64</span><span class="o">.</span><span class="n">b64decode</span><span class="p">(</span><span class="n">compat</span><span class="o">.</span><span class="n">to_bytes</span><span class="p">(</span><span class="n">data</span><span class="p">))</span>
+
+        <span class="k">if</span> <span class="n">alg</span> <span class="o">==</span> <span class="s1">&#39;sha512&#39;</span><span class="p">:</span>
+            <span class="n">fingerprint</span> <span class="o">=</span> <span class="n">sha512</span><span class="p">(</span><span class="n">decoded_data</span><span class="p">)</span>
+        <span class="k">elif</span> <span class="n">alg</span> <span class="o">==</span> <span class="s1">&#39;sha384&#39;</span><span class="p">:</span>
+            <span class="n">fingerprint</span> <span class="o">=</span> <span class="n">sha384</span><span class="p">(</span><span class="n">decoded_data</span><span class="p">)</span>
+        <span class="k">elif</span> <span class="n">alg</span> <span class="o">==</span> <span class="s1">&#39;sha256&#39;</span><span class="p">:</span>
+            <span class="n">fingerprint</span> <span class="o">=</span> <span class="n">sha256</span><span class="p">(</span><span class="n">decoded_data</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">fingerprint</span> <span class="o">=</span> <span class="n">sha1</span><span class="p">(</span><span class="n">decoded_data</span><span class="p">)</span>
+
+        <span class="k">return</span> <span class="n">fingerprint</span><span class="o">.</span><span class="n">hexdigest</span><span class="p">()</span><span class="o">.</span><span class="n">lower</span><span class="p">()</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.format_finger_print"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.format_finger_print">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">format_finger_print</span><span class="p">(</span><span class="n">fingerprint</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Formats a fingerprint.</span>
+
+<span class="sd">        :param fingerprint: fingerprint</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :returns: Formatted fingerprint</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">formatted_fingerprint</span> <span class="o">=</span> <span class="n">fingerprint</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s1">&#39;:&#39;</span><span class="p">,</span> <span class="s1">&#39;&#39;</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">formatted_fingerprint</span><span class="o">.</span><span class="n">lower</span><span class="p">()</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.generate_name_id"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.generate_name_id">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">generate_name_id</span><span class="p">(</span><span class="n">value</span><span class="p">,</span> <span class="n">sp_nq</span><span class="p">,</span> <span class="n">sp_format</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">cert</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">debug</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">nq</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Generates a nameID.</span>
+
+<span class="sd">        :param value: fingerprint</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param sp_nq: SP Name Qualifier</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param sp_format: SP Format</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param cert: IdP Public Cert to encrypt the nameID</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param debug: Activate the xmlsec debug</span>
+<span class="sd">        :type: bool</span>
+
+<span class="sd">        :returns: DOMElement | XMLSec nameID</span>
+<span class="sd">        :rtype: string</span>
+
+<span class="sd">        :param nq: IDP Name Qualifier</span>
+<span class="sd">        :type: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+
+        <span class="n">root</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">make_root</span><span class="p">(</span><span class="s2">&quot;{</span><span class="si">%s</span><span class="s2">}container&quot;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_SAML</span><span class="p">)</span>
+        <span class="n">name_id</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">make_child</span><span class="p">(</span><span class="n">root</span><span class="p">,</span> <span class="s1">&#39;{</span><span class="si">%s</span><span class="s1">}NameID&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_SAML</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">sp_nq</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">name_id</span><span class="o">.</span><span class="n">set</span><span class="p">(</span><span class="s1">&#39;SPNameQualifier&#39;</span><span class="p">,</span> <span class="n">sp_nq</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">sp_format</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">name_id</span><span class="o">.</span><span class="n">set</span><span class="p">(</span><span class="s1">&#39;Format&#39;</span><span class="p">,</span> <span class="n">sp_format</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">nq</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">name_id</span><span class="o">.</span><span class="n">set</span><span class="p">(</span><span class="s1">&#39;NameQualifier&#39;</span><span class="p">,</span> <span class="n">nq</span><span class="p">)</span>
+        <span class="n">name_id</span><span class="o">.</span><span class="n">text</span> <span class="o">=</span> <span class="n">value</span>
+
+        <span class="k">if</span> <span class="n">cert</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">xmlsec</span><span class="o">.</span><span class="n">enable_debug_trace</span><span class="p">(</span><span class="n">debug</span><span class="p">)</span>
+
+            <span class="c1"># Load the public cert</span>
+            <span class="n">manager</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeysManager</span><span class="p">()</span>
+            <span class="n">manager</span><span class="o">.</span><span class="n">add_key</span><span class="p">(</span><span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">from_memory</span><span class="p">(</span><span class="n">cert</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyFormat</span><span class="o">.</span><span class="n">CERT_PEM</span><span class="p">,</span> <span class="kc">None</span><span class="p">))</span>
+
+            <span class="c1"># Prepare for encryption</span>
+            <span class="n">enc_data</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">template</span><span class="o">.</span><span class="n">encrypted_data_create</span><span class="p">(</span>
+                <span class="n">root</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">AES128</span><span class="p">,</span> <span class="nb">type</span><span class="o">=</span><span class="n">xmlsec</span><span class="o">.</span><span class="n">EncryptionType</span><span class="o">.</span><span class="n">ELEMENT</span><span class="p">,</span> <span class="n">ns</span><span class="o">=</span><span class="s2">&quot;xenc&quot;</span><span class="p">)</span>
+
+            <span class="n">xmlsec</span><span class="o">.</span><span class="n">template</span><span class="o">.</span><span class="n">encrypted_data_ensure_cipher_value</span><span class="p">(</span><span class="n">enc_data</span><span class="p">)</span>
+            <span class="n">key_info</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">template</span><span class="o">.</span><span class="n">encrypted_data_ensure_key_info</span><span class="p">(</span><span class="n">enc_data</span><span class="p">,</span> <span class="n">ns</span><span class="o">=</span><span class="s2">&quot;dsig&quot;</span><span class="p">)</span>
+            <span class="n">enc_key</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">template</span><span class="o">.</span><span class="n">add_encrypted_key</span><span class="p">(</span><span class="n">key_info</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_OAEP</span><span class="p">)</span>
+            <span class="n">xmlsec</span><span class="o">.</span><span class="n">template</span><span class="o">.</span><span class="n">encrypted_data_ensure_cipher_value</span><span class="p">(</span><span class="n">enc_key</span><span class="p">)</span>
+
+            <span class="c1"># Encrypt!</span>
+            <span class="n">enc_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">EncryptionContext</span><span class="p">(</span><span class="n">manager</span><span class="p">)</span>
+            <span class="n">enc_ctx</span><span class="o">.</span><span class="n">key</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">generate</span><span class="p">(</span><span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyData</span><span class="o">.</span><span class="n">AES</span><span class="p">,</span> <span class="mi">128</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataType</span><span class="o">.</span><span class="n">SESSION</span><span class="p">)</span>
+            <span class="n">enc_data</span> <span class="o">=</span> <span class="n">enc_ctx</span><span class="o">.</span><span class="n">encrypt_xml</span><span class="p">(</span><span class="n">enc_data</span><span class="p">,</span> <span class="n">name_id</span><span class="p">)</span>
+            <span class="k">return</span> <span class="s1">&#39;&lt;saml:EncryptedID&gt;&#39;</span> <span class="o">+</span> <span class="n">compat</span><span class="o">.</span><span class="n">to_string</span><span class="p">(</span><span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_string</span><span class="p">(</span><span class="n">enc_data</span><span class="p">))</span> <span class="o">+</span> <span class="s1">&#39;&lt;/saml:EncryptedID&gt;&#39;</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">return</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">extract_tag_text</span><span class="p">(</span><span class="n">root</span><span class="p">,</span> <span class="s2">&quot;saml:NameID&quot;</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.get_status"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_status">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">get_status</span><span class="p">(</span><span class="n">dom</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Gets Status from a Response.</span>
+
+<span class="sd">        :param dom: The Response as XML</span>
+<span class="sd">        :type: Document</span>
+
+<span class="sd">        :returns: The Status, an array with the code and a message.</span>
+<span class="sd">        :rtype: dict</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">status</span> <span class="o">=</span> <span class="p">{}</span>
+
+        <span class="n">status_entry</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s1">&#39;/samlp:Response/samlp:Status&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">status_entry</span><span class="p">)</span> <span class="o">!=</span> <span class="mi">1</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                <span class="s1">&#39;Missing Status on response&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">MISSING_STATUS</span>
+            <span class="p">)</span>
+
+        <span class="n">code_entry</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s1">&#39;/samlp:Response/samlp:Status/samlp:StatusCode&#39;</span><span class="p">,</span> <span class="n">status_entry</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">code_entry</span><span class="p">)</span> <span class="o">!=</span> <span class="mi">1</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                <span class="s1">&#39;Missing Status Code on response&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">MISSING_STATUS_CODE</span>
+            <span class="p">)</span>
+        <span class="n">code</span> <span class="o">=</span> <span class="n">code_entry</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">values</span><span class="p">()[</span><span class="mi">0</span><span class="p">]</span>
+        <span class="n">status</span><span class="p">[</span><span class="s1">&#39;code&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">code</span>
+
+        <span class="n">status</span><span class="p">[</span><span class="s1">&#39;msg&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="s1">&#39;&#39;</span>
+        <span class="n">message_entry</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s1">&#39;/samlp:Response/samlp:Status/samlp:StatusMessage&#39;</span><span class="p">,</span> <span class="n">status_entry</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">message_entry</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="n">subcode_entry</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s1">&#39;/samlp:Response/samlp:Status/samlp:StatusCode/samlp:StatusCode&#39;</span><span class="p">,</span> <span class="n">status_entry</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
+            <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">subcode_entry</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
+                <span class="n">status</span><span class="p">[</span><span class="s1">&#39;msg&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">subcode_entry</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">values</span><span class="p">()[</span><span class="mi">0</span><span class="p">]</span>
+        <span class="k">elif</span> <span class="nb">len</span><span class="p">(</span><span class="n">message_entry</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
+            <span class="n">status</span><span class="p">[</span><span class="s1">&#39;msg&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">message_entry</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
+
+        <span class="k">return</span> <span class="n">status</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.decrypt_element"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.decrypt_element">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">decrypt_element</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">debug</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">inplace</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Decrypts an encrypted element.</span>
+
+<span class="sd">        :param encrypted_data: The encrypted data.</span>
+<span class="sd">        :type: lxml.etree.Element | DOMElement | basestring</span>
+
+<span class="sd">        :param key: The key.</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param debug: Activate the xmlsec debug</span>
+<span class="sd">        :type: bool</span>
+
+<span class="sd">        :param inplace: update passed data with decrypted result</span>
+<span class="sd">        :type: bool</span>
+
+<span class="sd">        :returns: The decrypted element.</span>
+<span class="sd">        :rtype: lxml.etree.Element</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">,</span> <span class="n">Element</span><span class="p">):</span>
+            <span class="n">encrypted_data</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="nb">str</span><span class="p">(</span><span class="n">encrypted_data</span><span class="o">.</span><span class="n">toxml</span><span class="p">()))</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">inplace</span> <span class="ow">and</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">,</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">_element_class</span><span class="p">):</span>
+            <span class="n">encrypted_data</span> <span class="o">=</span> <span class="n">deepcopy</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">)</span>
+        <span class="k">elif</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">,</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">_text_class</span><span class="p">):</span>
+            <span class="n">encrypted_data</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">_parse_etree</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">)</span>
+
+        <span class="n">xmlsec</span><span class="o">.</span><span class="n">enable_debug_trace</span><span class="p">(</span><span class="n">debug</span><span class="p">)</span>
+        <span class="n">manager</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeysManager</span><span class="p">()</span>
+
+        <span class="n">manager</span><span class="o">.</span><span class="n">add_key</span><span class="p">(</span><span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">from_memory</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyFormat</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span> <span class="kc">None</span><span class="p">))</span>
+        <span class="n">enc_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">EncryptionContext</span><span class="p">(</span><span class="n">manager</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">enc_ctx</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.add_sign"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.add_sign">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">add_sign</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="n">debug</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">sign_algorithm</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">,</span> <span class="n">digest_algorithm</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">SHA256</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Adds signature key and senders certificate to an element (Message or</span>
+<span class="sd">        Assertion).</span>
+
+<span class="sd">        :param xml: The element we should sign</span>
+<span class="sd">        :type: string | Document</span>
+
+<span class="sd">        :param key: The private key</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param cert: The public</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param debug: Activate the xmlsec debug</span>
+<span class="sd">        :type: bool</span>
+
+<span class="sd">        :param sign_algorithm: Signature algorithm method</span>
+<span class="sd">        :type sign_algorithm: string</span>
+
+<span class="sd">        :param digest_algorithm: Digest algorithm method</span>
+<span class="sd">        :type digest_algorithm: string</span>
+
+<span class="sd">        :returns: Signed XML</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="n">xml</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">or</span> <span class="n">xml</span> <span class="o">==</span> <span class="s1">&#39;&#39;</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s1">&#39;Empty string supplied as input&#39;</span><span class="p">)</span>
+
+        <span class="n">elem</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="n">xml</span><span class="p">)</span>
+
+        <span class="n">sign_algorithm_transform_map</span> <span class="o">=</span> <span class="p">{</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">DSA_SHA1</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">DSA_SHA1</span><span class="p">,</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA1</span><span class="p">,</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">,</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA384</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA384</span><span class="p">,</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA512</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA512</span>
+        <span class="p">}</span>
+        <span class="n">sign_algorithm_transform</span> <span class="o">=</span> <span class="n">sign_algorithm_transform_map</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">sign_algorithm</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">)</span>
+
+        <span class="n">signature</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">template</span><span class="o">.</span><span class="n">create</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">EXCL_C14N</span><span class="p">,</span> <span class="n">sign_algorithm_transform</span><span class="p">,</span> <span class="n">ns</span><span class="o">=</span><span class="s1">&#39;ds&#39;</span><span class="p">)</span>
+
+        <span class="n">issuer</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="s1">&#39;//saml:Issuer&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">issuer</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="n">issuer</span> <span class="o">=</span> <span class="n">issuer</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
+            <span class="n">issuer</span><span class="o">.</span><span class="n">addnext</span><span class="p">(</span><span class="n">signature</span><span class="p">)</span>
+            <span class="n">elem_to_sign</span> <span class="o">=</span> <span class="n">issuer</span><span class="o">.</span><span class="n">getparent</span><span class="p">()</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">entity_descriptor</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="s1">&#39;//md:EntityDescriptor&#39;</span><span class="p">)</span>
+            <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">entity_descriptor</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+                <span class="n">elem</span><span class="o">.</span><span class="n">insert</span><span class="p">(</span><span class="mi">0</span><span class="p">,</span> <span class="n">signature</span><span class="p">)</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="n">elem</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">insert</span><span class="p">(</span><span class="mi">0</span><span class="p">,</span> <span class="n">signature</span><span class="p">)</span>
+            <span class="n">elem_to_sign</span> <span class="o">=</span> <span class="n">elem</span>
+
+        <span class="n">elem_id</span> <span class="o">=</span> <span class="n">elem_to_sign</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s1">&#39;ID&#39;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">elem_id</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="k">if</span> <span class="n">elem_id</span><span class="p">:</span>
+                <span class="n">elem_id</span> <span class="o">=</span> <span class="s1">&#39;#&#39;</span> <span class="o">+</span> <span class="n">elem_id</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">generated_id</span> <span class="o">=</span> <span class="n">generated_id</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">generate_unique_id</span><span class="p">()</span>
+            <span class="n">elem_id</span> <span class="o">=</span> <span class="s1">&#39;#&#39;</span> <span class="o">+</span> <span class="n">generated_id</span>
+            <span class="n">elem_to_sign</span><span class="o">.</span><span class="n">attrib</span><span class="p">[</span><span class="s1">&#39;ID&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">generated_id</span>
+
+        <span class="n">xmlsec</span><span class="o">.</span><span class="n">enable_debug_trace</span><span class="p">(</span><span class="n">debug</span><span class="p">)</span>
+        <span class="n">xmlsec</span><span class="o">.</span><span class="n">tree</span><span class="o">.</span><span class="n">add_ids</span><span class="p">(</span><span class="n">elem_to_sign</span><span class="p">,</span> <span class="p">[</span><span class="s2">&quot;ID&quot;</span><span class="p">])</span>
+
+        <span class="n">digest_algorithm_transform_map</span> <span class="o">=</span> <span class="p">{</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">SHA1</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">SHA1</span><span class="p">,</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">SHA256</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">SHA256</span><span class="p">,</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">SHA384</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">SHA384</span><span class="p">,</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">SHA512</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">SHA512</span>
+        <span class="p">}</span>
+        <span class="n">digest_algorithm_transform</span> <span class="o">=</span> <span class="n">digest_algorithm_transform_map</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">digest_algorithm</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">SHA256</span><span class="p">)</span>
+
+        <span class="n">ref</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">template</span><span class="o">.</span><span class="n">add_reference</span><span class="p">(</span><span class="n">signature</span><span class="p">,</span> <span class="n">digest_algorithm_transform</span><span class="p">,</span> <span class="n">uri</span><span class="o">=</span><span class="n">elem_id</span><span class="p">)</span>
+        <span class="n">xmlsec</span><span class="o">.</span><span class="n">template</span><span class="o">.</span><span class="n">add_transform</span><span class="p">(</span><span class="n">ref</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">ENVELOPED</span><span class="p">)</span>
+        <span class="n">xmlsec</span><span class="o">.</span><span class="n">template</span><span class="o">.</span><span class="n">add_transform</span><span class="p">(</span><span class="n">ref</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">EXCL_C14N</span><span class="p">)</span>
+        <span class="n">key_info</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">template</span><span class="o">.</span><span class="n">ensure_key_info</span><span class="p">(</span><span class="n">signature</span><span class="p">)</span>
+        <span class="n">xmlsec</span><span class="o">.</span><span class="n">template</span><span class="o">.</span><span class="n">add_x509_data</span><span class="p">(</span><span class="n">key_info</span><span class="p">)</span>
+
+        <span class="n">dsig_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">SignatureContext</span><span class="p">()</span>
+        <span class="n">sign_key</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">from_memory</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyFormat</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+        <span class="n">sign_key</span><span class="o">.</span><span class="n">load_cert_from_memory</span><span class="p">(</span><span class="n">cert</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyFormat</span><span class="o">.</span><span class="n">PEM</span><span class="p">)</span>
+
+        <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">key</span> <span class="o">=</span> <span class="n">sign_key</span>
+        <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span><span class="n">signature</span><span class="p">)</span>
+
+        <span class="k">return</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_string</span><span class="p">(</span><span class="n">elem</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.validate_sign"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_sign">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="nd">@return_false_on_exception</span>
+    <span class="k">def</span> <span class="nf">validate_sign</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">cert</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">fingerprint</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">fingerprintalg</span><span class="o">=</span><span class="s1">&#39;sha1&#39;</span><span class="p">,</span> <span class="n">validatecert</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">debug</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">xpath</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">multicerts</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Validates a signature (Message or Assertion).</span>
+
+<span class="sd">        :param xml: The element we should validate</span>
+<span class="sd">        :type: string | Document</span>
+
+<span class="sd">        :param cert: The public cert</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param fingerprint: The fingerprint of the public cert</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param fingerprintalg: The algorithm used to build the fingerprint</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param validatecert: If true, will verify the signature and if the cert is valid.</span>
+<span class="sd">        :type: bool</span>
+
+<span class="sd">        :param debug: Activate the xmlsec debug</span>
+<span class="sd">        :type: bool</span>
+
+<span class="sd">        :param xpath: The xpath of the signed element</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param multicerts: Multiple public certs</span>
+<span class="sd">        :type: list</span>
+
+<span class="sd">        :param raise_exceptions: Whether to return false on failure or raise an exception</span>
+<span class="sd">        :type raise_exceptions: Boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="n">xml</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">or</span> <span class="n">xml</span> <span class="o">==</span> <span class="s1">&#39;&#39;</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s1">&#39;Empty string supplied as input&#39;</span><span class="p">)</span>
+
+        <span class="n">elem</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="n">xml</span><span class="p">)</span>
+        <span class="n">xmlsec</span><span class="o">.</span><span class="n">enable_debug_trace</span><span class="p">(</span><span class="n">debug</span><span class="p">)</span>
+        <span class="n">xmlsec</span><span class="o">.</span><span class="n">tree</span><span class="o">.</span><span class="n">add_ids</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="p">[</span><span class="s2">&quot;ID&quot;</span><span class="p">])</span>
+
+        <span class="k">if</span> <span class="n">xpath</span><span class="p">:</span>
+            <span class="n">signature_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="n">xpath</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">signature_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">RESPONSE_SIGNATURE_XPATH</span><span class="p">)</span>
+
+            <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">signature_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
+                <span class="n">signature_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">ASSERTION_SIGNATURE_XPATH</span><span class="p">)</span>
+
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">signature_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
+            <span class="n">signature_node</span> <span class="o">=</span> <span class="n">signature_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
+
+            <span class="k">if</span> <span class="ow">not</span> <span class="n">multicerts</span><span class="p">:</span>
+                <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">validate_node_sign</span><span class="p">(</span><span class="n">signature_node</span><span class="p">,</span> <span class="n">elem</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="n">fingerprint</span><span class="p">,</span> <span class="n">fingerprintalg</span><span class="p">,</span> <span class="n">validatecert</span><span class="p">,</span> <span class="n">debug</span><span class="p">,</span> <span class="n">raise_exceptions</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span>
+            <span class="k">else</span><span class="p">:</span>
+                <span class="c1"># If multiple certs are provided, I may ignore cert and</span>
+                <span class="c1"># fingerprint provided by the method and just check the</span>
+                <span class="c1"># certs multicerts</span>
+                <span class="n">fingerprint</span> <span class="o">=</span> <span class="n">fingerprintalg</span> <span class="o">=</span> <span class="kc">None</span>
+                <span class="k">for</span> <span class="n">cert</span> <span class="ow">in</span> <span class="n">multicerts</span><span class="p">:</span>
+                    <span class="k">if</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">validate_node_sign</span><span class="p">(</span><span class="n">signature_node</span><span class="p">,</span> <span class="n">elem</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="n">fingerprint</span><span class="p">,</span> <span class="n">fingerprintalg</span><span class="p">,</span> <span class="n">validatecert</span><span class="p">,</span> <span class="kc">False</span><span class="p">,</span> <span class="n">raise_exceptions</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+                        <span class="k">return</span> <span class="kc">True</span>
+                <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                    <span class="s1">&#39;Signature validation failed. SAML Response rejected.&#39;</span><span class="p">,</span>
+                    <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">INVALID_SIGNATURE</span>
+                <span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                <span class="s1">&#39;Expected exactly one signature node; got </span><span class="si">{}</span><span class="s1">.&#39;</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="n">signature_nodes</span><span class="p">)),</span>
+                <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">WRONG_NUMBER_OF_SIGNATURES</span>
+            <span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.validate_metadata_sign"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_metadata_sign">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="nd">@return_false_on_exception</span>
+    <span class="k">def</span> <span class="nf">validate_metadata_sign</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">cert</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">fingerprint</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">fingerprintalg</span><span class="o">=</span><span class="s1">&#39;sha1&#39;</span><span class="p">,</span> <span class="n">validatecert</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">debug</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Validates a signature of a EntityDescriptor.</span>
+
+<span class="sd">        :param xml: The element we should validate</span>
+<span class="sd">        :type: string | Document</span>
+
+<span class="sd">        :param cert: The public cert</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param fingerprint: The fingerprint of the public cert</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param fingerprintalg: The algorithm used to build the fingerprint</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param validatecert: If true, will verify the signature and if the cert is valid.</span>
+<span class="sd">        :type: bool</span>
+
+<span class="sd">        :param debug: Activate the xmlsec debug</span>
+<span class="sd">        :type: bool</span>
+
+<span class="sd">        :param raise_exceptions: Whether to return false on failure or raise an exception</span>
+<span class="sd">        :type raise_exceptions: Boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="n">xml</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">or</span> <span class="n">xml</span> <span class="o">==</span> <span class="s1">&#39;&#39;</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s1">&#39;Empty string supplied as input&#39;</span><span class="p">)</span>
+
+        <span class="n">elem</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="n">xml</span><span class="p">)</span>
+        <span class="n">xmlsec</span><span class="o">.</span><span class="n">enable_debug_trace</span><span class="p">(</span><span class="n">debug</span><span class="p">)</span>
+        <span class="n">xmlsec</span><span class="o">.</span><span class="n">tree</span><span class="o">.</span><span class="n">add_ids</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="p">[</span><span class="s2">&quot;ID&quot;</span><span class="p">])</span>
+
+        <span class="n">signature_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="s1">&#39;/md:EntitiesDescriptor/ds:Signature&#39;</span><span class="p">)</span>
+
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">signature_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="n">signature_nodes</span> <span class="o">+=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="s1">&#39;/md:EntityDescriptor/ds:Signature&#39;</span><span class="p">)</span>
+
+            <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">signature_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
+                <span class="n">signature_nodes</span> <span class="o">+=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="s1">&#39;/md:EntityDescriptor/md:SPSSODescriptor/ds:Signature&#39;</span><span class="p">)</span>
+                <span class="n">signature_nodes</span> <span class="o">+=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">elem</span><span class="p">,</span> <span class="s1">&#39;/md:EntityDescriptor/md:IDPSSODescriptor/ds:Signature&#39;</span><span class="p">)</span>
+
+        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">signature_nodes</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="k">for</span> <span class="n">signature_node</span> <span class="ow">in</span> <span class="n">signature_nodes</span><span class="p">:</span>
+                <span class="c1"># Raises exception if invalid</span>
+                <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">validate_node_sign</span><span class="p">(</span><span class="n">signature_node</span><span class="p">,</span> <span class="n">elem</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="n">fingerprint</span><span class="p">,</span> <span class="n">fingerprintalg</span><span class="p">,</span> <span class="n">validatecert</span><span class="p">,</span> <span class="n">debug</span><span class="p">,</span> <span class="n">raise_exceptions</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span>
+            <span class="k">return</span> <span class="kc">True</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s1">&#39;Could not validate metadata signature: No signature nodes found.&#39;</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.validate_node_sign"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_node_sign">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="nd">@return_false_on_exception</span>
+    <span class="k">def</span> <span class="nf">validate_node_sign</span><span class="p">(</span><span class="n">signature_node</span><span class="p">,</span> <span class="n">elem</span><span class="p">,</span> <span class="n">cert</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">fingerprint</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">fingerprintalg</span><span class="o">=</span><span class="s1">&#39;sha1&#39;</span><span class="p">,</span> <span class="n">validatecert</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">debug</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Validates a signature node.</span>
+
+<span class="sd">        :param signature_node: The signature node</span>
+<span class="sd">        :type: Node</span>
+
+<span class="sd">        :param xml: The element we should validate</span>
+<span class="sd">        :type: Document</span>
+
+<span class="sd">        :param cert: The public cert</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param fingerprint: The fingerprint of the public cert</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param fingerprintalg: The algorithm used to build the fingerprint</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param validatecert: If true, will verify the signature and if the cert is valid.</span>
+<span class="sd">        :type: bool</span>
+
+<span class="sd">        :param debug: Activate the xmlsec debug</span>
+<span class="sd">        :type: bool</span>
+
+<span class="sd">        :param raise_exceptions: Whether to return false on failure or raise an exception</span>
+<span class="sd">        :type raise_exceptions: Boolean</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="p">(</span><span class="n">cert</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">or</span> <span class="n">cert</span> <span class="o">==</span> <span class="s1">&#39;&#39;</span><span class="p">)</span> <span class="ow">and</span> <span class="n">fingerprint</span><span class="p">:</span>
+            <span class="n">x509_certificate_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">signature_node</span><span class="p">,</span> <span class="s1">&#39;//ds:Signature/ds:KeyInfo/ds:X509Data/ds:X509Certificate&#39;</span><span class="p">)</span>
+            <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">x509_certificate_nodes</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
+                <span class="n">x509_certificate_node</span> <span class="o">=</span> <span class="n">x509_certificate_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
+                <span class="n">x509_cert_value</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">element_text</span><span class="p">(</span><span class="n">x509_certificate_node</span><span class="p">)</span>
+                <span class="n">x509_cert_value_formatted</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">format_cert</span><span class="p">(</span><span class="n">x509_cert_value</span><span class="p">)</span>
+                <span class="n">x509_fingerprint_value</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">calculate_x509_fingerprint</span><span class="p">(</span><span class="n">x509_cert_value_formatted</span><span class="p">,</span> <span class="n">fingerprintalg</span><span class="p">)</span>
+                <span class="k">if</span> <span class="n">fingerprint</span> <span class="o">==</span> <span class="n">x509_fingerprint_value</span><span class="p">:</span>
+                    <span class="n">cert</span> <span class="o">=</span> <span class="n">x509_cert_value_formatted</span>
+
+        <span class="k">if</span> <span class="n">cert</span> <span class="ow">is</span> <span class="kc">None</span> <span class="ow">or</span> <span class="n">cert</span> <span class="o">==</span> <span class="s1">&#39;&#39;</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
+                <span class="s1">&#39;Could not validate node signature: No certificate provided.&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">CERT_NOT_FOUND</span>
+            <span class="p">)</span>
+
+        <span class="c1"># Check if Reference URI is empty</span>
+        <span class="c1"># reference_elem = OneLogin_Saml2_XML.query(signature_node, &#39;//ds:Reference&#39;)</span>
+        <span class="c1"># if len(reference_elem) &gt; 0:</span>
+        <span class="c1">#     if reference_elem[0].get(&#39;URI&#39;) == &#39;&#39;:</span>
+        <span class="c1">#         reference_elem[0].set(&#39;URI&#39;, &#39;#%s&#39; % signature_node.getparent().get(&#39;ID&#39;))</span>
+
+        <span class="k">if</span> <span class="n">validatecert</span><span class="p">:</span>
+            <span class="n">manager</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeysManager</span><span class="p">()</span>
+            <span class="n">manager</span><span class="o">.</span><span class="n">load_cert_from_memory</span><span class="p">(</span><span class="n">cert</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyFormat</span><span class="o">.</span><span class="n">CERT_PEM</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataType</span><span class="o">.</span><span class="n">TRUSTED</span><span class="p">)</span>
+            <span class="n">dsig_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">SignatureContext</span><span class="p">(</span><span class="n">manager</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">dsig_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">SignatureContext</span><span class="p">()</span>
+            <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">key</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">from_memory</span><span class="p">(</span><span class="n">cert</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyFormat</span><span class="o">.</span><span class="n">CERT_PEM</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+
+        <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">set_enabled_key_data</span><span class="p">([</span><span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyData</span><span class="o">.</span><span class="n">X509</span><span class="p">])</span>
+
+        <span class="k">try</span><span class="p">:</span>
+            <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span><span class="n">signature_node</span><span class="p">)</span>
+        <span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">err</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="n">OneLogin_Saml2_ValidationError</span><span class="p">(</span>
+                <span class="s1">&#39;Signature validation failed. SAML Response rejected. </span><span class="si">%s</span><span class="s1">&#39;</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_ValidationError</span><span class="o">.</span><span class="n">INVALID_SIGNATURE</span><span class="p">,</span>
+                <span class="nb">str</span><span class="p">(</span><span class="n">err</span><span class="p">)</span>
+            <span class="p">)</span>
+
+        <span class="k">return</span> <span class="kc">True</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.sign_binary"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.sign_binary">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">sign_binary</span><span class="p">(</span><span class="n">msg</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">algorithm</span><span class="o">=</span><span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">,</span> <span class="n">debug</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Sign binary message</span>
+
+<span class="sd">        :param msg: The element we should validate</span>
+<span class="sd">        :type: bytes</span>
+
+<span class="sd">        :param key: The private key</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param debug: Activate the xmlsec debug</span>
+<span class="sd">        :type: bool</span>
+
+<span class="sd">        :return signed message</span>
+<span class="sd">        :rtype str</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">msg</span><span class="p">,</span> <span class="nb">str</span><span class="p">):</span>
+            <span class="n">msg</span> <span class="o">=</span> <span class="n">msg</span><span class="o">.</span><span class="n">encode</span><span class="p">(</span><span class="s1">&#39;utf8&#39;</span><span class="p">)</span>
+
+        <span class="n">xmlsec</span><span class="o">.</span><span class="n">enable_debug_trace</span><span class="p">(</span><span class="n">debug</span><span class="p">)</span>
+        <span class="n">dsig_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">SignatureContext</span><span class="p">()</span>
+        <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">key</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">from_memory</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyFormat</span><span class="o">.</span><span class="n">PEM</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">sign_binary</span><span class="p">(</span><span class="n">compat</span><span class="o">.</span><span class="n">to_bytes</span><span class="p">(</span><span class="n">msg</span><span class="p">),</span> <span class="n">algorithm</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.validate_binary_sign"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_binary_sign">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">validate_binary_sign</span><span class="p">(</span><span class="n">signed_query</span><span class="p">,</span> <span class="n">signature</span><span class="p">,</span> <span class="n">cert</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">algorithm</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">,</span> <span class="n">debug</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Validates signed binary data (Used to validate GET Signature).</span>
+
+<span class="sd">        :param signed_query: The element we should validate</span>
+<span class="sd">        :type: string</span>
+
+
+<span class="sd">        :param signature: The signature that will be validate</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param cert: The public cert</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param algorithm: Signature algorithm</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param debug: Activate the xmlsec debug</span>
+<span class="sd">        :type: bool</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">try</span><span class="p">:</span>
+            <span class="n">xmlsec</span><span class="o">.</span><span class="n">enable_debug_trace</span><span class="p">(</span><span class="n">debug</span><span class="p">)</span>
+            <span class="n">dsig_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">SignatureContext</span><span class="p">()</span>
+            <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">key</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">from_memory</span><span class="p">(</span><span class="n">cert</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyFormat</span><span class="o">.</span><span class="n">CERT_PEM</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+
+            <span class="n">sign_algorithm_transform_map</span> <span class="o">=</span> <span class="p">{</span>
+                <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">DSA_SHA1</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">DSA_SHA1</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA1</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA384</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA384</span><span class="p">,</span>
+                <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA512</span><span class="p">:</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA512</span>
+            <span class="p">}</span>
+            <span class="n">sign_algorithm_transform</span> <span class="o">=</span> <span class="n">sign_algorithm_transform_map</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">algorithm</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Transform</span><span class="o">.</span><span class="n">RSA_SHA256</span><span class="p">)</span>
+
+            <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">verify_binary</span><span class="p">(</span><span class="n">compat</span><span class="o">.</span><span class="n">to_bytes</span><span class="p">(</span><span class="n">signed_query</span><span class="p">),</span>
+                                   <span class="n">sign_algorithm_transform</span><span class="p">,</span>
+                                   <span class="n">compat</span><span class="o">.</span><span class="n">to_bytes</span><span class="p">(</span><span class="n">signature</span><span class="p">))</span>
+            <span class="k">return</span> <span class="kc">True</span>
+        <span class="k">except</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Error</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span>
+            <span class="k">if</span> <span class="n">debug</span><span class="p">:</span>
+                <span class="nb">print</span><span class="p">(</span><span class="n">e</span><span class="p">)</span>
+            <span class="k">return</span> <span class="kc">False</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_Utils.normalize_url"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.normalize_url">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">normalize_url</span><span class="p">(</span><span class="n">url</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Returns normalized URL for comparison.</span>
+<span class="sd">        This method converts the netloc to lowercase, as it should be case-insensitive (per RFC 4343, RFC 7617)</span>
+<span class="sd">        If standardization fails, the original URL is returned</span>
+<span class="sd">        Python documentation indicates that URL split also normalizes query strings if empty query fields are present</span>
+
+<span class="sd">        :param url: URL</span>
+<span class="sd">        :type url: String</span>
+
+<span class="sd">        :returns: A normalized URL, or the given URL string if parsing fails</span>
+<span class="sd">        :rtype: String</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">try</span><span class="p">:</span>
+            <span class="n">scheme</span><span class="p">,</span> <span class="n">netloc</span><span class="p">,</span> <span class="n">path</span><span class="p">,</span> <span class="n">query</span><span class="p">,</span> <span class="n">fragment</span> <span class="o">=</span> <span class="n">urlsplit</span><span class="p">(</span><span class="n">url</span><span class="p">)</span>
+            <span class="n">normalized_url</span> <span class="o">=</span> <span class="n">urlunsplit</span><span class="p">((</span><span class="n">scheme</span><span class="o">.</span><span class="n">lower</span><span class="p">(),</span> <span class="n">netloc</span><span class="o">.</span><span class="n">lower</span><span class="p">(),</span> <span class="n">path</span><span class="p">,</span> <span class="n">query</span><span class="p">,</span> <span class="n">fragment</span><span class="p">))</span>
+            <span class="k">return</span> <span class="n">normalized_url</span>
+        <span class="k">except</span> <span class="ne">Exception</span><span class="p">:</span>
+            <span class="k">return</span> <span class="n">url</span></div></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/xml_templates.html b/docs/saml2/_modules/onelogin/saml2/xml_templates.html
new file mode 100644
index 00000000..13dd9b94
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/xml_templates.html
@@ -0,0 +1,256 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.xml_templates &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.xml_templates</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.xml_templates</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; OneLogin_Saml2_Auth class</span>
+
+
+<span class="sd">Main class of SAML Python Toolkit.</span>
+
+<span class="sd">Initializes the SP SAML instance</span>
+
+<span class="sd">&quot;&quot;&quot;</span>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_Templates"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Templates</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
+
+    <span class="n">ATTRIBUTE</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;</span>
+<span class="s2">        &lt;saml:Attribute Name=&quot;</span><span class="si">%s</span><span class="s2">&quot; NameFormat=&quot;urn:oasis:names:tc:SAML:2.0:attrname-format:basic&quot;&gt;</span>
+<span class="s2">            &lt;saml:AttributeValue xsi:type=&quot;xs:string&quot;&gt;</span><span class="si">%s</span><span class="s2">&lt;/saml:AttributeValue&gt;</span>
+<span class="s2">        &lt;/saml:Attribute&gt;&quot;&quot;&quot;</span>
+
+    <span class="n">AUTHN_REQUEST</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;</span><span class="se">\</span>
+<span class="s2">&lt;samlp:AuthnRequest</span>
+<span class="s2">  xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;</span>
+<span class="s2">  xmlns:saml=&quot;urn:oasis:names:tc:SAML:2.0:assertion&quot;</span>
+<span class="s2">  ID=&quot;</span><span class="si">%(id)s</span><span class="s2">&quot;</span>
+<span class="s2">  Version=&quot;2.0&quot;</span><span class="si">%(provider_name)s%(force_authn_str)s%(is_passive_str)s</span>
+<span class="s2">  IssueInstant=&quot;</span><span class="si">%(issue_instant)s</span><span class="s2">&quot;</span>
+<span class="s2">  Destination=&quot;</span><span class="si">%(destination)s</span><span class="s2">&quot;</span>
+<span class="s2">  ProtocolBinding=&quot;</span><span class="si">%(acs_binding)s</span><span class="s2">&quot;</span>
+<span class="s2">  AssertionConsumerServiceURL=&quot;</span><span class="si">%(assertion_url)s</span><span class="s2">&quot;</span><span class="si">%(attr_consuming_service_str)s</span><span class="s2">&gt;</span>
+<span class="s2">    &lt;saml:Issuer&gt;</span><span class="si">%(entity_id)s</span><span class="s2">&lt;/saml:Issuer&gt;</span><span class="si">%(subject_str)s%(nameid_policy_str)s</span>
+<span class="si">%(requested_authn_context_str)s</span>
+<span class="s2">&lt;/samlp:AuthnRequest&gt;&quot;&quot;&quot;</span>
+
+    <span class="n">LOGOUT_REQUEST</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;</span><span class="se">\</span>
+<span class="s2">&lt;samlp:LogoutRequest</span>
+<span class="s2">  xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;</span>
+<span class="s2">  xmlns:saml=&quot;urn:oasis:names:tc:SAML:2.0:assertion&quot;</span>
+<span class="s2">  ID=&quot;</span><span class="si">%(id)s</span><span class="s2">&quot;</span>
+<span class="s2">  Version=&quot;2.0&quot;</span>
+<span class="s2">  IssueInstant=&quot;</span><span class="si">%(issue_instant)s</span><span class="s2">&quot;</span>
+<span class="s2">  Destination=&quot;</span><span class="si">%(single_logout_url)s</span><span class="s2">&quot;&gt;</span>
+<span class="s2">    &lt;saml:Issuer&gt;</span><span class="si">%(entity_id)s</span><span class="s2">&lt;/saml:Issuer&gt;</span>
+<span class="s2">    </span><span class="si">%(name_id)s</span>
+<span class="s2">    </span><span class="si">%(session_index)s</span>
+<span class="s2">&lt;/samlp:LogoutRequest&gt;&quot;&quot;&quot;</span>
+
+    <span class="n">LOGOUT_RESPONSE</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;</span><span class="se">\</span>
+<span class="s2">&lt;samlp:LogoutResponse</span>
+<span class="s2">  xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;</span>
+<span class="s2">  xmlns:saml=&quot;urn:oasis:names:tc:SAML:2.0:assertion&quot;</span>
+<span class="s2">  ID=&quot;</span><span class="si">%(id)s</span><span class="s2">&quot;</span>
+<span class="s2">  Version=&quot;2.0&quot;</span>
+<span class="s2">  IssueInstant=&quot;</span><span class="si">%(issue_instant)s</span><span class="s2">&quot;</span>
+<span class="s2">  Destination=&quot;</span><span class="si">%(destination)s</span><span class="s2">&quot;</span>
+<span class="s2">  InResponseTo=&quot;</span><span class="si">%(in_response_to)s</span><span class="s2">&quot;&gt;</span>
+<span class="s2">    &lt;saml:Issuer&gt;</span><span class="si">%(entity_id)s</span><span class="s2">&lt;/saml:Issuer&gt;</span>
+<span class="s2">    &lt;samlp:Status&gt;</span>
+<span class="s2">        &lt;samlp:StatusCode Value=&quot;</span><span class="si">%(status)s</span><span class="s2">&quot; /&gt;</span>
+<span class="s2">    &lt;/samlp:Status&gt;</span>
+<span class="s2">&lt;/samlp:LogoutResponse&gt;&quot;&quot;&quot;</span>
+
+    <span class="n">MD_CONTACT_PERSON</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;</span><span class="se">\</span>
+<span class="s2">    &lt;md:ContactPerson contactType=&quot;</span><span class="si">%(type)s</span><span class="s2">&quot;&gt;</span>
+<span class="s2">        &lt;md:GivenName&gt;</span><span class="si">%(name)s</span><span class="s2">&lt;/md:GivenName&gt;</span>
+<span class="s2">        &lt;md:EmailAddress&gt;</span><span class="si">%(email)s</span><span class="s2">&lt;/md:EmailAddress&gt;</span>
+<span class="s2">    &lt;/md:ContactPerson&gt;&quot;&quot;&quot;</span>
+
+    <span class="n">MD_SLS</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;</span><span class="se">\</span>
+<span class="s2">        &lt;md:SingleLogoutService Binding=&quot;</span><span class="si">%(binding)s</span><span class="s2">&quot;</span>
+<span class="s2">                                Location=&quot;</span><span class="si">%(location)s</span><span class="s2">&quot; /&gt;</span><span class="se">\n</span><span class="s2">&quot;&quot;&quot;</span>
+
+    <span class="n">MD_REQUESTED_ATTRIBUTE</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;</span><span class="se">\</span>
+<span class="s2">            &lt;md:RequestedAttribute Name=&quot;</span><span class="si">%(req_attr_name)s</span><span class="s2">&quot;</span><span class="si">%(req_attr_nameformat_str)s%(req_attr_isrequired_str)s%(req_attr_aux_str)s</span><span class="s2">&quot;&quot;&quot;</span>
+
+    <span class="n">MD_ATTR_CONSUMER_SERVICE</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;</span><span class="se">\</span>
+<span class="s2">        &lt;md:AttributeConsumingService index=&quot;1&quot;&gt;</span>
+<span class="s2">            &lt;md:ServiceName xml:lang=&quot;en&quot;&gt;</span><span class="si">%(service_name)s</span><span class="s2">&lt;/md:ServiceName&gt;</span>
+<span class="si">%(attr_cs_desc)s%(requested_attribute_str)s</span>
+<span class="s2">        &lt;/md:AttributeConsumingService&gt;</span><span class="se">\n</span><span class="s2">&quot;&quot;&quot;</span>
+
+    <span class="n">MD_ENTITY_DESCRIPTOR</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;</span><span class="se">\</span>
+<span class="s2">&lt;?xml version=&quot;1.0&quot;?&gt;</span>
+<span class="s2">&lt;md:EntityDescriptor xmlns:md=&quot;urn:oasis:names:tc:SAML:2.0:metadata&quot;</span>
+<span class="s2">                     </span><span class="si">%(valid)s</span>
+<span class="s2">                     </span><span class="si">%(cache)s</span>
+<span class="s2">                     entityID=&quot;</span><span class="si">%(entity_id)s</span><span class="s2">&quot;&gt;</span>
+<span class="s2">    &lt;md:SPSSODescriptor AuthnRequestsSigned=&quot;</span><span class="si">%(authnsign)s</span><span class="s2">&quot; WantAssertionsSigned=&quot;</span><span class="si">%(wsign)s</span><span class="s2">&quot; protocolSupportEnumeration=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;&gt;</span>
+<span class="si">%(sls)s</span><span class="s2">        &lt;md:NameIDFormat&gt;</span><span class="si">%(name_id_format)s</span><span class="s2">&lt;/md:NameIDFormat&gt;</span>
+<span class="s2">        &lt;md:AssertionConsumerService Binding=&quot;</span><span class="si">%(binding)s</span><span class="s2">&quot;</span>
+<span class="s2">                                     Location=&quot;</span><span class="si">%(location)s</span><span class="s2">&quot;</span>
+<span class="s2">                                     index=&quot;1&quot; /&gt;</span>
+<span class="si">%(attribute_consuming_service)s</span><span class="s2">    &lt;/md:SPSSODescriptor&gt;</span>
+<span class="si">%(organization)s</span>
+<span class="si">%(contacts)s</span>
+<span class="s2">&lt;/md:EntityDescriptor&gt;&quot;&quot;&quot;</span>
+
+    <span class="n">MD_ORGANISATION</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;</span><span class="se">\</span>
+<span class="s2">    &lt;md:Organization&gt;</span>
+<span class="s2">        &lt;md:OrganizationName xml:lang=&quot;</span><span class="si">%(lang)s</span><span class="s2">&quot;&gt;</span><span class="si">%(name)s</span><span class="s2">&lt;/md:OrganizationName&gt;</span>
+<span class="s2">        &lt;md:OrganizationDisplayName xml:lang=&quot;</span><span class="si">%(lang)s</span><span class="s2">&quot;&gt;</span><span class="si">%(display_name)s</span><span class="s2">&lt;/md:OrganizationDisplayName&gt;</span>
+<span class="s2">        &lt;md:OrganizationURL xml:lang=&quot;</span><span class="si">%(lang)s</span><span class="s2">&quot;&gt;</span><span class="si">%(url)s</span><span class="s2">&lt;/md:OrganizationURL&gt;</span>
+<span class="s2">    &lt;/md:Organization&gt;&quot;&quot;&quot;</span>
+
+    <span class="n">RESPONSE</span> <span class="o">=</span> <span class="s2">&quot;&quot;&quot;</span><span class="se">\</span>
+<span class="s2">&lt;samlp:Response</span>
+<span class="s2">  xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;</span>
+<span class="s2">  xmlns:saml=&quot;urn:oasis:names:tc:SAML:2.0:assertion&quot;</span>
+<span class="s2">  ID=&quot;</span><span class="si">%(id)s</span><span class="s2">&quot;</span>
+<span class="s2">  InResponseTo=&quot;</span><span class="si">%(in_response_to)s</span><span class="s2">&quot;</span>
+<span class="s2">  Version=&quot;2.0&quot;</span>
+<span class="s2">  IssueInstant=&quot;</span><span class="si">%(issue_instant)s</span><span class="s2">&quot;</span>
+<span class="s2">  Destination=&quot;</span><span class="si">%(destination)s</span><span class="s2">&quot;&gt;</span>
+<span class="s2">    &lt;saml:Issuer&gt;</span><span class="si">%(entity_id)s</span><span class="s2">&lt;/saml:Issuer&gt;</span>
+<span class="s2">    &lt;samlp:Status xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;&gt;</span>
+<span class="s2">        &lt;samlp:StatusCode</span>
+<span class="s2">          xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;</span>
+<span class="s2">          Value=&quot;</span><span class="si">%(status)s</span><span class="s2">&quot;&gt;</span>
+<span class="s2">        &lt;/samlp:StatusCode&gt;</span>
+<span class="s2">    &lt;/samlp:Status&gt;</span>
+<span class="s2">    &lt;saml:Assertion</span>
+<span class="s2">        xmlns:xsi=&quot;http://www.w3.org/2001/XMLSchema-instance&quot;</span>
+<span class="s2">        xmlns:xs=&quot;http://www.w3.org/2001/XMLSchema&quot;</span>
+<span class="s2">        Version=&quot;2.0&quot;</span>
+<span class="s2">        ID=&quot;</span><span class="si">%(assertion_id)s</span><span class="s2">&quot;</span>
+<span class="s2">        IssueInstant=&quot;</span><span class="si">%(issue_instant)s</span><span class="s2">&quot;&gt;</span>
+<span class="s2">        &lt;saml:Issuer&gt;</span><span class="si">%(entity_id)s</span><span class="s2">&lt;/saml:Issuer&gt;</span>
+<span class="s2">        &lt;saml:Subject&gt;</span>
+<span class="s2">            &lt;saml:NameID</span>
+<span class="s2">              NameQualifier=&quot;</span><span class="si">%(entity_id)s</span><span class="s2">&quot;</span>
+<span class="s2">              SPNameQualifier=&quot;</span><span class="si">%(requester)s</span><span class="s2">&quot;</span>
+<span class="s2">              Format=&quot;</span><span class="si">%(name_id_policy)s</span><span class="s2">&quot;&gt;</span><span class="si">%(name_id)s</span><span class="s2">&lt;/saml:NameID&gt;</span>
+<span class="s2">            &lt;saml:SubjectConfirmation Method=&quot;</span><span class="si">%(cm)s</span><span class="s2">&quot;&gt;</span>
+<span class="s2">                &lt;saml:SubjectConfirmationData</span>
+<span class="s2">                  NotOnOrAfter=&quot;</span><span class="si">%(not_after)s</span><span class="s2">&quot;</span>
+<span class="s2">                  InResponseTo=&quot;</span><span class="si">%(in_response_to)s</span><span class="s2">&quot;</span>
+<span class="s2">                  Recipient=&quot;</span><span class="si">%(destination)s</span><span class="s2">&quot;&gt;</span>
+<span class="s2">                &lt;/saml:SubjectConfirmationData&gt;</span>
+<span class="s2">            &lt;/saml:SubjectConfirmation&gt;</span>
+<span class="s2">        &lt;/saml:Subject&gt;</span>
+<span class="s2">        &lt;saml:Conditions NotBefore=&quot;</span><span class="si">%(not_before)s</span><span class="s2">&quot; NotOnOrAfter=&quot;</span><span class="si">%(not_after)s</span><span class="s2">&quot;&gt;</span>
+<span class="s2">            &lt;saml:AudienceRestriction&gt;</span>
+<span class="s2">                &lt;saml:Audience&gt;</span><span class="si">%(requester)s</span><span class="s2">&lt;/saml:Audience&gt;</span>
+<span class="s2">            &lt;/saml:AudienceRestriction&gt;</span>
+<span class="s2">        &lt;/saml:Conditions&gt;</span>
+<span class="s2">        &lt;saml:AuthnStatement</span>
+<span class="s2">          AuthnInstant=&quot;</span><span class="si">%(issue_instant)s</span><span class="s2">&quot;</span>
+<span class="s2">          SessionIndex=&quot;</span><span class="si">%(session_index)s</span><span class="s2">&quot;</span>
+<span class="s2">          SessionNotOnOrAfter=&quot;</span><span class="si">%(not_after)s</span><span class="s2">&quot;&gt;</span>
+<span class="si">%(authn_context)s</span>
+<span class="s2">        &lt;/saml:AuthnStatement&gt;</span>
+<span class="s2">        &lt;saml:AttributeStatement&gt;</span>
+<span class="si">%(attributes)s</span>
+<span class="s2">        &lt;/saml:AttributeStatement&gt;</span>
+<span class="s2">    &lt;/saml:Assertion&gt;</span>
+<span class="s2">&lt;/samlp:Response&gt;&quot;&quot;&quot;</span></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/xml_utils.html b/docs/saml2/_modules/onelogin/saml2/xml_utils.html
new file mode 100644
index 00000000..3c26761b
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/xml_utils.html
@@ -0,0 +1,276 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.xml_utils &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.xml_utils</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.xml_utils</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="sd">&quot;&quot;&quot; OneLogin_Saml2_XML class</span>
+
+
+<span class="sd">Auxiliary class of SAML Python Toolkit.</span>
+
+<span class="sd">&quot;&quot;&quot;</span>
+
+<span class="kn">from</span> <span class="nn">os.path</span> <span class="kn">import</span> <span class="n">join</span><span class="p">,</span> <span class="n">dirname</span>
+<span class="kn">from</span> <span class="nn">lxml</span> <span class="kn">import</span> <span class="n">etree</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2</span> <span class="kn">import</span> <span class="n">compat</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
+<span class="kn">from</span> <span class="nn">onelogin.saml2.xmlparser</span> <span class="kn">import</span> <span class="n">tostring</span><span class="p">,</span> <span class="n">fromstring</span>
+
+
+<span class="k">for</span> <span class="n">prefix</span><span class="p">,</span> <span class="n">url</span> <span class="ow">in</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NSMAP</span><span class="o">.</span><span class="n">items</span><span class="p">():</span>
+    <span class="n">etree</span><span class="o">.</span><span class="n">register_namespace</span><span class="p">(</span><span class="n">prefix</span><span class="p">,</span> <span class="n">url</span><span class="p">)</span>
+
+
+<div class="viewcode-block" id="OneLogin_Saml2_XML"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_XML</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
+    <span class="n">_element_class</span> <span class="o">=</span> <span class="nb">type</span><span class="p">(</span><span class="n">etree</span><span class="o">.</span><span class="n">Element</span><span class="p">(</span><span class="s1">&#39;root&#39;</span><span class="p">))</span>
+    <span class="n">_parse_etree</span> <span class="o">=</span> <span class="nb">staticmethod</span><span class="p">(</span><span class="n">fromstring</span><span class="p">)</span>
+    <span class="n">_schema_class</span> <span class="o">=</span> <span class="n">etree</span><span class="o">.</span><span class="n">XMLSchema</span>
+    <span class="n">_text_class</span> <span class="o">=</span> <span class="n">compat</span><span class="o">.</span><span class="n">text_types</span>
+    <span class="n">_bytes_class</span> <span class="o">=</span> <span class="n">compat</span><span class="o">.</span><span class="n">bytes_type</span>
+    <span class="n">_unparse_etree</span> <span class="o">=</span> <span class="nb">staticmethod</span><span class="p">(</span><span class="n">tostring</span><span class="p">)</span>
+
+    <span class="n">dump</span> <span class="o">=</span> <span class="nb">staticmethod</span><span class="p">(</span><span class="n">etree</span><span class="o">.</span><span class="n">dump</span><span class="p">)</span>
+    <span class="n">make_root</span> <span class="o">=</span> <span class="nb">staticmethod</span><span class="p">(</span><span class="n">etree</span><span class="o">.</span><span class="n">Element</span><span class="p">)</span>
+    <span class="n">make_child</span> <span class="o">=</span> <span class="nb">staticmethod</span><span class="p">(</span><span class="n">etree</span><span class="o">.</span><span class="n">SubElement</span><span class="p">)</span>
+
+<div class="viewcode-block" id="OneLogin_Saml2_XML.to_string"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.to_string">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">to_string</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Serialize an element to an encoded string representation of its XML tree.</span>
+<span class="sd">        :param xml: The root node</span>
+<span class="sd">        :type xml: str|bytes|xml.dom.minidom.Document|etree.Element</span>
+<span class="sd">        :returns: string representation of xml</span>
+<span class="sd">        :rtype: string</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">_text_class</span><span class="p">):</span>
+            <span class="k">return</span> <span class="n">xml</span>
+
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">_element_class</span><span class="p">):</span>
+            <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">cleanup_namespaces</span><span class="p">(</span><span class="n">xml</span><span class="p">)</span>
+            <span class="k">return</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">_unparse_etree</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">)</span>
+
+        <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s2">&quot;unsupported type </span><span class="si">%r</span><span class="s2">&quot;</span> <span class="o">%</span> <span class="nb">type</span><span class="p">(</span><span class="n">xml</span><span class="p">))</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_XML.to_etree"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.to_etree">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">to_etree</span><span class="p">(</span><span class="n">xml</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Parses an XML document or fragment from a string.</span>
+<span class="sd">        :param xml: the string to parse</span>
+<span class="sd">        :type xml: str|bytes|xml.dom.minidom.Document|etree.Element</span>
+<span class="sd">        :returns: the root node</span>
+<span class="sd">        :rtype: OneLogin_Saml2_XML._element_class</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">_element_class</span><span class="p">):</span>
+            <span class="k">return</span> <span class="n">xml</span>
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">_bytes_class</span><span class="p">):</span>
+            <span class="k">return</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">_parse_etree</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">forbid_dtd</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span> <span class="n">forbid_entities</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span>
+        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">_text_class</span><span class="p">):</span>
+            <span class="k">return</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">_parse_etree</span><span class="p">(</span><span class="n">compat</span><span class="o">.</span><span class="n">to_bytes</span><span class="p">(</span><span class="n">xml</span><span class="p">),</span> <span class="n">forbid_dtd</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span> <span class="n">forbid_entities</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span>
+
+        <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s1">&#39;unsupported type </span><span class="si">%r</span><span class="s1">&#39;</span> <span class="o">%</span> <span class="nb">type</span><span class="p">(</span><span class="n">xml</span><span class="p">))</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_XML.validate_xml"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.validate_xml">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">validate_xml</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">schema</span><span class="p">,</span> <span class="n">debug</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Validates a xml against a schema</span>
+<span class="sd">        :param xml: The xml that will be validated</span>
+<span class="sd">        :type xml: str|bytes|xml.dom.minidom.Document|etree.Element</span>
+<span class="sd">        :param schema: The schema</span>
+<span class="sd">        :type schema: string</span>
+<span class="sd">        :param debug: If debug is active, the parse-errors will be showed</span>
+<span class="sd">        :type debug: bool</span>
+<span class="sd">        :returns: Error code or the DomDocument of the xml</span>
+<span class="sd">        :rtype: xml.dom.minidom.Document</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+
+        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">schema</span><span class="p">,</span> <span class="n">compat</span><span class="o">.</span><span class="n">str_type</span><span class="p">)</span>
+        <span class="k">try</span><span class="p">:</span>
+            <span class="n">xml</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_etree</span><span class="p">(</span><span class="n">xml</span><span class="p">)</span>
+        <span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span>
+            <span class="k">if</span> <span class="n">debug</span><span class="p">:</span>
+                <span class="nb">print</span><span class="p">(</span><span class="n">e</span><span class="p">)</span>
+            <span class="k">return</span> <span class="s1">&#39;unloaded_xml&#39;</span>
+
+        <span class="n">schema_file</span> <span class="o">=</span> <span class="n">join</span><span class="p">(</span><span class="n">dirname</span><span class="p">(</span><span class="vm">__file__</span><span class="p">),</span> <span class="s1">&#39;schemas&#39;</span><span class="p">,</span> <span class="n">schema</span><span class="p">)</span>
+        <span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="n">schema_file</span><span class="p">,</span> <span class="s1">&#39;r&#39;</span><span class="p">)</span> <span class="k">as</span> <span class="n">f_schema</span><span class="p">:</span>
+            <span class="n">xmlschema</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">_schema_class</span><span class="p">(</span><span class="n">etree</span><span class="o">.</span><span class="n">parse</span><span class="p">(</span><span class="n">f_schema</span><span class="p">))</span>
+
+        <span class="k">if</span> <span class="ow">not</span> <span class="n">xmlschema</span><span class="o">.</span><span class="n">validate</span><span class="p">(</span><span class="n">xml</span><span class="p">):</span>
+            <span class="k">if</span> <span class="n">debug</span><span class="p">:</span>
+                <span class="nb">print</span><span class="p">(</span><span class="s1">&#39;Errors validating the metadata: &#39;</span><span class="p">)</span>
+                <span class="k">for</span> <span class="n">error</span> <span class="ow">in</span> <span class="n">xmlschema</span><span class="o">.</span><span class="n">error_log</span><span class="p">:</span>
+                    <span class="nb">print</span><span class="p">(</span><span class="n">error</span><span class="o">.</span><span class="n">message</span><span class="p">)</span>
+            <span class="k">return</span> <span class="s1">&#39;invalid_xml&#39;</span>
+        <span class="k">return</span> <span class="n">xml</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_XML.query"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.query">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="n">query</span><span class="p">,</span> <span class="n">context</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">tagid</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Extracts nodes that match the query from the Element</span>
+
+<span class="sd">        :param dom: The root of the lxml objet</span>
+<span class="sd">        :type: Element</span>
+
+<span class="sd">        :param query: Xpath Expresion</span>
+<span class="sd">        :type: string</span>
+
+<span class="sd">        :param context: Context Node</span>
+<span class="sd">        :type: DOMElement</span>
+
+<span class="sd">        :param tagid: Tag ID</span>
+<span class="sd">        :type query: String</span>
+
+<span class="sd">        :returns: The queried nodes</span>
+<span class="sd">        :rtype: list</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">if</span> <span class="n">context</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">source</span> <span class="o">=</span> <span class="n">dom</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="n">source</span> <span class="o">=</span> <span class="n">context</span>
+
+        <span class="k">if</span> <span class="n">tagid</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="k">return</span> <span class="n">source</span><span class="o">.</span><span class="n">xpath</span><span class="p">(</span><span class="n">query</span><span class="p">,</span> <span class="n">namespaces</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NSMAP</span><span class="p">)</span>
+        <span class="k">else</span><span class="p">:</span>
+            <span class="k">return</span> <span class="n">source</span><span class="o">.</span><span class="n">xpath</span><span class="p">(</span><span class="n">query</span><span class="p">,</span> <span class="n">tagid</span><span class="o">=</span><span class="n">tagid</span><span class="p">,</span> <span class="n">namespaces</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NSMAP</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_XML.cleanup_namespaces"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.cleanup_namespaces">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">cleanup_namespaces</span><span class="p">(</span><span class="n">tree_or_element</span><span class="p">,</span> <span class="n">top_nsmap</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">keep_ns_prefixes</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Keeps the xmlns:xs namespace intact when etree.cleanup_namespaces is invoked.</span>
+<span class="sd">        :param tree_or_element: An XML tree or element</span>
+<span class="sd">        :type tree_or_element: etree.Element</span>
+<span class="sd">        :param top_nsmap: A mapping from namespace prefixes to namespace URIs</span>
+<span class="sd">        :type top_nsmap: dict</span>
+<span class="sd">        :param keep_ns_prefixes: List of prefixes that should not be removed as part of the cleanup</span>
+<span class="sd">        :type keep_ns_prefixes: list</span>
+<span class="sd">        :returns: An XML tree or element</span>
+<span class="sd">        :rtype: etree.Element</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="n">all_prefixes_to_keep</span> <span class="o">=</span> <span class="p">[</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_PREFIX_XS</span><span class="p">,</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_PREFIX_XSI</span><span class="p">,</span>
+            <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_PREFIX_XSD</span>
+        <span class="p">]</span>
+
+        <span class="k">if</span> <span class="n">keep_ns_prefixes</span><span class="p">:</span>
+            <span class="n">all_prefixes_to_keep</span> <span class="o">=</span> <span class="nb">list</span><span class="p">(</span><span class="nb">set</span><span class="p">(</span><span class="n">all_prefixes_to_keep</span><span class="o">.</span><span class="n">extend</span><span class="p">(</span><span class="n">keep_ns_prefixes</span><span class="p">)))</span>
+
+        <span class="k">return</span> <span class="n">etree</span><span class="o">.</span><span class="n">cleanup_namespaces</span><span class="p">(</span><span class="n">tree_or_element</span><span class="p">,</span> <span class="n">keep_ns_prefixes</span><span class="o">=</span><span class="n">all_prefixes_to_keep</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_XML.extract_tag_text"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.extract_tag_text">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">extract_tag_text</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">tagname</span><span class="p">):</span>
+        <span class="n">open_tag</span> <span class="o">=</span> <span class="n">compat</span><span class="o">.</span><span class="n">to_bytes</span><span class="p">(</span><span class="s2">&quot;&lt;</span><span class="si">%s</span><span class="s2">&quot;</span> <span class="o">%</span> <span class="n">tagname</span><span class="p">)</span>
+        <span class="n">close_tag</span> <span class="o">=</span> <span class="n">compat</span><span class="o">.</span><span class="n">to_bytes</span><span class="p">(</span><span class="s2">&quot;&lt;/</span><span class="si">%s</span><span class="s2">&gt;&quot;</span> <span class="o">%</span> <span class="n">tagname</span><span class="p">)</span>
+
+        <span class="n">xml</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_XML</span><span class="o">.</span><span class="n">to_string</span><span class="p">(</span><span class="n">xml</span><span class="p">)</span>
+        <span class="n">start</span> <span class="o">=</span> <span class="n">xml</span><span class="o">.</span><span class="n">find</span><span class="p">(</span><span class="n">open_tag</span><span class="p">)</span>
+        <span class="k">assert</span> <span class="n">start</span> <span class="o">!=</span> <span class="o">-</span><span class="mi">1</span>
+
+        <span class="n">end</span> <span class="o">=</span> <span class="n">xml</span><span class="o">.</span><span class="n">find</span><span class="p">(</span><span class="n">close_tag</span><span class="p">,</span> <span class="n">start</span><span class="p">)</span> <span class="o">+</span> <span class="nb">len</span><span class="p">(</span><span class="n">close_tag</span><span class="p">)</span>
+        <span class="k">assert</span> <span class="n">end</span> <span class="o">!=</span> <span class="o">-</span><span class="mi">1</span>
+        <span class="k">return</span> <span class="n">compat</span><span class="o">.</span><span class="n">to_string</span><span class="p">(</span><span class="n">xml</span><span class="p">[</span><span class="n">start</span><span class="p">:</span><span class="n">end</span><span class="p">])</span></div>
+
+<div class="viewcode-block" id="OneLogin_Saml2_XML.element_text"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.element_text">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">element_text</span><span class="p">(</span><span class="n">node</span><span class="p">):</span>
+        <span class="c1"># Double check, the LXML Parser already removes comments</span>
+        <span class="n">etree</span><span class="o">.</span><span class="n">strip_tags</span><span class="p">(</span><span class="n">node</span><span class="p">,</span> <span class="n">etree</span><span class="o">.</span><span class="n">Comment</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">node</span><span class="o">.</span><span class="n">text</span></div></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/onelogin/saml2/xmlparser.html b/docs/saml2/_modules/onelogin/saml2/xmlparser.html
new file mode 100644
index 00000000..7058367c
--- /dev/null
+++ b/docs/saml2/_modules/onelogin/saml2/xmlparser.html
@@ -0,0 +1,285 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2.xmlparser &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="../../../_static/jquery.js?v=5d32c60e"></script>
+        <script src="../../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js?v=404a92a0"></script>
+        <script src="../../../_static/doctools.js?v=888ff710"></script>
+        <script src="../../../_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2.xmlparser</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for onelogin.saml2.xmlparser</h1><div class="highlight"><pre>
+<span></span><span class="c1"># -*- coding: utf-8 -*-</span>
+
+<span class="c1"># Based on the lxml example from defusedxml</span>
+<span class="c1"># DTDForbidden, EntitiesForbidden, NotSupportedError are clones of the classes defined at defusedxml</span>
+<span class="c1">#</span>
+<span class="c1"># Copyright (c) 2013 by Christian Heimes &lt;christian@python.org&gt;</span>
+<span class="c1"># Licensed to PSF under a Contributor Agreement.</span>
+<span class="c1"># See https://www.python.org/psf/license for licensing details.</span>
+<span class="sd">&quot;&quot;&quot;lxml.etree protection&quot;&quot;&quot;</span>
+
+<span class="kn">from</span> <span class="nn">__future__</span> <span class="kn">import</span> <span class="n">print_function</span><span class="p">,</span> <span class="n">absolute_import</span>
+
+<span class="kn">import</span> <span class="nn">threading</span>
+
+<span class="kn">from</span> <span class="nn">lxml</span> <span class="kn">import</span> <span class="n">etree</span> <span class="k">as</span> <span class="n">_etree</span>
+
+<span class="n">LXML3</span> <span class="o">=</span> <span class="n">_etree</span><span class="o">.</span><span class="n">LXML_VERSION</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="o">&gt;=</span> <span class="mi">3</span>
+
+<span class="n">__origin__</span> <span class="o">=</span> <span class="s2">&quot;lxml.etree&quot;</span>
+
+<span class="n">tostring</span> <span class="o">=</span> <span class="n">_etree</span><span class="o">.</span><span class="n">tostring</span>
+
+
+<div class="viewcode-block" id="DTDForbidden"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.DTDForbidden">[docs]</a><span class="k">class</span> <span class="nc">DTDForbidden</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;Document type definition is forbidden</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">name</span><span class="p">,</span> <span class="n">sysid</span><span class="p">,</span> <span class="n">pubid</span><span class="p">):</span>
+        <span class="nb">super</span><span class="p">(</span><span class="n">DTDForbidden</span><span class="p">,</span> <span class="bp">self</span><span class="p">)</span><span class="o">.</span><span class="fm">__init__</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">name</span> <span class="o">=</span> <span class="n">name</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">sysid</span> <span class="o">=</span> <span class="n">sysid</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">pubid</span> <span class="o">=</span> <span class="n">pubid</span>
+
+    <span class="k">def</span> <span class="fm">__str__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+        <span class="n">tpl</span> <span class="o">=</span> <span class="s2">&quot;DTDForbidden(name=&#39;</span><span class="si">{}</span><span class="s2">&#39;, system_id=</span><span class="si">{!r}</span><span class="s2">, public_id=</span><span class="si">{!r}</span><span class="s2">)&quot;</span>
+        <span class="k">return</span> <span class="n">tpl</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">name</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">sysid</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">pubid</span><span class="p">)</span></div>
+
+
+<div class="viewcode-block" id="EntitiesForbidden"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.EntitiesForbidden">[docs]</a><span class="k">class</span> <span class="nc">EntitiesForbidden</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;Entity definition is forbidden</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">name</span><span class="p">,</span> <span class="n">value</span><span class="p">,</span> <span class="n">base</span><span class="p">,</span> <span class="n">sysid</span><span class="p">,</span> <span class="n">pubid</span><span class="p">,</span> <span class="n">notation_name</span><span class="p">):</span>
+        <span class="nb">super</span><span class="p">(</span><span class="n">EntitiesForbidden</span><span class="p">,</span> <span class="bp">self</span><span class="p">)</span><span class="o">.</span><span class="fm">__init__</span><span class="p">()</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">name</span> <span class="o">=</span> <span class="n">name</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">value</span> <span class="o">=</span> <span class="n">value</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">base</span> <span class="o">=</span> <span class="n">base</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">sysid</span> <span class="o">=</span> <span class="n">sysid</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">pubid</span> <span class="o">=</span> <span class="n">pubid</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">notation_name</span> <span class="o">=</span> <span class="n">notation_name</span>
+
+    <span class="k">def</span> <span class="fm">__str__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+        <span class="n">tpl</span> <span class="o">=</span> <span class="s2">&quot;EntitiesForbidden(name=&#39;</span><span class="si">{}</span><span class="s2">&#39;, system_id=</span><span class="si">{!r}</span><span class="s2">, public_id=</span><span class="si">{!r}</span><span class="s2">)&quot;</span>
+        <span class="k">return</span> <span class="n">tpl</span><span class="o">.</span><span class="n">format</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">name</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">sysid</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">pubid</span><span class="p">)</span></div>
+
+
+<div class="viewcode-block" id="NotSupportedError"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.NotSupportedError">[docs]</a><span class="k">class</span> <span class="nc">NotSupportedError</span><span class="p">(</span><span class="ne">ValueError</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;The operation is not supported</span>
+<span class="sd">    &quot;&quot;&quot;</span></div>
+
+
+<div class="viewcode-block" id="RestrictedElement"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement">[docs]</a><span class="k">class</span> <span class="nc">RestrictedElement</span><span class="p">(</span><span class="n">_etree</span><span class="o">.</span><span class="n">ElementBase</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;A restricted Element class that filters out instances of some classes</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="vm">__slots__</span> <span class="o">=</span> <span class="p">()</span>
+    <span class="n">blacklist</span> <span class="o">=</span> <span class="p">(</span><span class="n">_etree</span><span class="o">.</span><span class="n">_Entity</span><span class="p">,</span> <span class="n">_etree</span><span class="o">.</span><span class="n">_ProcessingInstruction</span><span class="p">,</span> <span class="n">_etree</span><span class="o">.</span><span class="n">_Comment</span><span class="p">)</span>
+
+    <span class="k">def</span> <span class="nf">_filter</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">iterator</span><span class="p">):</span>
+        <span class="n">blacklist</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">blacklist</span>
+        <span class="k">for</span> <span class="n">child</span> <span class="ow">in</span> <span class="n">iterator</span><span class="p">:</span>
+            <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">child</span><span class="p">,</span> <span class="n">blacklist</span><span class="p">):</span>
+                <span class="k">continue</span>
+            <span class="k">yield</span> <span class="n">child</span>
+
+    <span class="k">def</span> <span class="fm">__iter__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+        <span class="n">iterator</span> <span class="o">=</span> <span class="nb">super</span><span class="p">(</span><span class="n">RestrictedElement</span><span class="p">,</span> <span class="bp">self</span><span class="p">)</span><span class="o">.</span><span class="fm">__iter__</span><span class="p">()</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_filter</span><span class="p">(</span><span class="n">iterator</span><span class="p">)</span>
+
+<div class="viewcode-block" id="RestrictedElement.iterchildren"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.iterchildren">[docs]</a>    <span class="k">def</span> <span class="nf">iterchildren</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">tag</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="nb">reversed</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+        <span class="n">iterator</span> <span class="o">=</span> <span class="nb">super</span><span class="p">(</span><span class="n">RestrictedElement</span><span class="p">,</span> <span class="bp">self</span><span class="p">)</span><span class="o">.</span><span class="n">iterchildren</span><span class="p">(</span><span class="n">tag</span><span class="o">=</span><span class="n">tag</span><span class="p">,</span> <span class="nb">reversed</span><span class="o">=</span><span class="nb">reversed</span><span class="p">)</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_filter</span><span class="p">(</span><span class="n">iterator</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="RestrictedElement.iter"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.iter">[docs]</a>    <span class="k">def</span> <span class="nf">iter</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">tag</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="o">*</span><span class="n">tags</span><span class="p">):</span>
+        <span class="n">iterator</span> <span class="o">=</span> <span class="nb">super</span><span class="p">(</span><span class="n">RestrictedElement</span><span class="p">,</span> <span class="bp">self</span><span class="p">)</span><span class="o">.</span><span class="n">iter</span><span class="p">(</span><span class="n">tag</span><span class="o">=</span><span class="n">tag</span><span class="p">,</span> <span class="o">*</span><span class="n">tags</span><span class="p">)</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_filter</span><span class="p">(</span><span class="n">iterator</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="RestrictedElement.iterdescendants"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.iterdescendants">[docs]</a>    <span class="k">def</span> <span class="nf">iterdescendants</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">tag</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="o">*</span><span class="n">tags</span><span class="p">):</span>
+        <span class="n">iterator</span> <span class="o">=</span> <span class="nb">super</span><span class="p">(</span><span class="n">RestrictedElement</span><span class="p">,</span> <span class="bp">self</span><span class="p">)</span><span class="o">.</span><span class="n">iterdescendants</span><span class="p">(</span><span class="n">tag</span><span class="o">=</span><span class="n">tag</span><span class="p">,</span> <span class="o">*</span><span class="n">tags</span><span class="p">)</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_filter</span><span class="p">(</span><span class="n">iterator</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="RestrictedElement.itersiblings"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.itersiblings">[docs]</a>    <span class="k">def</span> <span class="nf">itersiblings</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">tag</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">preceding</span><span class="o">=</span><span class="kc">False</span><span class="p">):</span>
+        <span class="n">iterator</span> <span class="o">=</span> <span class="nb">super</span><span class="p">(</span><span class="n">RestrictedElement</span><span class="p">,</span> <span class="bp">self</span><span class="p">)</span><span class="o">.</span><span class="n">itersiblings</span><span class="p">(</span><span class="n">tag</span><span class="o">=</span><span class="n">tag</span><span class="p">,</span> <span class="n">preceding</span><span class="o">=</span><span class="n">preceding</span><span class="p">)</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_filter</span><span class="p">(</span><span class="n">iterator</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="RestrictedElement.getchildren"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.getchildren">[docs]</a>    <span class="k">def</span> <span class="nf">getchildren</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+        <span class="n">iterator</span> <span class="o">=</span> <span class="nb">super</span><span class="p">(</span><span class="n">RestrictedElement</span><span class="p">,</span> <span class="bp">self</span><span class="p">)</span><span class="o">.</span><span class="fm">__iter__</span><span class="p">()</span>
+        <span class="k">return</span> <span class="nb">list</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">_filter</span><span class="p">(</span><span class="n">iterator</span><span class="p">))</span></div>
+
+<div class="viewcode-block" id="RestrictedElement.getiterator"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.getiterator">[docs]</a>    <span class="k">def</span> <span class="nf">getiterator</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">tag</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
+        <span class="n">iterator</span> <span class="o">=</span> <span class="nb">super</span><span class="p">(</span><span class="n">RestrictedElement</span><span class="p">,</span> <span class="bp">self</span><span class="p">)</span><span class="o">.</span><span class="n">getiterator</span><span class="p">(</span><span class="n">tag</span><span class="p">)</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">_filter</span><span class="p">(</span><span class="n">iterator</span><span class="p">)</span></div></div>
+
+
+<div class="viewcode-block" id="GlobalParserTLS"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS">[docs]</a><span class="k">class</span> <span class="nc">GlobalParserTLS</span><span class="p">(</span><span class="n">threading</span><span class="o">.</span><span class="n">local</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;Thread local context for custom parser instances</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="n">parser_config</span> <span class="o">=</span> <span class="p">{</span>
+        <span class="s2">&quot;resolve_entities&quot;</span><span class="p">:</span> <span class="kc">False</span><span class="p">,</span>
+        <span class="s1">&#39;remove_comments&#39;</span><span class="p">:</span> <span class="kc">True</span><span class="p">,</span>
+        <span class="s1">&#39;no_network&#39;</span><span class="p">:</span> <span class="kc">True</span><span class="p">,</span>
+        <span class="s1">&#39;remove_pis&#39;</span><span class="p">:</span> <span class="kc">True</span><span class="p">,</span>
+        <span class="s1">&#39;huge_tree&#39;</span><span class="p">:</span> <span class="kc">False</span>
+    <span class="p">}</span>
+
+    <span class="n">element_class</span> <span class="o">=</span> <span class="n">RestrictedElement</span>
+
+<div class="viewcode-block" id="GlobalParserTLS.createDefaultParser"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS.createDefaultParser">[docs]</a>    <span class="k">def</span> <span class="nf">createDefaultParser</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+        <span class="n">parser</span> <span class="o">=</span> <span class="n">_etree</span><span class="o">.</span><span class="n">XMLParser</span><span class="p">(</span><span class="o">**</span><span class="bp">self</span><span class="o">.</span><span class="n">parser_config</span><span class="p">)</span>
+        <span class="n">element_class</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">element_class</span>
+        <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">element_class</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">lookup</span> <span class="o">=</span> <span class="n">_etree</span><span class="o">.</span><span class="n">ElementDefaultClassLookup</span><span class="p">(</span><span class="n">element</span><span class="o">=</span><span class="n">element_class</span><span class="p">)</span>
+            <span class="n">parser</span><span class="o">.</span><span class="n">set_element_class_lookup</span><span class="p">(</span><span class="n">lookup</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">parser</span></div>
+
+<div class="viewcode-block" id="GlobalParserTLS.setDefaultParser"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS.setDefaultParser">[docs]</a>    <span class="k">def</span> <span class="nf">setDefaultParser</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">parser</span><span class="p">):</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">_default_parser</span> <span class="o">=</span> <span class="n">parser</span></div>
+
+<div class="viewcode-block" id="GlobalParserTLS.getDefaultParser"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS.getDefaultParser">[docs]</a>    <span class="k">def</span> <span class="nf">getDefaultParser</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+        <span class="n">parser</span> <span class="o">=</span> <span class="nb">getattr</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="s2">&quot;_default_parser&quot;</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">parser</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+            <span class="n">parser</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">createDefaultParser</span><span class="p">()</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">setDefaultParser</span><span class="p">(</span><span class="n">parser</span><span class="p">)</span>
+        <span class="k">return</span> <span class="n">parser</span></div></div>
+
+
+<span class="n">_parser_tls</span> <span class="o">=</span> <span class="n">GlobalParserTLS</span><span class="p">()</span>
+<span class="n">getDefaultParser</span> <span class="o">=</span> <span class="n">_parser_tls</span><span class="o">.</span><span class="n">getDefaultParser</span>
+
+
+<div class="viewcode-block" id="check_docinfo"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.check_docinfo">[docs]</a><span class="k">def</span> <span class="nf">check_docinfo</span><span class="p">(</span><span class="n">elementtree</span><span class="p">,</span> <span class="n">forbid_dtd</span><span class="o">=</span><span class="kc">False</span><span class="p">,</span> <span class="n">forbid_entities</span><span class="o">=</span><span class="kc">True</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;Check docinfo of an element tree for DTD and entity declarations</span>
+<span class="sd">    The check for entity declarations needs lxml 3 or newer. lxml 2.x does</span>
+<span class="sd">    not support dtd.iterentities().</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+    <span class="n">docinfo</span> <span class="o">=</span> <span class="n">elementtree</span><span class="o">.</span><span class="n">docinfo</span>
+    <span class="k">if</span> <span class="n">docinfo</span><span class="o">.</span><span class="n">doctype</span><span class="p">:</span>
+        <span class="k">if</span> <span class="n">forbid_dtd</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="n">DTDForbidden</span><span class="p">(</span><span class="n">docinfo</span><span class="o">.</span><span class="n">doctype</span><span class="p">,</span> <span class="n">docinfo</span><span class="o">.</span><span class="n">system_url</span><span class="p">,</span> <span class="n">docinfo</span><span class="o">.</span><span class="n">public_id</span><span class="p">)</span>
+        <span class="k">if</span> <span class="n">forbid_entities</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">LXML3</span><span class="p">:</span>
+            <span class="c1"># lxml &lt; 3 has no iterentities()</span>
+            <span class="k">raise</span> <span class="n">NotSupportedError</span><span class="p">(</span><span class="s2">&quot;Unable to check for entity declarations &quot;</span> <span class="s2">&quot;in lxml 2.x&quot;</span><span class="p">)</span>
+
+    <span class="k">if</span> <span class="n">forbid_entities</span><span class="p">:</span>
+        <span class="k">for</span> <span class="n">dtd</span> <span class="ow">in</span> <span class="n">docinfo</span><span class="o">.</span><span class="n">internalDTD</span><span class="p">,</span> <span class="n">docinfo</span><span class="o">.</span><span class="n">externalDTD</span><span class="p">:</span>
+            <span class="k">if</span> <span class="n">dtd</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+                <span class="k">continue</span>
+            <span class="k">for</span> <span class="n">entity</span> <span class="ow">in</span> <span class="n">dtd</span><span class="o">.</span><span class="n">iterentities</span><span class="p">():</span>
+                <span class="k">raise</span> <span class="n">EntitiesForbidden</span><span class="p">(</span><span class="n">entity</span><span class="o">.</span><span class="n">name</span><span class="p">,</span> <span class="n">entity</span><span class="o">.</span><span class="n">content</span><span class="p">,</span> <span class="kc">None</span><span class="p">,</span> <span class="kc">None</span><span class="p">,</span> <span class="kc">None</span><span class="p">,</span> <span class="kc">None</span><span class="p">)</span></div>
+
+
+<div class="viewcode-block" id="parse"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.parse">[docs]</a><span class="k">def</span> <span class="nf">parse</span><span class="p">(</span><span class="n">source</span><span class="p">,</span> <span class="n">parser</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">base_url</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">forbid_dtd</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span> <span class="n">forbid_entities</span><span class="o">=</span><span class="kc">True</span><span class="p">):</span>
+    <span class="k">if</span> <span class="n">parser</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+        <span class="n">parser</span> <span class="o">=</span> <span class="n">getDefaultParser</span><span class="p">()</span>
+    <span class="n">elementtree</span> <span class="o">=</span> <span class="n">_etree</span><span class="o">.</span><span class="n">parse</span><span class="p">(</span><span class="n">source</span><span class="p">,</span> <span class="n">parser</span><span class="p">,</span> <span class="n">base_url</span><span class="o">=</span><span class="n">base_url</span><span class="p">)</span>
+    <span class="n">check_docinfo</span><span class="p">(</span><span class="n">elementtree</span><span class="p">,</span> <span class="n">forbid_dtd</span><span class="p">,</span> <span class="n">forbid_entities</span><span class="p">)</span>
+    <span class="k">return</span> <span class="n">elementtree</span></div>
+
+
+<div class="viewcode-block" id="fromstring"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.fromstring">[docs]</a><span class="k">def</span> <span class="nf">fromstring</span><span class="p">(</span><span class="n">text</span><span class="p">,</span> <span class="n">parser</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">base_url</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">forbid_dtd</span><span class="o">=</span><span class="kc">True</span><span class="p">,</span> <span class="n">forbid_entities</span><span class="o">=</span><span class="kc">True</span><span class="p">):</span>
+    <span class="k">if</span> <span class="n">parser</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+        <span class="n">parser</span> <span class="o">=</span> <span class="n">getDefaultParser</span><span class="p">()</span>
+    <span class="n">rootelement</span> <span class="o">=</span> <span class="n">_etree</span><span class="o">.</span><span class="n">fromstring</span><span class="p">(</span><span class="n">text</span><span class="p">,</span> <span class="n">parser</span><span class="p">,</span> <span class="n">base_url</span><span class="o">=</span><span class="n">base_url</span><span class="p">)</span>
+    <span class="n">elementtree</span> <span class="o">=</span> <span class="n">rootelement</span><span class="o">.</span><span class="n">getroottree</span><span class="p">()</span>
+    <span class="n">check_docinfo</span><span class="p">(</span><span class="n">elementtree</span><span class="p">,</span> <span class="n">forbid_dtd</span><span class="p">,</span> <span class="n">forbid_entities</span><span class="p">)</span>
+    <span class="k">return</span> <span class="n">rootelement</span></div>
+
+
+<span class="n">XML</span> <span class="o">=</span> <span class="n">fromstring</span>
+
+
+<div class="viewcode-block" id="iterparse"><a class="viewcode-back" href="../../../onelogin.saml2.html#onelogin.saml2.xmlparser.iterparse">[docs]</a><span class="k">def</span> <span class="nf">iterparse</span><span class="p">(</span><span class="o">*</span><span class="n">args</span><span class="p">,</span> <span class="o">**</span><span class="n">kwargs</span><span class="p">):</span>
+    <span class="k">raise</span> <span class="n">NotSupportedError</span><span class="p">(</span><span class="s2">&quot;iterparse not available&quot;</span><span class="p">)</span></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/saml2/auth.html b/docs/saml2/_modules/saml2/auth.html
deleted file mode 100644
index f70e70b2..00000000
--- a/docs/saml2/_modules/saml2/auth.html
+++ /dev/null
@@ -1,460 +0,0 @@
-
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>saml2.auth &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="../../_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '../../',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="../../_static/jquery.js"></script>
-    <script type="text/javascript" src="../../_static/underscore.js"></script>
-    <script type="text/javascript" src="../../_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="../../index.html" />
-    <link rel="up" title="Class code" href="../index.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" accesskey="U">Class code</a> &raquo;</li> 
-      </ul>
-    </div>  
-
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-  <h1>Source code for saml2.auth</h1><div class="highlight"><pre>
-<span class="c"># -*- coding: utf-8 -*-</span>
-
-<span class="c"># Copyright (c) 2010-2018 OneLogin, Inc.</span>
-<span class="c"># MIT License</span>
-
-<span class="kn">from</span> <span class="nn">base64</span> <span class="kn">import</span> <span class="n">b64encode</span>
-<span class="kn">from</span> <span class="nn">urllib</span> <span class="kn">import</span> <span class="n">urlencode</span><span class="p">,</span> <span class="n">quote</span>
-<span class="kn">from</span> <span class="nn">xml.etree.ElementTree</span> <span class="kn">import</span> <span class="n">tostring</span>
-
-<span class="kn">import</span> <span class="nn">dm.xmlsec.binding</span> <span class="kn">as</span> <span class="nn">xmlsec</span>
-
-<span class="kn">from</span> <span class="nn">saml2.settings</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Settings</span>
-<span class="kn">from</span> <span class="nn">saml2.response</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Response</span>
-<span class="kn">from</span> <span class="nn">saml2.errors</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Error</span>
-<span class="kn">from</span> <span class="nn">saml2.logout_response</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Logout_Response</span>
-<span class="kn">from</span> <span class="nn">saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
-<span class="kn">from</span> <span class="nn">saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span>
-<span class="kn">from</span> <span class="nn">saml2.logout_request</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Logout_Request</span>
-<span class="kn">from</span> <span class="nn">saml2.authn_request</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Authn_Request</span>
-
-
-<div class="viewcode-block" id="OneLogin_Saml2_Auth"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Auth</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
-
-    <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">request_data</span><span class="p">,</span> <span class="n">old_settings</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Initializes the SP SAML instance.</span>
-
-<span class="sd">        Arguments are:</span>
-<span class="sd">            * (dict)   old_settings. Setting data</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span> <span class="o">=</span> <span class="n">request_data</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Settings</span><span class="p">(</span><span class="n">old_settings</span><span class="p">)</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__attributes</span> <span class="o">=</span> <span class="p">[]</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__nameid</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__authenticated</span> <span class="o">=</span> <span class="bp">False</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span> <span class="o">=</span> <span class="p">[]</span>
-
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_settings"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_settings">[docs]</a>    <span class="k">def</span> <span class="nf">get_settings</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns the settings info</span>
-<span class="sd">        :return: Setting info</span>
-<span class="sd">        :rtype: OneLogin_Saml2_Setting object</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.set_strict"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.set_strict">[docs]</a>    <span class="k">def</span> <span class="nf">set_strict</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Set the strict mode active/disable</span>
-
-<span class="sd">        :param value:</span>
-<span class="sd">        :type value: bool</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">value</span><span class="p">,</span> <span class="nb">bool</span><span class="p">)</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">set_strict</span><span class="p">(</span><span class="n">value</span><span class="p">)</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.process_response"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.process_response">[docs]</a>    <span class="k">def</span> <span class="nf">process_response</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">request_id</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Process the SAML Response sent by the IdP.</span>
-
-<span class="sd">        :param request_id: Is an optional argument. Is the ID of the AuthNRequest sent by this SP to the IdP.</span>
-<span class="sd">        :type request_id: string</span>
-
-<span class="sd">        :raises: OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND, when a POST with a SAMLResponse is not found</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span> <span class="o">=</span> <span class="p">[]</span>
-
-        <span class="k">if</span> <span class="s">&#39;post_data&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span> <span class="ow">and</span> <span class="s">&#39;SAMLResponse&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">[</span><span class="s">&#39;post_data&#39;</span><span class="p">]:</span>
-            <span class="c"># AuthnResponse -- HTTP_POST Binding</span>
-            <span class="n">response</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Response</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">[</span><span class="s">&#39;post_data&#39;</span><span class="p">][</span><span class="s">&#39;SAMLResponse&#39;</span><span class="p">])</span>
-
-            <span class="k">if</span> <span class="n">response</span><span class="o">.</span><span class="n">is_valid</span><span class="p">(</span><span class="n">request_id</span><span class="p">):</span>
-                <span class="bp">self</span><span class="o">.</span><span class="n">__attributes</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_attributes</span><span class="p">()</span>
-                <span class="bp">self</span><span class="o">.</span><span class="n">__nameid</span> <span class="o">=</span> <span class="n">response</span><span class="o">.</span><span class="n">get_nameid</span><span class="p">()</span>
-                <span class="bp">self</span><span class="o">.</span><span class="n">__authenticated</span> <span class="o">=</span> <span class="bp">True</span>
-            <span class="k">else</span><span class="p">:</span>
-                <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;invalid_response&#39;</span><span class="p">)</span>
-
-        <span class="k">else</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;invalid_binding&#39;</span><span class="p">)</span>
-            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
-                <span class="s">&#39;SAML Response not found, Only supported HTTP_POST Binding&#39;</span><span class="p">,</span>
-                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SAML_RESPONSE_NOT_FOUND</span>
-            <span class="p">)</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.process_slo"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.process_slo">[docs]</a>    <span class="k">def</span> <span class="nf">process_slo</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">keep_local_session</span><span class="o">=</span><span class="bp">False</span><span class="p">,</span> <span class="n">request_id</span><span class="o">=</span><span class="bp">None</span><span class="p">,</span> <span class="n">delete_session_cb</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Process the SAML Logout Response / Logout Request sent by the IdP.</span>
-
-<span class="sd">        :param keep_local_session: When false will destroy the local session, otherwise will destroy it</span>
-<span class="sd">        :type keep_local_session: bool</span>
-
-<span class="sd">        :param request_id: The ID of the LogoutRequest sent by this SP to the IdP</span>
-<span class="sd">        :type request_id: string</span>
-
-<span class="sd">        :returns: Redirection url</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span> <span class="o">=</span> <span class="p">[]</span>
-
-        <span class="k">if</span> <span class="s">&#39;get_data&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span> <span class="ow">and</span> <span class="s">&#39;SAMLResponse&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">[</span><span class="s">&#39;get_data&#39;</span><span class="p">]:</span>
-            <span class="n">logout_response</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Logout_Response</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">[</span><span class="s">&#39;get_data&#39;</span><span class="p">][</span><span class="s">&#39;SAMLResponse&#39;</span><span class="p">])</span>
-            <span class="k">if</span> <span class="ow">not</span> <span class="n">logout_response</span><span class="o">.</span><span class="n">is_valid</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">,</span> <span class="n">request_id</span><span class="p">):</span>
-                <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;invalid_logout_response&#39;</span><span class="p">)</span>
-            <span class="k">elif</span> <span class="n">logout_response</span><span class="o">.</span><span class="n">get_status</span><span class="p">()</span> <span class="o">!=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">STATUS_SUCCESS</span><span class="p">:</span>
-                <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;logout_not_success&#39;</span><span class="p">)</span>
-            <span class="k">elif</span> <span class="ow">not</span> <span class="n">keep_local_session</span><span class="p">:</span>
-                <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">delete_local_session</span><span class="p">(</span><span class="n">delete_session_cb</span><span class="p">)</span>
-
-        <span class="k">elif</span> <span class="s">&#39;get_data&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span> <span class="ow">and</span> <span class="s">&#39;SAMLRequest&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">[</span><span class="s">&#39;get_data&#39;</span><span class="p">]:</span>
-            <span class="n">request</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">decode_base64_and_inflate</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">[</span><span class="s">&#39;get_data&#39;</span><span class="p">][</span><span class="s">&#39;SAMLRequest&#39;</span><span class="p">])</span>
-            <span class="k">if</span> <span class="ow">not</span> <span class="n">OneLogin_Saml2_Logout_Request</span><span class="o">.</span><span class="n">is_valid</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="p">,</span> <span class="n">request</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">):</span>
-                <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;invalid_logout_request&#39;</span><span class="p">)</span>
-            <span class="k">else</span><span class="p">:</span>
-                <span class="k">if</span> <span class="ow">not</span> <span class="n">keep_local_session</span><span class="p">:</span>
-                    <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">delete_local_session</span><span class="p">(</span><span class="n">delete_session_cb</span><span class="p">)</span>
-
-                <span class="n">in_response_to</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Logout_Request</span><span class="o">.</span><span class="n">get_id</span><span class="p">(</span><span class="n">request</span><span class="p">)</span>
-                <span class="n">response_builder</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Logout_Response</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="p">)</span>
-                <span class="n">response_builder</span><span class="o">.</span><span class="n">build</span><span class="p">(</span><span class="n">in_response_to</span><span class="p">)</span>
-                <span class="n">logout_response</span> <span class="o">=</span> <span class="n">response_builder</span><span class="o">.</span><span class="n">get_response</span><span class="p">()</span>
-
-                <span class="n">parameters</span> <span class="o">=</span> <span class="p">{</span><span class="s">&#39;SAMLResponse&#39;</span><span class="p">:</span> <span class="n">logout_response</span><span class="p">}</span>
-                <span class="k">if</span> <span class="s">&#39;RelayState&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">[</span><span class="s">&#39;get_data&#39;</span><span class="p">]:</span>
-                    <span class="n">parameters</span><span class="p">[</span><span class="s">&#39;RelayState&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">[</span><span class="s">&#39;get_data&#39;</span><span class="p">][</span><span class="s">&#39;RelayState&#39;</span><span class="p">]</span>
-
-                <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
-                <span class="k">if</span> <span class="s">&#39;logoutResponseSigned&#39;</span> <span class="ow">in</span> <span class="n">security</span> <span class="ow">and</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;logoutResponseSigned&#39;</span><span class="p">]:</span>
-                    <span class="n">signature</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">build_response_signature</span><span class="p">(</span><span class="n">logout_response</span><span class="p">,</span> <span class="n">parameters</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;RelayState&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">))</span>
-                    <span class="n">parameters</span><span class="p">[</span><span class="s">&#39;SigAlg&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span>
-                    <span class="n">parameters</span><span class="p">[</span><span class="s">&#39;Signature&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">signature</span>
-
-                <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">redirect_to</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">get_slo_url</span><span class="p">(),</span> <span class="n">parameters</span><span class="p">)</span>
-
-        <span class="k">else</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;invalid_binding&#39;</span><span class="p">)</span>
-            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
-                <span class="s">&#39;SAML LogoutRequest/LogoutResponse not found. Only supported HTTP_REDIRECT Binding&#39;</span><span class="p">,</span>
-                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SAML_LOGOUTMESSAGE_NOT_FOUND</span>
-            <span class="p">)</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.redirect_to"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.redirect_to">[docs]</a>    <span class="k">def</span> <span class="nf">redirect_to</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">url</span><span class="o">=</span><span class="bp">None</span><span class="p">,</span> <span class="n">parameters</span><span class="o">=</span><span class="p">{}):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Redirects the user to the url past by parameter or to the url that we defined in our SSO Request.</span>
-
-<span class="sd">        :param url: The target URL to redirect the user</span>
-<span class="sd">        :type url: string</span>
-<span class="sd">        :param parameters: Extra parameters to be passed as part of the url</span>
-<span class="sd">        :type parameters: dict</span>
-
-<span class="sd">        :returns: Redirection url</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="n">url</span> <span class="ow">is</span> <span class="bp">None</span> <span class="ow">and</span> <span class="s">&#39;RelayState&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">[</span><span class="s">&#39;get_data&#39;</span><span class="p">]:</span>
-            <span class="n">url</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">[</span><span class="s">&#39;get_data&#39;</span><span class="p">][</span><span class="s">&#39;RelayState&#39;</span><span class="p">]</span>
-        <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">redirect</span><span class="p">(</span><span class="n">url</span><span class="p">,</span> <span class="n">parameters</span><span class="p">,</span> <span class="n">request_data</span><span class="o">=</span><span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">)</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.is_authenticated"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.is_authenticated">[docs]</a>    <span class="k">def</span> <span class="nf">is_authenticated</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Checks if the user is authenticated or not.</span>
-
-<span class="sd">        :returns: True if is authenticated, False if not</span>
-<span class="sd">        :rtype: bool</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__authenticated</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_attributes"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_attributes">[docs]</a>    <span class="k">def</span> <span class="nf">get_attributes</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns the set of SAML attributes.</span>
-
-<span class="sd">        :returns: SAML attributes</span>
-<span class="sd">        :rtype: dict</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__attributes</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_nameid"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_nameid">[docs]</a>    <span class="k">def</span> <span class="nf">get_nameid</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns the nameID.</span>
-
-<span class="sd">        :returns: NameID</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__nameid</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_errors"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_errors">[docs]</a>    <span class="k">def</span> <span class="nf">get_errors</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns a list with code errors if something went wrong</span>
-
-<span class="sd">        :returns: List of errors</span>
-<span class="sd">        :rtype: list</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_attribute"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_attribute">[docs]</a>    <span class="k">def</span> <span class="nf">get_attribute</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">name</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns the requested SAML attribute.</span>
-
-<span class="sd">        :param name: Name of the attribute</span>
-<span class="sd">        :type name: string</span>
-
-<span class="sd">        :returns: Attribute value if exists or None</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">name</span><span class="p">,</span> <span class="nb">basestring</span><span class="p">)</span>
-        <span class="n">value</span> <span class="o">=</span> <span class="bp">None</span>
-        <span class="k">if</span> <span class="n">name</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__attributes</span><span class="o">.</span><span class="n">keys</span><span class="p">():</span>
-            <span class="n">value</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__attributes</span><span class="p">[</span><span class="n">name</span><span class="p">]</span>
-        <span class="k">return</span> <span class="n">value</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.login"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.login">[docs]</a>    <span class="k">def</span> <span class="nf">login</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">return_to</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Initiates the SSO process.</span>
-
-<span class="sd">        :param return_to: Optional argument. The target URL the user should be redirected to after login.</span>
-<span class="sd">        :type return_to: string</span>
-
-<span class="sd">        :returns: Redirection url</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">authn_request</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Authn_Request</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="p">)</span>
-
-        <span class="n">saml_request</span> <span class="o">=</span> <span class="n">authn_request</span><span class="o">.</span><span class="n">get_request</span><span class="p">()</span>
-        <span class="n">parameters</span> <span class="o">=</span> <span class="p">{</span><span class="s">&#39;SAMLRequest&#39;</span><span class="p">:</span> <span class="n">saml_request</span><span class="p">}</span>
-
-        <span class="k">if</span> <span class="n">return_to</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="n">parameters</span><span class="p">[</span><span class="s">&#39;RelayState&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">return_to</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">parameters</span><span class="p">[</span><span class="s">&#39;RelayState&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_no_query</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">)</span>
-
-        <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
-        <span class="k">if</span> <span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;authnRequestsSigned&#39;</span><span class="p">,</span> <span class="bp">False</span><span class="p">):</span>
-            <span class="n">parameters</span><span class="p">[</span><span class="s">&#39;SigAlg&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span>
-            <span class="n">parameters</span><span class="p">[</span><span class="s">&#39;Signature&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">build_request_signature</span><span class="p">(</span><span class="n">saml_request</span><span class="p">,</span> <span class="n">parameters</span><span class="p">[</span><span class="s">&#39;RelayState&#39;</span><span class="p">])</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">redirect_to</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">get_sso_url</span><span class="p">(),</span> <span class="n">parameters</span><span class="p">)</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.logout"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.logout">[docs]</a>    <span class="k">def</span> <span class="nf">logout</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">return_to</span><span class="o">=</span><span class="bp">None</span><span class="p">,</span> <span class="n">name_id</span><span class="o">=</span><span class="bp">None</span><span class="p">,</span> <span class="n">session_index</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Initiates the SLO process.</span>
-
-<span class="sd">        :param return_to: Optional argument. The target URL the user should be redirected to after logout.</span>
-<span class="sd">        :type return_to: string</span>
-<span class="sd">        :param name_id: Optional argument. The NameID that will be set in the LogoutRequest.</span>
-<span class="sd">        :type name_id: string</span>
-<span class="sd">        :param session_index: Optional argument. SessionIndex that identifies the session of the user.</span>
-<span class="sd">        :type session_index: string</span>
-<span class="sd">        :returns: Redirection url</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">slo_url</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_slo_url</span><span class="p">()</span>
-        <span class="k">if</span> <span class="n">slo_url</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
-                <span class="s">&#39;The IdP does not support Single Log Out&#39;</span><span class="p">,</span>
-                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SAML_SINGLE_LOGOUT_NOT_SUPPORTED</span>
-            <span class="p">)</span>
-
-        <span class="n">logout_request</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Logout_Request</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="p">)</span>
-
-        <span class="n">saml_request</span> <span class="o">=</span> <span class="n">logout_request</span><span class="o">.</span><span class="n">get_request</span><span class="p">()</span>
-
-        <span class="n">parameters</span> <span class="o">=</span> <span class="p">{</span><span class="s">&#39;SAMLRequest&#39;</span><span class="p">:</span> <span class="n">logout_request</span><span class="o">.</span><span class="n">get_request</span><span class="p">()}</span>
-        <span class="k">if</span> <span class="n">return_to</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="n">parameters</span><span class="p">[</span><span class="s">&#39;RelayState&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">return_to</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">parameters</span><span class="p">[</span><span class="s">&#39;RelayState&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_no_query</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__request_data</span><span class="p">)</span>
-
-        <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
-        <span class="k">if</span> <span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;logoutRequestSigned&#39;</span><span class="p">,</span> <span class="bp">False</span><span class="p">):</span>
-            <span class="n">parameters</span><span class="p">[</span><span class="s">&#39;SigAlg&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span>
-            <span class="n">parameters</span><span class="p">[</span><span class="s">&#39;Signature&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">build_request_signature</span><span class="p">(</span><span class="n">saml_request</span><span class="p">,</span> <span class="n">parameters</span><span class="p">[</span><span class="s">&#39;RelayState&#39;</span><span class="p">])</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">redirect_to</span><span class="p">(</span><span class="n">slo_url</span><span class="p">,</span> <span class="n">parameters</span><span class="p">)</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_sso_url"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_sso_url">[docs]</a>    <span class="k">def</span> <span class="nf">get_sso_url</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the SSO url.</span>
-
-<span class="sd">        :returns: An URL, the SSO endpoint of the IdP</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
-        <span class="k">return</span> <span class="n">idp_data</span><span class="p">[</span><span class="s">&#39;singleSignOnService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">]</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.get_slo_url"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_slo_url">[docs]</a>    <span class="k">def</span> <span class="nf">get_slo_url</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the SLO url.</span>
-
-<span class="sd">        :returns: An URL, the SLO endpoint of the IdP</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">url</span> <span class="o">=</span> <span class="bp">None</span>
-        <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
-        <span class="k">if</span> <span class="s">&#39;singleLogoutService&#39;</span> <span class="ow">in</span> <span class="n">idp_data</span><span class="o">.</span><span class="n">keys</span><span class="p">()</span> <span class="ow">and</span> <span class="s">&#39;url&#39;</span> <span class="ow">in</span> <span class="n">idp_data</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">]:</span>
-            <span class="n">url</span> <span class="o">=</span> <span class="n">idp_data</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">]</span>
-        <span class="k">return</span> <span class="n">url</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.build_request_signature"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.build_request_signature">[docs]</a>    <span class="k">def</span> <span class="nf">build_request_signature</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">saml_request</span><span class="p">,</span> <span class="n">relay_state</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Builds the Signature of the SAML Request.</span>
-
-<span class="sd">        :param saml_request: The SAML Request</span>
-<span class="sd">        :type saml_request: string</span>
-
-<span class="sd">        :param relay_state: The target URL the user should be redirected to</span>
-<span class="sd">        :type relay_state: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">check_sp_certs</span><span class="p">():</span>
-            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
-                <span class="s">&quot;Trying to sign the SAML Request but can&#39;t load the SP certs&quot;</span><span class="p">,</span>
-                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SP_CERTS_NOT_FOUND</span>
-            <span class="p">)</span>
-
-        <span class="n">xmlsec</span><span class="o">.</span><span class="n">initialize</span><span class="p">()</span>
-
-        <span class="c"># Load the key into the xmlsec context</span>
-        <span class="n">key</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_sp_key</span><span class="p">()</span>
-        <span class="n">file_key</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">write_temp_file</span><span class="p">(</span><span class="n">key</span><span class="p">)</span>  <span class="c"># FIXME avoid writing a file</span>
-
-        <span class="n">dsig_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">DSigCtx</span><span class="p">()</span>
-        <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">signKey</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">load</span><span class="p">(</span><span class="n">file_key</span><span class="o">.</span><span class="n">name</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataFormatPem</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-        <span class="n">file_key</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-        
-        <span class="n">data</span> <span class="o">=</span> <span class="p">{</span>
-            <span class="s">&#39;SAMLRequest&#39;</span><span class="p">:</span> <span class="n">quote</span><span class="p">(</span><span class="n">saml_request</span><span class="p">),</span>
-            <span class="s">&#39;RelayState&#39;</span><span class="p">:</span> <span class="n">quote</span><span class="p">(</span><span class="n">relay_state</span><span class="p">),</span>
-            <span class="s">&#39;SignAlg&#39;</span><span class="p">:</span> <span class="n">quote</span><span class="p">(</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span><span class="p">),</span>
-        <span class="p">}</span>
-        <span class="n">msg</span> <span class="o">=</span> <span class="n">urlencode</span><span class="p">(</span><span class="n">data</span><span class="p">)</span>
-        <span class="n">signature</span> <span class="o">=</span> <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">signBinary</span><span class="p">(</span><span class="n">msg</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">TransformRsaSha1</span><span class="p">)</span>
-        <span class="k">return</span> <span class="n">b64encode</span><span class="p">(</span><span class="n">signature</span><span class="p">)</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Auth.build_response_signature"><a class="viewcode-back" href="../../saml2.html#saml2.auth.OneLogin_Saml2_Auth.build_response_signature">[docs]</a>    <span class="k">def</span> <span class="nf">build_response_signature</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">saml_response</span><span class="p">,</span> <span class="n">relay_state</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Builds the Signature of the SAML Response.</span>
-<span class="sd">        :param saml_request: The SAML Response</span>
-<span class="sd">        :type saml_request: string</span>
-
-<span class="sd">        :param relay_state: The target URL the user should be redirected to</span>
-<span class="sd">        :type relay_state: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">check_sp_certs</span><span class="p">():</span>
-            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
-                <span class="s">&quot;Trying to sign the SAML Response but can&#39;t load the SP certs&quot;</span><span class="p">,</span>
-                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SP_CERTS_NOT_FOUND</span>
-            <span class="p">)</span>
-
-        <span class="n">xmlsec</span><span class="o">.</span><span class="n">initialize</span><span class="p">()</span>
-
-        <span class="c"># Load the key into the xmlsec context</span>
-        <span class="n">key</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_sp_key</span><span class="p">()</span>
-        <span class="n">file_key</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">write_temp_file</span><span class="p">(</span><span class="n">key</span><span class="p">)</span>  <span class="c"># FIXME avoid writing a file</span>
-
-        <span class="n">dsig_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">DSigCtx</span><span class="p">()</span>
-        <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">signKey</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">load</span><span class="p">(</span><span class="n">file_key</span><span class="o">.</span><span class="n">name</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataFormatPem</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-        <span class="n">file_key</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-
-        <span class="n">data</span> <span class="o">=</span> <span class="p">{</span>
-            <span class="s">&#39;SAMLResponse&#39;</span><span class="p">:</span> <span class="n">quote</span><span class="p">(</span><span class="n">saml_response</span><span class="p">),</span>
-            <span class="s">&#39;RelayState&#39;</span><span class="p">:</span> <span class="n">quote</span><span class="p">(</span><span class="n">relay_state</span><span class="p">),</span>
-            <span class="s">&#39;SignAlg&#39;</span><span class="p">:</span> <span class="n">quote</span><span class="p">(</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span><span class="p">),</span>
-        <span class="p">}</span>
-        <span class="n">msg</span> <span class="o">=</span> <span class="n">urlencode</span><span class="p">(</span><span class="n">data</span><span class="p">)</span>
-        <span class="kn">import</span> <span class="nn">pdb</span><span class="p">;</span> <span class="n">dbp</span><span class="o">.</span><span class="n">set_trace</span><span class="p">()</span>
-        <span class="k">print</span> <span class="n">msg</span>
-        <span class="n">data2</span> <span class="o">=</span> <span class="p">{</span>
-            <span class="s">&#39;SAMLResponse&#39;</span><span class="p">:</span> <span class="n">saml_response</span><span class="p">,</span>
-            <span class="s">&#39;RelayState&#39;</span><span class="p">:</span> <span class="n">relay_state</span><span class="p">,</span>
-            <span class="s">&#39;SignAlg&#39;</span><span class="p">:</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span><span class="p">,</span>
-        <span class="p">}</span>
-        <span class="n">msg2</span> <span class="o">=</span> <span class="n">urlencode</span><span class="p">(</span><span class="n">data2</span><span class="p">)</span>
-        <span class="k">print</span> <span class="n">msg2</span>
-        <span class="n">signature</span> <span class="o">=</span> <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">signBinary</span><span class="p">(</span><span class="n">msg</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">TransformRsaSha1</span><span class="p">)</span>
-        <span class="k">return</span> <span class="n">b64encode</span><span class="p">(</span><span class="n">signature</span><span class="p">)</span></div></div>
-</pre></div>
-
-          </div>
-        </div>
-      </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="../../search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" >Class code</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
-</html>
diff --git a/docs/saml2/_modules/saml2/authn_request.html b/docs/saml2/_modules/saml2/authn_request.html
deleted file mode 100644
index 207ee7a6..00000000
--- a/docs/saml2/_modules/saml2/authn_request.html
+++ /dev/null
@@ -1,176 +0,0 @@
-
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>saml2.authn_request &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="../../_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '../../',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="../../_static/jquery.js"></script>
-    <script type="text/javascript" src="../../_static/underscore.js"></script>
-    <script type="text/javascript" src="../../_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="../../index.html" />
-    <link rel="up" title="Class code" href="../index.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" accesskey="U">Class code</a> &raquo;</li> 
-      </ul>
-    </div>  
-
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-  <h1>Source code for saml2.authn_request</h1><div class="highlight"><pre>
-<span class="c"># -*- coding: utf-8 -*-</span>
-
-<span class="c"># Copyright (c) 2010-2018 OneLogin, Inc.</span>
-<span class="c"># MIT License</span>
-
-<span class="kn">from</span> <span class="nn">base64</span> <span class="kn">import</span> <span class="n">b64encode</span>
-<span class="kn">from</span> <span class="nn">datetime</span> <span class="kn">import</span> <span class="n">datetime</span>
-<span class="kn">from</span> <span class="nn">zlib</span> <span class="kn">import</span> <span class="n">compress</span>
-
-<span class="kn">from</span> <span class="nn">saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span>
-<span class="kn">from</span> <span class="nn">saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
-
-
-<div class="viewcode-block" id="OneLogin_Saml2_Authn_Request"><a class="viewcode-back" href="../../saml2.html#saml2.authn_request.OneLogin_Saml2_Authn_Request">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Authn_Request</span><span class="p">:</span>
-
-    <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Constructs the AuthnRequest object.</span>
-
-<span class="sd">        Arguments are:</span>
-<span class="sd">            * (OneLogin_Saml2_Settings)   settings. Setting data</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span> <span class="o">=</span> <span class="n">settings</span>
-
-        <span class="n">sp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_sp_data</span><span class="p">()</span>
-        <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
-
-        <span class="n">uid</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">generate_unique_id</span><span class="p">()</span>
-        <span class="n">issue_instant</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_time_to_SAML</span><span class="p">(</span>
-            <span class="nb">int</span><span class="p">(</span><span class="n">datetime</span><span class="o">.</span><span class="n">now</span><span class="p">()</span><span class="o">.</span><span class="n">strftime</span><span class="p">(</span><span class="s">&quot;</span><span class="si">%s</span><span class="s">&quot;</span><span class="p">))</span>
-        <span class="p">)</span>
-
-        <span class="n">name_id_policy_format</span> <span class="o">=</span> <span class="n">sp_data</span><span class="p">[</span><span class="s">&#39;NameIDFormat&#39;</span><span class="p">]</span>
-        <span class="k">if</span> <span class="s">&#39;wantNameIdEncrypted&#39;</span> <span class="ow">in</span> <span class="n">security</span> <span class="ow">and</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;wantNameIdEncrypted&#39;</span><span class="p">]:</span>
-            <span class="n">name_id_policy_format</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NAMEID_ENCRYPTED</span>
-
-        <span class="n">provider_name_str</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-        <span class="n">organization_data</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">get_organization</span><span class="p">()</span>
-        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">organization_data</span><span class="p">,</span> <span class="nb">dict</span><span class="p">):</span>
-            <span class="n">langs</span> <span class="o">=</span> <span class="n">organization_data</span><span class="o">.</span><span class="n">keys</span><span class="p">()</span>
-            <span class="k">if</span> <span class="s">&#39;en-US&#39;</span> <span class="ow">in</span> <span class="n">langs</span><span class="p">:</span>
-                <span class="n">lang</span> <span class="o">=</span> <span class="s">&#39;en-US&#39;</span>
-            <span class="k">else</span><span class="p">:</span>
-                <span class="n">lang</span> <span class="o">=</span> <span class="n">langs</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
-            <span class="k">if</span> <span class="s">&#39;displayname&#39;</span> <span class="ow">in</span> <span class="n">organization_data</span><span class="p">[</span><span class="n">lang</span><span class="p">]</span> <span class="ow">and</span> <span class="n">organization_data</span><span class="p">[</span><span class="n">lang</span><span class="p">][</span><span class="s">&#39;displayname&#39;</span><span class="p">]</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-                <span class="n">provider_name_str</span> <span class="o">=</span> <span class="s">&#39;ProviderName=&quot;</span><span class="si">%s</span><span class="s">&quot;&#39;</span> <span class="o">%</span> <span class="n">organization_data</span><span class="p">[</span><span class="n">lang</span><span class="p">][</span><span class="s">&#39;displayname&#39;</span><span class="p">]</span>
-
-        <span class="n">request</span> <span class="o">=</span> <span class="s">&quot;&quot;&quot;&lt;samlp:AuthnRequest</span>
-<span class="s">    xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;</span>
-<span class="s">    xmlns:saml=&quot;urn:oasis:names:tc:SAML:2.0:assertion&quot;</span>
-<span class="s">    ID=&quot;</span><span class="si">%(id)s</span><span class="s">&quot;</span>
-<span class="s">    Version=&quot;2.0&quot;</span>
-<span class="s">    </span><span class="si">%(provider_name)s</span><span class="s"></span>
-<span class="s">    IssueInstant=&quot;</span><span class="si">%(issue_instant)s</span><span class="s">&quot;</span>
-<span class="s">    ProtocolBinding=&quot;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST&quot;</span>
-<span class="s">    AssertionConsumerServiceURL=&quot;</span><span class="si">%(assertion_url)s</span><span class="s">&quot;&gt;</span>
-<span class="s">    &lt;saml:Issuer&gt;</span><span class="si">%(entity_id)s</span><span class="s">&lt;/saml:Issuer&gt;</span>
-<span class="s">    &lt;samlp:NameIDPolicy</span>
-<span class="s">        Format=&quot;</span><span class="si">%(name_id_policy)s</span><span class="s">&quot;</span>
-<span class="s">        AllowCreate=&quot;true&quot; /&gt;</span>
-<span class="s">    &lt;samlp:RequestedAuthnContext Comparison=&quot;exact&quot;&gt;</span>
-<span class="s">        &lt;saml:AuthnContextMethodRef&gt;urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport&lt;/saml:AuthnContextMethodRef&gt;</span>
-<span class="s">    &lt;/samlp:RequestedAuthnContext&gt;</span>
-<span class="s">&lt;/samlp:AuthnRequest&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="p">{</span>
-            <span class="s">&#39;id&#39;</span><span class="p">:</span> <span class="n">uid</span><span class="p">,</span>
-            <span class="s">&#39;provider_name&#39;</span><span class="p">:</span> <span class="n">provider_name_str</span><span class="p">,</span>
-            <span class="s">&#39;issue_instant&#39;</span><span class="p">:</span> <span class="n">issue_instant</span><span class="p">,</span>
-            <span class="s">&#39;assertion_url&#39;</span><span class="p">:</span> <span class="n">sp_data</span><span class="p">[</span><span class="s">&#39;assertionConsumerService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">],</span>
-            <span class="s">&#39;entity_id&#39;</span><span class="p">:</span> <span class="n">sp_data</span><span class="p">[</span><span class="s">&#39;entityId&#39;</span><span class="p">],</span>
-            <span class="s">&#39;name_id_policy&#39;</span><span class="p">:</span> <span class="n">name_id_policy_format</span><span class="p">,</span>
-        <span class="p">}</span>
-
-        <span class="bp">self</span><span class="o">.</span><span class="n">__authn_request</span> <span class="o">=</span> <span class="n">request</span>
-
-<div class="viewcode-block" id="OneLogin_Saml2_Authn_Request.get_request"><a class="viewcode-back" href="../../saml2.html#saml2.authn_request.OneLogin_Saml2_Authn_Request.get_request">[docs]</a>    <span class="k">def</span> <span class="nf">get_request</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns unsigned AuthnRequest.</span>
-<span class="sd">        :return: Unsigned AuthnRequest</span>
-<span class="sd">        :rtype: str object</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">deflated_request</span> <span class="o">=</span> <span class="n">compress</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__authn_request</span><span class="p">)[</span><span class="mi">2</span><span class="p">:</span><span class="o">-</span><span class="mi">4</span><span class="p">]</span>
-        <span class="k">return</span> <span class="n">b64encode</span><span class="p">(</span><span class="n">deflated_request</span><span class="p">)</span></div></div>
-</pre></div>
-
-          </div>
-        </div>
-      </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="../../search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" >Class code</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
-</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/saml2/constants.html b/docs/saml2/_modules/saml2/constants.html
deleted file mode 100644
index 306ec1b3..00000000
--- a/docs/saml2/_modules/saml2/constants.html
+++ /dev/null
@@ -1,166 +0,0 @@
-
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>saml2.constants &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="../../_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '../../',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="../../_static/jquery.js"></script>
-    <script type="text/javascript" src="../../_static/underscore.js"></script>
-    <script type="text/javascript" src="../../_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="../../index.html" />
-    <link rel="up" title="Class code" href="../index.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" accesskey="U">Class code</a> &raquo;</li> 
-      </ul>
-    </div>  
-
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-  <h1>Source code for saml2.constants</h1><div class="highlight"><pre>
-<span class="c"># -*- coding: utf-8 -*-</span>
-
-<span class="c"># Copyright (c) 2010-2018 OneLogin, Inc.</span>
-<span class="c"># MIT License</span>
-
-
-<div class="viewcode-block" id="OneLogin_Saml2_Constants"><a class="viewcode-back" href="../../saml2.html#saml2.constants.OneLogin_Saml2_Constants">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Constants</span><span class="p">:</span>
-    <span class="c"># Value added to the current time in time condition validations</span>
-    <span class="n">ALOWED_CLOCK_DRIFT</span> <span class="o">=</span> <span class="mi">180</span>
-
-    <span class="c"># NameID Formats</span>
-    <span class="n">NAMEID_EMAIL_ADDRESS</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress&#39;</span>
-    <span class="n">NAMEID_X509_SUBJECT_NAME</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName&#39;</span>
-    <span class="n">NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName&#39;</span>
-    <span class="n">NAMEID_KERBEROS</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos&#39;</span>
-    <span class="n">NAMEID_ENTITY</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:nameid-format:entity&#39;</span>
-    <span class="n">NAMEID_TRANSIENT</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:nameid-format:transient&#39;</span>
-    <span class="n">NAMEID_PERSISTENT</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:nameid-format:persistent&#39;</span>
-    <span class="n">NAMEID_ENCRYPTED</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted&#39;</span>
-
-    <span class="c"># Attribute Name Formats</span>
-    <span class="n">ATTRNAME_FORMAT_UNSPECIFIED</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified&#39;</span>
-    <span class="n">ATTRNAME_FORMAT_URI</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:attrname-format:uri&#39;</span>
-    <span class="n">ATTRNAME_FORMAT_BASIC</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:attrname-format:basic&#39;</span>
-
-    <span class="c"># Namespaces</span>
-    <span class="n">NS_SAML</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:assertion&#39;</span>
-    <span class="n">NS_SAMLP</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:protocol&#39;</span>
-    <span class="n">NS_SOAP</span> <span class="o">=</span> <span class="s">&#39;http://schemas.xmlsoap.org/soap/envelope/&#39;</span>
-    <span class="n">NS_MD</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:metadata&#39;</span>
-    <span class="n">NS_XS</span> <span class="o">=</span> <span class="s">&#39;http://www.w3.org/2001/XMLSchema&#39;</span>
-    <span class="n">NS_XSI</span> <span class="o">=</span> <span class="s">&#39;http://www.w3.org/2001/XMLSchema-instance&#39;</span>
-    <span class="n">NS_XENC</span> <span class="o">=</span> <span class="s">&#39;http://www.w3.org/2001/04/xmlenc#&#39;</span>
-    <span class="n">NS_DS</span> <span class="o">=</span> <span class="s">&#39;http://www.w3.org/2000/09/xmldsig#&#39;</span>
-
-    <span class="c"># Bindings</span>
-    <span class="n">BINDING_HTTP_POST</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST&#39;</span>
-    <span class="n">BINDING_HTTP_REDIRECT</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect&#39;</span>
-    <span class="n">BINDING_HTTP_ARTIFACT</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact&#39;</span>
-    <span class="n">BINDING_SOAP</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:bindings:SOAP&#39;</span>
-    <span class="n">BINDING_DEFLATE</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:bindings:URL-Encoding:DEFLATE&#39;</span>
-
-    <span class="c"># Auth Context Method</span>
-    <span class="n">AC_UNSPECIFIED</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified&#39;</span>
-    <span class="n">AC_PASSWORD</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:ac:classes:Password&#39;</span>
-    <span class="n">AC_X509</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:ac:classes:X509&#39;</span>
-    <span class="n">AC_SMARTCARD</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard&#39;</span>
-    <span class="n">AC_KERBEROS</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos&#39;</span>
-
-    <span class="c"># Subject Confirmation</span>
-    <span class="n">CM_BEARER</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:cm:bearer&#39;</span>
-    <span class="n">CM_HOLDER_KEY</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:cm:holder-of-key&#39;</span>
-    <span class="n">CM_SENDER_VOUCHES</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:cm:sender-vouches&#39;</span>
-
-    <span class="c"># Status Codes</span>
-    <span class="n">STATUS_SUCCESS</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:status:Success&#39;</span>
-    <span class="n">STATUS_REQUESTER</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:status:Requester&#39;</span>
-    <span class="n">STATUS_RESPONDER</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:status:Responder&#39;</span>
-    <span class="n">STATUS_VERSION_MISMATCH</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:status:VersionMismatch&#39;</span>
-    <span class="n">STATUS_NO_PASSIVE</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:status:NoPassive&#39;</span>
-    <span class="n">STATUS_PARTIAL_LOGOUT</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:status:PartialLogout&#39;</span>
-    <span class="n">STATUS_PROXY_COUNT_EXCEEDED</span> <span class="o">=</span> <span class="s">&#39;urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded&#39;</span>
-
-    <span class="c"># Crypto</span>
-    <span class="n">RSA_SHA1</span> <span class="o">=</span> <span class="s">&#39;http://www.w3.org/2000/09/xmldsig#rsa-sha1&#39;</span>
-
-    <span class="n">NSMAP</span> <span class="o">=</span> <span class="p">{</span>
-        <span class="s">&#39;samlp&#39;</span><span class="p">:</span> <span class="n">NS_SAMLP</span><span class="p">,</span>
-        <span class="s">&#39;saml&#39;</span><span class="p">:</span> <span class="n">NS_SAML</span><span class="p">,</span>
-        <span class="s">&#39;ds&#39;</span><span class="p">:</span> <span class="n">NS_DS</span><span class="p">,</span>
-        <span class="s">&#39;xenc&#39;</span><span class="p">:</span> <span class="n">NS_XENC</span>
-    <span class="p">}</span></div>
-</pre></div>
-
-          </div>
-        </div>
-      </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="../../search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" >Class code</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
-</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/saml2/errors.html b/docs/saml2/_modules/saml2/errors.html
deleted file mode 100644
index ef958f31..00000000
--- a/docs/saml2/_modules/saml2/errors.html
+++ /dev/null
@@ -1,135 +0,0 @@
-
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>saml2.errors &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="../../_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '../../',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="../../_static/jquery.js"></script>
-    <script type="text/javascript" src="../../_static/underscore.js"></script>
-    <script type="text/javascript" src="../../_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="../../index.html" />
-    <link rel="up" title="Class code" href="../index.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" accesskey="U">Class code</a> &raquo;</li> 
-      </ul>
-    </div>  
-
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-  <h1>Source code for saml2.errors</h1><div class="highlight"><pre>
-<span class="c"># -*- coding: utf-8 -*-</span>
-
-<span class="c"># Copyright (c) 2010-2018 OneLogin, Inc.</span>
-<span class="c"># MIT License</span>
-
-
-<div class="viewcode-block" id="OneLogin_Saml2_Error"><a class="viewcode-back" href="../../saml2.html#saml2.errors.OneLogin_Saml2_Error">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Error</span><span class="p">(</span><span class="ne">Exception</span><span class="p">):</span>
-
-    <span class="c"># Errors</span>
-    <span class="n">SETTINGS_FILE_NOT_FOUND</span> <span class="o">=</span> <span class="mi">0</span>
-    <span class="n">SETTINGS_INVALID_SYNTAX</span> <span class="o">=</span> <span class="mi">1</span>
-    <span class="n">SETTINGS_INVALID</span> <span class="o">=</span> <span class="mi">2</span>
-    <span class="n">METADATA_SP_INVALID</span> <span class="o">=</span> <span class="mi">3</span>
-    <span class="n">SP_CERTS_NOT_FOUND</span> <span class="o">=</span> <span class="mi">4</span>
-    <span class="n">REDIRECT_INVALID_URL</span> <span class="o">=</span> <span class="mi">5</span>
-    <span class="n">PUBLIC_CERT_FILE_NOT_FOUND</span> <span class="o">=</span> <span class="mi">6</span>
-    <span class="n">PRIVATE_KEY_FILE_NOT_FOUND</span> <span class="o">=</span> <span class="mi">7</span>
-    <span class="n">SAML_RESPONSE_NOT_FOUND</span> <span class="o">=</span> <span class="mi">8</span>
-    <span class="n">SAML_LOGOUTMESSAGE_NOT_FOUND</span> <span class="o">=</span> <span class="mi">9</span>
-    <span class="n">SAML_LOGOUTREQUEST_INVALID</span> <span class="o">=</span> <span class="mi">10</span>
-    <span class="n">SAML_LOGOUTRESPONSE_INVALID</span> <span class="o">=</span> <span class="mi">11</span>
-    <span class="n">SAML_SINGLE_LOGOUT_NOT_SUPPORTED</span> <span class="o">=</span> <span class="mi">12</span>
-
-    <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">message</span><span class="p">,</span> <span class="n">code</span><span class="o">=</span><span class="mi">0</span><span class="p">,</span> <span class="n">errors</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Initializes the Exception instance.</span>
-
-<span class="sd">        Arguments are:</span>
-<span class="sd">            * (str)   message.   Describes the error.</span>
-<span class="sd">            * (int)   code.      The code error (defined in the error class).</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="kn">from</span> <span class="nn">saml2.utils</span> <span class="kn">import</span> <span class="n">_</span>
-
-        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">message</span><span class="p">,</span> <span class="nb">basestring</span><span class="p">)</span>
-        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">code</span><span class="p">,</span> <span class="nb">int</span><span class="p">)</span>
-
-        <span class="k">if</span> <span class="n">errors</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="n">message</span> <span class="o">=</span> <span class="n">message</span> <span class="o">%</span> <span class="n">errors</span>
-
-        <span class="ne">Exception</span><span class="o">.</span><span class="n">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">_</span><span class="p">(</span><span class="n">message</span><span class="p">))</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">code</span> <span class="o">=</span> <span class="n">code</span></div>
-</pre></div>
-
-          </div>
-        </div>
-      </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="../../search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" >Class code</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
-</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/saml2/logout_request.html b/docs/saml2/_modules/saml2/logout_request.html
deleted file mode 100644
index 1b690dd4..00000000
--- a/docs/saml2/_modules/saml2/logout_request.html
+++ /dev/null
@@ -1,372 +0,0 @@
-
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>saml2.logout_request &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="../../_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '../../',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="../../_static/jquery.js"></script>
-    <script type="text/javascript" src="../../_static/underscore.js"></script>
-    <script type="text/javascript" src="../../_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="../../index.html" />
-    <link rel="up" title="Class code" href="../index.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" accesskey="U">Class code</a> &raquo;</li> 
-      </ul>
-    </div>  
-
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-  <h1>Source code for saml2.logout_request</h1><div class="highlight"><pre>
-<span class="c"># -*- coding: utf-8 -*-</span>
-
-<span class="c"># Copyright (c) 2010-2018 OneLogin, Inc.</span>
-<span class="c"># MIT License</span>
-
-<span class="kn">from</span> <span class="nn">base64</span> <span class="kn">import</span> <span class="n">b64decode</span>
-<span class="kn">from</span> <span class="nn">datetime</span> <span class="kn">import</span> <span class="n">datetime</span>
-<span class="kn">from</span> <span class="nn">lxml</span> <span class="kn">import</span> <span class="n">etree</span>
-<span class="kn">from</span> <span class="nn">os.path</span> <span class="kn">import</span> <span class="n">basename</span>
-<span class="kn">from</span> <span class="nn">urllib</span> <span class="kn">import</span> <span class="n">urlencode</span>
-<span class="kn">from</span> <span class="nn">urlparse</span> <span class="kn">import</span> <span class="n">parse_qs</span>
-<span class="kn">from</span> <span class="nn">xml.dom.minidom</span> <span class="kn">import</span> <span class="n">Document</span><span class="p">,</span> <span class="n">parseString</span>
-
-<span class="kn">import</span> <span class="nn">dm.xmlsec.binding</span> <span class="kn">as</span> <span class="nn">xmlsec</span>
-
-<span class="kn">from</span> <span class="nn">saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
-<span class="kn">from</span> <span class="nn">saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span>
-
-
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request"><a class="viewcode-back" href="../../saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Logout_Request</span><span class="p">:</span>
-
-    <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span>,<span class="n">request</span><span class="o">=</span><span class="bp">None</span><span class="p">,<span class="n">name_id</span><span class="o">=</span><span class="bp">None</span><span class="p">,</span> <span class="n">session_index</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Constructs the Logout Request object.</span>
-
-<span class="sd">        Arguments are:</span>
-<span class="sd">            * (OneLogin_Saml2_Settings)   settings. Setting data</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span> <span class="o">=</span> <span class="n">settings</span>
-
-        <span class="n">sp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_sp_data</span><span class="p">()</span>
-        <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
-        <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
-
-        <span class="n">uid</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">generate_unique_id</span><span class="p">()</span>
-        <span class="n">name_id_value</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">generate_unique_id</span><span class="p">()</span>
-        <span class="n">issue_instant</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_time_to_SAML</span><span class="p">(</span><span class="nb">int</span><span class="p">(</span><span class="n">datetime</span><span class="o">.</span><span class="n">now</span><span class="p">()</span><span class="o">.</span><span class="n">strftime</span><span class="p">(</span><span class="s">&quot;</span><span class="si">%s</span><span class="s">&quot;</span><span class="p">)))</span>
-
-        <span class="n">key</span> <span class="o">=</span> <span class="bp">None</span>
-        <span class="k">if</span> <span class="s">&#39;nameIdEncrypted&#39;</span> <span class="ow">in</span> <span class="n">security</span> <span class="ow">and</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;nameIdEncrypted&#39;</span><span class="p">]:</span>
-            <span class="n">key</span> <span class="o">=</span> <span class="n">idp_data</span><span class="p">[</span><span class="s">&#39;x509cert&#39;</span><span class="p">]</span>
-
-        <span class="n">name_id</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">generate_name_id</span><span class="p">(</span>
-            <span class="n">name_id_value</span><span class="p">,</span>
-            <span class="n">sp_data</span><span class="p">[</span><span class="s">&#39;entityId&#39;</span><span class="p">],</span>
-            <span class="n">sp_data</span><span class="p">[</span><span class="s">&#39;NameIDFormat&#39;</span><span class="p">],</span>
-            <span class="n">key</span>
-        <span class="p">)</span>
-
-        <span class="n">logout_request</span> <span class="o">=</span> <span class="s">&quot;&quot;&quot;&lt;samlp:LogoutRequest</span>
-<span class="s">    xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;</span>
-<span class="s">    xmlns:saml=&quot;urn:oasis:names:tc:SAML:2.0:assertion&quot;</span>
-<span class="s">    ID=&quot;</span><span class="si">%(id)s</span><span class="s">&quot;</span>
-<span class="s">    Version=&quot;2.0&quot;</span>
-<span class="s">    IssueInstant=&quot;</span><span class="si">%(issue_instant)s</span><span class="s">&quot;</span>
-<span class="s">    Destination=&quot;</span><span class="si">%(single_logout_url)s</span><span class="s">&quot;&gt;</span>
-<span class="s">    &lt;saml:Issuer&gt;</span><span class="si">%(entity_id)s</span><span class="s">&lt;/saml:Issuer&gt;</span>
-<span class="s">    </span><span class="si">%(name_id)s</span><span class="s"></span>
-<span class="s">&lt;/samlp:LogoutRequest&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="p">{</span>
-            <span class="s">&#39;id&#39;</span><span class="p">:</span> <span class="n">uid</span><span class="p">,</span>
-            <span class="s">&#39;issue_instant&#39;</span><span class="p">:</span> <span class="n">issue_instant</span><span class="p">,</span>
-            <span class="s">&#39;single_logout_url&#39;</span><span class="p">:</span> <span class="n">idp_data</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">],</span>
-            <span class="s">&#39;entity_id&#39;</span><span class="p">:</span> <span class="n">sp_data</span><span class="p">[</span><span class="s">&#39;entityId&#39;</span><span class="p">],</span>
-            <span class="s">&#39;name_id&#39;</span><span class="p">:</span> <span class="n">name_id</span><span class="p">,</span>
-        <span class="p">}</span>
-
-        <span class="bp">self</span><span class="o">.</span><span class="n">__logout_request</span> <span class="o">=</span> <span class="n">logout_request</span>
-
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_request"><a class="viewcode-back" href="../../saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_request">[docs]</a>    <span class="k">def</span> <span class="nf">get_request</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns the Logout Request defated, base64encoded</span>
-<span class="sd">        :return: Deflated base64 encoded Logout Request</span>
-<span class="sd">        :rtype: str object</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">deflate_and_base64_encode</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__logout_request</span><span class="p">)</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_id"><a class="viewcode-back" href="../../saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_id">[docs]</a>    <span class="k">def</span> <span class="nf">get_id</span><span class="p">(</span><span class="n">request</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns the ID of the Logout Request</span>
-<span class="sd">        :param request: Logout Request Message</span>
-<span class="sd">        :type request: string|DOMDocument</span>
-<span class="sd">        :return: string ID</span>
-<span class="sd">        :rtype: str object</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">request</span><span class="p">,</span> <span class="n">Document</span><span class="p">):</span>
-            <span class="n">dom</span> <span class="o">=</span> <span class="n">request</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">dom</span> <span class="o">=</span> <span class="n">parseString</span><span class="p">(</span><span class="n">request</span><span class="p">)</span>
-        <span class="k">return</span> <span class="n">dom</span><span class="o">.</span><span class="n">documentElement</span><span class="o">.</span><span class="n">getAttribute</span><span class="p">(</span><span class="s">&#39;ID&#39;</span><span class="p">)</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_name_id_data"><a class="viewcode-back" href="../../saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_name_id_data">[docs]</a>    <span class="k">def</span> <span class="nf">get_name_id_data</span><span class="p">(</span><span class="n">request</span><span class="p">,</span> <span class="n">key</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the NameID Data of the the Logout Request</span>
-<span class="sd">        :param request: Logout Request Message</span>
-<span class="sd">        :type request: string|DOMDocument</span>
-<span class="sd">        :param key: The SP key</span>
-<span class="sd">        :type key: string</span>
-<span class="sd">        :return: Name ID Data (Value, Format, NameQualifier, SPNameQualifier)</span>
-<span class="sd">        :rtype: dict</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">request</span><span class="p">,</span> <span class="n">Document</span><span class="p">):</span>
-            <span class="n">request</span> <span class="o">=</span> <span class="n">request</span><span class="o">.</span><span class="n">toxml</span><span class="p">()</span>
-        <span class="n">dom</span> <span class="o">=</span> <span class="n">etree</span><span class="o">.</span><span class="n">fromstring</span><span class="p">(</span><span class="n">request</span><span class="p">)</span>
-        <span class="n">name_id</span> <span class="o">=</span> <span class="bp">None</span>
-
-        <span class="n">encrypted_entries</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s">&#39;/samlp:LogoutRequest/saml:EncryptedID&#39;</span><span class="p">)</span>
-
-        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">encrypted_entries</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
-            <span class="k">if</span> <span class="n">key</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-                <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Key is required in order to decrypt the NameID&#39;</span><span class="p">)</span>
-
-            <span class="n">elem</span> <span class="o">=</span> <span class="n">parseString</span><span class="p">(</span><span class="n">etree</span><span class="o">.</span><span class="n">tostring</span><span class="p">(</span><span class="n">encrypted_entries</span><span class="p">[</span><span class="mi">0</span><span class="p">]))</span>
-            <span class="n">encrypted_data_nodes</span> <span class="o">=</span> <span class="n">elem</span><span class="o">.</span><span class="n">documentElement</span><span class="o">.</span><span class="n">getElementsByTagName</span><span class="p">(</span><span class="s">&#39;xenc:EncryptedData&#39;</span><span class="p">)</span>
-            <span class="n">encrypted_data</span> <span class="o">=</span> <span class="n">encrypted_data_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
-
-            <span class="n">xmlsec</span><span class="o">.</span><span class="n">initialize</span><span class="p">()</span>
-
-            <span class="c"># Load the key into the xmlsec context</span>
-            <span class="n">file_key</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">write_temp_file</span><span class="p">(</span><span class="n">key</span><span class="p">)</span>  <span class="c"># FIXME avoid writing a file</span>
-            <span class="n">enc_key</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">load</span><span class="p">(</span><span class="n">file_key</span><span class="o">.</span><span class="n">name</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataFormatPem</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-            <span class="n">enc_key</span><span class="o">.</span><span class="n">name</span> <span class="o">=</span> <span class="n">basename</span><span class="p">(</span><span class="n">file_key</span><span class="o">.</span><span class="n">name</span><span class="p">)</span>
-            <span class="n">file_key</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-            <span class="n">enc_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">EncCtx</span><span class="p">()</span>
-            <span class="n">enc_ctx</span><span class="o">.</span><span class="n">encKey</span> <span class="o">=</span> <span class="n">enc_key</span>
-
-            <span class="n">name_id</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">decrypt_element</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">,</span> <span class="n">enc_ctx</span><span class="p">)</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">entries</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s">&#39;/samlp:LogoutRequest/saml:NameID&#39;</span><span class="p">)</span>
-            <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">entries</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
-                <span class="n">name_id</span> <span class="o">=</span> <span class="n">entries</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
-
-        <span class="k">if</span> <span class="n">name_id</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Not NameID found in the Logout Request&#39;</span><span class="p">)</span>
-
-        <span class="n">name_id_data</span> <span class="o">=</span> <span class="p">{</span>
-            <span class="s">&#39;Value&#39;</span><span class="p">:</span> <span class="n">name_id</span><span class="o">.</span><span class="n">text</span>
-        <span class="p">}</span>
-        <span class="k">for</span> <span class="n">attr</span> <span class="ow">in</span> <span class="p">[</span><span class="s">&#39;Format&#39;</span><span class="p">,</span> <span class="s">&#39;SPNameQualifier&#39;</span><span class="p">,</span> <span class="s">&#39;NameQualifier&#39;</span><span class="p">]:</span>
-            <span class="k">if</span> <span class="n">attr</span> <span class="ow">in</span> <span class="n">name_id</span><span class="o">.</span><span class="n">attrib</span><span class="o">.</span><span class="n">keys</span><span class="p">():</span>
-                <span class="n">name_id_data</span><span class="p">[</span><span class="n">attr</span><span class="p">]</span> <span class="o">=</span> <span class="n">name_id</span><span class="o">.</span><span class="n">attrib</span><span class="p">[</span><span class="n">attr</span><span class="p">]</span>
-
-        <span class="k">return</span> <span class="n">name_id_data</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_name_id"><a class="viewcode-back" href="../../saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_name_id">[docs]</a>    <span class="k">def</span> <span class="nf">get_name_id</span><span class="p">(</span><span class="n">request</span><span class="p">,</span> <span class="n">key</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the NameID of the Logout Request Message</span>
-<span class="sd">        :param request: Logout Request Message</span>
-<span class="sd">        :type request: string|DOMDocument</span>
-<span class="sd">        :param key: The SP key</span>
-<span class="sd">        :type key: string</span>
-<span class="sd">        :return: Name ID Value</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">name_id</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Logout_Request</span><span class="o">.</span><span class="n">get_name_id_data</span><span class="p">(</span><span class="n">request</span><span class="p">,</span> <span class="n">key</span><span class="p">)</span>
-        <span class="k">return</span> <span class="n">name_id</span><span class="p">[</span><span class="s">&#39;Value&#39;</span><span class="p">]</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_issuer"><a class="viewcode-back" href="../../saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_issuer">[docs]</a>    <span class="k">def</span> <span class="nf">get_issuer</span><span class="p">(</span><span class="n">request</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the Issuer of the Logout Request Message</span>
-<span class="sd">        :param request: Logout Request Message</span>
-<span class="sd">        :type request: string|DOMDocument</span>
-<span class="sd">        :return: The Issuer</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">request</span><span class="p">,</span> <span class="n">Document</span><span class="p">):</span>
-            <span class="n">request</span> <span class="o">=</span> <span class="n">request</span><span class="o">.</span><span class="n">toxml</span><span class="p">()</span>
-        <span class="n">dom</span> <span class="o">=</span> <span class="n">etree</span><span class="o">.</span><span class="n">fromstring</span><span class="p">(</span><span class="n">request</span><span class="p">)</span>
-
-        <span class="n">issuer</span> <span class="o">=</span> <span class="bp">None</span>
-        <span class="n">issuer_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s">&#39;/samlp:LogoutRequest/saml:Issuer&#39;</span><span class="p">)</span>
-        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">issuer_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
-            <span class="n">issuer</span> <span class="o">=</span> <span class="n">issuer_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">text</span>
-        <span class="k">return</span> <span class="n">issuer</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.get_session_indexes"><a class="viewcode-back" href="../../saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_session_indexes">[docs]</a>    <span class="k">def</span> <span class="nf">get_session_indexes</span><span class="p">(</span><span class="n">request</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the SessionIndexes from the Logout Request</span>
-<span class="sd">        :param request: Logout Request Message</span>
-<span class="sd">        :type request: string|DOMDocument</span>
-<span class="sd">        :return: The SessionIndex value</span>
-<span class="sd">        :rtype: list</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">request</span><span class="p">,</span> <span class="n">Document</span><span class="p">):</span>
-            <span class="n">request</span> <span class="o">=</span> <span class="n">request</span><span class="o">.</span><span class="n">toxml</span><span class="p">()</span>
-        <span class="n">dom</span> <span class="o">=</span> <span class="n">etree</span><span class="o">.</span><span class="n">fromstring</span><span class="p">(</span><span class="n">request</span><span class="p">)</span>
-
-        <span class="n">session_indexes</span> <span class="o">=</span> <span class="p">[]</span>
-        <span class="n">session_index_nodes</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s">&#39;/samlp:LogoutRequest/samlp:SessionIndex&#39;</span><span class="p">)</span>
-        <span class="k">for</span> <span class="n">session_index_node</span> <span class="ow">in</span> <span class="n">session_index_nodes</span><span class="p">:</span>
-            <span class="n">session_indexes</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">session_index_node</span><span class="o">.</span><span class="n">text</span><span class="p">)</span>
-        <span class="k">return</span> <span class="n">session_indexes</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Request.is_valid"><a class="viewcode-back" href="../../saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.is_valid">[docs]</a>    <span class="k">def</span> <span class="nf">is_valid</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="n">request</span><span class="p">,</span> <span class="n">get_data</span><span class="p">,</span> <span class="n">debug</span><span class="o">=</span><span class="bp">False</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Checks if the Logout Request recieved is valid</span>
-<span class="sd">        :param settings: Settings</span>
-<span class="sd">        :type settings: OneLogin_Saml2_Settings</span>
-<span class="sd">        :param request: Logout Request Message</span>
-<span class="sd">        :type request: string|DOMDocument</span>
-<span class="sd">        :return: If the Logout Request is or not valid</span>
-<span class="sd">        :rtype: boolean</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">try</span><span class="p">:</span>
-            <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">request</span><span class="p">,</span> <span class="n">Document</span><span class="p">):</span>
-                <span class="n">dom</span> <span class="o">=</span> <span class="n">request</span>
-            <span class="k">else</span><span class="p">:</span>
-                <span class="n">dom</span> <span class="o">=</span> <span class="n">parseString</span><span class="p">(</span><span class="n">request</span><span class="p">)</span>
-
-            <span class="n">idp_data</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
-            <span class="n">idp_entity_id</span> <span class="o">=</span> <span class="n">idp_data</span><span class="p">[</span><span class="s">&#39;entityId&#39;</span><span class="p">]</span>
-
-            <span class="k">if</span> <span class="n">settings</span><span class="o">.</span><span class="n">is_strict</span><span class="p">():</span>
-                <span class="n">res</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">validate_xml</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s">&#39;saml-schema-protocol-2.0.xsd&#39;</span><span class="p">,</span> <span class="n">debug</span><span class="p">)</span>
-                <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">res</span><span class="p">,</span> <span class="n">Document</span><span class="p">):</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd&#39;</span><span class="p">)</span>
-
-                <span class="n">security</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
-
-                <span class="n">current_url</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_no_query</span><span class="p">(</span><span class="n">get_data</span><span class="p">)</span>
-
-                <span class="c"># Check NotOnOrAfter</span>
-                <span class="k">if</span> <span class="n">dom</span><span class="o">.</span><span class="n">documentElement</span><span class="o">.</span><span class="n">hasAttribute</span><span class="p">(</span><span class="s">&#39;NotOnOrAfter&#39;</span><span class="p">):</span>
-                    <span class="n">na</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">dom</span><span class="o">.</span><span class="n">documentElement</span><span class="o">.</span><span class="n">getAttribute</span><span class="p">(</span><span class="s">&#39;NotOnOrAfter&#39;</span><span class="p">))</span>
-                    <span class="k">if</span> <span class="n">na</span> <span class="o">&lt;=</span> <span class="n">datetime</span><span class="o">.</span><span class="n">now</span><span class="p">():</span>
-                        <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Timing issues (please check your clock settings)&#39;</span><span class="p">)</span>
-
-                <span class="c"># Check destination</span>
-                <span class="k">if</span> <span class="n">dom</span><span class="o">.</span><span class="n">documentElement</span><span class="o">.</span><span class="n">hasAttribute</span><span class="p">(</span><span class="s">&#39;Destination&#39;</span><span class="p">):</span>
-                    <span class="n">destination</span> <span class="o">=</span> <span class="n">dom</span><span class="o">.</span><span class="n">documentElement</span><span class="o">.</span><span class="n">getAttribute</span><span class="p">(</span><span class="s">&#39;Destination&#39;</span><span class="p">)</span>
-                    <span class="k">if</span> <span class="n">destination</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-                        <span class="k">if</span> <span class="n">current_url</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">destination</span><span class="p">:</span>
-                            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;The LogoutRequest was received at $currentURL instead of $destination&#39;</span><span class="p">)</span>
-
-                <span class="c"># Check issuer</span>
-                <span class="n">issuer</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Logout_Request</span><span class="o">.</span><span class="n">get_issuer</span><span class="p">(</span><span class="n">dom</span><span class="p">)</span>
-                <span class="k">if</span> <span class="n">issuer</span> <span class="ow">is</span> <span class="bp">None</span> <span class="ow">or</span> <span class="n">issuer</span> <span class="o">!=</span> <span class="n">idp_entity_id</span><span class="p">:</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Invalid issuer in the Logout Request&#39;</span><span class="p">)</span>
-
-                <span class="k">if</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;wantMessagesSigned&#39;</span><span class="p">]:</span>
-                    <span class="k">if</span> <span class="s">&#39;Signature&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">get_data</span><span class="p">:</span>
-                        <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;The Message of the Logout Request is not signed and the SP require it&#39;</span><span class="p">)</span>
-
-            <span class="k">if</span> <span class="s">&#39;Signature&#39;</span> <span class="ow">in</span> <span class="n">get_data</span><span class="p">:</span>
-                <span class="k">if</span> <span class="s">&#39;SigAlg&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">get_data</span><span class="p">:</span>
-                    <span class="n">sign_alg</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span>
-                <span class="k">else</span><span class="p">:</span>
-                    <span class="n">sign_alg</span> <span class="o">=</span> <span class="n">get_data</span><span class="p">[</span><span class="s">&#39;SigAlg&#39;</span><span class="p">]</span>
-
-                <span class="k">if</span> <span class="n">sign_alg</span> <span class="o">!=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span><span class="p">:</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Invalid signAlg in the recieved Logout Request&#39;</span><span class="p">)</span>
-
-                <span class="n">signed_query</span> <span class="o">=</span> <span class="s">&#39;SAMLRequest=</span><span class="si">%s</span><span class="s">&#39;</span> <span class="o">%</span> <span class="n">urlencode</span><span class="p">(</span><span class="n">get_data</span><span class="p">[</span><span class="s">&#39;SAMLRequest&#39;</span><span class="p">])</span>
-                <span class="k">if</span> <span class="s">&#39;RelayState&#39;</span> <span class="ow">in</span> <span class="n">get_data</span><span class="p">:</span>
-                    <span class="n">signed_query</span> <span class="o">=</span> <span class="s">&#39;</span><span class="si">%s</span><span class="s">&amp;RelayState=</span><span class="si">%s</span><span class="s">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">signed_query</span><span class="p">,</span> <span class="n">urlencode</span><span class="p">(</span><span class="n">get_data</span><span class="p">[</span><span class="s">&#39;RelayState&#39;</span><span class="p">]))</span>
-                <span class="n">signed_query</span> <span class="o">=</span> <span class="s">&#39;</span><span class="si">%s</span><span class="s">&amp;SigAlg=</span><span class="si">%s</span><span class="s">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">signed_query</span><span class="p">,</span> <span class="n">urlencode</span><span class="p">(</span><span class="n">sign_alg</span><span class="p">))</span>
-
-                <span class="k">if</span> <span class="s">&#39;x509cert&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">idp_data</span> <span class="ow">or</span> <span class="n">idp_data</span><span class="p">[</span><span class="s">&#39;x509cert&#39;</span><span class="p">]</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;In order to validate the sign on the Logout Request, the x509cert of the IdP is required&#39;</span><span class="p">)</span>
-                <span class="n">cert</span> <span class="o">=</span> <span class="n">idp_data</span><span class="p">[</span><span class="s">&#39;x509cert&#39;</span><span class="p">]</span>
-
-                <span class="n">xmlsec</span><span class="o">.</span><span class="n">initialize</span><span class="p">()</span>
-                <span class="n">objkey</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">load</span><span class="p">(</span><span class="n">cert</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataFormatPem</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>  <span class="c"># FIXME is this right?</span>
-
-                <span class="k">if</span> <span class="ow">not</span> <span class="n">objkey</span><span class="o">.</span><span class="n">verifySignature</span><span class="p">(</span><span class="n">signed_query</span><span class="p">,</span> <span class="n">b64decode</span><span class="p">(</span><span class="n">get_data</span><span class="p">[</span><span class="s">&#39;Signature&#39;</span><span class="p">])):</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Signature validation failed. Logout Request rejected&#39;</span><span class="p">)</span>
-
-            <span class="k">return</span> <span class="bp">True</span>
-        <span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span>
-            <span class="n">debug</span> <span class="o">=</span> <span class="n">settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">()</span>
-            <span class="k">if</span> <span class="n">debug</span><span class="p">:</span>
-                <span class="k">print</span><span class="p">(</span><span class="n">e</span><span class="o">.</span><span class="n">strerror</span><span class="p">)</span>
-            <span class="k">return</span> <span class="bp">False</span></div></div>
-</pre></div>
-
-          </div>
-        </div>
-      </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="../../search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" >Class code</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
-</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/saml2/logout_response.html b/docs/saml2/_modules/saml2/logout_response.html
deleted file mode 100644
index 3ea3bbf7..00000000
--- a/docs/saml2/_modules/saml2/logout_response.html
+++ /dev/null
@@ -1,282 +0,0 @@
-
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>saml2.logout_response &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="../../_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '../../',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="../../_static/jquery.js"></script>
-    <script type="text/javascript" src="../../_static/underscore.js"></script>
-    <script type="text/javascript" src="../../_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="../../index.html" />
-    <link rel="up" title="Class code" href="../index.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" accesskey="U">Class code</a> &raquo;</li> 
-      </ul>
-    </div>  
-
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-  <h1>Source code for saml2.logout_response</h1><div class="highlight"><pre>
-<span class="c"># -*- coding: utf-8 -*-</span>
-
-<span class="c"># Copyright (c) 2010-2018 OneLogin, Inc.</span>
-<span class="c"># MIT License</span>
-
-<span class="kn">from</span> <span class="nn">base64</span> <span class="kn">import</span> <span class="n">b64decode</span>
-<span class="kn">from</span> <span class="nn">datetime</span> <span class="kn">import</span> <span class="n">datetime</span>
-<span class="kn">from</span> <span class="nn">lxml</span> <span class="kn">import</span> <span class="n">etree</span>
-<span class="kn">from</span> <span class="nn">urllib</span> <span class="kn">import</span> <span class="n">quote_plus</span>
-<span class="kn">from</span> <span class="nn">xml.dom.minidom</span> <span class="kn">import</span> <span class="n">Document</span><span class="p">,</span> <span class="n">parseString</span>
-
-<span class="kn">import</span> <span class="nn">dm.xmlsec.binding</span> <span class="kn">as</span> <span class="nn">xmlsec</span>
-
-<span class="kn">from</span> <span class="nn">saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
-<span class="kn">from</span> <span class="nn">saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span>
-
-
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response"><a class="viewcode-back" href="../../saml2.html#saml2.logout_response.OneLogin_Saml2_Logout_Response">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Logout_Response</span><span class="p">():</span>
-
-    <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">,</span> <span class="n">response</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Constructs a Logout Response object (Initialize params from settings</span>
-<span class="sd">        and if provided load the Logout Response.</span>
-
-<span class="sd">        Arguments are:</span>
-<span class="sd">            * (OneLogin_Saml2_Settings)   settings. Setting data</span>
-<span class="sd">            * (string)                    response. An UUEncoded SAML Logout</span>
-<span class="sd">                                                    response from the IdP.</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span> <span class="o">=</span> <span class="n">settings</span>
-        <span class="k">if</span> <span class="n">response</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__logout_response</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">decode_base64_and_inflate</span><span class="p">(</span><span class="n">response</span><span class="p">)</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">document</span> <span class="o">=</span> <span class="n">parseString</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__logout_response</span><span class="p">)</span>
-
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response.get_issuer"><a class="viewcode-back" href="../../saml2.html#saml2.logout_response.OneLogin_Saml2_Logout_Response.get_issuer">[docs]</a>    <span class="k">def</span> <span class="nf">get_issuer</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the Issuer of the Logout Response Message</span>
-<span class="sd">        :return: The Issuer</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">issuer</span> <span class="o">=</span> <span class="bp">None</span>
-        <span class="n">issuer_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query</span><span class="p">(</span><span class="s">&#39;/samlp:LogoutResponse/saml:Issuer&#39;</span><span class="p">)</span>
-        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">issuer_nodes</span><span class="p">)</span> <span class="o">==</span> <span class="mi">1</span><span class="p">:</span>
-            <span class="n">issuer</span> <span class="o">=</span> <span class="n">issuer_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">text</span>
-        <span class="k">return</span> <span class="n">issuer</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response.get_status"><a class="viewcode-back" href="../../saml2.html#saml2.logout_response.OneLogin_Saml2_Logout_Response.get_status">[docs]</a>    <span class="k">def</span> <span class="nf">get_status</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the Status</span>
-<span class="sd">        :return: The Status</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">entries</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query</span><span class="p">(</span><span class="s">&#39;/samlp:LogoutResponse/samlp:Status/samlp:StatusCode&#39;</span><span class="p">)</span>
-        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">entries</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="k">return</span> <span class="bp">None</span>
-        <span class="n">status</span> <span class="o">=</span> <span class="n">entries</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">attrib</span><span class="p">[</span><span class="s">&#39;Value&#39;</span><span class="p">]</span>
-        <span class="k">return</span> <span class="n">status</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response.is_valid"><a class="viewcode-back" href="../../saml2.html#saml2.logout_response.OneLogin_Saml2_Logout_Response.is_valid">[docs]</a>    <span class="k">def</span> <span class="nf">is_valid</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">request_data</span><span class="p">,</span> <span class="n">request_id</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Determines if the SAML LogoutResponse is valid</span>
-<span class="sd">        :param request_id: The ID of the LogoutRequest sent by this SP to the IdP</span>
-<span class="sd">        :type request_id: string</span>
-<span class="sd">        :return: Returns if the SAML LogoutResponse is or not valid</span>
-<span class="sd">        :rtype: boolean</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">try</span><span class="p">:</span>
-            <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
-            <span class="n">idp_entity_id</span> <span class="o">=</span> <span class="n">idp_data</span><span class="p">[</span><span class="s">&#39;entityId&#39;</span><span class="p">]</span>
-            <span class="n">get_data</span> <span class="o">=</span> <span class="n">request_data</span><span class="p">[</span><span class="s">&#39;get_data&#39;</span><span class="p">]</span>
-
-            <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">is_strict</span><span class="p">():</span>
-                <span class="n">res</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">validate_xml</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">,</span> <span class="s">&#39;saml-schema-protocol-2.0.xsd&#39;</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">())</span>
-                <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">res</span><span class="p">,</span> <span class="n">Document</span><span class="p">):</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd&#39;</span><span class="p">)</span>
-
-                <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
-
-                <span class="c"># Check if the InResponseTo of the Logout Response matchs the ID of the Logout Request (requestId) if provided</span>
-                <span class="k">if</span> <span class="n">request_id</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span> <span class="ow">and</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">documentElement</span><span class="o">.</span><span class="n">hasAttribute</span><span class="p">(</span><span class="s">&#39;InResponseTo&#39;</span><span class="p">):</span>
-                    <span class="n">in_response_to</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">documentElement</span><span class="o">.</span><span class="n">getAttribute</span><span class="p">(</span><span class="s">&#39;InResponseTo&#39;</span><span class="p">)</span>
-                    <span class="k">if</span> <span class="n">request_id</span> <span class="o">!=</span> <span class="n">in_response_to</span><span class="p">:</span>
-                        <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;The InResponseTo of the Logout Response: </span><span class="si">%s</span><span class="s">, does not match the ID of the Logout request sent by the SP: </span><span class="si">%s</span><span class="s">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">in_response_to</span><span class="p">,</span> <span class="n">request_id</span><span class="p">))</span>
-
-                <span class="c"># Check issuer</span>
-                <span class="n">issuer</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_issuer</span><span class="p">()</span>
-                <span class="k">if</span> <span class="n">issuer</span> <span class="ow">is</span> <span class="bp">None</span> <span class="ow">or</span> <span class="n">issuer</span> <span class="o">!=</span> <span class="n">idp_entity_id</span><span class="p">:</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Invalid issuer in the Logout Request&#39;</span><span class="p">)</span>
-
-                <span class="n">current_url</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_no_query</span><span class="p">(</span><span class="n">request_data</span><span class="p">)</span>
-
-                <span class="c"># Check destination</span>
-                <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">documentElement</span><span class="o">.</span><span class="n">hasAttribute</span><span class="p">(</span><span class="s">&#39;Destination&#39;</span><span class="p">):</span>
-                    <span class="n">destination</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">documentElement</span><span class="o">.</span><span class="n">getAttribute</span><span class="p">(</span><span class="s">&#39;Destination&#39;</span><span class="p">)</span>
-                    <span class="k">if</span> <span class="n">destination</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-                        <span class="k">if</span> <span class="n">current_url</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">destination</span><span class="p">:</span>
-                            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;The LogoutRequest was received at $currentURL instead of $destination&#39;</span><span class="p">)</span>
-
-                <span class="k">if</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;wantMessagesSigned&#39;</span><span class="p">]:</span>
-                    <span class="k">if</span> <span class="s">&#39;Signature&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">get_data</span><span class="p">:</span>
-                        <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;The Message of the Logout Response is not signed and the SP require it&#39;</span><span class="p">)</span>
-
-            <span class="k">if</span> <span class="s">&#39;Signature&#39;</span> <span class="ow">in</span> <span class="n">get_data</span><span class="p">:</span>
-                <span class="k">if</span> <span class="s">&#39;SigAlg&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">get_data</span><span class="p">:</span>
-                    <span class="n">sign_alg</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span>
-                <span class="k">else</span><span class="p">:</span>
-                    <span class="n">sign_alg</span> <span class="o">=</span> <span class="n">get_data</span><span class="p">[</span><span class="s">&#39;SigAlg&#39;</span><span class="p">]</span>
-
-                <span class="k">if</span> <span class="n">sign_alg</span> <span class="o">!=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">RSA_SHA1</span><span class="p">:</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Invalid signAlg in the recieved Logout Response&#39;</span><span class="p">)</span>
-
-                <span class="n">signed_query</span> <span class="o">=</span> <span class="s">&#39;SAMLResponse=</span><span class="si">%s</span><span class="s">&#39;</span> <span class="o">%</span> <span class="n">quote_plus</span><span class="p">(</span><span class="n">get_data</span><span class="p">[</span><span class="s">&#39;SAMLResponse&#39;</span><span class="p">])</span>
-                <span class="k">if</span> <span class="s">&#39;RelayState&#39;</span> <span class="ow">in</span> <span class="n">get_data</span><span class="p">:</span>
-                    <span class="n">signed_query</span> <span class="o">=</span> <span class="s">&#39;</span><span class="si">%s</span><span class="s">&amp;RelayState=</span><span class="si">%s</span><span class="s">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">signed_query</span><span class="p">,</span> <span class="n">quote_plus</span><span class="p">(</span><span class="n">get_data</span><span class="p">[</span><span class="s">&#39;RelayState&#39;</span><span class="p">]))</span>
-                <span class="n">signed_query</span> <span class="o">=</span> <span class="s">&#39;</span><span class="si">%s</span><span class="s">&amp;SigAlg=</span><span class="si">%s</span><span class="s">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">signed_query</span><span class="p">,</span> <span class="n">quote_plus</span><span class="p">(</span><span class="n">sign_alg</span><span class="p">))</span>
-
-                <span class="k">if</span> <span class="s">&#39;x509cert&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">idp_data</span> <span class="ow">or</span> <span class="n">idp_data</span><span class="p">[</span><span class="s">&#39;x509cert&#39;</span><span class="p">]</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;In order to validate the sign on the Logout Response, the x509cert of the IdP is required&#39;</span><span class="p">)</span>
-                <span class="n">cert</span> <span class="o">=</span> <span class="n">idp_data</span><span class="p">[</span><span class="s">&#39;x509cert&#39;</span><span class="p">]</span>
-
-                <span class="n">xmlsec</span><span class="o">.</span><span class="n">initialize</span><span class="p">()</span>
-                <span class="n">objkey</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">load</span><span class="p">(</span><span class="n">cert</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataFormatPem</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>  <span class="c"># FIXME is this right?</span>
-
-                <span class="k">if</span> <span class="ow">not</span> <span class="n">objkey</span><span class="o">.</span><span class="n">verifySignature</span><span class="p">(</span><span class="n">signed_query</span><span class="p">,</span> <span class="n">b64decode</span><span class="p">(</span><span class="n">get_data</span><span class="p">[</span><span class="s">&#39;Signature&#39;</span><span class="p">])):</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Signature validation failed. Logout Response rejected&#39;</span><span class="p">)</span>
-
-            <span class="k">return</span> <span class="bp">True</span>
-        <span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span>
-            <span class="n">debug</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">()</span>
-            <span class="k">if</span> <span class="n">debug</span><span class="p">:</span>
-                <span class="k">print</span><span class="p">(</span><span class="n">e</span><span class="o">.</span><span class="n">strerror</span><span class="p">)</span>
-            <span class="k">return</span> <span class="bp">False</span>
-</div>
-    <span class="k">def</span> <span class="nf">__query</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">query</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Extracts a node from the DOMDocument (Logout Response Menssage)</span>
-<span class="sd">        :param query: Xpath Expresion</span>
-<span class="sd">        :type query: string</span>
-<span class="sd">        :return: The queried node</span>
-<span class="sd">        :rtype: DOMNodeList</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="c"># Switch to lxml for querying</span>
-        <span class="n">xml</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">toxml</span><span class="p">()</span>
-        <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">etree</span><span class="o">.</span><span class="n">fromstring</span><span class="p">(</span><span class="n">xml</span><span class="p">),</span> <span class="n">query</span><span class="p">)</span>
-
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response.build"><a class="viewcode-back" href="../../saml2.html#saml2.logout_response.OneLogin_Saml2_Logout_Response.build">[docs]</a>    <span class="k">def</span> <span class="nf">build</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">in_response_to</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Creates a Logout Response object.</span>
-<span class="sd">        :param in_response_to: InResponseTo value for the Logout Response.</span>
-<span class="sd">        :type in_response_to: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">sp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_sp_data</span><span class="p">()</span>
-        <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
-
-        <span class="n">uid</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">generate_unique_id</span><span class="p">()</span>
-        <span class="n">issue_instant</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_time_to_SAML</span><span class="p">(</span>
-            <span class="nb">int</span><span class="p">(</span><span class="n">datetime</span><span class="o">.</span><span class="n">now</span><span class="p">()</span><span class="o">.</span><span class="n">strftime</span><span class="p">(</span><span class="s">&quot;</span><span class="si">%s</span><span class="s">&quot;</span><span class="p">))</span>
-        <span class="p">)</span>
-
-        <span class="n">logout_response</span> <span class="o">=</span> <span class="s">&quot;&quot;&quot;&lt;samlp:LogoutResponse xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;</span>
-<span class="s">                      xmlns:saml=&quot;urn:oasis:names:tc:SAML:2.0:assertion&quot;</span>
-<span class="s">                      ID=&quot;</span><span class="si">%(id)s</span><span class="s">&quot;</span>
-<span class="s">                      Version=&quot;2.0&quot;</span>
-<span class="s">                      IssueInstant=&quot;</span><span class="si">%(issue_instant)s</span><span class="s">&quot;</span>
-<span class="s">                      Destination=&quot;</span><span class="si">%(destination)s</span><span class="s">&quot;</span>
-<span class="s">                      InResponseTo=&quot;</span><span class="si">%(in_response_to)s</span><span class="s">&quot;</span>
-<span class="s">&gt;</span>
-<span class="s">    &lt;saml:Issuer&gt;</span><span class="si">%(entity_id)s</span><span class="s">&lt;/saml:Issuer&gt;</span>
-<span class="s">    &lt;samlp:Status&gt;</span>
-<span class="s">        &lt;samlp:StatusCode Value=&quot;urn:oasis:names:tc:SAML:2.0:status:Success&quot; /&gt;</span>
-<span class="s">    &lt;/samlp:Status&gt;</span>
-<span class="s">&lt;/samlp:LogoutResponse&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="p">{</span>
-            <span class="s">&#39;id&#39;</span><span class="p">:</span> <span class="n">uid</span><span class="p">,</span>
-            <span class="s">&#39;issue_instant&#39;</span><span class="p">:</span> <span class="n">issue_instant</span><span class="p">,</span>
-            <span class="s">&#39;destination&#39;</span><span class="p">:</span> <span class="n">idp_data</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">],</span>
-            <span class="s">&#39;in_response_to&#39;</span><span class="p">:</span> <span class="n">in_response_to</span><span class="p">,</span>
-            <span class="s">&#39;entity_id&#39;</span><span class="p">:</span> <span class="n">sp_data</span><span class="p">[</span><span class="s">&#39;entityId&#39;</span><span class="p">],</span>
-        <span class="p">}</span>
-
-        <span class="bp">self</span><span class="o">.</span><span class="n">__logout_response</span> <span class="o">=</span> <span class="n">logout_response</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Logout_Response.get_response"><a class="viewcode-back" href="../../saml2.html#saml2.logout_response.OneLogin_Saml2_Logout_Response.get_response">[docs]</a>    <span class="k">def</span> <span class="nf">get_response</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns a Logout Response object.</span>
-<span class="sd">        :return: Logout Response deflated and base64 encoded</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">deflate_and_base64_encode</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__logout_response</span><span class="p">)</span></div></div>
-</pre></div>
-
-          </div>
-        </div>
-      </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="../../search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" >Class code</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
-</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/saml2/metadata.html b/docs/saml2/_modules/saml2/metadata.html
deleted file mode 100644
index 7b0a1be5..00000000
--- a/docs/saml2/_modules/saml2/metadata.html
+++ /dev/null
@@ -1,289 +0,0 @@
-
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>saml2.metadata &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="../../_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '../../',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="../../_static/jquery.js"></script>
-    <script type="text/javascript" src="../../_static/underscore.js"></script>
-    <script type="text/javascript" src="../../_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="../../index.html" />
-    <link rel="up" title="Class code" href="../index.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" accesskey="U">Class code</a> &raquo;</li> 
-      </ul>
-    </div>  
-
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-  <h1>Source code for saml2.metadata</h1><div class="highlight"><pre>
-<span class="c"># -*- coding: utf-8 -*-</span>
-
-<span class="c"># Copyright (c) 2010-2018 OneLogin, Inc.</span>
-<span class="c"># MIT License</span>
-
-<span class="kn">from</span> <span class="nn">time</span> <span class="kn">import</span> <span class="n">gmtime</span><span class="p">,</span> <span class="n">strftime</span>
-<span class="kn">from</span> <span class="nn">datetime</span> <span class="kn">import</span> <span class="n">datetime</span>
-<span class="kn">from</span> <span class="nn">xml.dom.minidom</span> <span class="kn">import</span> <span class="n">parseString</span>
-
-<span class="kn">from</span> <span class="nn">saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
-<span class="kn">from</span> <span class="nn">saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span>
-
-
-<div class="viewcode-block" id="OneLogin_Saml2_Metadata"><a class="viewcode-back" href="../../saml2.html#saml2.metadata.OneLogin_Saml2_Metadata">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Metadata</span><span class="p">:</span>
-
-    <span class="n">TIME_VALID</span> <span class="o">=</span> <span class="mi">172800</span>   <span class="c"># 2 days</span>
-    <span class="n">TIME_CACHED</span> <span class="o">=</span> <span class="mi">604800</span>  <span class="c"># 1 week</span>
-
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Metadata.builder"><a class="viewcode-back" href="../../saml2.html#saml2.metadata.OneLogin_Saml2_Metadata.builder">[docs]</a>    <span class="k">def</span> <span class="nf">builder</span><span class="p">(</span><span class="n">sp</span><span class="p">,</span> <span class="n">authnsign</span><span class="o">=</span><span class="bp">False</span><span class="p">,</span> <span class="n">wsign</span><span class="o">=</span><span class="bp">False</span><span class="p">,</span> <span class="n">valid_until</span><span class="o">=</span><span class="bp">None</span><span class="p">,</span> <span class="n">cache_duration</span><span class="o">=</span><span class="bp">None</span><span class="p">,</span> <span class="n">contacts</span><span class="o">=</span><span class="bp">None</span><span class="p">,</span> <span class="n">organization</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Build the metadata of the SP</span>
-
-<span class="sd">        :param sp: The SP data</span>
-<span class="sd">        :type sp: string</span>
-
-<span class="sd">        :param authnsign: authnRequestsSigned attribute</span>
-<span class="sd">        :type authnsign: string</span>
-
-<span class="sd">        :param wsign: wantAssertionsSigned attribute</span>
-<span class="sd">        :type wsign: string</span>
-
-<span class="sd">        :param valid_until: Metadata&#39;s valid time</span>
-<span class="sd">        :type valid_until: DateTime</span>
-
-<span class="sd">        :param cache_duration: Duration of the cache in seconds</span>
-<span class="sd">        :type cache_duration: Timestamp</span>
-
-<span class="sd">        :param contacts: Contacts info</span>
-<span class="sd">        :type contacts: dict</span>
-
-<span class="sd">        :param organization: Organization ingo</span>
-<span class="sd">        :type organization: dict</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="n">valid_until</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="n">valid_until</span> <span class="o">=</span> <span class="nb">int</span><span class="p">(</span><span class="n">datetime</span><span class="o">.</span><span class="n">now</span><span class="p">()</span><span class="o">.</span><span class="n">strftime</span><span class="p">(</span><span class="s">&quot;</span><span class="si">%s</span><span class="s">&quot;</span><span class="p">))</span> <span class="o">+</span> <span class="n">OneLogin_Saml2_Metadata</span><span class="o">.</span><span class="n">TIME_VALID</span>
-        <span class="n">valid_until_time</span> <span class="o">=</span> <span class="n">gmtime</span><span class="p">(</span><span class="n">valid_until</span><span class="p">)</span>
-        <span class="n">valid_until_time</span> <span class="o">=</span> <span class="n">strftime</span><span class="p">(</span><span class="s">r&#39;%Y-%m-</span><span class="si">%d</span><span class="s">T%H:%M:%SZ&#39;</span><span class="p">,</span> <span class="n">valid_until_time</span><span class="p">)</span>
-        <span class="k">if</span> <span class="n">cache_duration</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="n">cache_duration</span> <span class="o">=</span> <span class="nb">int</span><span class="p">(</span><span class="n">datetime</span><span class="o">.</span><span class="n">now</span><span class="p">()</span><span class="o">.</span><span class="n">strftime</span><span class="p">(</span><span class="s">&quot;</span><span class="si">%s</span><span class="s">&quot;</span><span class="p">))</span> <span class="o">+</span> <span class="n">OneLogin_Saml2_Metadata</span><span class="o">.</span><span class="n">TIME_CACHED</span>
-        <span class="k">if</span> <span class="n">contacts</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="n">contacts</span> <span class="o">=</span> <span class="p">{}</span>
-        <span class="k">if</span> <span class="n">organization</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="n">organization</span> <span class="o">=</span> <span class="p">{}</span>
-
-        <span class="n">sls</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-        <span class="k">if</span> <span class="s">&#39;singleLogoutService&#39;</span> <span class="ow">in</span> <span class="n">sp</span><span class="p">:</span>
-            <span class="n">sls</span> <span class="o">=</span> <span class="s">&quot;&quot;&quot;&lt;md:SingleLogoutService Binding=&quot;</span><span class="si">%(binding)s</span><span class="s">&quot;</span>
-<span class="s">                                Location=&quot;</span><span class="si">%(location)s</span><span class="s">&quot; /&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="p">{</span>
-                <span class="s">&#39;binding&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s">&#39;binding&#39;</span><span class="p">],</span>
-                <span class="s">&#39;location&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">],</span>
-            <span class="p">}</span>
-
-        <span class="n">str_authnsign</span> <span class="o">=</span> <span class="s">&#39;true&#39;</span> <span class="k">if</span> <span class="n">authnsign</span> <span class="k">else</span> <span class="s">&#39;false&#39;</span>
-        <span class="n">str_wsign</span> <span class="o">=</span> <span class="s">&#39;true&#39;</span> <span class="k">if</span> <span class="n">wsign</span> <span class="k">else</span> <span class="s">&#39;false&#39;</span>
-
-        <span class="n">str_organization</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">organization</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="n">organization_info</span> <span class="o">=</span> <span class="p">[]</span>
-            <span class="k">for</span> <span class="p">(</span><span class="n">lang</span><span class="p">,</span> <span class="n">info</span><span class="p">)</span> <span class="ow">in</span> <span class="n">organization</span><span class="o">.</span><span class="n">items</span><span class="p">():</span>
-                <span class="n">organization_info</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&quot;&quot;&quot;    &lt;md:Organization&gt;</span>
-<span class="s">        &lt;md:OrganizationName xml:lang=&quot;</span><span class="si">%(lang)s</span><span class="s">&quot;&gt;</span><span class="si">%(name)s</span><span class="s">&lt;/md:OrganizationName&gt;</span>
-<span class="s">        &lt;md:OrganizationDisplayName xml:lang=&quot;</span><span class="si">%(lang)s</span><span class="s">&quot;&gt;</span><span class="si">%(display_name)s</span><span class="s">&lt;/md:OrganizationDisplayName&gt;</span>
-<span class="s">        &lt;md:OrganizationURL xml:lang=&quot;</span><span class="si">%(lang)s</span><span class="s">&quot;&gt;</span><span class="si">%(url)s</span><span class="s">&lt;/md:OrganizationURL&gt;</span>
-<span class="s">    &lt;/md:Organization&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="p">{</span>
-                    <span class="s">&#39;lang&#39;</span><span class="p">:</span> <span class="n">lang</span><span class="p">,</span>
-                    <span class="s">&#39;name&#39;</span><span class="p">:</span> <span class="n">info</span><span class="p">[</span><span class="s">&#39;name&#39;</span><span class="p">],</span>
-                    <span class="s">&#39;display_name&#39;</span><span class="p">:</span> <span class="n">info</span><span class="p">[</span><span class="s">&#39;displayname&#39;</span><span class="p">],</span>
-                    <span class="s">&#39;url&#39;</span><span class="p">:</span> <span class="n">info</span><span class="p">[</span><span class="s">&#39;url&#39;</span><span class="p">],</span>
-                <span class="p">})</span>
-            <span class="n">str_organization</span> <span class="o">=</span> <span class="s">&#39;</span><span class="se">\n</span><span class="s">&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">organization_info</span><span class="p">)</span>
-
-        <span class="n">str_contacts</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">contacts</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="n">contacts_info</span> <span class="o">=</span> <span class="p">[]</span>
-            <span class="k">for</span> <span class="p">(</span><span class="n">ctype</span><span class="p">,</span> <span class="n">info</span><span class="p">)</span> <span class="ow">in</span> <span class="n">contacts</span><span class="o">.</span><span class="n">items</span><span class="p">():</span>
-                <span class="n">contacts_info</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&quot;&quot;&quot;    &lt;md:ContactPerson contactType=&quot;</span><span class="si">%(type)s</span><span class="s">&quot;&gt;</span>
-<span class="s">        &lt;md:GivenName&gt;</span><span class="si">%(name)s</span><span class="s">&lt;/md:GivenName&gt;</span>
-<span class="s">        &lt;md:EmailAddress&gt;</span><span class="si">%(email)s</span><span class="s">&lt;/md:EmailAddress&gt;</span>
-<span class="s">    &lt;/md:ContactPerson&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="p">{</span>
-                    <span class="s">&#39;type&#39;</span><span class="p">:</span> <span class="n">ctype</span><span class="p">,</span>
-                    <span class="s">&#39;name&#39;</span><span class="p">:</span> <span class="n">info</span><span class="p">[</span><span class="s">&#39;givenName&#39;</span><span class="p">],</span>
-                    <span class="s">&#39;email&#39;</span><span class="p">:</span> <span class="n">info</span><span class="p">[</span><span class="s">&#39;emailAddress&#39;</span><span class="p">],</span>
-                <span class="p">})</span>
-            <span class="n">str_contacts</span> <span class="o">=</span> <span class="s">&#39;</span><span class="se">\n</span><span class="s">&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">contacts_info</span><span class="p">)</span>
-
-        <span class="n">metadata</span> <span class="o">=</span> <span class="s">&quot;&quot;&quot;&lt;?xml version=&quot;1.0&quot;?&gt;</span>
-<span class="s">&lt;md:EntityDescriptor xmlns:md=&quot;urn:oasis:names:tc:SAML:2.0:metadata&quot;</span>
-<span class="s">                     validUntil=&quot;</span><span class="si">%(valid)s</span><span class="s">&quot;</span>
-<span class="s">                     cacheDuration=&quot;PT</span><span class="si">%(cache)s</span><span class="s">S&quot;</span>
-<span class="s">                     entityID=&quot;</span><span class="si">%(entity_id)s</span><span class="s">&quot;&gt;</span>
-<span class="s">    &lt;md:SPSSODescriptor AuthnRequestsSigned=&quot;</span><span class="si">%(authnsign)s</span><span class="s">&quot; WantAssertionsSigned=&quot;</span><span class="si">%(wsign)s</span><span class="s">&quot; protocolSupportEnumeration=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;&gt;</span>
-<span class="s">        &lt;md:NameIDFormat&gt;</span><span class="si">%(name_id_format)s</span><span class="s">&lt;/md:NameIDFormat&gt;</span>
-<span class="s">        &lt;md:AssertionConsumerService Binding=&quot;</span><span class="si">%(binding)s</span><span class="s">&quot;</span>
-<span class="s">                                     Location=&quot;</span><span class="si">%(location)s</span><span class="s">&quot;</span>
-<span class="s">                                     index=&quot;1&quot; /&gt;</span>
-<span class="si">%(sls)s</span><span class="s"></span>
-<span class="s">    &lt;/md:SPSSODescriptor&gt;</span>
-<span class="si">%(organization)s</span><span class="s"></span>
-<span class="si">%(contacts)s</span><span class="s"></span>
-<span class="s">&lt;/md:EntityDescriptor&gt;&quot;&quot;&quot;</span> <span class="o">%</span> <span class="p">{</span>
-            <span class="s">&#39;valid&#39;</span><span class="p">:</span> <span class="n">valid_until_time</span><span class="p">,</span>
-            <span class="s">&#39;cache&#39;</span><span class="p">:</span> <span class="n">cache_duration</span><span class="p">,</span>
-            <span class="s">&#39;entity_id&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s">&#39;entityId&#39;</span><span class="p">],</span>
-            <span class="s">&#39;authnsign&#39;</span><span class="p">:</span> <span class="n">str_authnsign</span><span class="p">,</span>
-            <span class="s">&#39;wsign&#39;</span><span class="p">:</span> <span class="n">str_wsign</span><span class="p">,</span>
-            <span class="s">&#39;name_id_format&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s">&#39;NameIDFormat&#39;</span><span class="p">],</span>
-            <span class="s">&#39;binding&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s">&#39;assertionConsumerService&#39;</span><span class="p">][</span><span class="s">&#39;binding&#39;</span><span class="p">],</span>
-            <span class="s">&#39;location&#39;</span><span class="p">:</span> <span class="n">sp</span><span class="p">[</span><span class="s">&#39;assertionConsumerService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">],</span>
-            <span class="s">&#39;sls&#39;</span><span class="p">:</span> <span class="n">sls</span><span class="p">,</span>
-            <span class="s">&#39;organization&#39;</span><span class="p">:</span> <span class="n">str_organization</span><span class="p">,</span>
-            <span class="s">&#39;contacts&#39;</span><span class="p">:</span> <span class="n">str_contacts</span><span class="p">,</span>
-        <span class="p">}</span>
-
-        <span class="k">return</span> <span class="n">metadata</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Metadata.sign_metadata"><a class="viewcode-back" href="../../saml2.html#saml2.metadata.OneLogin_Saml2_Metadata.sign_metadata">[docs]</a>    <span class="k">def</span> <span class="nf">sign_metadata</span><span class="p">(</span><span class="n">metadata</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">cert</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Sign the metadata with the key/cert provided</span>
-
-<span class="sd">        :param metadata: SAML Metadata XML</span>
-<span class="sd">        :type metadata: string</span>
-
-<span class="sd">        :param key: x509 key</span>
-<span class="sd">        :type key: string</span>
-
-<span class="sd">        :param cert: x509 cert</span>
-<span class="sd">        :type cert: string</span>
-
-<span class="sd">        :returns: Signed Metadata</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">add_sign</span><span class="p">(</span><span class="n">metadata</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">cert</span><span class="p">)</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Metadata.add_x509_key_descriptors"><a class="viewcode-back" href="../../saml2.html#saml2.metadata.OneLogin_Saml2_Metadata.add_x509_key_descriptors">[docs]</a>    <span class="k">def</span> <span class="nf">add_x509_key_descriptors</span><span class="p">(</span><span class="n">metadata</span><span class="p">,</span> <span class="n">cert</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Add the x509 descriptors (sign/encriptation to the metadata</span>
-<span class="sd">        The same cert will be used for sign/encrypt</span>
-
-<span class="sd">        :param metadata: SAML Metadata XML</span>
-<span class="sd">        :type metadata: string</span>
-
-<span class="sd">        :param cert: x509 cert</span>
-<span class="sd">        :type cert: string</span>
-
-<span class="sd">        :returns: Metadata with KeyDescriptors</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">try</span><span class="p">:</span>
-            <span class="n">xml</span> <span class="o">=</span> <span class="n">parseString</span><span class="p">(</span><span class="n">metadata</span><span class="p">)</span>
-        <span class="k">except</span> <span class="ne">Exception</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span>
-            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Error parsing metadata. &#39;</span> <span class="o">+</span> <span class="n">e</span><span class="o">.</span><span class="n">message</span><span class="p">)</span>
-
-        <span class="n">formated_cert</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">format_cert</span><span class="p">(</span><span class="n">cert</span><span class="p">,</span> <span class="bp">False</span><span class="p">)</span>
-        <span class="n">x509_certificate</span> <span class="o">=</span> <span class="n">xml</span><span class="o">.</span><span class="n">createElementNS</span><span class="p">(</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_DS</span><span class="p">,</span> <span class="s">&#39;ds:X509Certificate&#39;</span><span class="p">)</span>
-        <span class="n">content</span> <span class="o">=</span> <span class="n">xml</span><span class="o">.</span><span class="n">createTextNode</span><span class="p">(</span><span class="n">formated_cert</span><span class="p">)</span>
-        <span class="n">x509_certificate</span><span class="o">.</span><span class="n">appendChild</span><span class="p">(</span><span class="n">content</span><span class="p">)</span>
-
-        <span class="n">key_data</span> <span class="o">=</span> <span class="n">xml</span><span class="o">.</span><span class="n">createElementNS</span><span class="p">(</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_DS</span><span class="p">,</span> <span class="s">&#39;ds:X509Data&#39;</span><span class="p">)</span>
-        <span class="n">key_data</span><span class="o">.</span><span class="n">appendChild</span><span class="p">(</span><span class="n">x509_certificate</span><span class="p">)</span>
-
-        <span class="n">key_info</span> <span class="o">=</span> <span class="n">xml</span><span class="o">.</span><span class="n">createElementNS</span><span class="p">(</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_DS</span><span class="p">,</span> <span class="s">&#39;ds:KeyInfo&#39;</span><span class="p">)</span>
-        <span class="n">key_info</span><span class="o">.</span><span class="n">appendChild</span><span class="p">(</span><span class="n">key_data</span><span class="p">)</span>
-
-        <span class="n">key_descriptor</span> <span class="o">=</span> <span class="n">xml</span><span class="o">.</span><span class="n">createElementNS</span><span class="p">(</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_DS</span><span class="p">,</span> <span class="s">&#39;md:KeyDescriptor&#39;</span><span class="p">)</span>
-
-        <span class="n">entity_descriptor</span> <span class="o">=</span> <span class="n">sp_sso_descriptor</span> <span class="o">=</span> <span class="n">xml</span><span class="o">.</span><span class="n">getElementsByTagName</span><span class="p">(</span><span class="s">&#39;md:EntityDescriptor&#39;</span><span class="p">)[</span><span class="mi">0</span><span class="p">]</span>
-        <span class="n">entity_descriptor</span><span class="o">.</span><span class="n">setAttribute</span><span class="p">(</span><span class="s">&#39;xmlns:ds&#39;</span><span class="p">,</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NS_DS</span><span class="p">)</span>
-
-        <span class="n">sp_sso_descriptor</span> <span class="o">=</span> <span class="n">xml</span><span class="o">.</span><span class="n">getElementsByTagName</span><span class="p">(</span><span class="s">&#39;md:SPSSODescriptor&#39;</span><span class="p">)[</span><span class="mi">0</span><span class="p">]</span>
-        <span class="n">sp_sso_descriptor</span><span class="o">.</span><span class="n">insertBefore</span><span class="p">(</span><span class="n">key_descriptor</span><span class="o">.</span><span class="n">cloneNode</span><span class="p">(</span><span class="bp">True</span><span class="p">),</span> <span class="n">sp_sso_descriptor</span><span class="o">.</span><span class="n">firstChild</span><span class="p">)</span>
-        <span class="n">sp_sso_descriptor</span><span class="o">.</span><span class="n">insertBefore</span><span class="p">(</span><span class="n">key_descriptor</span><span class="o">.</span><span class="n">cloneNode</span><span class="p">(</span><span class="bp">True</span><span class="p">),</span> <span class="n">sp_sso_descriptor</span><span class="o">.</span><span class="n">firstChild</span><span class="p">)</span>
-
-        <span class="n">signing</span> <span class="o">=</span> <span class="n">xml</span><span class="o">.</span><span class="n">getElementsByTagName</span><span class="p">(</span><span class="s">&#39;md:KeyDescriptor&#39;</span><span class="p">)[</span><span class="mi">0</span><span class="p">]</span>
-        <span class="n">signing</span><span class="o">.</span><span class="n">setAttribute</span><span class="p">(</span><span class="s">&#39;use&#39;</span><span class="p">,</span> <span class="s">&#39;signing&#39;</span><span class="p">)</span>
-
-        <span class="n">encryption</span> <span class="o">=</span> <span class="n">xml</span><span class="o">.</span><span class="n">getElementsByTagName</span><span class="p">(</span><span class="s">&#39;md:KeyDescriptor&#39;</span><span class="p">)[</span><span class="mi">1</span><span class="p">]</span>
-        <span class="n">encryption</span><span class="o">.</span><span class="n">setAttribute</span><span class="p">(</span><span class="s">&#39;use&#39;</span><span class="p">,</span> <span class="s">&#39;encryption&#39;</span><span class="p">)</span>
-
-        <span class="n">signing</span><span class="o">.</span><span class="n">appendChild</span><span class="p">(</span><span class="n">key_info</span><span class="p">)</span>
-        <span class="n">encryption</span><span class="o">.</span><span class="n">appendChild</span><span class="p">(</span><span class="n">key_info</span><span class="o">.</span><span class="n">cloneNode</span><span class="p">(</span><span class="bp">True</span><span class="p">))</span>
-
-        <span class="k">return</span> <span class="n">xml</span><span class="o">.</span><span class="n">toxml</span><span class="p">()</span></div></div>
-</pre></div>
-
-          </div>
-        </div>
-      </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="../../search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" >Class code</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
-</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/saml2/response.html b/docs/saml2/_modules/saml2/response.html
deleted file mode 100644
index d3fee4e3..00000000
--- a/docs/saml2/_modules/saml2/response.html
+++ /dev/null
@@ -1,532 +0,0 @@
-
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>saml2.response &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="../../_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '../../',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="../../_static/jquery.js"></script>
-    <script type="text/javascript" src="../../_static/underscore.js"></script>
-    <script type="text/javascript" src="../../_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="../../index.html" />
-    <link rel="up" title="Class code" href="../index.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" accesskey="U">Class code</a> &raquo;</li> 
-      </ul>
-    </div>  
-
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-  <h1>Source code for saml2.response</h1><div class="highlight"><pre>
-<span class="c"># -*- coding: utf-8 -*-</span>
-
-<span class="c"># Copyright (c) 2010-2018 OneLogin, Inc.</span>
-<span class="c"># MIT License</span>
-
-<span class="kn">from</span> <span class="nn">base64</span> <span class="kn">import</span> <span class="n">b64decode</span>
-<span class="kn">from</span> <span class="nn">copy</span> <span class="kn">import</span> <span class="n">deepcopy</span>
-<span class="kn">from</span> <span class="nn">lxml</span> <span class="kn">import</span> <span class="n">etree</span>
-<span class="kn">from</span> <span class="nn">os.path</span> <span class="kn">import</span> <span class="n">basename</span>
-<span class="kn">from</span> <span class="nn">time</span> <span class="kn">import</span> <span class="n">time</span>
-<span class="kn">import</span> <span class="nn">sys</span>
-<span class="kn">from</span> <span class="nn">xml.dom.minidom</span> <span class="kn">import</span> <span class="n">Document</span>
-
-<span class="kn">import</span> <span class="nn">dm.xmlsec.binding</span> <span class="kn">as</span> <span class="nn">xmlsec</span>
-
-<span class="kn">from</span> <span class="nn">saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
-<span class="kn">from</span> <span class="nn">saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span>
-
-
-<div class="viewcode-block" id="OneLogin_Saml2_Response"><a class="viewcode-back" href="../../saml2.html#saml2.response.OneLogin_Saml2_Response">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Response</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>
-
-    <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">,</span> <span class="n">response</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Constructs the response object.</span>
-
-<span class="sd">        :param settings: The setting info</span>
-<span class="sd">        :type settings: OneLogin_Saml2_Setting object</span>
-
-<span class="sd">        :param response: The base64 encoded, XML string containing the samlp:Response</span>
-<span class="sd">        :type response: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span> <span class="o">=</span> <span class="n">settings</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">response</span> <span class="o">=</span> <span class="n">b64decode</span><span class="p">(</span><span class="n">response</span><span class="p">)</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">document</span> <span class="o">=</span> <span class="n">etree</span><span class="o">.</span><span class="n">fromstring</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">response</span><span class="p">)</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">decrypted_document</span> <span class="o">=</span> <span class="bp">None</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span> <span class="o">=</span> <span class="bp">None</span>
-
-        <span class="c"># Quick check for the presence of EncryptedAssertion</span>
-        <span class="n">encrypted_assertion_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query</span><span class="p">(</span><span class="s">&#39;//saml:EncryptedAssertion&#39;</span><span class="p">)</span>
-        <span class="k">if</span> <span class="n">encrypted_assertion_nodes</span><span class="p">:</span>
-            <span class="n">decrypted_document</span> <span class="o">=</span> <span class="n">deepcopy</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">)</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span> <span class="o">=</span> <span class="bp">True</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">decrypted_document</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__decrypt_assertion</span><span class="p">(</span><span class="n">decrypted_document</span><span class="p">)</span>
-
-<div class="viewcode-block" id="OneLogin_Saml2_Response.is_valid"><a class="viewcode-back" href="../../saml2.html#saml2.response.OneLogin_Saml2_Response.is_valid">[docs]</a>    <span class="k">def</span> <span class="nf">is_valid</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">request_data</span><span class="p">,</span> <span class="n">request_id</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Constructs the response object.</span>
-
-<span class="sd">        :param request_id: Optional argument. The ID of the AuthNRequest sent by this SP to the IdP</span>
-<span class="sd">        :type request_id: string</span>
-
-<span class="sd">        :returns: True if the SAML Response is valid, False if not</span>
-<span class="sd">        :rtype: bool</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">try</span><span class="p">:</span>
-            <span class="c"># Checks SAML version</span>
-            <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;Version&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span> <span class="o">!=</span> <span class="s">&#39;2.0&#39;</span><span class="p">:</span>
-                <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Unsupported SAML version&#39;</span><span class="p">)</span>
-
-            <span class="c"># Checks that ID exists</span>
-            <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;ID&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-                <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Missing ID attribute on SAML Response&#39;</span><span class="p">)</span>
-
-            <span class="c"># Checks that the response only has one assertion</span>
-            <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">validate_num_assertions</span><span class="p">():</span>
-                <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Multiple assertions are not supported&#39;</span><span class="p">)</span>
-
-            <span class="c"># Checks that the response has the SUCCESS status</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">check_status</span><span class="p">()</span>
-
-            <span class="n">idp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_idp_data</span><span class="p">()</span>
-            <span class="n">idp_entityid</span> <span class="o">=</span> <span class="n">idp_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;entityId&#39;</span><span class="p">,</span> <span class="s">&#39;&#39;</span><span class="p">)</span>
-            <span class="n">sp_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_sp_data</span><span class="p">()</span>
-            <span class="n">sp_entityid</span> <span class="o">=</span> <span class="n">sp_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;entityId&#39;</span><span class="p">,</span> <span class="s">&#39;&#39;</span><span class="p">)</span>
-
-            <span class="n">sign_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query</span><span class="p">(</span><span class="s">&#39;//ds:Signature&#39;</span><span class="p">)</span>
-
-            <span class="n">signed_elements</span> <span class="o">=</span> <span class="p">[]</span>
-            <span class="k">for</span> <span class="n">sign_node</span> <span class="ow">in</span> <span class="n">sign_nodes</span><span class="p">:</span>
-                <span class="n">signed_elements</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">sign_node</span><span class="o">.</span><span class="n">getparent</span><span class="p">()</span><span class="o">.</span><span class="n">tag</span><span class="p">)</span>
-
-            <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">is_strict</span><span class="p">():</span>
-                <span class="n">res</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">validate_xml</span><span class="p">(</span><span class="n">etree</span><span class="o">.</span><span class="n">tostring</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">),</span> <span class="s">&#39;saml-schema-protocol-2.0.xsd&#39;</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">())</span>
-                <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">res</span><span class="p">,</span> <span class="n">Document</span><span class="p">):</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Invalid SAML Response. Not match the saml-schema-protocol-2.0.xsd&#39;</span><span class="p">)</span>
-
-                <span class="n">security</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_security_data</span><span class="p">()</span>
-                <span class="n">current_url</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_no_query</span><span class="p">(</span><span class="n">request_data</span><span class="p">)</span>
-
-                <span class="c"># Check if the InResponseTo of the Response matchs the ID of the AuthNRequest (requestId) if provided</span>
-                <span class="n">in_response_to</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;InResponseTo&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-                <span class="k">if</span> <span class="n">in_response_to</span> <span class="ow">and</span> <span class="n">request_id</span><span class="p">:</span>
-                    <span class="k">if</span> <span class="n">in_response_to</span> <span class="o">!=</span> <span class="n">request_id</span><span class="p">:</span>
-                        <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;The InResponseTo of the Response: </span><span class="si">%s</span><span class="s">, does not match the ID of the AuthNRequest sent by the SP: </span><span class="si">%s</span><span class="s">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">in_response_to</span><span class="p">,</span> <span class="n">request_id</span><span class="p">))</span>
-
-                <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span> <span class="ow">and</span> <span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;wantAssertionsEncrypted&#39;</span><span class="p">,</span> <span class="bp">False</span><span class="p">):</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;The assertion of the Response is not encrypted and the SP require it&#39;</span><span class="p">)</span>
-
-                <span class="k">if</span> <span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;wantNameIdEncrypted&#39;</span><span class="p">,</span> <span class="bp">False</span><span class="p">):</span>
-                    <span class="n">encrypted_nameid_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query_assertion</span><span class="p">(</span><span class="s">&#39;/saml:Subject/saml:EncryptedID/xenc:EncryptedData&#39;</span><span class="p">)</span>
-                    <span class="k">if</span> <span class="ow">not</span> <span class="n">encrypted_nameid_nodes</span><span class="p">:</span>
-                        <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;The NameID of the Response is not encrypted and the SP require it&#39;</span><span class="p">)</span>
-
-                <span class="c"># Checks that there is at least one AttributeStatement</span>
-                <span class="n">attribute_statement_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query_assertion</span><span class="p">(</span><span class="s">&#39;/saml:AttributeStatement&#39;</span><span class="p">)</span>
-                <span class="k">if</span> <span class="ow">not</span> <span class="n">attribute_statement_nodes</span><span class="p">:</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;There is no AttributeStatement on the Response&#39;</span><span class="p">)</span>
-
-                <span class="c"># Validates Asserion timestamps</span>
-                <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">validate_timestamps</span><span class="p">():</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Timing issues (please check your clock settings)&#39;</span><span class="p">)</span>
-
-                <span class="n">encrypted_attributes_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query_assertion</span><span class="p">(</span><span class="s">&#39;/saml:AttributeStatement/saml:EncryptedAttribute&#39;</span><span class="p">)</span>
-                <span class="k">if</span> <span class="n">encrypted_attributes_nodes</span><span class="p">:</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;There is an EncryptedAttribute in the Response and this SP not support them&#39;</span><span class="p">)</span>
-
-                <span class="c"># Checks destination</span>
-                <span class="n">destination</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;Destination&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-                <span class="k">if</span> <span class="n">destination</span><span class="p">:</span>
-                    <span class="k">if</span> <span class="n">destination</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">current_url</span><span class="p">:</span>
-                        <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;The response was received at </span><span class="si">%s</span><span class="s"> instead of </span><span class="si">%s</span><span class="s">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">current_url</span><span class="p">,</span> <span class="n">destination</span><span class="p">))</span>
-
-                <span class="c"># Checks audience</span>
-                <span class="n">valid_audiences</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_audiences</span><span class="p">()</span>
-                <span class="k">if</span> <span class="n">valid_audiences</span> <span class="ow">and</span> <span class="n">sp_entityid</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">valid_audiences</span><span class="p">:</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;</span><span class="si">%s</span><span class="s"> is not a valid audience for this Response&#39;</span> <span class="o">%</span> <span class="n">sp_entityid</span><span class="p">)</span>
-
-                <span class="c"># Checks the issuers</span>
-                <span class="n">issuers</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_issuers</span><span class="p">()</span>
-                <span class="k">for</span> <span class="n">issuer</span> <span class="ow">in</span> <span class="n">issuers</span><span class="p">:</span>
-                    <span class="k">if</span> <span class="ow">not</span> <span class="n">issuer</span> <span class="ow">or</span> <span class="n">issuer</span> <span class="o">!=</span> <span class="n">idp_entityid</span><span class="p">:</span>
-                        <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Invalid issuer in the Assertion/Response&#39;</span><span class="p">)</span>
-
-                <span class="c"># Checks the session Expiration</span>
-                <span class="n">session_expiration</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_session_not_on_or_after</span><span class="p">()</span>
-                <span class="k">if</span> <span class="ow">not</span> <span class="n">session_expiration</span> <span class="ow">and</span> <span class="n">session_expiration</span> <span class="o">&lt;=</span> <span class="n">time</span><span class="p">():</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;The attributes have expired, based on the SessionNotOnOrAfter of the AttributeStatement of this Response&#39;</span><span class="p">)</span>
-
-                <span class="c"># Checks the SubjectConfirmation, at least one SubjectConfirmation must be valid</span>
-                <span class="n">any_subject_confirmation</span> <span class="o">=</span> <span class="bp">False</span>
-                <span class="n">subject_confirmation_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query_assertion</span><span class="p">(</span><span class="s">&#39;/saml:Subject/saml:SubjectConfirmation&#39;</span><span class="p">)</span>
-
-                <span class="k">for</span> <span class="n">scn</span> <span class="ow">in</span> <span class="n">subject_confirmation_nodes</span><span class="p">:</span>
-                    <span class="n">method</span> <span class="o">=</span> <span class="n">scn</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;Method&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-                    <span class="k">if</span> <span class="n">method</span> <span class="ow">and</span> <span class="n">method</span> <span class="o">!=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">CM_BEARER</span><span class="p">:</span>
-                        <span class="k">continue</span>
-                    <span class="n">scData</span> <span class="o">=</span> <span class="n">scn</span><span class="o">.</span><span class="n">find</span><span class="p">(</span><span class="s">&#39;saml:SubjectConfirmationData&#39;</span><span class="p">,</span> <span class="n">namespaces</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NSMAP</span><span class="p">)</span>
-                    <span class="k">if</span> <span class="n">scData</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-                        <span class="k">continue</span>
-                    <span class="k">else</span><span class="p">:</span>
-                        <span class="n">irt</span> <span class="o">=</span> <span class="n">scData</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;InResponseTo&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-                        <span class="k">if</span> <span class="n">irt</span> <span class="o">!=</span> <span class="n">in_response_to</span><span class="p">:</span>
-                            <span class="k">continue</span>
-                        <span class="n">recipient</span> <span class="o">=</span> <span class="n">scData</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;Recipient&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-                        <span class="k">if</span> <span class="n">recipient</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">current_url</span><span class="p">:</span>
-                            <span class="k">continue</span>
-                        <span class="n">nooa</span> <span class="o">=</span> <span class="n">scData</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;NotOnOrAfter&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-                        <span class="k">if</span> <span class="n">nooa</span><span class="p">:</span>
-                            <span class="n">parsed_nooa</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">nooa</span><span class="p">)</span>
-                            <span class="k">if</span> <span class="n">parsed_nooa</span> <span class="o">&lt;=</span> <span class="n">time</span><span class="p">():</span>
-                                <span class="k">continue</span>
-                        <span class="n">nb</span> <span class="o">=</span> <span class="n">scData</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;NotBefore&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-                        <span class="k">if</span> <span class="n">nb</span><span class="p">:</span>
-                            <span class="n">parsed_nb</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">nb</span><span class="p">)</span>
-                            <span class="k">if</span> <span class="p">(</span><span class="n">parsed_nb</span> <span class="o">&gt;</span> <span class="n">time</span><span class="p">()):</span>
-                                <span class="k">continue</span>
-                        <span class="n">any_subject_confirmation</span> <span class="o">=</span> <span class="bp">True</span>
-                        <span class="k">break</span>
-
-                <span class="k">if</span> <span class="ow">not</span> <span class="n">any_subject_confirmation</span><span class="p">:</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;A valid SubjectConfirmation was not found on this Response&#39;</span><span class="p">)</span>
-
-                <span class="k">if</span> <span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;wantAssertionsSigned&#39;</span><span class="p">,</span> <span class="bp">False</span><span class="p">)</span> <span class="ow">and</span> <span class="s">&#39;saml:Assertion&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">signed_elements</span><span class="p">:</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;The Assertion of the Response is not signed and the SP require it&#39;</span><span class="p">)</span>
-
-                <span class="k">if</span> <span class="n">security</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;wantMessagesSigned&#39;</span><span class="p">,</span> <span class="bp">False</span><span class="p">)</span> <span class="ow">and</span> <span class="s">&#39;samlp:Response&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">signed_elements</span><span class="p">:</span>
-                    <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;The Message of the Response is not signed and the SP require it&#39;</span><span class="p">)</span>
-
-                <span class="n">document_to_validate</span> <span class="o">=</span> <span class="bp">None</span>
-                <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">signed_elements</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
-                    <span class="n">cert</span> <span class="o">=</span> <span class="n">idp_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;x509cert&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-                    <span class="n">fingerprint</span> <span class="o">=</span> <span class="n">idp_data</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;certFingerprint&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-
-                    <span class="c"># Only validates the first sign found</span>
-                    <span class="k">if</span> <span class="s">&#39;samlp:Response&#39;</span> <span class="ow">in</span> <span class="n">signed_elements</span><span class="p">:</span>
-                        <span class="n">document_to_validate</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span>
-                    <span class="k">else</span><span class="p">:</span>
-                        <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span><span class="p">:</span>
-                            <span class="n">document_to_validate</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">decrypted_document</span>
-                        <span class="k">else</span><span class="p">:</span>
-                            <span class="n">document_to_validate</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span>
-
-                <span class="k">if</span> <span class="n">document_to_validate</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-                    <span class="k">if</span> <span class="ow">not</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">validate_sign</span><span class="p">(</span><span class="n">document_to_validate</span><span class="p">,</span> <span class="n">cert</span><span class="p">,</span> <span class="n">fingerprint</span><span class="p">):</span>
-                        <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Signature validation failed. SAML Response rejected&#39;</span><span class="p">)</span>
-            <span class="k">return</span> <span class="bp">True</span>
-        <span class="k">except</span><span class="p">:</span>
-            <span class="n">debug</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">is_debug_active</span><span class="p">()</span>
-            <span class="k">if</span> <span class="n">debug</span><span class="p">:</span>
-                <span class="k">print</span> <span class="n">sys</span><span class="o">.</span><span class="n">exc_info</span><span class="p">()[</span><span class="mi">0</span><span class="p">]</span>
-            <span class="k">return</span> <span class="bp">False</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Response.check_status"><a class="viewcode-back" href="../../saml2.html#saml2.response.OneLogin_Saml2_Response.check_status">[docs]</a>    <span class="k">def</span> <span class="nf">check_status</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Check if the status of the response is success or not</span>
-
-<span class="sd">        :raises: Exception. If the status is not success</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">status</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_status</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">document</span><span class="p">)</span>
-        <span class="n">code</span> <span class="o">=</span> <span class="n">status</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;code&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-        <span class="k">if</span> <span class="n">code</span> <span class="ow">and</span> <span class="n">code</span> <span class="o">!=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">STATUS_SUCCESS</span><span class="p">:</span>
-            <span class="n">splited_code</span> <span class="o">=</span> <span class="n">code</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s">&#39;:&#39;</span><span class="p">)</span>
-            <span class="n">printable_code</span> <span class="o">=</span> <span class="n">splited_code</span><span class="o">.</span><span class="n">pop</span><span class="p">()</span>
-            <span class="n">status_exception_msg</span> <span class="o">=</span> <span class="s">&#39;The status code of the Response was not Success, was </span><span class="si">%s</span><span class="s">&#39;</span> <span class="o">%</span> <span class="n">printable_code</span>
-            <span class="n">status_msg</span> <span class="o">=</span> <span class="n">status</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;msg&#39;</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-            <span class="k">if</span> <span class="n">status_msg</span><span class="p">:</span>
-                <span class="n">status_exception_msg</span> <span class="o">+=</span> <span class="s">&#39; -&gt; &#39;</span> <span class="o">+</span> <span class="n">status_msg</span>
-            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="n">status_exception_msg</span><span class="p">)</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Response.get_audiences"><a class="viewcode-back" href="../../saml2.html#saml2.response.OneLogin_Saml2_Response.get_audiences">[docs]</a>    <span class="k">def</span> <span class="nf">get_audiences</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the audiences</span>
-
-<span class="sd">        :returns: The valid audiences for the SAML Response</span>
-<span class="sd">        :rtype: list</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">audiences</span> <span class="o">=</span> <span class="p">[]</span>
-
-        <span class="n">audience_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query_assertion</span><span class="p">(</span><span class="s">&#39;/saml:Conditions/saml:AudienceRestriction/saml:Audience&#39;</span><span class="p">)</span>
-        <span class="k">for</span> <span class="n">audience_node</span> <span class="ow">in</span> <span class="n">audience_nodes</span><span class="p">:</span>
-            <span class="n">audiences</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">audience_node</span><span class="o">.</span><span class="n">text</span><span class="p">)</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Response.get_issuers"><a class="viewcode-back" href="../../saml2.html#saml2.response.OneLogin_Saml2_Response.get_issuers">[docs]</a>    <span class="k">def</span> <span class="nf">get_issuers</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the issuers (from message and from assertion)</span>
-
-<span class="sd">        :returns: The issuers</span>
-<span class="sd">        :rtype: list</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">issuers</span> <span class="o">=</span> <span class="p">[]</span>
-
-        <span class="n">message_issuer_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query</span><span class="p">(</span><span class="s">&#39;/samlp:Response/saml:Issuer&#39;</span><span class="p">)</span>
-        <span class="k">if</span> <span class="n">message_issuer_nodes</span><span class="p">:</span>
-            <span class="n">issuers</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">message_issuer_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">text</span><span class="p">)</span>
-
-        <span class="n">assertion_issuer_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query_assertion</span><span class="p">(</span><span class="s">&#39;/saml:Issuer&#39;</span><span class="p">)</span>
-        <span class="k">if</span> <span class="n">assertion_issuer_nodes</span><span class="p">:</span>
-            <span class="n">issuers</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">assertion_issuer_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">text</span><span class="p">)</span>
-
-        <span class="k">return</span> <span class="nb">list</span><span class="p">(</span><span class="nb">set</span><span class="p">(</span><span class="n">issuers</span><span class="p">))</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Response.get_nameid_data"><a class="viewcode-back" href="../../saml2.html#saml2.response.OneLogin_Saml2_Response.get_nameid_data">[docs]</a>    <span class="k">def</span> <span class="nf">get_nameid_data</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the NameID Data provided by the SAML Response from the IdP</span>
-
-<span class="sd">        :returns: Name ID Data (Value, Format, NameQualifier, SPNameQualifier)</span>
-<span class="sd">        :rtype: dict</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">nameid</span> <span class="o">=</span> <span class="bp">None</span>
-        <span class="n">encrypted_id_data_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query_assertion</span><span class="p">(</span><span class="s">&#39;/saml:Subject/saml:EncryptedID/xenc:EncryptedData&#39;</span><span class="p">)</span>
-        <span class="k">if</span> <span class="n">encrypted_id_data_nodes</span><span class="p">:</span>
-            <span class="n">encrypted_data</span> <span class="o">=</span> <span class="n">encrypted_id_data_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
-
-            <span class="n">xmlsec</span><span class="o">.</span><span class="n">initialize</span><span class="p">()</span>
-
-            <span class="c"># Load the key into the xmlsec context</span>
-            <span class="n">key</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_sp_key</span><span class="p">()</span>
-            <span class="n">file_key</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">write_temp_file</span><span class="p">(</span><span class="n">key</span><span class="p">)</span>  <span class="c"># FIXME avoid writing a file</span>
-            <span class="n">enc_key</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">load</span><span class="p">(</span><span class="n">file_key</span><span class="o">.</span><span class="n">name</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataFormatPem</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-            <span class="n">enc_key</span><span class="o">.</span><span class="n">name</span> <span class="o">=</span> <span class="n">basename</span><span class="p">(</span><span class="n">file_key</span><span class="o">.</span><span class="n">name</span><span class="p">)</span>
-            <span class="n">file_key</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-            <span class="n">enc_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">EncCtx</span><span class="p">()</span>
-            <span class="n">enc_ctx</span><span class="o">.</span><span class="n">encKey</span> <span class="o">=</span> <span class="n">enc_key</span>
-
-            <span class="n">nameid</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">decrypt_element</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">,</span> <span class="n">enc_ctx</span><span class="p">)</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">nameid_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query_assertion</span><span class="p">(</span><span class="s">&#39;/saml:Subject/saml:NameID&#39;</span><span class="p">)</span>
-            <span class="k">if</span> <span class="n">nameid_nodes</span><span class="p">:</span>
-                <span class="n">nameid</span> <span class="o">=</span> <span class="n">nameid_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
-        <span class="k">if</span> <span class="n">nameid</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Not NameID found in the assertion of the Response&#39;</span><span class="p">)</span>
-
-        <span class="n">nameid_data</span> <span class="o">=</span> <span class="p">{</span><span class="s">&#39;Value&#39;</span><span class="p">:</span> <span class="n">nameid</span><span class="o">.</span><span class="n">text</span><span class="p">}</span>
-        <span class="k">for</span> <span class="n">attr</span> <span class="ow">in</span> <span class="p">[</span><span class="s">&#39;Format&#39;</span><span class="p">,</span> <span class="s">&#39;SPNameQualifier&#39;</span><span class="p">,</span> <span class="s">&#39;NameQualifier&#39;</span><span class="p">]:</span>
-            <span class="n">value</span> <span class="o">=</span> <span class="n">nameid</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="n">attr</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-            <span class="k">if</span> <span class="n">value</span><span class="p">:</span>
-                <span class="n">nameid_data</span><span class="p">[</span><span class="n">attr</span><span class="p">]</span> <span class="o">=</span> <span class="n">value</span>
-        <span class="k">return</span> <span class="n">nameid_data</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Response.get_nameid"><a class="viewcode-back" href="../../saml2.html#saml2.response.OneLogin_Saml2_Response.get_nameid">[docs]</a>    <span class="k">def</span> <span class="nf">get_nameid</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the NameID provided by the SAML Response from the IdP</span>
-
-<span class="sd">        :returns: NameID (value)</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">nameid_data</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_nameid_data</span><span class="p">()</span>
-        <span class="k">return</span> <span class="n">nameid_data</span><span class="p">[</span><span class="s">&#39;Value&#39;</span><span class="p">]</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Response.get_session_not_on_or_after"><a class="viewcode-back" href="../../saml2.html#saml2.response.OneLogin_Saml2_Response.get_session_not_on_or_after">[docs]</a>    <span class="k">def</span> <span class="nf">get_session_not_on_or_after</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the SessionNotOnOrAfter from the AuthnStatement</span>
-<span class="sd">        Could be used to set the local session expiration</span>
-
-<span class="sd">        :returns: The SessionNotOnOrAfter value</span>
-<span class="sd">        :rtype: time|None</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">not_on_or_after</span> <span class="o">=</span> <span class="bp">None</span>
-        <span class="n">authn_statement_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query_assertion</span><span class="p">(</span><span class="s">&#39;/saml:AuthnStatement[@SessionNotOnOrAfter]&#39;</span><span class="p">)</span>
-        <span class="k">if</span> <span class="n">authn_statement_nodes</span><span class="p">:</span>
-            <span class="n">not_on_or_after</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">authn_statement_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;SessionNotOnOrAfter&#39;</span><span class="p">))</span>
-        <span class="k">return</span> <span class="n">not_on_or_after</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Response.get_session_index"><a class="viewcode-back" href="../../saml2.html#saml2.response.OneLogin_Saml2_Response.get_session_index">[docs]</a>    <span class="k">def</span> <span class="nf">get_session_index</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the SessionIndex from the AuthnStatement</span>
-<span class="sd">        Could be used to be stored in the local session in order</span>
-<span class="sd">        to be used in a future Logout Request that the SP could</span>
-<span class="sd">        send to the SP, to set what specific session must be deleted</span>
-
-<span class="sd">        :returns: The SessionIndex value</span>
-<span class="sd">        :rtype: string|None</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">session_index</span> <span class="o">=</span> <span class="bp">None</span>
-        <span class="n">authn_statement_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query_assertion</span><span class="p">(</span><span class="s">&#39;/saml:AuthnStatement[@SessionIndex]&#39;</span><span class="p">)</span>
-        <span class="k">if</span> <span class="n">authn_statement_nodes</span><span class="p">:</span>
-            <span class="n">session_index</span> <span class="o">=</span> <span class="n">authn_statement_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;SessionIndex&#39;</span><span class="p">)</span>
-        <span class="k">return</span> <span class="n">session_index</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Response.get_attributes"><a class="viewcode-back" href="../../saml2.html#saml2.response.OneLogin_Saml2_Response.get_attributes">[docs]</a>    <span class="k">def</span> <span class="nf">get_attributes</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the Attributes from the AttributeStatement element.</span>
-<span class="sd">        EncryptedAttributes are not supported</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">attributes</span> <span class="o">=</span> <span class="p">{}</span>
-        <span class="n">attribute_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query_assertion</span><span class="p">(</span><span class="s">&#39;/saml:AttributeStatement/saml:Attribute&#39;</span><span class="p">)</span>
-        <span class="k">for</span> <span class="n">attribute_node</span> <span class="ow">in</span> <span class="n">attribute_nodes</span><span class="p">:</span>
-            <span class="n">attr_name</span> <span class="o">=</span> <span class="n">attribute_node</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;Name&#39;</span><span class="p">)</span>
-            <span class="n">values</span> <span class="o">=</span> <span class="p">[]</span>
-            <span class="k">for</span> <span class="n">attr</span> <span class="ow">in</span> <span class="n">attribute_node</span><span class="o">.</span><span class="n">iterchildren</span><span class="p">(</span><span class="s">&#39;{</span><span class="si">%s</span><span class="s">}AttributeValue&#39;</span> <span class="o">%</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NSMAP</span><span class="p">[</span><span class="s">&#39;saml&#39;</span><span class="p">]):</span>
-                <span class="n">values</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">attr</span><span class="o">.</span><span class="n">text</span><span class="p">)</span>
-            <span class="n">attributes</span><span class="p">[</span><span class="n">attr_name</span><span class="p">]</span> <span class="o">=</span> <span class="n">values</span>
-        <span class="k">return</span> <span class="n">attributes</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Response.validate_num_assertions"><a class="viewcode-back" href="../../saml2.html#saml2.response.OneLogin_Saml2_Response.validate_num_assertions">[docs]</a>    <span class="k">def</span> <span class="nf">validate_num_assertions</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Verifies that the document only contains a single Assertion (encrypted or not)</span>
-
-<span class="sd">        :returns: True if only 1 assertion encrypted or not</span>
-<span class="sd">        :rtype: bool</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">encrypted_assertion_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query</span><span class="p">(</span><span class="s">&#39;//saml:EncryptedAssertion&#39;</span><span class="p">)</span>
-        <span class="n">assertion_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query</span><span class="p">(</span><span class="s">&#39;//saml:Assertion&#39;</span><span class="p">)</span>
-        <span class="k">return</span> <span class="p">(</span><span class="nb">len</span><span class="p">(</span><span class="n">encrypted_assertion_nodes</span><span class="p">)</span> <span class="o">+</span> <span class="nb">len</span><span class="p">(</span><span class="n">assertion_nodes</span><span class="p">))</span> <span class="o">==</span> <span class="mi">1</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Response.validate_timestamps"><a class="viewcode-back" href="../../saml2.html#saml2.response.OneLogin_Saml2_Response.validate_timestamps">[docs]</a>    <span class="k">def</span> <span class="nf">validate_timestamps</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Verifies that the document is valid according to Conditions Element</span>
-
-<span class="sd">        :returns: True if the condition is valid, False otherwise</span>
-<span class="sd">        :rtype: bool</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">conditions_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query</span><span class="p">(</span><span class="s">&#39;//saml:Conditions&#39;</span><span class="p">)</span>
-        <span class="k">for</span> <span class="n">conditions_node</span> <span class="ow">in</span> <span class="n">conditions_nodes</span><span class="p">:</span>
-            <span class="n">nb_attr</span> <span class="o">=</span> <span class="n">conditions_node</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;NotBefore&#39;</span><span class="p">)</span>
-            <span class="n">nooa_attr</span> <span class="o">=</span> <span class="n">conditions_node</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;NotOnOrAfter&#39;</span><span class="p">)</span>
-            <span class="k">if</span> <span class="n">nb_attr</span> <span class="ow">and</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">nb_attr</span><span class="p">)</span> <span class="o">&gt;</span> <span class="n">time</span><span class="p">()</span> <span class="o">+</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">ALOWED_CLOCK_DRIFT</span><span class="p">:</span>
-                <span class="k">return</span> <span class="bp">False</span>
-            <span class="k">if</span> <span class="n">nooa_attr</span> <span class="ow">and</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">nooa_attr</span><span class="p">)</span> <span class="o">+</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">ALOWED_CLOCK_DRIFT</span> <span class="o">&lt;=</span> <span class="n">time</span><span class="p">():</span>
-                <span class="k">return</span> <span class="bp">False</span>
-        <span class="k">return</span> <span class="bp">True</span>
-</div>
-    <span class="k">def</span> <span class="nf">__query_assertion</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">xpath_expr</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Extracts nodes that match the query from the Assertion</span>
-
-<span class="sd">        :param query: Xpath Expresion</span>
-<span class="sd">        :type query: String</span>
-
-<span class="sd">        :returns: The queried nodes</span>
-<span class="sd">        :rtype: list</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span><span class="p">:</span>
-            <span class="n">assertion_expr</span> <span class="o">=</span> <span class="s">&#39;/saml:EncryptedAssertion/saml:Assertion&#39;</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">assertion_expr</span> <span class="o">=</span> <span class="s">&#39;/saml:Assertion&#39;</span>
-        <span class="n">signature_expr</span> <span class="o">=</span> <span class="s">&#39;/ds:Signature/ds:SignedInfo/ds:Reference&#39;</span>
-        <span class="n">signed_assertion_query</span> <span class="o">=</span> <span class="s">&#39;/samlp:Response&#39;</span> <span class="o">+</span> <span class="n">assertion_expr</span> <span class="o">+</span> <span class="n">signature_expr</span>
-        <span class="n">assertion_reference_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query</span><span class="p">(</span><span class="n">signed_assertion_query</span><span class="p">)</span>
-
-        <span class="k">if</span> <span class="ow">not</span> <span class="n">assertion_reference_nodes</span><span class="p">:</span>
-            <span class="c"># Check if the message is signed</span>
-            <span class="n">signed_message_query</span> <span class="o">=</span> <span class="s">&#39;/samlp:Response&#39;</span> <span class="o">+</span> <span class="n">signature_expr</span>
-            <span class="n">message_reference_nodes</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query</span><span class="p">(</span><span class="n">signed_message_query</span><span class="p">)</span>
-            <span class="k">if</span> <span class="n">message_reference_nodes</span><span class="p">:</span>
-                <span class="nb">id</span> <span class="o">=</span> <span class="n">message_reference_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;URI&#39;</span><span class="p">)</span>
-                <span class="n">final_query</span> <span class="o">=</span> <span class="s">&quot;/samlp:Response[@ID=&#39;</span><span class="si">%s</span><span class="s">&#39;]/&quot;</span> <span class="o">%</span> <span class="nb">id</span><span class="p">[</span><span class="mi">1</span><span class="p">:]</span>
-            <span class="k">else</span><span class="p">:</span>
-                <span class="n">final_query</span> <span class="o">=</span> <span class="s">&quot;/samlp:Response/&quot;</span>
-            <span class="n">final_query</span> <span class="o">+=</span> <span class="n">assertion_expr</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="nb">id</span> <span class="o">=</span> <span class="n">assertion_reference_nodes</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">&#39;URI&#39;</span><span class="p">)</span>
-            <span class="n">final_query</span> <span class="o">=</span> <span class="s">&#39;/samlp:Response&#39;</span> <span class="o">+</span> <span class="n">assertion_expr</span> <span class="o">+</span> <span class="s">&quot;[@ID=&#39;</span><span class="si">%s</span><span class="s">&#39;]&quot;</span> <span class="o">%</span> <span class="nb">id</span><span class="p">[</span><span class="mi">1</span><span class="p">:]</span>
-        <span class="n">final_query</span> <span class="o">+=</span> <span class="n">xpath_expr</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__query</span><span class="p">(</span><span class="n">final_query</span><span class="p">)</span>
-
-    <span class="k">def</span> <span class="nf">__query</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">query</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Extracts nodes that match the query from the Response</span>
-
-<span class="sd">        :param query: Xpath Expresion</span>
-<span class="sd">        :type query: String</span>
-
-<span class="sd">        :returns: The queried nodes</span>
-<span class="sd">        :rtype: list</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">encrypted</span><span class="p">:</span>
-            <span class="n">document</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">decrypted_document</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">document</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">document</span>
-        <span class="k">return</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">document</span><span class="p">,</span> <span class="n">query</span><span class="p">)</span>
-
-    <span class="k">def</span> <span class="nf">__decrypt_assertion</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">dom</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Decrypts the Assertion</span>
-
-<span class="sd">        :raises: Exception if no private key available</span>
-<span class="sd">        :param dom: Encrypted Assertion</span>
-<span class="sd">        :type dom: Element</span>
-<span class="sd">        :returns: Decrypted Assertion</span>
-<span class="sd">        :rtype: Element</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">key</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__settings</span><span class="o">.</span><span class="n">get_sp_key</span><span class="p">()</span>
-
-        <span class="k">if</span> <span class="ow">not</span> <span class="n">key</span><span class="p">:</span>
-            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;No private key available, check settings&#39;</span><span class="p">)</span>
-
-        <span class="c"># TODO Study how decrypt assertion</span></div>
-</pre></div>
-
-          </div>
-        </div>
-      </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="../../search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" >Class code</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
-</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/saml2/settings.html b/docs/saml2/_modules/saml2/settings.html
deleted file mode 100644
index 42800b51..00000000
--- a/docs/saml2/_modules/saml2/settings.html
+++ /dev/null
@@ -1,695 +0,0 @@
-
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>saml2.settings &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="../../_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '../../',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="../../_static/jquery.js"></script>
-    <script type="text/javascript" src="../../_static/underscore.js"></script>
-    <script type="text/javascript" src="../../_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="../../index.html" />
-    <link rel="up" title="Class code" href="../index.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" accesskey="U">Class code</a> &raquo;</li> 
-      </ul>
-    </div>  
-
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-  <h1>Source code for saml2.settings</h1><div class="highlight"><pre>
-<span class="c"># -*- coding: utf-8 -*-</span>
-
-<span class="c"># Copyright (c) 2010-2018 OneLogin, Inc.</span>
-<span class="c"># MIT License</span>
-
-<span class="kn">from</span> <span class="nn">datetime</span> <span class="kn">import</span> <span class="n">datetime</span>
-<span class="kn">import</span> <span class="nn">json</span>
-<span class="kn">import</span> <span class="nn">re</span>
-<span class="kn">from</span> <span class="nn">os.path</span> <span class="kn">import</span> <span class="n">dirname</span><span class="p">,</span> <span class="n">exists</span><span class="p">,</span> <span class="n">join</span><span class="p">,</span> <span class="n">sep</span>
-<span class="kn">from</span> <span class="nn">xml.dom.minidom</span> <span class="kn">import</span> <span class="n">Document</span>
-
-<span class="kn">from</span> <span class="nn">saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
-<span class="kn">from</span> <span class="nn">saml2.errors</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Error</span>
-<span class="kn">from</span> <span class="nn">saml2.metadata</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Metadata</span>
-<span class="kn">from</span> <span class="nn">saml2.utils</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Utils</span>
-
-
-<span class="c"># Regex from Django Software Foundation and individual contributors.</span>
-<span class="c"># Released under a BSD 3-Clause License</span>
-<span class="n">url_regex</span> <span class="o">=</span> <span class="n">re</span><span class="o">.</span><span class="n">compile</span><span class="p">(</span>
-    <span class="s">r&#39;^(?:[a-z0-9\.\-]*)://&#39;</span>  <span class="c"># scheme is validated separately</span>
-    <span class="s">r&#39;(?:(?:[A-Z0-9](?:[A-Z0-9-]{0,61}[A-Z0-9])?\.)+(?:[A-Z]{2,6}\.?|[A-Z0-9-]{2,}\.?)|&#39;</span>  <span class="c"># domain...</span>
-    <span class="s">r&#39;localhost|&#39;</span>  <span class="c"># localhost...</span>
-    <span class="s">r&#39;\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}|&#39;</span>  <span class="c"># ...or ipv4</span>
-    <span class="s">r&#39;\[?[A-F0-9]*:[A-F0-9:]+\]?)&#39;</span>  <span class="c"># ...or ipv6</span>
-    <span class="s">r&#39;(?::\d+)?&#39;</span>  <span class="c"># optional port</span>
-    <span class="s">r&#39;(?:/?|[/?]\S+)$&#39;</span><span class="p">,</span> <span class="n">re</span><span class="o">.</span><span class="n">IGNORECASE</span><span class="p">)</span>
-<span class="n">url_schemes</span> <span class="o">=</span> <span class="p">[</span><span class="s">&#39;http&#39;</span><span class="p">,</span> <span class="s">&#39;https&#39;</span><span class="p">,</span> <span class="s">&#39;ftp&#39;</span><span class="p">,</span> <span class="s">&#39;ftps&#39;</span><span class="p">]</span>
-
-
-<div class="viewcode-block" id="validate_url"><a class="viewcode-back" href="../../saml2.html#saml2.settings.validate_url">[docs]</a><span class="k">def</span> <span class="nf">validate_url</span><span class="p">(</span><span class="n">url</span><span class="p">):</span>
-    <span class="n">scheme</span> <span class="o">=</span> <span class="n">url</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s">&#39;://&#39;</span><span class="p">)[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">lower</span><span class="p">()</span>
-    <span class="k">if</span> <span class="n">scheme</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">url_schemes</span><span class="p">:</span>
-        <span class="k">return</span> <span class="bp">False</span>
-    <span class="k">if</span> <span class="ow">not</span> <span class="nb">bool</span><span class="p">(</span><span class="n">url_regex</span><span class="o">.</span><span class="n">search</span><span class="p">(</span><span class="n">url</span><span class="p">)):</span>
-        <span class="k">return</span> <span class="bp">False</span>
-    <span class="k">return</span> <span class="bp">True</span>
-
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Settings</span><span class="p">:</span>
-
-    <span class="k">def</span> <span class="nf">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="o">=</span><span class="bp">None</span><span class="p">,</span> <span class="n">custom_base_path</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Initializes the settings:</span>
-<span class="sd">        - Sets the paths of the different folders</span>
-<span class="sd">        - Loads settings info from settings file or array/object provided</span>
-
-<span class="sd">        :param settings: SAML Toolkit Settings</span>
-<span class="sd">        :type settings: dict|object</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__paths</span> <span class="o">=</span> <span class="p">{}</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__strict</span> <span class="o">=</span> <span class="bp">False</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__debug</span> <span class="o">=</span> <span class="bp">False</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__sp</span> <span class="o">=</span> <span class="p">{}</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__idp</span> <span class="o">=</span> <span class="p">{}</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__contacts</span> <span class="o">=</span> <span class="p">{}</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__organization</span> <span class="o">=</span> <span class="p">{}</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span> <span class="o">=</span> <span class="p">[]</span>
-
-        <span class="bp">self</span><span class="o">.</span><span class="n">__load_paths</span><span class="p">(</span><span class="n">base_path</span><span class="o">=</span><span class="n">custom_base_path</span><span class="p">)</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__update_paths</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span>
-
-        <span class="k">if</span> <span class="n">settings</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">__load_settings_from_file</span><span class="p">():</span>
-                <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
-                    <span class="s">&#39;Invalid file settings: </span><span class="si">%s</span><span class="s">&#39;</span><span class="p">,</span>
-                    <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SETTINGS_INVALID</span><span class="p">,</span>
-                    <span class="s">&#39;,&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__errors</span><span class="p">)</span>
-                <span class="p">)</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__add_default_values</span><span class="p">()</span>
-        <span class="k">elif</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="nb">dict</span><span class="p">):</span>
-            <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">__load_settings_from_dict</span><span class="p">(</span><span class="n">settings</span><span class="p">):</span>
-                <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
-                    <span class="s">&#39;Invalid dict settings: </span><span class="si">%s</span><span class="s">&#39;</span><span class="p">,</span>
-                    <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SETTINGS_INVALID</span><span class="p">,</span>
-                    <span class="s">&#39;,&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__errors</span><span class="p">)</span>
-                <span class="p">)</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Unsupported settings object&#39;</span><span class="p">)</span>
-
-        <span class="bp">self</span><span class="o">.</span><span class="n">format_idp_cert</span><span class="p">()</span>
-
-    <span class="k">def</span> <span class="nf">__load_paths</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">base_path</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Sets the paths of the different folders</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="n">base_path</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="n">base_path</span> <span class="o">=</span> <span class="n">dirname</span><span class="p">(</span><span class="n">dirname</span><span class="p">(</span><span class="n">dirname</span><span class="p">(</span><span class="n">__file__</span><span class="p">)))</span>
-        <span class="n">base_path</span> <span class="o">+=</span> <span class="n">sep</span>
-        <span class="bp">self</span><span class="o">.</span><span class="n">__paths</span> <span class="o">=</span> <span class="p">{</span>
-            <span class="s">&#39;base&#39;</span><span class="p">:</span> <span class="n">base_path</span><span class="p">,</span>
-            <span class="s">&#39;cert&#39;</span><span class="p">:</span> <span class="n">base_path</span> <span class="o">+</span> <span class="s">&#39;certs&#39;</span> <span class="o">+</span> <span class="n">sep</span><span class="p">,</span>
-            <span class="s">&#39;lib&#39;</span><span class="p">:</span> <span class="n">base_path</span> <span class="o">+</span> <span class="s">&#39;lib&#39;</span> <span class="o">+</span> <span class="n">sep</span><span class="p">,</span>
-            <span class="s">&#39;extlib&#39;</span><span class="p">:</span> <span class="n">base_path</span> <span class="o">+</span> <span class="s">&#39;extlib&#39;</span> <span class="o">+</span> <span class="n">sep</span><span class="p">,</span>
-        <span class="p">}</span>
-
-    <span class="k">def</span> <span class="nf">__update_paths</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Set custom paths if necessary</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="nb">dict</span><span class="p">):</span>
-            <span class="k">return</span>
-
-        <span class="k">if</span> <span class="s">&#39;custom_base_path&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">:</span>
-            <span class="n">base_path</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;custom_base_path&#39;</span><span class="p">]</span>
-            <span class="n">base_path</span> <span class="o">=</span> <span class="n">join</span><span class="p">(</span><span class="n">dirname</span><span class="p">(</span><span class="n">__file__</span><span class="p">),</span> <span class="n">base_path</span><span class="p">)</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__load_paths</span><span class="p">(</span><span class="n">base_path</span><span class="p">)</span>
-
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_base_path"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_base_path">[docs]</a>    <span class="k">def</span> <span class="nf">get_base_path</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns base path</span>
-
-<span class="sd">        :return: The base toolkit folder path</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__paths</span><span class="p">[</span><span class="s">&#39;base&#39;</span><span class="p">]</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_cert_path"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_cert_path">[docs]</a>    <span class="k">def</span> <span class="nf">get_cert_path</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns cert path</span>
-
-<span class="sd">        :return: The cert folder path</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__paths</span><span class="p">[</span><span class="s">&#39;cert&#39;</span><span class="p">]</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_lib_path"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_lib_path">[docs]</a>    <span class="k">def</span> <span class="nf">get_lib_path</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns lib path</span>
-
-<span class="sd">        :return: The library folder path</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__paths</span><span class="p">[</span><span class="s">&#39;lib&#39;</span><span class="p">]</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_ext_lib_path"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_ext_lib_path">[docs]</a>    <span class="k">def</span> <span class="nf">get_ext_lib_path</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns external lib path</span>
-
-<span class="sd">        :return: The external library folder path</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__paths</span><span class="p">[</span><span class="s">&#39;extlib&#39;</span><span class="p">]</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_schemas_path"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_schemas_path">[docs]</a>    <span class="k">def</span> <span class="nf">get_schemas_path</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns schema path</span>
-
-<span class="sd">        :return: The schema folder path</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__paths</span><span class="p">[</span><span class="s">&#39;lib&#39;</span><span class="p">]</span> <span class="o">+</span> <span class="s">&#39;schemas/&#39;</span>
-</div>
-    <span class="k">def</span> <span class="nf">__load_settings_from_dict</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Loads settings info from a settings Dict</span>
-
-<span class="sd">        :param settings: SAML Toolkit Settings</span>
-<span class="sd">        :type settings: dict</span>
-
-<span class="sd">        :returns: True if the settings info is valid</span>
-<span class="sd">        :rtype: boolean</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">errors</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">check_settings</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span>
-        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">errors</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span> <span class="o">=</span> <span class="p">[]</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__sp</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;sp&#39;</span><span class="p">]</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__idp</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;idp&#39;</span><span class="p">]</span>
-
-            <span class="k">if</span> <span class="s">&#39;strict&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">:</span>
-                <span class="bp">self</span><span class="o">.</span><span class="n">__strict</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;strict&#39;</span><span class="p">]</span>
-            <span class="k">if</span> <span class="s">&#39;debug&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">:</span>
-                <span class="bp">self</span><span class="o">.</span><span class="n">__debug</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;debug&#39;</span><span class="p">]</span>
-            <span class="k">if</span> <span class="s">&#39;security&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">:</span>
-                <span class="bp">self</span><span class="o">.</span><span class="n">__security</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;security&#39;</span><span class="p">]</span>
-            <span class="k">if</span> <span class="s">&#39;contactPerson&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">:</span>
-                <span class="bp">self</span><span class="o">.</span><span class="n">__contacts</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;contactPerson&#39;</span><span class="p">]</span>
-            <span class="k">if</span> <span class="s">&#39;organization&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">:</span>
-                <span class="bp">self</span><span class="o">.</span><span class="n">__organization</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;organization&#39;</span><span class="p">]</span>
-
-            <span class="bp">self</span><span class="o">.</span><span class="n">__add_default_values</span><span class="p">()</span>
-            <span class="k">return</span> <span class="bp">True</span>
-
-        <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span> <span class="o">=</span> <span class="n">errors</span>
-        <span class="k">return</span> <span class="bp">False</span>
-
-    <span class="k">def</span> <span class="nf">__load_settings_from_file</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Loads settings info from the settings json file</span>
-
-<span class="sd">        :returns: True if the settings info is valid</span>
-<span class="sd">        :rtype: boolean</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">filename</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_base_path</span><span class="p">()</span> <span class="o">+</span> <span class="s">&#39;settings.json&#39;</span>
-
-        <span class="k">if</span> <span class="ow">not</span> <span class="n">exists</span><span class="p">(</span><span class="n">filename</span><span class="p">):</span>
-            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
-                <span class="s">&#39;Settings file not found: </span><span class="si">%s</span><span class="s">&#39;</span><span class="p">,</span>
-                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SETTINGS_FILE_NOT_FOUND</span><span class="p">,</span>
-                <span class="n">filename</span>
-            <span class="p">)</span>
-
-        <span class="c"># In the php toolkit instead of being a json file it is a php file and</span>
-        <span class="c"># it is directly included</span>
-        <span class="n">json_data</span> <span class="o">=</span> <span class="nb">open</span><span class="p">(</span><span class="n">filename</span><span class="p">,</span> <span class="s">&#39;r&#39;</span><span class="p">)</span>
-        <span class="n">settings</span> <span class="o">=</span> <span class="n">json</span><span class="o">.</span><span class="n">load</span><span class="p">(</span><span class="n">json_data</span><span class="p">)</span>
-        <span class="n">json_data</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-
-        <span class="n">advanced_filename</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_base_path</span><span class="p">()</span> <span class="o">+</span> <span class="s">&#39;advanced_settings.json&#39;</span>
-        <span class="k">if</span> <span class="n">exists</span><span class="p">(</span><span class="n">advanced_filename</span><span class="p">):</span>
-            <span class="n">json_data</span> <span class="o">=</span> <span class="nb">open</span><span class="p">(</span><span class="n">advanced_filename</span><span class="p">,</span> <span class="s">&#39;r&#39;</span><span class="p">)</span>
-            <span class="n">settings</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="n">json</span><span class="o">.</span><span class="n">load</span><span class="p">(</span><span class="n">json_data</span><span class="p">))</span>  <span class="c"># Merge settings</span>
-            <span class="n">json_data</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__load_settings_from_dict</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span>
-
-    <span class="k">def</span> <span class="nf">__add_default_values</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Add default values if the settings info is not complete</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="s">&#39;binding&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__sp</span><span class="p">[</span><span class="s">&#39;assertionConsumerService&#39;</span><span class="p">]:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__sp</span><span class="p">[</span><span class="s">&#39;assertionConsumerService&#39;</span><span class="p">][</span><span class="s">&#39;binding&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">BINDING_HTTP_POST</span>
-        <span class="k">if</span> <span class="s">&#39;singleLogoutService&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__sp</span> <span class="ow">and</span> <span class="s">&#39;binding&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__sp</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">]:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__sp</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s">&#39;binding&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">BINDING_HTTP_REDIRECT</span>
-
-        <span class="c"># Related to nameID</span>
-        <span class="k">if</span> <span class="s">&#39;NameIDFormat&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__sp</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__sp</span><span class="p">[</span><span class="s">&#39;NameIDFormat&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NAMEID_PERSISTENT</span>
-        <span class="k">if</span> <span class="s">&#39;nameIdEncrypted&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;nameIdEncrypted&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="bp">False</span>
-
-        <span class="c"># Sign provided</span>
-        <span class="k">if</span> <span class="s">&#39;authnRequestsSigned&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;authnRequestsSigned&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="bp">False</span>
-        <span class="k">if</span> <span class="s">&#39;logoutRequestSigned&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;logoutRequestSigned&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="bp">False</span>
-        <span class="k">if</span> <span class="s">&#39;logoutResponseSigned&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;logoutResponseSigned&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="bp">False</span>
-        <span class="k">if</span> <span class="s">&#39;signMetadata&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;signMetadata&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="bp">False</span>
-
-        <span class="c"># Sign expected</span>
-        <span class="k">if</span> <span class="s">&#39;wantMessagesSigned&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;wantMessagesSigned&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="bp">False</span>
-        <span class="k">if</span> <span class="s">&#39;wantAssertionsSigned&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;wantAssertionsSigned&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="bp">False</span>
-
-        <span class="c"># Encrypt expected</span>
-        <span class="k">if</span> <span class="s">&#39;wantAssertionsEncrypted&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;wantAssertionsEncrypted&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="bp">False</span>
-        <span class="k">if</span> <span class="s">&#39;wantNameIdEncrypted&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;wantNameIdEncrypted&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="bp">False</span>
-
-        <span class="k">if</span> <span class="s">&#39;x509cert&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__idp</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__idp</span><span class="p">[</span><span class="s">&#39;x509cert&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-        <span class="k">if</span> <span class="s">&#39;certFingerprint&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__idp</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__idp</span><span class="p">[</span><span class="s">&#39;certFingerprint&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.check_settings"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.check_settings">[docs]</a>    <span class="k">def</span> <span class="nf">check_settings</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">settings</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Checks the settings info.</span>
-
-<span class="sd">        :param settings: Dict with settings data</span>
-<span class="sd">        :type settings: dict</span>
-
-<span class="sd">        :returns: Errors found on the settings data</span>
-<span class="sd">        :rtype: list</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="nb">dict</span><span class="p">)</span>
-
-        <span class="n">errors</span> <span class="o">=</span> <span class="p">[]</span>
-        <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">settings</span><span class="p">,</span> <span class="nb">dict</span><span class="p">)</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">settings</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;invalid_syntax&#39;</span><span class="p">)</span>
-            <span class="k">return</span> <span class="n">errors</span>
-
-        <span class="k">if</span> <span class="s">&#39;idp&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">settings</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">settings</span><span class="p">[</span><span class="s">&#39;idp&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;idp_not_found&#39;</span><span class="p">)</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">idp</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;idp&#39;</span><span class="p">]</span>
-            <span class="k">if</span> <span class="s">&#39;entityId&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">idp</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">idp</span><span class="p">[</span><span class="s">&#39;entityId&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
-                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;idp_entityId_not_found&#39;</span><span class="p">)</span>
-
-            <span class="k">if</span> <span class="p">(</span><span class="s">&#39;singleSignOnService&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">idp</span> <span class="ow">or</span>
-                <span class="s">&#39;url&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">idp</span><span class="p">[</span><span class="s">&#39;singleSignOnService&#39;</span><span class="p">]</span> <span class="ow">or</span>
-                    <span class="nb">len</span><span class="p">(</span><span class="n">idp</span><span class="p">[</span><span class="s">&#39;singleSignOnService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">):</span>
-                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;idp_sso_not_found&#39;</span><span class="p">)</span>
-            <span class="k">elif</span> <span class="ow">not</span> <span class="n">validate_url</span><span class="p">(</span><span class="n">idp</span><span class="p">[</span><span class="s">&#39;singleSignOnService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">]):</span>
-                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;idp_sso_url_invalid&#39;</span><span class="p">)</span>
-
-            <span class="k">if</span> <span class="p">(</span><span class="s">&#39;singleLogoutService&#39;</span> <span class="ow">in</span> <span class="n">idp</span> <span class="ow">and</span>
-                <span class="s">&#39;url&#39;</span> <span class="ow">in</span> <span class="n">idp</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">]</span> <span class="ow">and</span>
-                <span class="nb">len</span><span class="p">(</span><span class="n">idp</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">])</span> <span class="o">&gt;</span> <span class="mi">0</span> <span class="ow">and</span>
-                    <span class="ow">not</span> <span class="n">validate_url</span><span class="p">(</span><span class="n">idp</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">])):</span>
-                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;idp_slo_url_invalid&#39;</span><span class="p">)</span>
-
-        <span class="k">if</span> <span class="s">&#39;sp&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">settings</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">settings</span><span class="p">[</span><span class="s">&#39;sp&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;sp_not_found&#39;</span><span class="p">)</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">sp</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;sp&#39;</span><span class="p">]</span>
-            <span class="n">security</span> <span class="o">=</span> <span class="p">{}</span>
-            <span class="k">if</span> <span class="s">&#39;security&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">:</span>
-                <span class="n">security</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;security&#39;</span><span class="p">]</span>
-
-            <span class="k">if</span> <span class="s">&#39;entityId&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">sp</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">sp</span><span class="p">[</span><span class="s">&#39;entityId&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
-                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;sp_entityId_not_found&#39;</span><span class="p">)</span>
-
-            <span class="k">if</span> <span class="p">(</span><span class="s">&#39;assertionConsumerService&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">sp</span> <span class="ow">or</span>
-                <span class="s">&#39;url&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">sp</span><span class="p">[</span><span class="s">&#39;assertionConsumerService&#39;</span><span class="p">]</span> <span class="ow">or</span>
-                    <span class="nb">len</span><span class="p">(</span><span class="n">sp</span><span class="p">[</span><span class="s">&#39;assertionConsumerService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">):</span>
-                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;sp_acs_not_found&#39;</span><span class="p">)</span>
-            <span class="k">elif</span> <span class="ow">not</span> <span class="n">validate_url</span><span class="p">(</span><span class="n">sp</span><span class="p">[</span><span class="s">&#39;assertionConsumerService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">]):</span>
-                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;sp_acs_url_invalid&#39;</span><span class="p">)</span>
-
-            <span class="k">if</span> <span class="p">(</span><span class="s">&#39;singleLogoutService&#39;</span> <span class="ow">in</span> <span class="n">sp</span> <span class="ow">and</span>
-                <span class="s">&#39;url&#39;</span> <span class="ow">in</span> <span class="n">sp</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">]</span> <span class="ow">and</span>
-                <span class="nb">len</span><span class="p">(</span><span class="n">sp</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">])</span> <span class="o">&gt;</span> <span class="mi">0</span> <span class="ow">and</span>
-                    <span class="ow">not</span> <span class="n">validate_url</span><span class="p">(</span><span class="n">sp</span><span class="p">[</span><span class="s">&#39;singleLogoutService&#39;</span><span class="p">][</span><span class="s">&#39;url&#39;</span><span class="p">])):</span>
-                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;sp_sls_url_invalid&#39;</span><span class="p">)</span>
-
-            <span class="k">if</span> <span class="s">&#39;signMetadata&#39;</span> <span class="ow">in</span> <span class="n">security</span> <span class="ow">and</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">security</span><span class="p">[</span><span class="s">&#39;signMetadata&#39;</span><span class="p">],</span> <span class="nb">dict</span><span class="p">):</span>
-                <span class="k">if</span> <span class="p">(</span><span class="s">&#39;keyFileName&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;signMetadata&#39;</span><span class="p">]</span> <span class="ow">or</span>
-                        <span class="s">&#39;certFileName&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;signMetadata&#39;</span><span class="p">]):</span>
-                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;sp_signMetadata_invalid&#39;</span><span class="p">)</span>
-
-            <span class="k">if</span> <span class="p">(((</span><span class="s">&#39;authnRequestsSigned&#39;</span> <span class="ow">in</span> <span class="n">security</span> <span class="ow">and</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;authnRequestsSigned&#39;</span><span class="p">])</span> <span class="ow">or</span>
-                 <span class="p">(</span><span class="s">&#39;logoutRequestSigned&#39;</span> <span class="ow">in</span> <span class="n">security</span> <span class="ow">and</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;logoutRequestSigned&#39;</span><span class="p">])</span> <span class="ow">or</span>
-                 <span class="p">(</span><span class="s">&#39;logoutResponseSigned&#39;</span> <span class="ow">in</span> <span class="n">security</span> <span class="ow">and</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;logoutResponseSigned&#39;</span><span class="p">])</span> <span class="ow">or</span>
-                 <span class="p">(</span><span class="s">&#39;wantAssertionsEncrypted&#39;</span> <span class="ow">in</span> <span class="n">security</span> <span class="ow">and</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;wantAssertionsEncrypted&#39;</span><span class="p">])</span> <span class="ow">or</span>
-                 <span class="p">(</span><span class="s">&#39;wantNameIdEncrypted&#39;</span> <span class="ow">in</span> <span class="n">security</span> <span class="ow">and</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;wantNameIdEncrypted&#39;</span><span class="p">]))</span> <span class="ow">and</span>
-                    <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">check_sp_certs</span><span class="p">()):</span>
-                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;sp_cert_not_found_and_required&#39;</span><span class="p">)</span>
-
-            <span class="n">exists_X509</span> <span class="o">=</span> <span class="p">(</span><span class="s">&#39;idp&#39;</span> <span class="ow">in</span> <span class="n">settings</span> <span class="ow">and</span>
-                           <span class="s">&#39;x509cert&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;idp&#39;</span><span class="p">]</span> <span class="ow">and</span>
-                           <span class="nb">len</span><span class="p">(</span><span class="n">settings</span><span class="p">[</span><span class="s">&#39;idp&#39;</span><span class="p">][</span><span class="s">&#39;x509cert&#39;</span><span class="p">])</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">)</span>
-            <span class="n">exists_fingerprint</span> <span class="o">=</span> <span class="p">(</span><span class="s">&#39;idp&#39;</span> <span class="ow">in</span> <span class="n">settings</span> <span class="ow">and</span>
-                                  <span class="s">&#39;certFingerprint&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;idp&#39;</span><span class="p">]</span> <span class="ow">and</span>
-                                  <span class="nb">len</span><span class="p">(</span><span class="n">settings</span><span class="p">[</span><span class="s">&#39;idp&#39;</span><span class="p">][</span><span class="s">&#39;certFingerprint&#39;</span><span class="p">])</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">)</span>
-            <span class="k">if</span> <span class="p">(((</span><span class="s">&#39;wantAssertionsSigned&#39;</span> <span class="ow">in</span> <span class="n">security</span> <span class="ow">and</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;wantAssertionsSigned&#39;</span><span class="p">])</span> <span class="ow">or</span>
-                 <span class="p">(</span><span class="s">&#39;wantMessagesSigned&#39;</span> <span class="ow">in</span> <span class="n">security</span> <span class="ow">and</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;wantMessagesSigned&#39;</span><span class="p">]))</span> <span class="ow">and</span>
-                    <span class="ow">not</span><span class="p">(</span><span class="n">exists_X509</span> <span class="ow">or</span> <span class="n">exists_fingerprint</span><span class="p">)):</span>
-                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;idp_cert_or_fingerprint_not_found_and_required&#39;</span><span class="p">)</span>
-            <span class="k">if</span> <span class="p">(</span><span class="s">&#39;nameIdEncrypted&#39;</span> <span class="ow">in</span> <span class="n">security</span> <span class="ow">and</span> <span class="n">security</span><span class="p">[</span><span class="s">&#39;nameIdEncrypted&#39;</span><span class="p">])</span> <span class="ow">and</span> <span class="ow">not</span> <span class="n">exists_X509</span><span class="p">:</span>
-                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;idp_cert_not_found_and_required&#39;</span><span class="p">)</span>
-
-        <span class="k">if</span> <span class="s">&#39;contactPerson&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">:</span>
-            <span class="n">types</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;contactPerson&#39;</span><span class="p">]</span><span class="o">.</span><span class="n">keys</span><span class="p">()</span>
-            <span class="n">valid_types</span> <span class="o">=</span> <span class="p">[</span><span class="s">&#39;technical&#39;</span><span class="p">,</span> <span class="s">&#39;support&#39;</span><span class="p">,</span> <span class="s">&#39;administrative&#39;</span><span class="p">,</span> <span class="s">&#39;billing&#39;</span><span class="p">,</span> <span class="s">&#39;other&#39;</span><span class="p">]</span>
-            <span class="k">for</span> <span class="n">t</span> <span class="ow">in</span> <span class="n">types</span><span class="p">:</span>
-                <span class="k">if</span> <span class="n">t</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">valid_types</span><span class="p">:</span>
-                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;contact_type_invalid&#39;</span><span class="p">)</span>
-                    <span class="k">break</span>
-
-            <span class="k">for</span> <span class="n">t</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;contactPerson&#39;</span><span class="p">]:</span>
-                <span class="n">contact</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;contactPerson&#39;</span><span class="p">][</span><span class="n">t</span><span class="p">]</span>
-                <span class="k">if</span> <span class="p">((</span><span class="s">&#39;givenName&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">contact</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">contact</span><span class="p">[</span><span class="s">&#39;givenName&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">)</span> <span class="ow">or</span>
-                        <span class="p">(</span><span class="s">&#39;emailAddress&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">contact</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">contact</span><span class="p">[</span><span class="s">&#39;emailAddress&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">)):</span>
-                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;contact_not_enought_data&#39;</span><span class="p">)</span>
-                    <span class="k">break</span>
-
-        <span class="k">if</span> <span class="s">&#39;organization&#39;</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">:</span>
-            <span class="k">for</span> <span class="n">o</span> <span class="ow">in</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;organization&#39;</span><span class="p">]:</span>
-                <span class="n">organization</span> <span class="o">=</span> <span class="n">settings</span><span class="p">[</span><span class="s">&#39;organization&#39;</span><span class="p">][</span><span class="n">o</span><span class="p">]</span>
-                <span class="k">if</span> <span class="p">((</span><span class="s">&#39;name&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">organization</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">organization</span><span class="p">[</span><span class="s">&#39;name&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">)</span> <span class="ow">or</span>
-                    <span class="p">(</span><span class="s">&#39;displayname&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">organization</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">organization</span><span class="p">[</span><span class="s">&#39;displayname&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">)</span> <span class="ow">or</span>
-                        <span class="p">(</span><span class="s">&#39;url&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">organization</span> <span class="ow">or</span> <span class="nb">len</span><span class="p">(</span><span class="n">organization</span><span class="p">[</span><span class="s">&#39;url&#39;</span><span class="p">])</span> <span class="o">==</span> <span class="mi">0</span><span class="p">)):</span>
-                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;organization_not_enought_data&#39;</span><span class="p">)</span>
-                    <span class="k">break</span>
-
-        <span class="k">return</span> <span class="n">errors</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.check_sp_certs"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.check_sp_certs">[docs]</a>    <span class="k">def</span> <span class="nf">check_sp_certs</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Checks if the x509 certs of the SP exists and are valid.</span>
-
-<span class="sd">        :returns: If the x509 certs of the SP exists and are valid</span>
-<span class="sd">        :rtype: boolean</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">key</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_sp_key</span><span class="p">()</span>
-        <span class="n">cert</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_sp_cert</span><span class="p">()</span>
-        <span class="k">return</span> <span class="n">key</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span> <span class="ow">and</span> <span class="n">cert</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_sp_key"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_sp_key">[docs]</a>    <span class="k">def</span> <span class="nf">get_sp_key</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns the x509 private key of the SP.</span>
-
-<span class="sd">        :returns: SP private key</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">key</span> <span class="o">=</span> <span class="bp">None</span>
-        <span class="n">key_file</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__paths</span><span class="p">[</span><span class="s">&#39;cert&#39;</span><span class="p">]</span> <span class="o">+</span> <span class="s">&#39;sp.key&#39;</span>
-
-        <span class="k">if</span> <span class="n">exists</span><span class="p">(</span><span class="n">key_file</span><span class="p">):</span>
-            <span class="n">f</span> <span class="o">=</span> <span class="nb">open</span><span class="p">(</span><span class="n">key_file</span><span class="p">,</span> <span class="s">&#39;r&#39;</span><span class="p">)</span>
-            <span class="n">key</span> <span class="o">=</span> <span class="n">f</span><span class="o">.</span><span class="n">read</span><span class="p">()</span>
-            <span class="n">f</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-
-        <span class="k">return</span> <span class="n">key</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_sp_cert"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_sp_cert">[docs]</a>    <span class="k">def</span> <span class="nf">get_sp_cert</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns the x509 public cert of the SP.</span>
-
-<span class="sd">        :returns: SP public cert</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">cert</span> <span class="o">=</span> <span class="bp">None</span>
-        <span class="n">cert_file</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__paths</span><span class="p">[</span><span class="s">&#39;cert&#39;</span><span class="p">]</span> <span class="o">+</span> <span class="s">&#39;sp.crt&#39;</span>
-
-        <span class="k">if</span> <span class="n">exists</span><span class="p">(</span><span class="n">cert_file</span><span class="p">):</span>
-            <span class="n">f</span> <span class="o">=</span> <span class="nb">open</span><span class="p">(</span><span class="n">cert_file</span><span class="p">,</span> <span class="s">&#39;r&#39;</span><span class="p">)</span>
-            <span class="n">cert</span> <span class="o">=</span> <span class="n">f</span><span class="o">.</span><span class="n">read</span><span class="p">()</span>
-            <span class="n">f</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-
-        <span class="k">return</span> <span class="n">cert</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_idp_data"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_idp_data">[docs]</a>    <span class="k">def</span> <span class="nf">get_idp_data</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the IdP data.</span>
-
-<span class="sd">        :returns: IdP info</span>
-<span class="sd">        :rtype: dict</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__idp</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_sp_data"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_sp_data">[docs]</a>    <span class="k">def</span> <span class="nf">get_sp_data</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the SP data.</span>
-
-<span class="sd">        :returns: SP info</span>
-<span class="sd">        :rtype: dict</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__sp</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_security_data"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_security_data">[docs]</a>    <span class="k">def</span> <span class="nf">get_security_data</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets security data.</span>
-
-<span class="sd">        :returns: Security info</span>
-<span class="sd">        :rtype: dict</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_contacts"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_contacts">[docs]</a>    <span class="k">def</span> <span class="nf">get_contacts</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets contact data.</span>
-
-<span class="sd">        :returns: Contacts info</span>
-<span class="sd">        :rtype: dict</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__contacts</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_organization"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_organization">[docs]</a>    <span class="k">def</span> <span class="nf">get_organization</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets organization data.</span>
-
-<span class="sd">        :returns: Organization info</span>
-<span class="sd">        :rtype: dict</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__organization</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_sp_metadata"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_sp_metadata">[docs]</a>    <span class="k">def</span> <span class="nf">get_sp_metadata</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets the SP metadata. The XML representation.</span>
-
-<span class="sd">        :returns: SP metadata (xml)</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">metadata</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Metadata</span><span class="o">.</span><span class="n">builder</span><span class="p">(</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__sp</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;authnRequestsSigned&#39;</span><span class="p">],</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;wantAssertionsSigned&#39;</span><span class="p">],</span> <span class="bp">None</span><span class="p">,</span> <span class="bp">None</span><span class="p">,</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">get_contacts</span><span class="p">(),</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_organization</span><span class="p">()</span>
-        <span class="p">)</span>
-        <span class="n">cert</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">get_sp_cert</span><span class="p">()</span>
-        <span class="k">if</span> <span class="n">cert</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="n">metadata</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Metadata</span><span class="o">.</span><span class="n">add_x509_key_descriptors</span><span class="p">(</span><span class="n">metadata</span><span class="p">,</span> <span class="n">cert</span><span class="p">)</span>
-
-        <span class="c"># Sign metadata</span>
-        <span class="k">if</span> <span class="s">&#39;signMetadata&#39;</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span> <span class="ow">and</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;signMetadata&#39;</span><span class="p">]</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">False</span><span class="p">:</span>
-            <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;signMetadata&#39;</span><span class="p">]</span> <span class="ow">is</span> <span class="bp">True</span><span class="p">:</span>
-                <span class="n">key_file_name</span> <span class="o">=</span> <span class="s">&#39;sp.key&#39;</span>
-                <span class="n">cert_file_name</span> <span class="o">=</span> <span class="s">&#39;sp.crt&#39;</span>
-            <span class="k">else</span><span class="p">:</span>
-                <span class="k">if</span> <span class="p">(</span><span class="s">&#39;keyFileName&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;signMetadata&#39;</span><span class="p">]</span> <span class="ow">or</span>
-                        <span class="s">&#39;certFileName&#39;</span> <span class="ow">not</span> <span class="ow">in</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;signMetadata&#39;</span><span class="p">]):</span>
-                    <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
-                        <span class="s">&#39;Invalid Setting: signMetadata value of the sp is not valid&#39;</span><span class="p">,</span>
-                        <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">SETTINGS_INVALID_SYNTAX</span>
-                    <span class="p">)</span>
-                <span class="n">key_file_name</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;signMetadata&#39;</span><span class="p">][</span><span class="s">&#39;keyFileName&#39;</span><span class="p">]</span>
-                <span class="n">cert_file_name</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__security</span><span class="p">[</span><span class="s">&#39;signMetadata&#39;</span><span class="p">][</span><span class="s">&#39;certFileName&#39;</span><span class="p">]</span>
-            <span class="n">key_metadata_file</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__paths</span><span class="p">[</span><span class="s">&#39;cert&#39;</span><span class="p">]</span> <span class="o">+</span> <span class="n">key_file_name</span>
-            <span class="n">cert_metadata_file</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">__paths</span><span class="p">[</span><span class="s">&#39;cert&#39;</span><span class="p">]</span> <span class="o">+</span> <span class="n">cert_file_name</span>
-
-            <span class="k">if</span> <span class="ow">not</span> <span class="n">exists</span><span class="p">(</span><span class="n">key_metadata_file</span><span class="p">):</span>
-                <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
-                    <span class="s">&#39;Private key file not found: </span><span class="si">%s</span><span class="s">&#39;</span><span class="p">,</span>
-                    <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">PRIVATE_KEY_FILE_NOT_FOUND</span><span class="p">,</span>
-                    <span class="n">key_metadata_file</span>
-                <span class="p">)</span>
-
-            <span class="k">if</span> <span class="ow">not</span> <span class="n">exists</span><span class="p">(</span><span class="n">cert_metadata_file</span><span class="p">):</span>
-                <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
-                    <span class="s">&#39;Public cert file not found: </span><span class="si">%s</span><span class="s">&#39;</span><span class="p">,</span>
-                    <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">PUBLIC_CERT_FILE_NOT_FOUND</span><span class="p">,</span>
-                    <span class="n">cert_metadata_file</span>
-                <span class="p">)</span>
-
-            <span class="n">f</span> <span class="o">=</span> <span class="nb">open</span><span class="p">(</span><span class="n">key_metadata_file</span><span class="p">,</span> <span class="s">&#39;r&#39;</span><span class="p">)</span>
-            <span class="n">key_metadata</span> <span class="o">=</span> <span class="n">f</span><span class="o">.</span><span class="n">read</span><span class="p">()</span>
-            <span class="n">f</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-            <span class="n">f</span> <span class="o">=</span> <span class="nb">open</span><span class="p">(</span><span class="n">cert_metadata_file</span><span class="p">,</span> <span class="s">&#39;r&#39;</span><span class="p">)</span>
-            <span class="n">cert_metadata</span> <span class="o">=</span> <span class="n">f</span><span class="o">.</span><span class="n">read</span><span class="p">()</span>
-            <span class="n">f</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-            <span class="n">metadata</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Metadata</span><span class="o">.</span><span class="n">sign_metadata</span><span class="p">(</span><span class="n">metadata</span><span class="p">,</span> <span class="n">key_metadata</span><span class="p">,</span> <span class="n">cert_metadata</span><span class="p">)</span>
-
-        <span class="k">return</span> <span class="n">metadata</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.validate_metadata"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.validate_metadata">[docs]</a>    <span class="k">def</span> <span class="nf">validate_metadata</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">xml</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Validates an XML SP Metadata.</span>
-
-<span class="sd">        :param xml: Metadata&#39;s XML that will be validate</span>
-<span class="sd">        :type xml: string</span>
-
-<span class="sd">        :returns: The list of found errors</span>
-<span class="sd">        :rtype: list</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-
-        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="nb">basestring</span><span class="p">)</span>
-
-        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">xml</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Empty string supplied as input&#39;</span><span class="p">)</span>
-
-        <span class="n">errors</span> <span class="o">=</span> <span class="p">[]</span>
-        <span class="n">res</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">validate_xml</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="s">&#39;saml-schema-metadata-2.0.xsd&#39;</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">__debug</span><span class="p">)</span>
-        <span class="k">if</span> <span class="ow">not</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">res</span><span class="p">,</span> <span class="n">Document</span><span class="p">):</span>
-            <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">res</span><span class="p">)</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">dom</span> <span class="o">=</span> <span class="n">res</span>
-            <span class="n">element</span> <span class="o">=</span> <span class="n">dom</span><span class="o">.</span><span class="n">documentElement</span>
-            <span class="k">if</span> <span class="n">element</span><span class="o">.</span><span class="n">tagName</span> <span class="o">!=</span> <span class="s">&#39;md:EntityDescriptor&#39;</span><span class="p">:</span>
-                <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;noEntityDescriptor_xml&#39;</span><span class="p">)</span>
-            <span class="k">else</span><span class="p">:</span>
-                <span class="n">valid_until</span> <span class="o">=</span> <span class="n">cache_duration</span> <span class="o">=</span> <span class="n">expire_time</span> <span class="o">=</span> <span class="bp">None</span>
-
-                <span class="k">if</span> <span class="n">element</span><span class="o">.</span><span class="n">hasAttribute</span><span class="p">(</span><span class="s">&#39;validUntil&#39;</span><span class="p">):</span>
-                    <span class="n">valid_until</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">element</span><span class="o">.</span><span class="n">getAttribute</span><span class="p">(</span><span class="s">&#39;validUntil&#39;</span><span class="p">))</span>
-                <span class="k">if</span> <span class="n">element</span><span class="o">.</span><span class="n">hasAttribute</span><span class="p">(</span><span class="s">&#39;cacheDuration&#39;</span><span class="p">):</span>
-                    <span class="n">cache_duration</span> <span class="o">=</span> <span class="n">element</span><span class="o">.</span><span class="n">getAttribute</span><span class="p">(</span><span class="s">&#39;cacheDuration&#39;</span><span class="p">)</span>
-
-                <span class="n">expire_time</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_expire_time</span><span class="p">(</span><span class="n">cache_duration</span><span class="p">,</span> <span class="n">valid_until</span><span class="p">)</span>
-                <span class="k">if</span> <span class="n">expire_time</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span> <span class="ow">and</span> <span class="nb">int</span><span class="p">(</span><span class="n">datetime</span><span class="o">.</span><span class="n">now</span><span class="p">()</span><span class="o">.</span><span class="n">strftime</span><span class="p">(</span><span class="s">&#39;</span><span class="si">%s</span><span class="s">&#39;</span><span class="p">))</span> <span class="o">&gt;</span> <span class="nb">int</span><span class="p">(</span><span class="n">expire_time</span><span class="p">):</span>
-                    <span class="n">errors</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="s">&#39;expired_xml&#39;</span><span class="p">)</span>
-
-        <span class="k">return</span> <span class="n">errors</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.format_idp_cert"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.format_idp_cert">[docs]</a>    <span class="k">def</span> <span class="nf">format_idp_cert</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Formats the IdP cert.</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">__idp</span><span class="p">[</span><span class="s">&#39;x509cert&#39;</span><span class="p">]</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="bp">self</span><span class="o">.</span><span class="n">__idp</span><span class="p">[</span><span class="s">&#39;x509cert&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">format_cert</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">__idp</span><span class="p">[</span><span class="s">&#39;x509cert&#39;</span><span class="p">])</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.get_errors"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_errors">[docs]</a>    <span class="k">def</span> <span class="nf">get_errors</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns an array with the errors, the array is empty when the settings is ok.</span>
-
-<span class="sd">        :returns: Errors</span>
-<span class="sd">        :rtype: list</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__errors</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.set_strict"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.set_strict">[docs]</a>    <span class="k">def</span> <span class="nf">set_strict</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">value</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Activates or deactivates the strict mode.</span>
-
-<span class="sd">        :param xml: Strict parameter</span>
-<span class="sd">        :type xml: boolean</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">value</span><span class="p">,</span> <span class="nb">bool</span><span class="p">)</span>
-
-        <span class="bp">self</span><span class="o">.</span><span class="n">__strict</span> <span class="o">=</span> <span class="n">value</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.is_strict"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.is_strict">[docs]</a>    <span class="k">def</span> <span class="nf">is_strict</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns if the &#39;strict&#39; mode is active.</span>
-
-<span class="sd">        :returns: Strict parameter</span>
-<span class="sd">        :rtype: boolean</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__strict</span>
-</div>
-<div class="viewcode-block" id="OneLogin_Saml2_Settings.is_debug_active"><a class="viewcode-back" href="../../saml2.html#saml2.settings.OneLogin_Saml2_Settings.is_debug_active">[docs]</a>    <span class="k">def</span> <span class="nf">is_debug_active</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns if the debug is active.</span>
-
-<span class="sd">        :returns: Debug parameter</span>
-<span class="sd">        :rtype: boolean</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">__debug</span></div></div>
-</pre></div>
-
-          </div>
-        </div>
-      </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="../../search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" >Class code</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
-</html>
\ No newline at end of file
diff --git a/docs/saml2/_modules/saml2/utils.html b/docs/saml2/_modules/saml2/utils.html
deleted file mode 100644
index 613d2a09..00000000
--- a/docs/saml2/_modules/saml2/utils.html
+++ /dev/null
@@ -1,805 +0,0 @@
-
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>saml2.utils &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="../../_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '../../',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="../../_static/jquery.js"></script>
-    <script type="text/javascript" src="../../_static/underscore.js"></script>
-    <script type="text/javascript" src="../../_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="../../index.html" />
-    <link rel="up" title="Class code" href="../index.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" accesskey="U">Class code</a> &raquo;</li> 
-      </ul>
-    </div>  
-
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-  <h1>Source code for saml2.utils</h1><div class="highlight"><pre>
-<span class="c"># -*- coding: utf-8 -*-</span>
-
-<span class="c"># Copyright (c) 2010-2018 OneLogin, Inc.</span>
-<span class="c"># MIT License</span>
-
-<span class="kn">import</span> <span class="nn">base64</span>
-<span class="kn">from</span> <span class="nn">datetime</span> <span class="kn">import</span> <span class="n">datetime</span>
-<span class="kn">import</span> <span class="nn">calendar</span>
-<span class="kn">from</span> <span class="nn">hashlib</span> <span class="kn">import</span> <span class="n">sha1</span>
-<span class="kn">from</span> <span class="nn">isodate</span> <span class="kn">import</span> <span class="n">parse_duration</span> <span class="k">as</span> <span class="n">duration_parser</span>
-<span class="kn">from</span> <span class="nn">lxml</span> <span class="kn">import</span> <span class="n">etree</span>
-<span class="kn">from</span> <span class="nn">lxml.etree</span> <span class="kn">import</span> <span class="n">ElementBase</span>
-<span class="kn">from</span> <span class="nn">os.path</span> <span class="kn">import</span> <span class="n">basename</span><span class="p">,</span> <span class="n">dirname</span><span class="p">,</span> <span class="n">join</span>
-<span class="kn">import</span> <span class="nn">re</span>
-<span class="kn">from</span> <span class="nn">sys</span> <span class="kn">import</span> <span class="n">stderr</span>
-<span class="kn">from</span> <span class="nn">tempfile</span> <span class="kn">import</span> <span class="n">NamedTemporaryFile</span>
-<span class="kn">from</span> <span class="nn">textwrap</span> <span class="kn">import</span> <span class="n">wrap</span>
-<span class="kn">from</span> <span class="nn">urllib</span> <span class="kn">import</span> <span class="n">quote_plus</span>
-<span class="kn">from</span> <span class="nn">uuid</span> <span class="kn">import</span> <span class="n">uuid4</span>
-<span class="kn">from</span> <span class="nn">xml.dom.minidom</span> <span class="kn">import</span> <span class="n">Document</span><span class="p">,</span> <span class="n">parseString</span><span class="p">,</span> <span class="n">Element</span>
-<span class="kn">from</span> <span class="nn">xml.etree.ElementTree</span> <span class="kn">import</span> <span class="n">tostring</span>
-<span class="kn">import</span> <span class="nn">zlib</span>
-
-<span class="kn">import</span> <span class="nn">dm.xmlsec.binding</span> <span class="kn">as</span> <span class="nn">xmlsec</span>
-<span class="kn">from</span> <span class="nn">dm.xmlsec.binding.tmpl</span> <span class="kn">import</span> <span class="n">EncData</span><span class="p">,</span> <span class="n">Signature</span>
-<span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="kn">import</span> <span class="n">X509</span>
-
-<span class="kn">from</span> <span class="nn">saml2.constants</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Constants</span>
-<span class="kn">from</span> <span class="nn">saml2.errors</span> <span class="kn">import</span> <span class="n">OneLogin_Saml2_Error</span>
-
-
-<span class="k">def</span> <span class="nf">_</span><span class="p">(</span><span class="n">msg</span><span class="p">):</span>
-    <span class="c"># Fixme Add i18n support</span>
-    <span class="k">return</span> <span class="n">msg</span>
-
-
-<div class="viewcode-block" id="OneLogin_Saml2_Utils"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils">[docs]</a><span class="k">class</span> <span class="nc">OneLogin_Saml2_Utils</span><span class="p">:</span>
-
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.decode_base64_and_inflate"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.decode_base64_and_inflate">[docs]</a>    <span class="k">def</span> <span class="nf">decode_base64_and_inflate</span><span class="p">(</span><span class="n">value</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot; base64 decodes and then inflates according to RFC1951</span>
-<span class="sd">        :param value: a deflated and encoded string</span>
-<span class="sd">        :return: the string after decoding and inflating</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-
-        <span class="k">return</span> <span class="n">zlib</span><span class="o">.</span><span class="n">decompress</span><span class="p">(</span><span class="n">base64</span><span class="o">.</span><span class="n">b64decode</span><span class="p">(</span><span class="n">value</span><span class="p">),</span> <span class="o">-</span><span class="mi">15</span><span class="p">)</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.deflate_and_base64_encode"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.deflate_and_base64_encode">[docs]</a>    <span class="k">def</span> <span class="nf">deflate_and_base64_encode</span><span class="p">(</span><span class="n">value</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Deflates and the base64 encodes a string</span>
-<span class="sd">        :param value: The string to deflate and encode</span>
-<span class="sd">        :return: The deflated and encoded string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="n">base64</span><span class="o">.</span><span class="n">b64encode</span><span class="p">(</span><span class="n">zlib</span><span class="o">.</span><span class="n">compress</span><span class="p">(</span><span class="n">value</span><span class="p">)[</span><span class="mi">2</span><span class="p">:</span><span class="o">-</span><span class="mi">4</span><span class="p">])</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.validate_xml"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.validate_xml">[docs]</a>    <span class="k">def</span> <span class="nf">validate_xml</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">schema</span><span class="p">,</span> <span class="n">debug</span><span class="o">=</span><span class="bp">False</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">assert</span> <span class="p">(</span><span class="nb">isinstance</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="nb">basestring</span><span class="p">)</span> <span class="ow">or</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">Document</span><span class="p">))</span>
-        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">schema</span><span class="p">,</span> <span class="nb">basestring</span><span class="p">)</span>
-
-        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">Document</span><span class="p">):</span>
-            <span class="n">xml</span> <span class="o">=</span> <span class="n">xml</span><span class="o">.</span><span class="n">toxml</span><span class="p">()</span>
-
-        <span class="c"># Switch to lxml for schema validation</span>
-        <span class="k">try</span><span class="p">:</span>
-            <span class="n">dom</span> <span class="o">=</span> <span class="n">etree</span><span class="o">.</span><span class="n">fromstring</span><span class="p">(</span><span class="n">xml</span><span class="p">)</span>
-        <span class="k">except</span> <span class="ne">Exception</span><span class="p">:</span>
-            <span class="k">return</span> <span class="s">&#39;unloaded_xml&#39;</span>
-
-        <span class="n">schema_file</span> <span class="o">=</span> <span class="n">join</span><span class="p">(</span><span class="n">dirname</span><span class="p">(</span><span class="n">__file__</span><span class="p">),</span> <span class="s">&#39;schemas&#39;</span><span class="p">,</span> <span class="n">schema</span><span class="p">)</span>
-        <span class="n">f</span> <span class="o">=</span> <span class="nb">open</span><span class="p">(</span><span class="n">schema_file</span><span class="p">,</span> <span class="s">&#39;r&#39;</span><span class="p">)</span>
-        <span class="n">schema_doc</span> <span class="o">=</span> <span class="n">etree</span><span class="o">.</span><span class="n">parse</span><span class="p">(</span><span class="n">f</span><span class="p">)</span>
-        <span class="n">f</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-        <span class="n">xmlschema</span> <span class="o">=</span> <span class="n">etree</span><span class="o">.</span><span class="n">XMLSchema</span><span class="p">(</span><span class="n">schema_doc</span><span class="p">)</span>
-
-        <span class="k">if</span> <span class="ow">not</span> <span class="n">xmlschema</span><span class="o">.</span><span class="n">validate</span><span class="p">(</span><span class="n">dom</span><span class="p">):</span>
-            <span class="n">xml_errors</span> <span class="o">=</span> <span class="p">[</span><span class="n">xmlschema</span><span class="o">.</span><span class="n">error_log</span><span class="p">]</span>
-            <span class="k">if</span> <span class="n">debug</span><span class="p">:</span>
-                <span class="n">stderr</span><span class="o">.</span><span class="n">write</span><span class="p">(</span><span class="s">&#39;Errors validating the metadata&#39;</span><span class="p">)</span>
-                <span class="n">stderr</span><span class="o">.</span><span class="n">write</span><span class="p">(</span><span class="s">&#39;:</span><span class="se">\n\n</span><span class="s">&#39;</span><span class="p">)</span>
-                <span class="k">for</span> <span class="n">error</span> <span class="ow">in</span> <span class="n">xml_errors</span><span class="p">:</span>
-                    <span class="n">stderr</span><span class="o">.</span><span class="n">write</span><span class="p">(</span><span class="s">&#39;</span><span class="si">%s</span><span class="se">\n</span><span class="s">&#39;</span> <span class="o">%</span> <span class="n">error</span><span class="o">.</span><span class="n">message</span><span class="p">)</span>
-
-            <span class="k">return</span> <span class="s">&#39;invalid_xml&#39;</span>
-
-        <span class="k">return</span> <span class="n">parseString</span><span class="p">(</span><span class="n">etree</span><span class="o">.</span><span class="n">tostring</span><span class="p">(</span><span class="n">dom</span><span class="p">))</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.format_cert"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.format_cert">[docs]</a>    <span class="k">def</span> <span class="nf">format_cert</span><span class="p">(</span><span class="n">cert</span><span class="p">,</span> <span class="n">heads</span><span class="o">=</span><span class="bp">True</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns a x509 cert (adding header &amp; footer if required).</span>
-
-<span class="sd">        :param cert: A x509 unformated cert</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :param heads: True if we want to include head and footer</span>
-<span class="sd">        :type: boolean</span>
-
-<span class="sd">        :returns: Formated cert</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">x509_cert</span> <span class="o">=</span> <span class="n">cert</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s">&#39;</span><span class="se">\x0D</span><span class="s">&#39;</span><span class="p">,</span> <span class="s">&#39;&#39;</span><span class="p">)</span>
-        <span class="n">x509_cert</span> <span class="o">=</span> <span class="n">x509_cert</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s">&#39;</span><span class="se">\r</span><span class="s">&#39;</span><span class="p">,</span> <span class="s">&#39;&#39;</span><span class="p">)</span>
-        <span class="n">x509_cert</span> <span class="o">=</span> <span class="n">x509_cert</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s">&#39;</span><span class="se">\n</span><span class="s">&#39;</span><span class="p">,</span> <span class="s">&#39;&#39;</span><span class="p">)</span>
-        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">x509_cert</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="n">x509_cert</span> <span class="o">=</span> <span class="n">x509_cert</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s">&#39;-----BEGIN CERTIFICATE-----&#39;</span><span class="p">,</span> <span class="s">&#39;&#39;</span><span class="p">)</span>
-            <span class="n">x509_cert</span> <span class="o">=</span> <span class="n">x509_cert</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s">&#39;-----END CERTIFICATE-----&#39;</span><span class="p">,</span> <span class="s">&#39;&#39;</span><span class="p">)</span>
-            <span class="n">x509_cert</span> <span class="o">=</span> <span class="n">x509_cert</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s">&#39; &#39;</span><span class="p">,</span> <span class="s">&#39;&#39;</span><span class="p">)</span>
-
-            <span class="k">if</span> <span class="n">heads</span><span class="p">:</span>
-                <span class="n">x509_cert</span> <span class="o">=</span> <span class="s">&#39;-----BEGIN CERTIFICATE-----</span><span class="se">\n</span><span class="s">&#39;</span> <span class="o">+</span> <span class="s">&#39;</span><span class="se">\n</span><span class="s">&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">wrap</span><span class="p">(</span><span class="n">x509_cert</span><span class="p">,</span> <span class="mi">64</span><span class="p">))</span> <span class="o">+</span> <span class="s">&#39;</span><span class="se">\n</span><span class="s">-----END CERTIFICATE-----</span><span class="se">\n</span><span class="s">&#39;</span>
-
-        <span class="k">return</span> <span class="n">x509_cert</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.redirect"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.redirect">[docs]</a>    <span class="k">def</span> <span class="nf">redirect</span><span class="p">(</span><span class="n">url</span><span class="p">,</span> <span class="n">parameters</span><span class="o">=</span><span class="p">{},</span> <span class="n">request_data</span><span class="o">=</span><span class="p">{}):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Executes a redirection to the provided url (or return the target url).</span>
-
-<span class="sd">        :param url: The target url</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :param parameters: Extra parameters to be passed as part of the url</span>
-<span class="sd">        :type: dict</span>
-
-<span class="sd">        :param request_data: The request as a dict</span>
-<span class="sd">        :type: dict</span>
-
-<span class="sd">        :returns: Url</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">url</span><span class="p">,</span> <span class="nb">basestring</span><span class="p">)</span>
-        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">parameters</span><span class="p">,</span> <span class="nb">dict</span><span class="p">)</span>
-
-        <span class="k">if</span> <span class="n">url</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="s">&#39;/&#39;</span><span class="p">):</span>
-            <span class="n">url</span> <span class="o">=</span> <span class="s">&#39;</span><span class="si">%s%s</span><span class="s">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_host</span><span class="p">(</span><span class="n">request_data</span><span class="p">),</span> <span class="n">url</span><span class="p">)</span>
-
-        <span class="c"># Verify that the URL is to a http or https site.</span>
-        <span class="k">if</span> <span class="n">re</span><span class="o">.</span><span class="n">search</span><span class="p">(</span><span class="s">&#39;^https?://&#39;</span><span class="p">,</span> <span class="n">url</span><span class="p">)</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="k">raise</span> <span class="n">OneLogin_Saml2_Error</span><span class="p">(</span>
-                <span class="s">&#39;Redirect to invalid URL: &#39;</span> <span class="o">+</span> <span class="n">url</span><span class="p">,</span>
-                <span class="n">OneLogin_Saml2_Error</span><span class="o">.</span><span class="n">REDIRECT_INVALID_URL</span>
-            <span class="p">)</span>
-
-        <span class="c"># Add encoded parameters</span>
-        <span class="k">if</span> <span class="n">url</span><span class="o">.</span><span class="n">find</span><span class="p">(</span><span class="s">&#39;?&#39;</span><span class="p">)</span> <span class="o">&lt;</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="n">param_prefix</span> <span class="o">=</span> <span class="s">&#39;?&#39;</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">param_prefix</span> <span class="o">=</span> <span class="s">&#39;&amp;&#39;</span>
-
-        <span class="k">for</span> <span class="n">name</span><span class="p">,</span> <span class="n">value</span> <span class="ow">in</span> <span class="n">parameters</span><span class="o">.</span><span class="n">items</span><span class="p">():</span>
-
-            <span class="k">if</span> <span class="n">value</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-                <span class="n">param</span> <span class="o">=</span> <span class="n">urlencode</span><span class="p">(</span><span class="n">name</span><span class="p">)</span>
-            <span class="k">elif</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">value</span><span class="p">,</span> <span class="nb">list</span><span class="p">):</span>
-                <span class="n">param</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-                <span class="k">for</span> <span class="n">val</span> <span class="ow">in</span> <span class="n">value</span><span class="p">:</span>
-                    <span class="n">param</span> <span class="o">+=</span> <span class="n">quote_plus</span><span class="p">(</span><span class="n">name</span><span class="p">)</span> <span class="o">+</span> <span class="s">&#39;[]=&#39;</span> <span class="o">+</span> <span class="n">quote_plus</span><span class="p">(</span><span class="n">val</span><span class="p">)</span> <span class="o">+</span> <span class="s">&#39;&amp;&#39;</span>
-                <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">param</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
-                    <span class="n">param</span> <span class="o">=</span> <span class="n">param</span><span class="p">[</span><span class="mi">0</span><span class="p">:</span><span class="o">-</span><span class="mi">1</span><span class="p">]</span>
-            <span class="k">else</span><span class="p">:</span>
-                <span class="n">param</span> <span class="o">=</span> <span class="n">quote_plus</span><span class="p">(</span><span class="n">name</span><span class="p">)</span> <span class="o">+</span> <span class="s">&#39;=&#39;</span> <span class="o">+</span> <span class="n">quote_plus</span><span class="p">(</span><span class="n">value</span><span class="p">)</span>
-
-            <span class="n">url</span> <span class="o">+=</span> <span class="n">param_prefix</span> <span class="o">+</span> <span class="n">param</span>
-            <span class="n">param_prefix</span> <span class="o">=</span> <span class="s">&#39;&amp;&#39;</span>
-
-        <span class="k">return</span> <span class="n">url</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.get_self_url_host"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.get_self_url_host">[docs]</a>    <span class="k">def</span> <span class="nf">get_self_url_host</span><span class="p">(</span><span class="n">request_data</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns the protocol + the current host + the port (if different than</span>
-<span class="sd">        common ports).</span>
-
-<span class="sd">        :param request_data: The request as a dict</span>
-<span class="sd">        :type: dict</span>
-
-<span class="sd">        :return: Url</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">current_host</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_host</span><span class="p">(</span><span class="n">request_data</span><span class="p">)</span>
-        <span class="n">port</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-        <span class="k">if</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">is_https</span><span class="p">(</span><span class="n">request_data</span><span class="p">):</span>
-            <span class="n">protocol</span> <span class="o">=</span> <span class="s">&#39;https&#39;</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">protocol</span> <span class="o">=</span> <span class="s">&#39;http&#39;</span>
-
-        <span class="k">if</span> <span class="s">&#39;server_port&#39;</span> <span class="ow">in</span> <span class="n">request_data</span><span class="p">:</span>
-            <span class="n">port_number</span> <span class="o">=</span> <span class="n">request_data</span><span class="p">[</span><span class="s">&#39;server_port&#39;</span><span class="p">]</span>
-            <span class="n">port</span> <span class="o">=</span> <span class="s">&#39;:&#39;</span> <span class="o">+</span> <span class="n">port_number</span>
-
-            <span class="k">if</span> <span class="n">protocol</span> <span class="o">==</span> <span class="s">&#39;http&#39;</span> <span class="ow">and</span> <span class="n">port_number</span> <span class="o">==</span> <span class="s">&#39;80&#39;</span><span class="p">:</span>
-                <span class="n">port</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-            <span class="k">elif</span> <span class="n">protocol</span> <span class="o">==</span> <span class="s">&#39;https&#39;</span> <span class="ow">and</span> <span class="n">port_number</span> <span class="o">==</span> <span class="s">&#39;443&#39;</span><span class="p">:</span>
-                <span class="n">port</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-
-        <span class="k">return</span> <span class="s">&#39;</span><span class="si">%s</span><span class="s">://</span><span class="si">%s%s</span><span class="s">&#39;</span> <span class="o">%</span> <span class="p">(</span><span class="n">protocol</span><span class="p">,</span> <span class="n">current_host</span><span class="p">,</span> <span class="n">port</span><span class="p">)</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.get_self_host"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.get_self_host">[docs]</a>    <span class="k">def</span> <span class="nf">get_self_host</span><span class="p">(</span><span class="n">request_data</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns the current host.</span>
-
-<span class="sd">        :param request_data: The request as a dict</span>
-<span class="sd">        :type: dict</span>
-
-<span class="sd">        :return: The current host</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="s">&#39;http_host&#39;</span> <span class="ow">in</span> <span class="n">request_data</span><span class="p">:</span>
-            <span class="n">current_host</span> <span class="o">=</span> <span class="n">request_data</span><span class="p">[</span><span class="s">&#39;http_host&#39;</span><span class="p">]</span>
-        <span class="k">elif</span> <span class="s">&#39;server_name&#39;</span> <span class="ow">in</span> <span class="n">request_data</span><span class="p">:</span>
-            <span class="n">current_host</span> <span class="o">=</span> <span class="n">request_data</span><span class="p">[</span><span class="s">&#39;server_name&#39;</span><span class="p">]</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;No hostname defined&#39;</span><span class="p">)</span>
-
-        <span class="k">if</span> <span class="s">&#39;:&#39;</span> <span class="ow">in</span> <span class="n">current_host</span><span class="p">:</span>
-            <span class="n">current_host_data</span> <span class="o">=</span> <span class="n">current_host</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s">&#39;:&#39;</span><span class="p">)</span>
-            <span class="n">possible_port</span> <span class="o">=</span> <span class="n">current_host_data</span><span class="p">[</span><span class="o">-</span><span class="mi">1</span><span class="p">]</span>
-            <span class="k">try</span><span class="p">:</span>
-                <span class="n">possible_port</span> <span class="o">=</span> <span class="nb">float</span><span class="p">(</span><span class="n">possible_port</span><span class="p">)</span>
-                <span class="n">current_host</span> <span class="o">=</span> <span class="n">current_host_data</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
-            <span class="k">except</span> <span class="ne">ValueError</span><span class="p">:</span>
-                <span class="n">current_host</span> <span class="o">=</span> <span class="s">&#39;:&#39;</span><span class="o">.</span><span class="n">join</span><span class="p">(</span><span class="n">current_host_data</span><span class="p">)</span>
-
-        <span class="k">return</span> <span class="n">current_host</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.is_https"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.is_https">[docs]</a>    <span class="k">def</span> <span class="nf">is_https</span><span class="p">(</span><span class="n">request_data</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Checks if https or http.</span>
-
-<span class="sd">        :param request_data: The request as a dict</span>
-<span class="sd">        :type: dict</span>
-
-<span class="sd">        :return: False if https is not active</span>
-<span class="sd">        :rtype: boolean</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">is_https</span> <span class="o">=</span> <span class="s">&#39;https&#39;</span> <span class="ow">in</span> <span class="n">request_data</span> <span class="ow">and</span> <span class="n">request_data</span><span class="p">[</span><span class="s">&#39;https&#39;</span><span class="p">]</span> <span class="o">!=</span> <span class="s">&#39;off&#39;</span>
-        <span class="n">is_https</span> <span class="o">=</span> <span class="n">is_https</span> <span class="ow">or</span> <span class="p">(</span><span class="s">&#39;server_port&#39;</span> <span class="ow">in</span> <span class="n">request_data</span> <span class="ow">and</span> <span class="n">request_data</span><span class="p">[</span><span class="s">&#39;server_port&#39;</span><span class="p">]</span> <span class="o">==</span> <span class="s">&#39;443&#39;</span><span class="p">)</span>
-        <span class="k">return</span> <span class="n">is_https</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.get_self_url_no_query"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.get_self_url_no_query">[docs]</a>    <span class="k">def</span> <span class="nf">get_self_url_no_query</span><span class="p">(</span><span class="n">request_data</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns the URL of the current host + current view.</span>
-
-<span class="sd">        :param request_data: The request as a dict</span>
-<span class="sd">        :type: dict</span>
-
-<span class="sd">        :return: The url of current host + current view</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">self_url_host</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_host</span><span class="p">(</span><span class="n">request_data</span><span class="p">)</span>
-        <span class="n">script_name</span> <span class="o">=</span> <span class="n">request_data</span><span class="p">[</span><span class="s">&#39;script_name&#39;</span><span class="p">]</span>
-        <span class="k">if</span> <span class="n">script_name</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span> <span class="o">!=</span> <span class="s">&#39;/&#39;</span><span class="p">:</span>
-            <span class="n">script_name</span> <span class="o">=</span> <span class="s">&#39;/&#39;</span> <span class="o">+</span> <span class="n">script_name</span>
-        <span class="n">self_url_host</span> <span class="o">+=</span> <span class="n">script_name</span>
-        <span class="k">if</span> <span class="s">&#39;path_info&#39;</span> <span class="ow">in</span> <span class="n">request_data</span><span class="p">:</span>
-            <span class="n">self_url_host</span> <span class="o">+=</span> <span class="n">request_data</span><span class="p">[</span><span class="s">&#39;path_info&#39;</span><span class="p">]</span>
-
-        <span class="k">return</span> <span class="n">self_url_host</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.get_self_url"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.get_self_url">[docs]</a>    <span class="k">def</span> <span class="nf">get_self_url</span><span class="p">(</span><span class="n">request_data</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Returns the URL of the current host + current view + query.</span>
-
-<span class="sd">        :param request_data: The request as a dict</span>
-<span class="sd">        :type: dict</span>
-
-<span class="sd">        :return: The url of current host + current view + query</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">self_url_host</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">get_self_url_host</span><span class="p">(</span><span class="n">request_data</span><span class="p">)</span>
-
-        <span class="n">request_uri</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-        <span class="k">if</span> <span class="s">&#39;request_uri&#39;</span> <span class="ow">in</span> <span class="n">request_data</span><span class="p">:</span>
-            <span class="n">request_uri</span> <span class="o">=</span> <span class="n">request_data</span><span class="p">[</span><span class="s">&#39;request_uri&#39;</span><span class="p">]</span>
-            <span class="k">if</span> <span class="ow">not</span> <span class="n">request_uri</span><span class="o">.</span><span class="n">startswith</span><span class="p">(</span><span class="s">&#39;/&#39;</span><span class="p">):</span>
-                <span class="n">match</span> <span class="o">=</span> <span class="n">re</span><span class="o">.</span><span class="n">search</span><span class="p">(</span><span class="s">&#39;^https?://[^/]*(/.*)&#39;</span><span class="p">,</span> <span class="n">request_uri</span><span class="p">)</span>
-                <span class="k">if</span> <span class="n">match</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-                    <span class="n">request_uri</span> <span class="o">=</span> <span class="n">match</span><span class="o">.</span><span class="n">groups</span><span class="p">()[</span><span class="mi">0</span><span class="p">]</span>
-
-        <span class="k">return</span> <span class="n">self_url_host</span> <span class="o">+</span> <span class="n">request_uri</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.generate_unique_id"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.generate_unique_id">[docs]</a>    <span class="k">def</span> <span class="nf">generate_unique_id</span><span class="p">():</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Generates an unique string (used for example as ID for assertions).</span>
-
-<span class="sd">        :return: A unique string</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">return</span> <span class="s">&#39;ONELOGIN_</span><span class="si">%s</span><span class="s">&#39;</span> <span class="o">%</span> <span class="n">sha1</span><span class="p">(</span><span class="n">uuid4</span><span class="p">()</span><span class="o">.</span><span class="n">hex</span><span class="p">)</span><span class="o">.</span><span class="n">hexdigest</span><span class="p">()</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.parse_time_to_SAML"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.parse_time_to_SAML">[docs]</a>    <span class="k">def</span> <span class="nf">parse_time_to_SAML</span><span class="p">(</span><span class="n">time</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Converts a UNIX timestamp to SAML2 timestamp on the form</span>
-<span class="sd">        yyyy-mm-ddThh:mm:ss(\.s+)?Z.</span>
-
-<span class="sd">        :param time: The time we should convert (DateTime).</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :return: SAML2 timestamp.</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">data</span> <span class="o">=</span> <span class="n">datetime</span><span class="o">.</span><span class="n">utcfromtimestamp</span><span class="p">(</span><span class="nb">float</span><span class="p">(</span><span class="n">time</span><span class="p">))</span>
-        <span class="k">return</span> <span class="n">data</span><span class="o">.</span><span class="n">strftime</span><span class="p">(</span><span class="s">&#39;%Y-%m-</span><span class="si">%d</span><span class="s">T%H:%M:%SZ&#39;</span><span class="p">)</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.parse_SAML_to_time"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.parse_SAML_to_time">[docs]</a>    <span class="k">def</span> <span class="nf">parse_SAML_to_time</span><span class="p">(</span><span class="n">timestr</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Converts a SAML2 timestamp on the form yyyy-mm-ddThh:mm:ss(\.s+)?Z</span>
-<span class="sd">        to a UNIX timestamp. The sub-second part is ignored.</span>
-
-<span class="sd">        :param time: The time we should convert (SAML Timestamp).</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :return: Converted to a unix timestamp.</span>
-<span class="sd">        :rtype: int</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">try</span><span class="p">:</span>
-            <span class="n">data</span> <span class="o">=</span> <span class="n">datetime</span><span class="o">.</span><span class="n">strptime</span><span class="p">(</span><span class="n">timestr</span><span class="p">,</span> <span class="s">&#39;%Y-%m-</span><span class="si">%d</span><span class="s">T%H:%M:%SZ&#39;</span><span class="p">)</span>
-        <span class="k">except</span> <span class="ne">ValueError</span><span class="p">:</span>
-            <span class="n">data</span> <span class="o">=</span> <span class="n">datetime</span><span class="o">.</span><span class="n">strptime</span><span class="p">(</span><span class="n">timestr</span><span class="p">,</span> <span class="s">&#39;%Y-%m-</span><span class="si">%d</span><span class="s">T%H:%M:%S.</span><span class="si">%f</span><span class="s">Z&#39;</span><span class="p">)</span>
-        <span class="k">return</span> <span class="n">calendar</span><span class="o">.</span><span class="n">timegm</span><span class="p">(</span><span class="n">data</span><span class="o">.</span><span class="n">utctimetuple</span><span class="p">())</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.parse_duration"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.parse_duration">[docs]</a>    <span class="k">def</span> <span class="nf">parse_duration</span><span class="p">(</span><span class="n">duration</span><span class="p">,</span> <span class="n">timestamp</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Interprets a ISO8601 duration value relative to a given timestamp.</span>
-
-<span class="sd">        :param duration: The duration, as a string.</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :param timestamp: The unix timestamp we should apply the duration to.</span>
-<span class="sd">                          Optional, default to the current time.</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :return: The new timestamp, after the duration is applied.</span>
-<span class="sd">        :rtype: int</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">duration</span><span class="p">,</span> <span class="nb">basestring</span><span class="p">)</span>
-        <span class="k">assert</span> <span class="p">(</span><span class="n">timestamp</span> <span class="ow">is</span> <span class="bp">None</span> <span class="ow">or</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">timestamp</span><span class="p">,</span> <span class="nb">int</span><span class="p">))</span>
-
-        <span class="n">timedelta</span> <span class="o">=</span> <span class="n">duration_parser</span><span class="p">(</span><span class="n">duration</span><span class="p">)</span>
-        <span class="k">if</span> <span class="n">timestamp</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="n">data</span> <span class="o">=</span> <span class="n">datetime</span><span class="o">.</span><span class="n">utcnow</span><span class="p">()</span> <span class="o">+</span> <span class="n">timedelta</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">data</span> <span class="o">=</span> <span class="n">datetime</span><span class="o">.</span><span class="n">utcfromtimestamp</span><span class="p">(</span><span class="n">timestamp</span><span class="p">)</span> <span class="o">+</span> <span class="n">timedelta</span>
-        <span class="k">return</span> <span class="n">calendar</span><span class="o">.</span><span class="n">timegm</span><span class="p">(</span><span class="n">data</span><span class="o">.</span><span class="n">utctimetuple</span><span class="p">())</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.get_expire_time"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.get_expire_time">[docs]</a>    <span class="k">def</span> <span class="nf">get_expire_time</span><span class="p">(</span><span class="n">cache_duration</span><span class="o">=</span><span class="bp">None</span><span class="p">,</span> <span class="n">valid_until</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Compares 2 dates and returns the earliest.</span>
-
-<span class="sd">        :param cache_duration: The duration, as a string.</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :param valid_until: The valid until date, as a string or as a timestamp</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :return: The expiration time.</span>
-<span class="sd">        :rtype: int</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">expire_time</span> <span class="o">=</span> <span class="bp">None</span>
-
-        <span class="k">if</span> <span class="n">cache_duration</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="n">expire_time</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_duration</span><span class="p">(</span><span class="n">cache_duration</span><span class="p">)</span>
-
-        <span class="k">if</span> <span class="n">valid_until</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">valid_until</span><span class="p">,</span> <span class="nb">int</span><span class="p">):</span>
-                <span class="n">valid_until_time</span> <span class="o">=</span> <span class="n">valid_until</span>
-            <span class="k">else</span><span class="p">:</span>
-                <span class="n">valid_until_time</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">parse_SAML_to_time</span><span class="p">(</span><span class="n">valid_until</span><span class="p">)</span>
-            <span class="k">if</span> <span class="n">expire_time</span> <span class="ow">is</span> <span class="bp">None</span> <span class="ow">or</span> <span class="n">expire_time</span> <span class="o">&gt;</span> <span class="n">valid_until_time</span><span class="p">:</span>
-                <span class="n">expire_time</span> <span class="o">=</span> <span class="n">valid_until_time</span>
-
-        <span class="k">if</span> <span class="n">expire_time</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="k">return</span> <span class="s">&#39;</span><span class="si">%d</span><span class="s">&#39;</span> <span class="o">%</span> <span class="n">expire_time</span>
-        <span class="k">return</span> <span class="bp">None</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.query"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.query">[docs]</a>    <span class="k">def</span> <span class="nf">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="n">query</span><span class="p">,</span> <span class="n">context</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Extracts nodes that match the query from the Element</span>
-
-<span class="sd">        :param dom: The root of the lxml objet</span>
-<span class="sd">        :type: Element</span>
-
-<span class="sd">        :param query: Xpath Expresion</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :param context: Context Node</span>
-<span class="sd">        :type: DOMElement</span>
-
-<span class="sd">        :returns: The queried nodes</span>
-<span class="sd">        :rtype: list</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="n">context</span> <span class="ow">is</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="k">return</span> <span class="n">dom</span><span class="o">.</span><span class="n">xpath</span><span class="p">(</span><span class="n">query</span><span class="p">,</span> <span class="n">namespaces</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NSMAP</span><span class="p">)</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="k">return</span> <span class="n">context</span><span class="o">.</span><span class="n">xpath</span><span class="p">(</span><span class="n">query</span><span class="p">,</span> <span class="n">namespaces</span><span class="o">=</span><span class="n">OneLogin_Saml2_Constants</span><span class="o">.</span><span class="n">NSMAP</span><span class="p">)</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.delete_local_session"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.delete_local_session">[docs]</a>    <span class="k">def</span> <span class="nf">delete_local_session</span><span class="p">(</span><span class="n">callback</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Deletes the local session.</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-
-        <span class="k">if</span> <span class="n">callback</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="n">callback</span><span class="p">()</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.calculate_x509_fingerprint"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.calculate_x509_fingerprint">[docs]</a>    <span class="k">def</span> <span class="nf">calculate_x509_fingerprint</span><span class="p">(</span><span class="n">x509_cert</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Calculates the fingerprint of a x509cert.</span>
-
-<span class="sd">        :param x509_cert: x509 cert</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :returns: Formated fingerprint</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">assert</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">x509_cert</span><span class="p">,</span> <span class="nb">basestring</span><span class="p">)</span>
-
-        <span class="n">lines</span> <span class="o">=</span> <span class="n">x509_cert</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s">&#39;</span><span class="se">\n</span><span class="s">&#39;</span><span class="p">)</span>
-        <span class="n">data</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-
-        <span class="k">for</span> <span class="n">line</span> <span class="ow">in</span> <span class="n">lines</span><span class="p">:</span>
-            <span class="c"># Remove &#39;\r&#39; from end of line if present.</span>
-            <span class="n">line</span> <span class="o">=</span> <span class="n">line</span><span class="o">.</span><span class="n">rstrip</span><span class="p">()</span>
-            <span class="k">if</span> <span class="n">line</span> <span class="o">==</span> <span class="s">&#39;-----BEGIN CERTIFICATE-----&#39;</span><span class="p">:</span>
-                <span class="c"># Delete junk from before the certificate.</span>
-                <span class="n">data</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-            <span class="k">elif</span> <span class="n">line</span> <span class="o">==</span> <span class="s">&#39;-----END CERTIFICATE-----&#39;</span><span class="p">:</span>
-                <span class="c"># Ignore data after the certificate.</span>
-                <span class="k">break</span>
-            <span class="k">elif</span> <span class="n">line</span> <span class="o">==</span> <span class="s">&#39;-----BEGIN PUBLIC KEY-----&#39;</span> <span class="ow">or</span> <span class="n">line</span> <span class="o">==</span> <span class="s">&#39;-----BEGIN RSA PRIVATE KEY-----&#39;</span><span class="p">:</span>
-                <span class="c"># This isn&#39;t an X509 certificate.</span>
-                <span class="k">return</span> <span class="bp">None</span>
-            <span class="k">else</span><span class="p">:</span>
-                <span class="c"># Append the current line to the certificate data.</span>
-                <span class="n">data</span> <span class="o">+=</span> <span class="n">line</span>
-        <span class="c"># &quot;data&quot; now contains the certificate as a base64-encoded string. The</span>
-        <span class="c"># fingerprint of the certificate is the sha1-hash of the certificate.</span>
-        <span class="k">return</span> <span class="n">sha1</span><span class="p">(</span><span class="n">base64</span><span class="o">.</span><span class="n">b64decode</span><span class="p">(</span><span class="n">data</span><span class="p">))</span><span class="o">.</span><span class="n">hexdigest</span><span class="p">()</span><span class="o">.</span><span class="n">lower</span><span class="p">()</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.format_finger_print"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.format_finger_print">[docs]</a>    <span class="k">def</span> <span class="nf">format_finger_print</span><span class="p">(</span><span class="n">fingerprint</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Formates a fingerprint.</span>
-
-<span class="sd">        :param fingerprint: fingerprint</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :returns: Formated fingerprint</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">formated_fingerprint</span> <span class="o">=</span> <span class="n">fingerprint</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s">&#39;:&#39;</span><span class="p">,</span> <span class="s">&#39;&#39;</span><span class="p">)</span>
-        <span class="k">return</span> <span class="n">formated_fingerprint</span><span class="o">.</span><span class="n">lower</span><span class="p">()</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.generate_name_id"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.generate_name_id">[docs]</a>    <span class="k">def</span> <span class="nf">generate_name_id</span><span class="p">(</span><span class="n">value</span><span class="p">,</span> <span class="n">sp_nq</span><span class="p">,</span> <span class="n">sp_format</span><span class="p">,</span> <span class="n">key</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Generates a nameID.</span>
-
-<span class="sd">        :param value: fingerprint</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :param sp_nq: SP Name Qualifier</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :param sp_format: SP Format</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :param key: SP Key to encrypt the nameID</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :returns: DOMElement | XMLSec nameID</span>
-<span class="sd">        :rtype: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">doc</span> <span class="o">=</span> <span class="n">Document</span><span class="p">()</span>
-
-        <span class="n">name_id</span> <span class="o">=</span> <span class="n">doc</span><span class="o">.</span><span class="n">createElement</span><span class="p">(</span><span class="s">&#39;saml:NameID&#39;</span><span class="p">)</span>
-        <span class="n">name_id</span><span class="o">.</span><span class="n">setAttribute</span><span class="p">(</span><span class="s">&#39;SPNameQualifier&#39;</span><span class="p">,</span> <span class="n">sp_nq</span><span class="p">)</span>
-        <span class="n">name_id</span><span class="o">.</span><span class="n">setAttribute</span><span class="p">(</span><span class="s">&#39;Format&#39;</span><span class="p">,</span> <span class="n">sp_format</span><span class="p">)</span>
-        <span class="n">name_id</span><span class="o">.</span><span class="n">appendChild</span><span class="p">(</span><span class="n">doc</span><span class="o">.</span><span class="n">createTextNode</span><span class="p">(</span><span class="n">value</span><span class="p">))</span>
-
-        <span class="n">doc</span><span class="o">.</span><span class="n">appendChild</span><span class="p">(</span><span class="n">name_id</span><span class="p">)</span>
-
-        <span class="k">if</span> <span class="n">key</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span>
-            <span class="n">xmlsec</span><span class="o">.</span><span class="n">initialize</span><span class="p">()</span>
-
-            <span class="c"># Load the private key</span>
-            <span class="n">mngr</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeysMngr</span><span class="p">()</span>
-            <span class="n">key</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">format_cert</span><span class="p">(</span><span class="n">key</span><span class="p">,</span> <span class="n">heads</span><span class="o">=</span><span class="bp">False</span><span class="p">)</span>
-            <span class="n">file_key</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">write_temp_file</span><span class="p">(</span><span class="n">key</span><span class="p">)</span>
-            <span class="n">key_data</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">load</span><span class="p">(</span><span class="n">file_key</span><span class="o">.</span><span class="n">name</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataFormatPem</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-            <span class="n">key_data</span><span class="o">.</span><span class="n">name</span> <span class="o">=</span> <span class="n">key_name</span> <span class="o">=</span> <span class="n">basename</span><span class="p">(</span><span class="n">file_key</span><span class="o">.</span><span class="n">name</span><span class="p">)</span>
-            <span class="n">mngr</span><span class="o">.</span><span class="n">addKey</span><span class="p">(</span><span class="n">key_data</span><span class="p">)</span>
-            <span class="n">file_key</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-
-            <span class="c"># Prepare for encryption</span>
-            <span class="n">enc_data</span> <span class="o">=</span> <span class="n">EncData</span><span class="p">(</span><span class="n">xmlsec</span><span class="o">.</span><span class="n">TransformAes128Cbc</span><span class="p">,</span> <span class="nb">type</span><span class="o">=</span><span class="n">xmlsec</span><span class="o">.</span><span class="n">TypeEncElement</span><span class="p">)</span>
-            <span class="n">enc_data</span><span class="o">.</span><span class="n">ensureCipherValue</span><span class="p">()</span>
-            <span class="n">key_info</span> <span class="o">=</span> <span class="n">enc_data</span><span class="o">.</span><span class="n">ensureKeyInfo</span><span class="p">()</span>
-            <span class="n">enc_key</span> <span class="o">=</span> <span class="n">key_info</span><span class="o">.</span><span class="n">addEncryptedKey</span><span class="p">(</span><span class="n">xmlsec</span><span class="o">.</span><span class="n">TransformRsaPkcs1</span><span class="p">)</span>
-            <span class="n">enc_key</span><span class="o">.</span><span class="n">ensureCipherValue</span><span class="p">()</span>
-            <span class="n">enc_key_info</span> <span class="o">=</span> <span class="n">enc_key</span><span class="o">.</span><span class="n">ensureKeyInfo</span><span class="p">()</span>
-            <span class="n">enc_key_info</span><span class="o">.</span><span class="n">addKeyName</span><span class="p">(</span><span class="n">key_name</span><span class="p">)</span>
-
-            <span class="c"># Encrypt!</span>
-            <span class="n">enc_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">EncCtx</span><span class="p">(</span><span class="n">mngr</span><span class="p">)</span>
-            <span class="n">enc_ctx</span><span class="o">.</span><span class="n">enc_key</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">generate</span><span class="p">(</span><span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataAes</span><span class="p">,</span> <span class="mi">128</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataTypeSession</span><span class="p">)</span>
-            <span class="n">ed</span> <span class="o">=</span> <span class="n">enc_ctx</span><span class="o">.</span><span class="n">encryptXml</span><span class="p">(</span><span class="n">enc_data</span><span class="p">,</span> <span class="n">doc</span><span class="o">.</span><span class="n">getroot</span><span class="p">())</span>
-
-            <span class="c"># Build XML with encrypted data</span>
-            <span class="n">newdoc</span> <span class="o">=</span> <span class="n">Document</span><span class="p">()</span>
-            <span class="n">encrypted_id</span> <span class="o">=</span> <span class="n">newdoc</span><span class="o">.</span><span class="n">createElement</span><span class="p">(</span><span class="s">&#39;saml:EncryptedID&#39;</span><span class="p">)</span>
-            <span class="n">newdoc</span><span class="o">.</span><span class="n">appendChild</span><span class="p">(</span><span class="n">encrypted_id</span><span class="p">)</span>
-            <span class="n">encrypted_id</span><span class="o">.</span><span class="n">appendChild</span><span class="p">(</span><span class="n">encrypted_id</span><span class="o">.</span><span class="n">ownerDocument</span><span class="o">.</span><span class="n">importNode</span><span class="p">(</span><span class="n">ed</span><span class="p">,</span> <span class="bp">True</span><span class="p">))</span>
-
-            <span class="k">return</span> <span class="n">newdoc</span><span class="o">.</span><span class="n">saveXML</span><span class="p">(</span><span class="n">encrypted_id</span><span class="p">)</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="k">return</span> <span class="n">doc</span><span class="o">.</span><span class="n">saveXML</span><span class="p">(</span><span class="n">name_id</span><span class="p">)</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.get_status"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.get_status">[docs]</a>    <span class="k">def</span> <span class="nf">get_status</span><span class="p">(</span><span class="n">dom</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Gets Status from a Response.</span>
-
-<span class="sd">        :param dom: The Response as XML</span>
-<span class="sd">        :type: Document</span>
-
-<span class="sd">        :returns: The Status, an array with the code and a message.</span>
-<span class="sd">        :rtype: dict</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">status</span> <span class="o">=</span> <span class="p">{}</span>
-
-        <span class="n">status_entry</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s">&#39;/samlp:Response/samlp:Status&#39;</span><span class="p">)</span>
-        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">status_entry</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Missing Status on response&#39;</span><span class="p">)</span>
-
-        <span class="n">code_entry</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s">&#39;/samlp:Response/samlp:Status/samlp:StatusCode&#39;</span><span class="p">,</span> <span class="n">status_entry</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
-        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">code_entry</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Missing Status Code on response&#39;</span><span class="p">)</span>
-        <span class="n">code</span> <span class="o">=</span> <span class="n">code_entry</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">values</span><span class="p">()[</span><span class="mi">0</span><span class="p">]</span>
-        <span class="n">status</span><span class="p">[</span><span class="s">&#39;code&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">code</span>
-
-        <span class="n">message_entry</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s">&#39;/samlp:Response/samlp:Status/samlp:StatusMessage&#39;</span><span class="p">,</span> <span class="n">status_entry</span><span class="p">[</span><span class="mi">0</span><span class="p">])</span>
-        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">message_entry</span><span class="p">)</span> <span class="o">==</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="n">status</span><span class="p">[</span><span class="s">&#39;msg&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="s">&#39;&#39;</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">status</span><span class="p">[</span><span class="s">&#39;msg&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="n">message_entry</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">text</span>
-
-        <span class="k">return</span> <span class="n">status</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.decrypt_element"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.decrypt_element">[docs]</a>    <span class="k">def</span> <span class="nf">decrypt_element</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">,</span> <span class="n">enc_ctx</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Decrypts an encrypted element.</span>
-
-<span class="sd">        :param encrypted_data: The encrypted data.</span>
-<span class="sd">        :type: DOMElement</span>
-
-<span class="sd">        :param enc_ctx: The encryption context.</span>
-<span class="sd">        :type: Encryption Context</span>
-
-<span class="sd">        :returns: The decrypted element.</span>
-<span class="sd">        :rtype: DOMElement</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">,</span> <span class="n">Element</span><span class="p">):</span>
-            <span class="c"># Minidom element</span>
-            <span class="n">encrypted_data</span> <span class="o">=</span> <span class="n">etree</span><span class="o">.</span><span class="n">fromstring</span><span class="p">(</span><span class="n">encrypted_data</span><span class="o">.</span><span class="n">toxml</span><span class="p">())</span>
-
-        <span class="n">decrypted</span> <span class="o">=</span> <span class="n">enc_ctx</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span><span class="n">encrypted_data</span><span class="p">)</span>
-        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">decrypted</span><span class="p">,</span> <span class="n">ElementBase</span><span class="p">):</span>
-            <span class="c"># lxml element, decrypted xml data</span>
-            <span class="k">return</span> <span class="n">tostring</span><span class="p">(</span><span class="n">decrypted</span><span class="o">.</span><span class="n">getroottree</span><span class="p">())</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="c"># decrypted binary data</span>
-            <span class="k">return</span> <span class="n">decrypted</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.write_temp_file"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.write_temp_file">[docs]</a>    <span class="k">def</span> <span class="nf">write_temp_file</span><span class="p">(</span><span class="n">content</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Writes some content into a temporary file and returns it.</span>
-
-<span class="sd">        :param content: The file content</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :returns: The temporary file</span>
-<span class="sd">        :rtype: file-like object</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="n">f</span> <span class="o">=</span> <span class="n">NamedTemporaryFile</span><span class="p">(</span><span class="n">delete</span><span class="o">=</span><span class="bp">True</span><span class="p">)</span>
-        <span class="n">f</span><span class="o">.</span><span class="n">file</span><span class="o">.</span><span class="n">write</span><span class="p">(</span><span class="n">content</span><span class="p">)</span>
-        <span class="n">f</span><span class="o">.</span><span class="n">file</span><span class="o">.</span><span class="n">flush</span><span class="p">()</span>
-        <span class="k">return</span> <span class="n">f</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.add_sign"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.add_sign">[docs]</a>    <span class="k">def</span> <span class="nf">add_sign</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">key</span><span class="p">,</span> <span class="n">cert</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Adds signature key and senders certificate to an element (Message or</span>
-<span class="sd">        Assertion).</span>
-
-<span class="sd">        :param xml: The element we should sign</span>
-<span class="sd">        :type: string | Document</span>
-
-<span class="sd">        :param key: The private key</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :param cert: The public</span>
-<span class="sd">        :type: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">Document</span><span class="p">):</span>
-            <span class="n">dom</span> <span class="o">=</span> <span class="n">xml</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="k">if</span> <span class="n">xml</span> <span class="o">==</span> <span class="s">&#39;&#39;</span><span class="p">:</span>
-                <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Empty string supplied as input&#39;</span><span class="p">)</span>
-
-            <span class="k">try</span><span class="p">:</span>
-                <span class="n">dom</span> <span class="o">=</span> <span class="n">parseString</span><span class="p">(</span><span class="n">xml</span><span class="p">)</span>
-            <span class="k">except</span> <span class="ne">Exception</span><span class="p">:</span>
-                <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Error parsing xml string&#39;</span><span class="p">)</span>
-
-        <span class="n">xmlsec</span><span class="o">.</span><span class="n">initialize</span><span class="p">()</span>
-
-        <span class="c"># TODO the key and cert could be file descriptors instead</span>
-        <span class="c"># Load the private key.</span>
-        <span class="n">file_key</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">write_temp_file</span><span class="p">(</span><span class="n">key</span><span class="p">)</span>
-        <span class="n">sign_key</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">load</span><span class="p">(</span><span class="n">file_key</span><span class="o">.</span><span class="n">name</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataFormatPem</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span>
-        <span class="n">file_key</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-        <span class="c"># Add the certificate to the signature.</span>
-        <span class="n">file_cert</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">write_temp_file</span><span class="p">(</span><span class="n">cert</span><span class="p">)</span>
-        <span class="n">sign_key</span><span class="o">.</span><span class="n">loadCert</span><span class="p">(</span><span class="n">file_cert</span><span class="o">.</span><span class="n">name</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataFormatPem</span><span class="p">)</span>
-        <span class="n">file_cert</span><span class="o">.</span><span class="n">close</span><span class="p">()</span>
-
-        <span class="c"># Get the EntityDescriptor node we should sign.</span>
-        <span class="n">root_node</span> <span class="o">=</span> <span class="n">dom</span><span class="o">.</span><span class="n">firstChild</span>
-
-        <span class="c"># Sign the metadata with our private key.</span>
-        <span class="n">signature</span> <span class="o">=</span> <span class="n">Signature</span><span class="p">(</span><span class="n">xmlsec</span><span class="o">.</span><span class="n">TransformExclC14N</span><span class="p">,</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">TransformRsaSha1</span><span class="p">)</span>
-        <span class="n">ref</span> <span class="o">=</span> <span class="n">signature</span><span class="o">.</span><span class="n">addReference</span><span class="p">(</span><span class="n">xmlsec</span><span class="o">.</span><span class="n">TransformSha1</span><span class="p">)</span>
-        <span class="n">ref</span><span class="o">.</span><span class="n">addTransform</span><span class="p">(</span><span class="n">xmlsec</span><span class="o">.</span><span class="n">TransformEnveloped</span><span class="p">)</span>
-
-        <span class="n">key_info</span> <span class="o">=</span> <span class="n">signature</span><span class="o">.</span><span class="n">ensureKeyInfo</span><span class="p">()</span>
-        <span class="n">key_info</span><span class="o">.</span><span class="n">addX509Data</span><span class="p">()</span>
-
-        <span class="n">dsig_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">DSigCtx</span><span class="p">()</span>
-        <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">signKey</span> <span class="o">=</span> <span class="n">sign_key</span>
-        <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span><span class="n">signature</span><span class="p">)</span>
-
-        <span class="n">signature</span> <span class="o">=</span> <span class="n">tostring</span><span class="p">(</span><span class="n">signature</span><span class="p">)</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s">&#39;ns0:&#39;</span><span class="p">,</span> <span class="s">&#39;ds:&#39;</span><span class="p">)</span><span class="o">.</span><span class="n">replace</span><span class="p">(</span><span class="s">&#39;:ns0&#39;</span><span class="p">,</span> <span class="s">&#39;:ds&#39;</span><span class="p">)</span>
-        <span class="n">signature</span> <span class="o">=</span> <span class="n">parseString</span><span class="p">(</span><span class="n">signature</span><span class="p">)</span><span class="o">.</span><span class="n">firstChild</span>
-
-        <span class="n">insert_before</span> <span class="o">=</span> <span class="n">root_node</span><span class="o">.</span><span class="n">getElementsByTagName</span><span class="p">(</span><span class="s">&#39;saml:Issuer&#39;</span><span class="p">)</span>
-        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">insert_before</span><span class="p">)</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">:</span>
-            <span class="n">insert_before</span> <span class="o">=</span> <span class="n">insert_before</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span><span class="o">.</span><span class="n">nextSibling</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="n">insert_before</span> <span class="o">=</span> <span class="n">root_node</span><span class="o">.</span><span class="n">firstChild</span><span class="o">.</span><span class="n">nextSibling</span><span class="o">.</span><span class="n">nextSibling</span>
-        <span class="n">root_node</span><span class="o">.</span><span class="n">insertBefore</span><span class="p">(</span><span class="n">signature</span><span class="p">,</span> <span class="n">insert_before</span><span class="p">)</span>
-
-        <span class="k">return</span> <span class="n">dom</span><span class="o">.</span><span class="n">toxml</span><span class="p">()</span>
-</div>
-    <span class="nd">@staticmethod</span>
-<div class="viewcode-block" id="OneLogin_Saml2_Utils.validate_sign"><a class="viewcode-back" href="../../saml2.html#saml2.utils.OneLogin_Saml2_Utils.validate_sign">[docs]</a>    <span class="k">def</span> <span class="nf">validate_sign</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">cert</span><span class="o">=</span><span class="bp">None</span><span class="p">,</span> <span class="n">fingerprint</span><span class="o">=</span><span class="bp">None</span><span class="p">):</span>
-        <span class="sd">&quot;&quot;&quot;</span>
-<span class="sd">        Validates a signature (Message or Assertion).</span>
-
-<span class="sd">        :param xml: The element we should validate</span>
-<span class="sd">        :type: string | Document</span>
-
-<span class="sd">        :param cert: The pubic cert</span>
-<span class="sd">        :type: string</span>
-
-<span class="sd">        :param fingerprint: The fingerprint of the public cert</span>
-<span class="sd">        :type: string</span>
-<span class="sd">        &quot;&quot;&quot;</span>
-        <span class="k">if</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">xml</span><span class="p">,</span> <span class="n">Document</span><span class="p">):</span>
-            <span class="n">dom</span> <span class="o">=</span> <span class="n">etree</span><span class="o">.</span><span class="n">fromstring</span><span class="p">(</span><span class="n">xml</span><span class="o">.</span><span class="n">toxml</span><span class="p">())</span>
-        <span class="k">else</span><span class="p">:</span>
-            <span class="k">if</span> <span class="n">xml</span> <span class="o">==</span> <span class="s">&#39;&#39;</span><span class="p">:</span>
-                <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Empty string supplied as input&#39;</span><span class="p">)</span>
-
-            <span class="k">try</span><span class="p">:</span>
-                <span class="n">dom</span> <span class="o">=</span> <span class="n">etree</span><span class="o">.</span><span class="n">fromstring</span><span class="p">(</span><span class="n">xml</span><span class="p">)</span>
-            <span class="k">except</span> <span class="ne">Exception</span><span class="p">:</span>
-                <span class="k">raise</span> <span class="ne">Exception</span><span class="p">(</span><span class="s">&#39;Error parsing xml string&#39;</span><span class="p">)</span>
-
-        <span class="n">xmlsec</span><span class="o">.</span><span class="n">initialize</span><span class="p">()</span>
-
-        <span class="c"># Find signature in the dom</span>
-        <span class="n">signature_node</span> <span class="o">=</span> <span class="n">OneLogin_Saml2_Utils</span><span class="o">.</span><span class="n">query</span><span class="p">(</span><span class="n">dom</span><span class="p">,</span> <span class="s">&#39;ds:Signature&#39;</span><span class="p">)[</span><span class="mi">0</span><span class="p">]</span>
-
-        <span class="c"># Prepare context and load cert into it</span>
-        <span class="n">dsig_ctx</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">DSigCtx</span><span class="p">()</span>
-        <span class="n">sign_cert</span> <span class="o">=</span> <span class="n">X509</span><span class="o">.</span><span class="n">load_cert_string</span><span class="p">(</span><span class="nb">str</span><span class="p">(</span><span class="n">cert</span><span class="p">),</span> <span class="n">X509</span><span class="o">.</span><span class="n">FORMAT_PEM</span><span class="p">)</span>
-        <span class="n">pub_key</span> <span class="o">=</span> <span class="n">sign_cert</span><span class="o">.</span><span class="n">get_pubkey</span><span class="p">()</span><span class="o">.</span><span class="n">get_rsa</span><span class="p">()</span>
-        <span class="n">sign_key</span> <span class="o">=</span> <span class="n">xmlsec</span><span class="o">.</span><span class="n">Key</span><span class="o">.</span><span class="n">loadMemory</span><span class="p">(</span><span class="n">pub_key</span><span class="o">.</span><span class="n">as_pem</span><span class="p">(</span><span class="n">cipher</span><span class="o">=</span><span class="bp">None</span><span class="p">),</span>
-                                         <span class="n">xmlsec</span><span class="o">.</span><span class="n">KeyDataFormatPem</span><span class="p">)</span>
-        <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">signKey</span> <span class="o">=</span> <span class="n">sign_key</span>
-
-        <span class="c"># Verify signature</span>
-        <span class="n">dsig_ctx</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span><span class="n">signature_node</span><span class="p">)</span></div></div>
-</pre></div>
-
-          </div>
-        </div>
-      </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="../../search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="../../genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="../../py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="../../index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li>
-          <li><a href="../index.html" >Class code</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
-</html>
\ No newline at end of file
diff --git a/docs/saml2/_sources/index.rst.txt b/docs/saml2/_sources/index.rst.txt
new file mode 100644
index 00000000..020156af
--- /dev/null
+++ b/docs/saml2/_sources/index.rst.txt
@@ -0,0 +1,14 @@
+.. SAML Python2/3 Toolkit documentation master file, created by
+   sphinx-quickstart on Sun Oct  1 03:00:42 2023.
+   You can adapt this file completely to your liking, but it should at least
+   contain the root `toctree` directive.
+
+Welcome to SAML Python2/3 Toolkit's documentation!
+==================================================
+
+.. toctree::
+   :maxdepth: 4
+   :caption: Contents:
+
+   onelogin
+
diff --git a/docs/saml2/_sources/index.txt b/docs/saml2/_sources/index.txt
deleted file mode 100644
index 43d48f47..00000000
--- a/docs/saml2/_sources/index.txt
+++ /dev/null
@@ -1,23 +0,0 @@
-.. saml2 documentation master file, created by
-   sphinx-quickstart on Thu Oct 23 03:29:00 2014.
-   You can adapt this file completely to your liking, but it should at least
-   contain the root `toctree` directive.
-
-Welcome to OneLogin SAML Python library documentation
-=====================================================
-
-Contents:
-
-.. toctree::
-   :maxdepth: 4
-
-   saml2
-
-
-Indices and tables
-==================
-
-* :ref:`genindex`
-* :ref:`modindex`
-* :ref:`search`
-
diff --git a/docs/saml2/_sources/modules.rst.txt b/docs/saml2/_sources/modules.rst.txt
new file mode 100644
index 00000000..529aa5bd
--- /dev/null
+++ b/docs/saml2/_sources/modules.rst.txt
@@ -0,0 +1,7 @@
+onelogin
+========
+
+.. toctree::
+   :maxdepth: 4
+
+   onelogin
diff --git a/docs/saml2/_sources/onelogin.rst.txt b/docs/saml2/_sources/onelogin.rst.txt
new file mode 100644
index 00000000..33f8a252
--- /dev/null
+++ b/docs/saml2/_sources/onelogin.rst.txt
@@ -0,0 +1,18 @@
+onelogin package
+================
+
+Subpackages
+-----------
+
+.. toctree::
+   :maxdepth: 4
+
+   onelogin.saml2
+
+Module contents
+---------------
+
+.. automodule:: onelogin
+   :members:
+   :undoc-members:
+   :show-inheritance:
diff --git a/docs/saml2/_sources/onelogin.saml2.rst.txt b/docs/saml2/_sources/onelogin.saml2.rst.txt
new file mode 100644
index 00000000..3ba9d62b
--- /dev/null
+++ b/docs/saml2/_sources/onelogin.saml2.rst.txt
@@ -0,0 +1,133 @@
+onelogin.saml2 package
+======================
+
+Submodules
+----------
+
+onelogin.saml2.auth module
+--------------------------
+
+.. automodule:: onelogin.saml2.auth
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.authn\_request module
+------------------------------------
+
+.. automodule:: onelogin.saml2.authn_request
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.compat module
+----------------------------
+
+.. automodule:: onelogin.saml2.compat
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.constants module
+-------------------------------
+
+.. automodule:: onelogin.saml2.constants
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.errors module
+----------------------------
+
+.. automodule:: onelogin.saml2.errors
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.idp\_metadata\_parser module
+-------------------------------------------
+
+.. automodule:: onelogin.saml2.idp_metadata_parser
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.logout\_request module
+-------------------------------------
+
+.. automodule:: onelogin.saml2.logout_request
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.logout\_response module
+--------------------------------------
+
+.. automodule:: onelogin.saml2.logout_response
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.metadata module
+------------------------------
+
+.. automodule:: onelogin.saml2.metadata
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.response module
+------------------------------
+
+.. automodule:: onelogin.saml2.response
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.settings module
+------------------------------
+
+.. automodule:: onelogin.saml2.settings
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.utils module
+---------------------------
+
+.. automodule:: onelogin.saml2.utils
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.xml\_templates module
+------------------------------------
+
+.. automodule:: onelogin.saml2.xml_templates
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.xml\_utils module
+--------------------------------
+
+.. automodule:: onelogin.saml2.xml_utils
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+onelogin.saml2.xmlparser module
+-------------------------------
+
+.. automodule:: onelogin.saml2.xmlparser
+   :members:
+   :undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: onelogin.saml2
+   :members:
+   :undoc-members:
+   :show-inheritance:
diff --git a/docs/saml2/_sources/saml2.txt b/docs/saml2/_sources/saml2.txt
deleted file mode 100644
index bf444d4d..00000000
--- a/docs/saml2/_sources/saml2.txt
+++ /dev/null
@@ -1,83 +0,0 @@
-OneLogin saml2 Module
-======================
-
-:mod:`auth` Class
-------------------
-
-.. automodule:: saml2.auth
-    :members:
-    :undoc-members:
-    :show-inheritance:
-
-:mod:`authn_request` Class
----------------------------
-
-.. automodule:: saml2.authn_request
-    :members:
-    :undoc-members:
-    :show-inheritance:
-
-:mod:`constants` Class
------------------------
-
-.. automodule:: saml2.constants
-    :members:
-    :undoc-members:
-    :show-inheritance:
-
-:mod:`errors` Class
---------------------
-
-.. automodule:: saml2.errors
-    :members:
-    :undoc-members:
-    :show-inheritance:
-
-:mod:`logout_request` Class
-----------------------------
-
-.. automodule:: saml2.logout_request
-    :members:
-    :undoc-members:
-    :show-inheritance:
-
-:mod:`logout_response` Class
------------------------------
-
-.. automodule:: saml2.logout_response
-    :members:
-    :undoc-members:
-    :show-inheritance:
-
-:mod:`metadata` Class
-----------------------
-
-.. automodule:: saml2.metadata
-    :members:
-    :undoc-members:
-    :show-inheritance:
-
-:mod:`response` Class
-----------------------
-
-.. automodule:: saml2.response
-    :members:
-    :undoc-members:
-    :show-inheritance:
-
-:mod:`settings` Class
-----------------------
-
-.. automodule:: saml2.settings
-    :members:
-    :undoc-members:
-    :show-inheritance:
-
-:mod:`utils` Class
--------------------
-
-.. automodule:: saml2.utils
-    :members:
-    :undoc-members:
-    :show-inheritance:
-
diff --git a/docs/saml2/_static/_sphinx_javascript_frameworks_compat.js b/docs/saml2/_static/_sphinx_javascript_frameworks_compat.js
new file mode 100644
index 00000000..81415803
--- /dev/null
+++ b/docs/saml2/_static/_sphinx_javascript_frameworks_compat.js
@@ -0,0 +1,123 @@
+/* Compatability shim for jQuery and underscores.js.
+ *
+ * Copyright Sphinx contributors
+ * Released under the two clause BSD licence
+ */
+
+/**
+ * small helper function to urldecode strings
+ *
+ * See https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/decodeURIComponent#Decoding_query_parameters_from_a_URL
+ */
+jQuery.urldecode = function(x) {
+    if (!x) {
+        return x
+    }
+    return decodeURIComponent(x.replace(/\+/g, ' '));
+};
+
+/**
+ * small helper function to urlencode strings
+ */
+jQuery.urlencode = encodeURIComponent;
+
+/**
+ * This function returns the parsed url parameters of the
+ * current request. Multiple values per key are supported,
+ * it will always return arrays of strings for the value parts.
+ */
+jQuery.getQueryParameters = function(s) {
+    if (typeof s === 'undefined')
+        s = document.location.search;
+    var parts = s.substr(s.indexOf('?') + 1).split('&');
+    var result = {};
+    for (var i = 0; i < parts.length; i++) {
+        var tmp = parts[i].split('=', 2);
+        var key = jQuery.urldecode(tmp[0]);
+        var value = jQuery.urldecode(tmp[1]);
+        if (key in result)
+            result[key].push(value);
+        else
+            result[key] = [value];
+    }
+    return result;
+};
+
+/**
+ * highlight a given string on a jquery object by wrapping it in
+ * span elements with the given class name.
+ */
+jQuery.fn.highlightText = function(text, className) {
+    function highlight(node, addItems) {
+        if (node.nodeType === 3) {
+            var val = node.nodeValue;
+            var pos = val.toLowerCase().indexOf(text);
+            if (pos >= 0 &&
+                !jQuery(node.parentNode).hasClass(className) &&
+                !jQuery(node.parentNode).hasClass("nohighlight")) {
+                var span;
+                var isInSVG = jQuery(node).closest("body, svg, foreignObject").is("svg");
+                if (isInSVG) {
+                    span = document.createElementNS("http://www.w3.org/2000/svg", "tspan");
+                } else {
+                    span = document.createElement("span");
+                    span.className = className;
+                }
+                span.appendChild(document.createTextNode(val.substr(pos, text.length)));
+                node.parentNode.insertBefore(span, node.parentNode.insertBefore(
+                    document.createTextNode(val.substr(pos + text.length)),
+                    node.nextSibling));
+                node.nodeValue = val.substr(0, pos);
+                if (isInSVG) {
+                    var rect = document.createElementNS("http://www.w3.org/2000/svg", "rect");
+                    var bbox = node.parentElement.getBBox();
+                    rect.x.baseVal.value = bbox.x;
+                    rect.y.baseVal.value = bbox.y;
+                    rect.width.baseVal.value = bbox.width;
+                    rect.height.baseVal.value = bbox.height;
+                    rect.setAttribute('class', className);
+                    addItems.push({
+                        "parent": node.parentNode,
+                        "target": rect});
+                }
+            }
+        }
+        else if (!jQuery(node).is("button, select, textarea")) {
+            jQuery.each(node.childNodes, function() {
+                highlight(this, addItems);
+            });
+        }
+    }
+    var addItems = [];
+    var result = this.each(function() {
+        highlight(this, addItems);
+    });
+    for (var i = 0; i < addItems.length; ++i) {
+        jQuery(addItems[i].parent).before(addItems[i].target);
+    }
+    return result;
+};
+
+/*
+ * backward compatibility for jQuery.browser
+ * This will be supported until firefox bug is fixed.
+ */
+if (!jQuery.browser) {
+    jQuery.uaMatch = function(ua) {
+        ua = ua.toLowerCase();
+
+        var match = /(chrome)[ \/]([\w.]+)/.exec(ua) ||
+            /(webkit)[ \/]([\w.]+)/.exec(ua) ||
+            /(opera)(?:.*version|)[ \/]([\w.]+)/.exec(ua) ||
+            /(msie) ([\w.]+)/.exec(ua) ||
+            ua.indexOf("compatible") < 0 && /(mozilla)(?:.*? rv:([\w.]+)|)/.exec(ua) ||
+            [];
+
+        return {
+            browser: match[ 1 ] || "",
+            version: match[ 2 ] || "0"
+        };
+    };
+    jQuery.browser = {};
+    jQuery.browser[jQuery.uaMatch(navigator.userAgent).browser] = true;
+}
diff --git a/docs/saml2/_static/ajax-loader.gif b/docs/saml2/_static/ajax-loader.gif
deleted file mode 100644
index 61faf8ca..00000000
Binary files a/docs/saml2/_static/ajax-loader.gif and /dev/null differ
diff --git a/docs/saml2/_static/basic.css b/docs/saml2/_static/basic.css
index 43e8bafa..cfc60b86 100644
--- a/docs/saml2/_static/basic.css
+++ b/docs/saml2/_static/basic.css
@@ -4,7 +4,7 @@
  *
  * Sphinx stylesheet -- basic theme.
  *
- * :copyright: Copyright 2007-2011 by the Sphinx team, see AUTHORS.
+ * :copyright: Copyright 2007-2023 by the Sphinx team, see AUTHORS.
  * :license: BSD, see LICENSE for details.
  *
  */
@@ -15,6 +15,12 @@ div.clearer {
     clear: both;
 }
 
+div.section::after {
+    display: block;
+    content: '';
+    clear: left;
+}
+
 /* -- relbar ---------------------------------------------------------------- */
 
 div.related {
@@ -52,6 +58,8 @@ div.sphinxsidebar {
     width: 230px;
     margin-left: -100%;
     font-size: 90%;
+    word-wrap: break-word;
+    overflow-wrap : break-word;
 }
 
 div.sphinxsidebar ul {
@@ -79,16 +87,29 @@ div.sphinxsidebar input {
     font-size: 1em;
 }
 
+div.sphinxsidebar #searchbox form.search {
+    overflow: hidden;
+}
+
 div.sphinxsidebar #searchbox input[type="text"] {
-    width: 170px;
+    float: left;
+    width: 80%;
+    padding: 0.25em;
+    box-sizing: border-box;
 }
 
 div.sphinxsidebar #searchbox input[type="submit"] {
-    width: 30px;
+    float: left;
+    width: 20%;
+    border-left: none;
+    padding: 0.25em;
+    box-sizing: border-box;
 }
 
+
 img {
     border: 0;
+    max-width: 100%;
 }
 
 /* -- search page ----------------------------------------------------------- */
@@ -109,7 +130,7 @@ ul.search li a {
     font-weight: bold;
 }
 
-ul.search li div.context {
+ul.search li p.context {
     color: #888;
     margin: 2px 0 0 30px;
     text-align: left;
@@ -123,6 +144,8 @@ ul.keywordmatches li.goodmatch a {
 
 table.contentstable {
     width: 90%;
+    margin-left: auto;
+    margin-right: auto;
 }
 
 table.contentstable p.biglink {
@@ -150,9 +173,14 @@ table.indextable td {
     vertical-align: top;
 }
 
-table.indextable dl, table.indextable dd {
+table.indextable ul {
     margin-top: 0;
     margin-bottom: 0;
+    list-style-type: none;
+}
+
+table.indextable > tbody > tr > td > ul {
+    padding-left: 0em;
 }
 
 table.indextable tr.pcap {
@@ -184,8 +212,27 @@ div.genindex-jumpbox {
     padding: 0.4em;
 }
 
+/* -- domain module index --------------------------------------------------- */
+
+table.modindextable td {
+    padding: 2px;
+    border-collapse: collapse;
+}
+
 /* -- general body styles --------------------------------------------------- */
 
+div.body {
+    min-width: 360px;
+    max-width: 800px;
+}
+
+div.body p, div.body dd, div.body li, div.body blockquote {
+    -moz-hyphens: auto;
+    -ms-hyphens: auto;
+    -webkit-hyphens: auto;
+    hyphens: auto;
+}
+
 a.headerlink {
     visibility: hidden;
 }
@@ -196,7 +243,10 @@ h3:hover > a.headerlink,
 h4:hover > a.headerlink,
 h5:hover > a.headerlink,
 h6:hover > a.headerlink,
-dt:hover > a.headerlink {
+dt:hover > a.headerlink,
+caption:hover > a.headerlink,
+p.caption:hover > a.headerlink,
+div.code-block-caption:hover > a.headerlink {
     visibility: visible;
 }
 
@@ -208,10 +258,6 @@ div.body td {
     text-align: left;
 }
 
-.field-list ul {
-    padding-left: 1em;
-}
-
 .first {
     margin-top: 0 !important;
 }
@@ -221,19 +267,25 @@ p.rubric {
     font-weight: bold;
 }
 
-img.align-left, .figure.align-left, object.align-left {
+img.align-left, figure.align-left, .figure.align-left, object.align-left {
     clear: left;
     float: left;
     margin-right: 1em;
 }
 
-img.align-right, .figure.align-right, object.align-right {
+img.align-right, figure.align-right, .figure.align-right, object.align-right {
     clear: right;
     float: right;
     margin-left: 1em;
 }
 
-img.align-center, .figure.align-center, object.align-center {
+img.align-center, figure.align-center, .figure.align-center, object.align-center {
+  display: block;
+  margin-left: auto;
+  margin-right: auto;
+}
+
+img.align-default, figure.align-default, .figure.align-default {
   display: block;
   margin-left: auto;
   margin-right: auto;
@@ -247,30 +299,45 @@ img.align-center, .figure.align-center, object.align-center {
     text-align: center;
 }
 
+.align-default {
+    text-align: center;
+}
+
 .align-right {
     text-align: right;
 }
 
 /* -- sidebars -------------------------------------------------------------- */
 
-div.sidebar {
+div.sidebar,
+aside.sidebar {
     margin: 0 0 0.5em 1em;
     border: 1px solid #ddb;
-    padding: 7px 7px 0 7px;
+    padding: 7px;
     background-color: #ffe;
     width: 40%;
     float: right;
+    clear: right;
+    overflow-x: auto;
 }
 
 p.sidebar-title {
     font-weight: bold;
 }
 
+nav.contents,
+aside.topic,
+div.admonition, div.topic, blockquote {
+    clear: left;
+}
+
 /* -- topics ---------------------------------------------------------------- */
 
+nav.contents,
+aside.topic,
 div.topic {
     border: 1px solid #ccc;
-    padding: 7px 7px 0 7px;
+    padding: 7px;
     margin: 10px 0 10px 0;
 }
 
@@ -292,10 +359,6 @@ div.admonition dt {
     font-weight: bold;
 }
 
-div.admonition dl {
-    margin-bottom: 0;
-}
-
 p.admonition-title {
     margin: 0px 10px 5px 0px;
     font-weight: bold;
@@ -306,13 +369,55 @@ div.body p.centered {
     margin-top: 25px;
 }
 
+/* -- content of sidebars/topics/admonitions -------------------------------- */
+
+div.sidebar > :last-child,
+aside.sidebar > :last-child,
+nav.contents > :last-child,
+aside.topic > :last-child,
+div.topic > :last-child,
+div.admonition > :last-child {
+    margin-bottom: 0;
+}
+
+div.sidebar::after,
+aside.sidebar::after,
+nav.contents::after,
+aside.topic::after,
+div.topic::after,
+div.admonition::after,
+blockquote::after {
+    display: block;
+    content: '';
+    clear: both;
+}
+
 /* -- tables ---------------------------------------------------------------- */
 
 table.docutils {
+    margin-top: 10px;
+    margin-bottom: 10px;
     border: 0;
     border-collapse: collapse;
 }
 
+table.align-center {
+    margin-left: auto;
+    margin-right: auto;
+}
+
+table.align-default {
+    margin-left: auto;
+    margin-right: auto;
+}
+
+table caption span.caption-number {
+    font-style: italic;
+}
+
+table caption span.caption-text {
+}
+
 table.docutils td, table.docutils th {
     padding: 1px 8px 1px 5px;
     border-top: 0;
@@ -321,14 +426,6 @@ table.docutils td, table.docutils th {
     border-bottom: 1px solid #aaa;
 }
 
-table.field-list td, table.field-list th {
-    border: 0 !important;
-}
-
-table.footnote td, table.footnote th {
-    border: 0 !important;
-}
-
 th {
     text-align: left;
     padding-right: 5px;
@@ -343,6 +440,126 @@ table.citation td {
     border-bottom: none;
 }
 
+th > :first-child,
+td > :first-child {
+    margin-top: 0px;
+}
+
+th > :last-child,
+td > :last-child {
+    margin-bottom: 0px;
+}
+
+/* -- figures --------------------------------------------------------------- */
+
+div.figure, figure {
+    margin: 0.5em;
+    padding: 0.5em;
+}
+
+div.figure p.caption, figcaption {
+    padding: 0.3em;
+}
+
+div.figure p.caption span.caption-number,
+figcaption span.caption-number {
+    font-style: italic;
+}
+
+div.figure p.caption span.caption-text,
+figcaption span.caption-text {
+}
+
+/* -- field list styles ----------------------------------------------------- */
+
+table.field-list td, table.field-list th {
+    border: 0 !important;
+}
+
+.field-list ul {
+    margin: 0;
+    padding-left: 1em;
+}
+
+.field-list p {
+    margin: 0;
+}
+
+.field-name {
+    -moz-hyphens: manual;
+    -ms-hyphens: manual;
+    -webkit-hyphens: manual;
+    hyphens: manual;
+}
+
+/* -- hlist styles ---------------------------------------------------------- */
+
+table.hlist {
+    margin: 1em 0;
+}
+
+table.hlist td {
+    vertical-align: top;
+}
+
+/* -- object description styles --------------------------------------------- */
+
+.sig {
+	font-family: 'Consolas', 'Menlo', 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', monospace;
+}
+
+.sig-name, code.descname {
+    background-color: transparent;
+    font-weight: bold;
+}
+
+.sig-name {
+	font-size: 1.1em;
+}
+
+code.descname {
+    font-size: 1.2em;
+}
+
+.sig-prename, code.descclassname {
+    background-color: transparent;
+}
+
+.optional {
+    font-size: 1.3em;
+}
+
+.sig-paren {
+    font-size: larger;
+}
+
+.sig-param.n {
+	font-style: italic;
+}
+
+/* C++ specific styling */
+
+.sig-inline.c-texpr,
+.sig-inline.cpp-texpr {
+	font-family: unset;
+}
+
+.sig.c   .k, .sig.c   .kt,
+.sig.cpp .k, .sig.cpp .kt {
+	color: #0033B3;
+}
+
+.sig.c   .m,
+.sig.cpp .m {
+	color: #1750EB;
+}
+
+.sig.c   .s, .sig.c   .sc,
+.sig.cpp .s, .sig.cpp .sc {
+	color: #067D17;
+}
+
+
 /* -- other body styles ----------------------------------------------------- */
 
 ol.arabic {
@@ -365,11 +582,81 @@ ol.upperroman {
     list-style: upper-roman;
 }
 
+:not(li) > ol > li:first-child > :first-child,
+:not(li) > ul > li:first-child > :first-child {
+    margin-top: 0px;
+}
+
+:not(li) > ol > li:last-child > :last-child,
+:not(li) > ul > li:last-child > :last-child {
+    margin-bottom: 0px;
+}
+
+ol.simple ol p,
+ol.simple ul p,
+ul.simple ol p,
+ul.simple ul p {
+    margin-top: 0;
+}
+
+ol.simple > li:not(:first-child) > p,
+ul.simple > li:not(:first-child) > p {
+    margin-top: 0;
+}
+
+ol.simple p,
+ul.simple p {
+    margin-bottom: 0;
+}
+
+aside.footnote > span,
+div.citation > span {
+    float: left;
+}
+aside.footnote > span:last-of-type,
+div.citation > span:last-of-type {
+  padding-right: 0.5em;
+}
+aside.footnote > p {
+  margin-left: 2em;
+}
+div.citation > p {
+  margin-left: 4em;
+}
+aside.footnote > p:last-of-type,
+div.citation > p:last-of-type {
+    margin-bottom: 0em;
+}
+aside.footnote > p:last-of-type:after,
+div.citation > p:last-of-type:after {
+    content: "";
+    clear: both;
+}
+
+dl.field-list {
+    display: grid;
+    grid-template-columns: fit-content(30%) auto;
+}
+
+dl.field-list > dt {
+    font-weight: bold;
+    word-break: break-word;
+    padding-left: 0.5em;
+    padding-right: 5px;
+}
+
+dl.field-list > dd {
+    padding-left: 0.5em;
+    margin-top: 0em;
+    margin-left: 0em;
+    margin-bottom: 0em;
+}
+
 dl {
     margin-bottom: 15px;
 }
 
-dd p {
+dd > :first-child {
     margin-top: 0px;
 }
 
@@ -383,30 +670,32 @@ dd {
     margin-left: 30px;
 }
 
-dt:target, .highlighted {
-    background-color: #fbe54e;
+.sig dd {
+    margin-top: 0px;
+    margin-bottom: 0px;
 }
 
-dl.glossary dt {
-    font-weight: bold;
-    font-size: 1.1em;
+.sig dl {
+    margin-top: 0px;
+    margin-bottom: 0px;
 }
 
-.field-list ul {
-    margin: 0;
-    padding-left: 1em;
+dl > dd:last-child,
+dl > dd:last-child > :last-child {
+    margin-bottom: 0;
 }
 
-.field-list p {
-    margin: 0;
+dt:target, span.highlighted {
+    background-color: #fbe54e;
 }
 
-.refcount {
-    color: #060;
+rect.highlighted {
+    fill: #fbe54e;
 }
 
-.optional {
-    font-size: 1.3em;
+dl.glossary dt {
+    font-weight: bold;
+    font-size: 1.1em;
 }
 
 .versionmodified {
@@ -447,11 +736,26 @@ dl.glossary dt {
     font-style: oblique;
 }
 
+.classifier:before {
+    font-style: normal;
+    margin: 0 0.5em;
+    content: ":";
+    display: inline-block;
+}
+
 abbr, acronym {
     border-bottom: dotted 1px;
     cursor: help;
 }
 
+.translated {
+    background-color: rgba(207, 255, 207, 0.2)
+}
+
+.untranslated {
+    background-color: rgba(255, 207, 207, 0.2)
+}
+
 /* -- code displays --------------------------------------------------------- */
 
 pre {
@@ -459,37 +763,105 @@ pre {
     overflow-y: hidden;  /* fixes display issues on Chrome browsers */
 }
 
+pre, div[class*="highlight-"] {
+    clear: both;
+}
+
+span.pre {
+    -moz-hyphens: none;
+    -ms-hyphens: none;
+    -webkit-hyphens: none;
+    hyphens: none;
+    white-space: nowrap;
+}
+
+div[class*="highlight-"] {
+    margin: 1em 0;
+}
+
 td.linenos pre {
-    padding: 5px 0px;
     border: 0;
     background-color: transparent;
     color: #aaa;
 }
 
 table.highlighttable {
-    margin-left: 0.5em;
+    display: block;
+}
+
+table.highlighttable tbody {
+    display: block;
+}
+
+table.highlighttable tr {
+    display: flex;
 }
 
 table.highlighttable td {
-    padding: 0 0.5em 0 0.5em;
+    margin: 0;
+    padding: 0;
 }
 
-tt.descname {
-    background-color: transparent;
-    font-weight: bold;
-    font-size: 1.2em;
+table.highlighttable td.linenos {
+    padding-right: 0.5em;
+}
+
+table.highlighttable td.code {
+    flex: 1;
+    overflow: hidden;
+}
+
+.highlight .hll {
+    display: block;
+}
+
+div.highlight pre,
+table.highlighttable pre {
+    margin: 0;
+}
+
+div.code-block-caption + div {
+    margin-top: 0;
+}
+
+div.code-block-caption {
+    margin-top: 1em;
+    padding: 2px 5px;
+    font-size: small;
 }
 
-tt.descclassname {
+div.code-block-caption code {
     background-color: transparent;
 }
 
-tt.xref, a tt {
+table.highlighttable td.linenos,
+span.linenos,
+div.highlight span.gp {  /* gp: Generic.Prompt */
+  user-select: none;
+  -webkit-user-select: text; /* Safari fallback only */
+  -webkit-user-select: none; /* Chrome/Safari */
+  -moz-user-select: none; /* Firefox */
+  -ms-user-select: none; /* IE10+ */
+}
+
+div.code-block-caption span.caption-number {
+    padding: 0.1em 0.3em;
+    font-style: italic;
+}
+
+div.code-block-caption span.caption-text {
+}
+
+div.literal-block-wrapper {
+    margin: 1em 0;
+}
+
+code.xref, a code {
     background-color: transparent;
     font-weight: bold;
 }
 
-h1 tt, h2 tt, h3 tt, h4 tt, h5 tt, h6 tt {
+h1 code, h2 code, h3 code, h4 code, h5 code, h6 code {
     background-color: transparent;
 }
 
@@ -521,6 +893,15 @@ span.eqno {
     float: right;
 }
 
+span.eqno a.headerlink {
+    position: absolute;
+    z-index: 1;
+}
+
+div.math:hover a.headerlink {
+    visibility: visible;
+}
+
 /* -- printout stylesheet --------------------------------------------------- */
 
 @media print {
diff --git a/docs/saml2/_static/comment-bright.png b/docs/saml2/_static/comment-bright.png
deleted file mode 100644
index 551517b8..00000000
Binary files a/docs/saml2/_static/comment-bright.png and /dev/null differ
diff --git a/docs/saml2/_static/comment-close.png b/docs/saml2/_static/comment-close.png
deleted file mode 100644
index 09b54be4..00000000
Binary files a/docs/saml2/_static/comment-close.png and /dev/null differ
diff --git a/docs/saml2/_static/comment.png b/docs/saml2/_static/comment.png
deleted file mode 100644
index 92feb52b..00000000
Binary files a/docs/saml2/_static/comment.png and /dev/null differ
diff --git a/docs/saml2/_static/css/badge_only.css b/docs/saml2/_static/css/badge_only.css
new file mode 100644
index 00000000..c718cee4
--- /dev/null
+++ b/docs/saml2/_static/css/badge_only.css
@@ -0,0 +1 @@
+.clearfix{*zoom:1}.clearfix:after,.clearfix:before{display:table;content:""}.clearfix:after{clear:both}@font-face{font-family:FontAwesome;font-style:normal;font-weight:400;src:url(fonts/fontawesome-webfont.eot?674f50d287a8c48dc19ba404d20fe713?#iefix) format("embedded-opentype"),url(fonts/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e) format("woff2"),url(fonts/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad) format("woff"),url(fonts/fontawesome-webfont.ttf?b06871f281fee6b241d60582ae9369b9) format("truetype"),url(fonts/fontawesome-webfont.svg?912ec66d7572ff821749319396470bde#FontAwesome) format("svg")}.fa:before{font-family:FontAwesome;font-style:normal;font-weight:400;line-height:1}.fa:before,a .fa{text-decoration:inherit}.fa:before,a .fa,li .fa{display:inline-block}li .fa-large:before{width:1.875em}ul.fas{list-style-type:none;margin-left:2em;text-indent:-.8em}ul.fas li .fa{width:.8em}ul.fas li .fa-large:before{vertical-align:baseline}.fa-book:before,.icon-book:before{content:"\f02d"}.fa-caret-down:before,.icon-caret-down:before{content:"\f0d7"}.fa-caret-up:before,.icon-caret-up:before{content:"\f0d8"}.fa-caret-left:before,.icon-caret-left:before{content:"\f0d9"}.fa-caret-right:before,.icon-caret-right:before{content:"\f0da"}.rst-versions{position:fixed;bottom:0;left:0;width:300px;color:#fcfcfc;background:#1f1d1d;font-family:Lato,proxima-nova,Helvetica Neue,Arial,sans-serif;z-index:400}.rst-versions a{color:#2980b9;text-decoration:none}.rst-versions .rst-badge-small{display:none}.rst-versions .rst-current-version{padding:12px;background-color:#272525;display:block;text-align:right;font-size:90%;cursor:pointer;color:#27ae60}.rst-versions .rst-current-version:after{clear:both;content:"";display:block}.rst-versions .rst-current-version .fa{color:#fcfcfc}.rst-versions .rst-current-version .fa-book,.rst-versions .rst-current-version .icon-book{float:left}.rst-versions .rst-current-version.rst-out-of-date{background-color:#e74c3c;color:#fff}.rst-versions .rst-current-version.rst-active-old-version{background-color:#f1c40f;color:#000}.rst-versions.shift-up{height:auto;max-height:100%;overflow-y:scroll}.rst-versions.shift-up .rst-other-versions{display:block}.rst-versions .rst-other-versions{font-size:90%;padding:12px;color:grey;display:none}.rst-versions .rst-other-versions hr{display:block;height:1px;border:0;margin:20px 0;padding:0;border-top:1px solid #413d3d}.rst-versions .rst-other-versions dd{display:inline-block;margin:0}.rst-versions .rst-other-versions dd a{display:inline-block;padding:6px;color:#fcfcfc}.rst-versions.rst-badge{width:auto;bottom:20px;right:20px;left:auto;border:none;max-width:300px;max-height:90%}.rst-versions.rst-badge .fa-book,.rst-versions.rst-badge .icon-book{float:none;line-height:30px}.rst-versions.rst-badge.shift-up .rst-current-version{text-align:right}.rst-versions.rst-badge.shift-up .rst-current-version .fa-book,.rst-versions.rst-badge.shift-up .rst-current-version .icon-book{float:left}.rst-versions.rst-badge>.rst-current-version{width:auto;height:30px;line-height:30px;padding:0 6px;display:block;text-align:center}@media screen and (max-width:768px){.rst-versions{width:85%;display:none}.rst-versions.shift{display:block}}
\ No newline at end of file
diff --git a/docs/saml2/_static/css/fonts/Roboto-Slab-Bold.woff b/docs/saml2/_static/css/fonts/Roboto-Slab-Bold.woff
new file mode 100644
index 00000000..6cb60000
Binary files /dev/null and b/docs/saml2/_static/css/fonts/Roboto-Slab-Bold.woff differ
diff --git a/docs/saml2/_static/css/fonts/Roboto-Slab-Bold.woff2 b/docs/saml2/_static/css/fonts/Roboto-Slab-Bold.woff2
new file mode 100644
index 00000000..7059e231
Binary files /dev/null and b/docs/saml2/_static/css/fonts/Roboto-Slab-Bold.woff2 differ
diff --git a/docs/saml2/_static/css/fonts/Roboto-Slab-Regular.woff b/docs/saml2/_static/css/fonts/Roboto-Slab-Regular.woff
new file mode 100644
index 00000000..f815f63f
Binary files /dev/null and b/docs/saml2/_static/css/fonts/Roboto-Slab-Regular.woff differ
diff --git a/docs/saml2/_static/css/fonts/Roboto-Slab-Regular.woff2 b/docs/saml2/_static/css/fonts/Roboto-Slab-Regular.woff2
new file mode 100644
index 00000000..f2c76e5b
Binary files /dev/null and b/docs/saml2/_static/css/fonts/Roboto-Slab-Regular.woff2 differ
diff --git a/docs/saml2/_static/css/fonts/fontawesome-webfont.eot b/docs/saml2/_static/css/fonts/fontawesome-webfont.eot
new file mode 100644
index 00000000..e9f60ca9
Binary files /dev/null and b/docs/saml2/_static/css/fonts/fontawesome-webfont.eot differ
diff --git a/docs/saml2/_static/css/fonts/fontawesome-webfont.svg b/docs/saml2/_static/css/fonts/fontawesome-webfont.svg
new file mode 100644
index 00000000..855c845e
--- /dev/null
+++ b/docs/saml2/_static/css/fonts/fontawesome-webfont.svg
@@ -0,0 +1,2671 @@
+<?xml version="1.0" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" >
+<svg>
+<metadata>
+Created by FontForge 20120731 at Mon Oct 24 17:37:40 2016
+ By ,,,
+Copyright Dave Gandy 2016. All rights reserved.
+</metadata>
+<defs>
+<font id="FontAwesome" horiz-adv-x="1536" >
+  <font-face 
+    font-family="FontAwesome"
+    font-weight="400"
+    font-stretch="normal"
+    units-per-em="1792"
+    panose-1="0 0 0 0 0 0 0 0 0 0"
+    ascent="1536"
+    descent="-256"
+    bbox="-1.02083 -256.962 2304.6 1537.02"
+    underline-thickness="0"
+    underline-position="0"
+    unicode-range="U+0020-F500"
+  />
+<missing-glyph horiz-adv-x="896" 
+d="M224 112h448v1312h-448v-1312zM112 0v1536h672v-1536h-672z" />
+    <glyph glyph-name=".notdef" horiz-adv-x="896" 
+d="M224 112h448v1312h-448v-1312zM112 0v1536h672v-1536h-672z" />
+    <glyph glyph-name=".null" horiz-adv-x="0" 
+ />
+    <glyph glyph-name="nonmarkingreturn" horiz-adv-x="597" 
+ />
+    <glyph glyph-name="space" unicode=" " horiz-adv-x="448" 
+ />
+    <glyph glyph-name="dieresis" unicode="&#xa8;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="copyright" unicode="&#xa9;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="registered" unicode="&#xae;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="acute" unicode="&#xb4;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="AE" unicode="&#xc6;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="Oslash" unicode="&#xd8;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="trademark" unicode="&#x2122;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="infinity" unicode="&#x221e;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="notequal" unicode="&#x2260;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="glass" unicode="&#xf000;" horiz-adv-x="1792" 
+d="M1699 1350q0 -35 -43 -78l-632 -632v-768h320q26 0 45 -19t19 -45t-19 -45t-45 -19h-896q-26 0 -45 19t-19 45t19 45t45 19h320v768l-632 632q-43 43 -43 78q0 23 18 36.5t38 17.5t43 4h1408q23 0 43 -4t38 -17.5t18 -36.5z" />
+    <glyph glyph-name="music" unicode="&#xf001;" 
+d="M1536 1312v-1120q0 -50 -34 -89t-86 -60.5t-103.5 -32t-96.5 -10.5t-96.5 10.5t-103.5 32t-86 60.5t-34 89t34 89t86 60.5t103.5 32t96.5 10.5q105 0 192 -39v537l-768 -237v-709q0 -50 -34 -89t-86 -60.5t-103.5 -32t-96.5 -10.5t-96.5 10.5t-103.5 32t-86 60.5t-34 89
+t34 89t86 60.5t103.5 32t96.5 10.5q105 0 192 -39v967q0 31 19 56.5t49 35.5l832 256q12 4 28 4q40 0 68 -28t28 -68z" />
+    <glyph glyph-name="search" unicode="&#xf002;" horiz-adv-x="1664" 
+d="M1152 704q0 185 -131.5 316.5t-316.5 131.5t-316.5 -131.5t-131.5 -316.5t131.5 -316.5t316.5 -131.5t316.5 131.5t131.5 316.5zM1664 -128q0 -52 -38 -90t-90 -38q-54 0 -90 38l-343 342q-179 -124 -399 -124q-143 0 -273.5 55.5t-225 150t-150 225t-55.5 273.5
+t55.5 273.5t150 225t225 150t273.5 55.5t273.5 -55.5t225 -150t150 -225t55.5 -273.5q0 -220 -124 -399l343 -343q37 -37 37 -90z" />
+    <glyph glyph-name="envelope" unicode="&#xf003;" horiz-adv-x="1792" 
+d="M1664 32v768q-32 -36 -69 -66q-268 -206 -426 -338q-51 -43 -83 -67t-86.5 -48.5t-102.5 -24.5h-1h-1q-48 0 -102.5 24.5t-86.5 48.5t-83 67q-158 132 -426 338q-37 30 -69 66v-768q0 -13 9.5 -22.5t22.5 -9.5h1472q13 0 22.5 9.5t9.5 22.5zM1664 1083v11v13.5t-0.5 13
+t-3 12.5t-5.5 9t-9 7.5t-14 2.5h-1472q-13 0 -22.5 -9.5t-9.5 -22.5q0 -168 147 -284q193 -152 401 -317q6 -5 35 -29.5t46 -37.5t44.5 -31.5t50.5 -27.5t43 -9h1h1q20 0 43 9t50.5 27.5t44.5 31.5t46 37.5t35 29.5q208 165 401 317q54 43 100.5 115.5t46.5 131.5z
+M1792 1120v-1088q0 -66 -47 -113t-113 -47h-1472q-66 0 -113 47t-47 113v1088q0 66 47 113t113 47h1472q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="heart" unicode="&#xf004;" horiz-adv-x="1792" 
+d="M896 -128q-26 0 -44 18l-624 602q-10 8 -27.5 26t-55.5 65.5t-68 97.5t-53.5 121t-23.5 138q0 220 127 344t351 124q62 0 126.5 -21.5t120 -58t95.5 -68.5t76 -68q36 36 76 68t95.5 68.5t120 58t126.5 21.5q224 0 351 -124t127 -344q0 -221 -229 -450l-623 -600
+q-18 -18 -44 -18z" />
+    <glyph glyph-name="star" unicode="&#xf005;" horiz-adv-x="1664" 
+d="M1664 889q0 -22 -26 -48l-363 -354l86 -500q1 -7 1 -20q0 -21 -10.5 -35.5t-30.5 -14.5q-19 0 -40 12l-449 236l-449 -236q-22 -12 -40 -12q-21 0 -31.5 14.5t-10.5 35.5q0 6 2 20l86 500l-364 354q-25 27 -25 48q0 37 56 46l502 73l225 455q19 41 49 41t49 -41l225 -455
+l502 -73q56 -9 56 -46z" />
+    <glyph glyph-name="star_empty" unicode="&#xf006;" horiz-adv-x="1664" 
+d="M1137 532l306 297l-422 62l-189 382l-189 -382l-422 -62l306 -297l-73 -421l378 199l377 -199zM1664 889q0 -22 -26 -48l-363 -354l86 -500q1 -7 1 -20q0 -50 -41 -50q-19 0 -40 12l-449 236l-449 -236q-22 -12 -40 -12q-21 0 -31.5 14.5t-10.5 35.5q0 6 2 20l86 500
+l-364 354q-25 27 -25 48q0 37 56 46l502 73l225 455q19 41 49 41t49 -41l225 -455l502 -73q56 -9 56 -46z" />
+    <glyph glyph-name="user" unicode="&#xf007;" horiz-adv-x="1280" 
+d="M1280 137q0 -109 -62.5 -187t-150.5 -78h-854q-88 0 -150.5 78t-62.5 187q0 85 8.5 160.5t31.5 152t58.5 131t94 89t134.5 34.5q131 -128 313 -128t313 128q76 0 134.5 -34.5t94 -89t58.5 -131t31.5 -152t8.5 -160.5zM1024 1024q0 -159 -112.5 -271.5t-271.5 -112.5
+t-271.5 112.5t-112.5 271.5t112.5 271.5t271.5 112.5t271.5 -112.5t112.5 -271.5z" />
+    <glyph glyph-name="film" unicode="&#xf008;" horiz-adv-x="1920" 
+d="M384 -64v128q0 26 -19 45t-45 19h-128q-26 0 -45 -19t-19 -45v-128q0 -26 19 -45t45 -19h128q26 0 45 19t19 45zM384 320v128q0 26 -19 45t-45 19h-128q-26 0 -45 -19t-19 -45v-128q0 -26 19 -45t45 -19h128q26 0 45 19t19 45zM384 704v128q0 26 -19 45t-45 19h-128
+q-26 0 -45 -19t-19 -45v-128q0 -26 19 -45t45 -19h128q26 0 45 19t19 45zM1408 -64v512q0 26 -19 45t-45 19h-768q-26 0 -45 -19t-19 -45v-512q0 -26 19 -45t45 -19h768q26 0 45 19t19 45zM384 1088v128q0 26 -19 45t-45 19h-128q-26 0 -45 -19t-19 -45v-128q0 -26 19 -45
+t45 -19h128q26 0 45 19t19 45zM1792 -64v128q0 26 -19 45t-45 19h-128q-26 0 -45 -19t-19 -45v-128q0 -26 19 -45t45 -19h128q26 0 45 19t19 45zM1408 704v512q0 26 -19 45t-45 19h-768q-26 0 -45 -19t-19 -45v-512q0 -26 19 -45t45 -19h768q26 0 45 19t19 45zM1792 320v128
+q0 26 -19 45t-45 19h-128q-26 0 -45 -19t-19 -45v-128q0 -26 19 -45t45 -19h128q26 0 45 19t19 45zM1792 704v128q0 26 -19 45t-45 19h-128q-26 0 -45 -19t-19 -45v-128q0 -26 19 -45t45 -19h128q26 0 45 19t19 45zM1792 1088v128q0 26 -19 45t-45 19h-128q-26 0 -45 -19
+t-19 -45v-128q0 -26 19 -45t45 -19h128q26 0 45 19t19 45zM1920 1248v-1344q0 -66 -47 -113t-113 -47h-1600q-66 0 -113 47t-47 113v1344q0 66 47 113t113 47h1600q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="th_large" unicode="&#xf009;" horiz-adv-x="1664" 
+d="M768 512v-384q0 -52 -38 -90t-90 -38h-512q-52 0 -90 38t-38 90v384q0 52 38 90t90 38h512q52 0 90 -38t38 -90zM768 1280v-384q0 -52 -38 -90t-90 -38h-512q-52 0 -90 38t-38 90v384q0 52 38 90t90 38h512q52 0 90 -38t38 -90zM1664 512v-384q0 -52 -38 -90t-90 -38
+h-512q-52 0 -90 38t-38 90v384q0 52 38 90t90 38h512q52 0 90 -38t38 -90zM1664 1280v-384q0 -52 -38 -90t-90 -38h-512q-52 0 -90 38t-38 90v384q0 52 38 90t90 38h512q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="th" unicode="&#xf00a;" horiz-adv-x="1792" 
+d="M512 288v-192q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h320q40 0 68 -28t28 -68zM512 800v-192q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h320q40 0 68 -28t28 -68zM1152 288v-192q0 -40 -28 -68t-68 -28h-320
+q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h320q40 0 68 -28t28 -68zM512 1312v-192q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h320q40 0 68 -28t28 -68zM1152 800v-192q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v192q0 40 28 68t68 28
+h320q40 0 68 -28t28 -68zM1792 288v-192q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h320q40 0 68 -28t28 -68zM1152 1312v-192q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h320q40 0 68 -28t28 -68zM1792 800v-192
+q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h320q40 0 68 -28t28 -68zM1792 1312v-192q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h320q40 0 68 -28t28 -68z" />
+    <glyph glyph-name="th_list" unicode="&#xf00b;" horiz-adv-x="1792" 
+d="M512 288v-192q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h320q40 0 68 -28t28 -68zM512 800v-192q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h320q40 0 68 -28t28 -68zM1792 288v-192q0 -40 -28 -68t-68 -28h-960
+q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h960q40 0 68 -28t28 -68zM512 1312v-192q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h320q40 0 68 -28t28 -68zM1792 800v-192q0 -40 -28 -68t-68 -28h-960q-40 0 -68 28t-28 68v192q0 40 28 68t68 28
+h960q40 0 68 -28t28 -68zM1792 1312v-192q0 -40 -28 -68t-68 -28h-960q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h960q40 0 68 -28t28 -68z" />
+    <glyph glyph-name="ok" unicode="&#xf00c;" horiz-adv-x="1792" 
+d="M1671 970q0 -40 -28 -68l-724 -724l-136 -136q-28 -28 -68 -28t-68 28l-136 136l-362 362q-28 28 -28 68t28 68l136 136q28 28 68 28t68 -28l294 -295l656 657q28 28 68 28t68 -28l136 -136q28 -28 28 -68z" />
+    <glyph glyph-name="remove" unicode="&#xf00d;" horiz-adv-x="1408" 
+d="M1298 214q0 -40 -28 -68l-136 -136q-28 -28 -68 -28t-68 28l-294 294l-294 -294q-28 -28 -68 -28t-68 28l-136 136q-28 28 -28 68t28 68l294 294l-294 294q-28 28 -28 68t28 68l136 136q28 28 68 28t68 -28l294 -294l294 294q28 28 68 28t68 -28l136 -136q28 -28 28 -68
+t-28 -68l-294 -294l294 -294q28 -28 28 -68z" />
+    <glyph glyph-name="zoom_in" unicode="&#xf00e;" horiz-adv-x="1664" 
+d="M1024 736v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-224v-224q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v224h-224q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h224v224q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5v-224h224
+q13 0 22.5 -9.5t9.5 -22.5zM1152 704q0 185 -131.5 316.5t-316.5 131.5t-316.5 -131.5t-131.5 -316.5t131.5 -316.5t316.5 -131.5t316.5 131.5t131.5 316.5zM1664 -128q0 -53 -37.5 -90.5t-90.5 -37.5q-54 0 -90 38l-343 342q-179 -124 -399 -124q-143 0 -273.5 55.5
+t-225 150t-150 225t-55.5 273.5t55.5 273.5t150 225t225 150t273.5 55.5t273.5 -55.5t225 -150t150 -225t55.5 -273.5q0 -220 -124 -399l343 -343q37 -37 37 -90z" />
+    <glyph glyph-name="zoom_out" unicode="&#xf010;" horiz-adv-x="1664" 
+d="M1024 736v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-576q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h576q13 0 22.5 -9.5t9.5 -22.5zM1152 704q0 185 -131.5 316.5t-316.5 131.5t-316.5 -131.5t-131.5 -316.5t131.5 -316.5t316.5 -131.5t316.5 131.5t131.5 316.5z
+M1664 -128q0 -53 -37.5 -90.5t-90.5 -37.5q-54 0 -90 38l-343 342q-179 -124 -399 -124q-143 0 -273.5 55.5t-225 150t-150 225t-55.5 273.5t55.5 273.5t150 225t225 150t273.5 55.5t273.5 -55.5t225 -150t150 -225t55.5 -273.5q0 -220 -124 -399l343 -343q37 -37 37 -90z
+" />
+    <glyph glyph-name="off" unicode="&#xf011;" 
+d="M1536 640q0 -156 -61 -298t-164 -245t-245 -164t-298 -61t-298 61t-245 164t-164 245t-61 298q0 182 80.5 343t226.5 270q43 32 95.5 25t83.5 -50q32 -42 24.5 -94.5t-49.5 -84.5q-98 -74 -151.5 -181t-53.5 -228q0 -104 40.5 -198.5t109.5 -163.5t163.5 -109.5
+t198.5 -40.5t198.5 40.5t163.5 109.5t109.5 163.5t40.5 198.5q0 121 -53.5 228t-151.5 181q-42 32 -49.5 84.5t24.5 94.5q31 43 84 50t95 -25q146 -109 226.5 -270t80.5 -343zM896 1408v-640q0 -52 -38 -90t-90 -38t-90 38t-38 90v640q0 52 38 90t90 38t90 -38t38 -90z" />
+    <glyph glyph-name="signal" unicode="&#xf012;" horiz-adv-x="1792" 
+d="M256 96v-192q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h192q14 0 23 -9t9 -23zM640 224v-320q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v320q0 14 9 23t23 9h192q14 0 23 -9t9 -23zM1024 480v-576q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23
+v576q0 14 9 23t23 9h192q14 0 23 -9t9 -23zM1408 864v-960q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v960q0 14 9 23t23 9h192q14 0 23 -9t9 -23zM1792 1376v-1472q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v1472q0 14 9 23t23 9h192q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="cog" unicode="&#xf013;" 
+d="M1024 640q0 106 -75 181t-181 75t-181 -75t-75 -181t75 -181t181 -75t181 75t75 181zM1536 749v-222q0 -12 -8 -23t-20 -13l-185 -28q-19 -54 -39 -91q35 -50 107 -138q10 -12 10 -25t-9 -23q-27 -37 -99 -108t-94 -71q-12 0 -26 9l-138 108q-44 -23 -91 -38
+q-16 -136 -29 -186q-7 -28 -36 -28h-222q-14 0 -24.5 8.5t-11.5 21.5l-28 184q-49 16 -90 37l-141 -107q-10 -9 -25 -9q-14 0 -25 11q-126 114 -165 168q-7 10 -7 23q0 12 8 23q15 21 51 66.5t54 70.5q-27 50 -41 99l-183 27q-13 2 -21 12.5t-8 23.5v222q0 12 8 23t19 13
+l186 28q14 46 39 92q-40 57 -107 138q-10 12 -10 24q0 10 9 23q26 36 98.5 107.5t94.5 71.5q13 0 26 -10l138 -107q44 23 91 38q16 136 29 186q7 28 36 28h222q14 0 24.5 -8.5t11.5 -21.5l28 -184q49 -16 90 -37l142 107q9 9 24 9q13 0 25 -10q129 -119 165 -170q7 -8 7 -22
+q0 -12 -8 -23q-15 -21 -51 -66.5t-54 -70.5q26 -50 41 -98l183 -28q13 -2 21 -12.5t8 -23.5z" />
+    <glyph glyph-name="trash" unicode="&#xf014;" horiz-adv-x="1408" 
+d="M512 800v-576q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v576q0 14 9 23t23 9h64q14 0 23 -9t9 -23zM768 800v-576q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v576q0 14 9 23t23 9h64q14 0 23 -9t9 -23zM1024 800v-576q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v576
+q0 14 9 23t23 9h64q14 0 23 -9t9 -23zM1152 76v948h-896v-948q0 -22 7 -40.5t14.5 -27t10.5 -8.5h832q3 0 10.5 8.5t14.5 27t7 40.5zM480 1152h448l-48 117q-7 9 -17 11h-317q-10 -2 -17 -11zM1408 1120v-64q0 -14 -9 -23t-23 -9h-96v-948q0 -83 -47 -143.5t-113 -60.5h-832
+q-66 0 -113 58.5t-47 141.5v952h-96q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h309l70 167q15 37 54 63t79 26h320q40 0 79 -26t54 -63l70 -167h309q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="home" unicode="&#xf015;" horiz-adv-x="1664" 
+d="M1408 544v-480q0 -26 -19 -45t-45 -19h-384v384h-256v-384h-384q-26 0 -45 19t-19 45v480q0 1 0.5 3t0.5 3l575 474l575 -474q1 -2 1 -6zM1631 613l-62 -74q-8 -9 -21 -11h-3q-13 0 -21 7l-692 577l-692 -577q-12 -8 -24 -7q-13 2 -21 11l-62 74q-8 10 -7 23.5t11 21.5
+l719 599q32 26 76 26t76 -26l244 -204v195q0 14 9 23t23 9h192q14 0 23 -9t9 -23v-408l219 -182q10 -8 11 -21.5t-7 -23.5z" />
+    <glyph glyph-name="file_alt" unicode="&#xf016;" 
+d="M1468 1156q28 -28 48 -76t20 -88v-1152q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1600q0 40 28 68t68 28h896q40 0 88 -20t76 -48zM1024 1400v-376h376q-10 29 -22 41l-313 313q-12 12 -41 22zM1408 -128v1024h-416q-40 0 -68 28t-28 68v416h-768v-1536h1280z
+" />
+    <glyph glyph-name="time" unicode="&#xf017;" 
+d="M896 992v-448q0 -14 -9 -23t-23 -9h-320q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h224v352q0 14 9 23t23 9h64q14 0 23 -9t9 -23zM1312 640q0 148 -73 273t-198 198t-273 73t-273 -73t-198 -198t-73 -273t73 -273t198 -198t273 -73t273 73t198 198t73 273zM1536 640
+q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="road" unicode="&#xf018;" horiz-adv-x="1920" 
+d="M1111 540v4l-24 320q-1 13 -11 22.5t-23 9.5h-186q-13 0 -23 -9.5t-11 -22.5l-24 -320v-4q-1 -12 8 -20t21 -8h244q12 0 21 8t8 20zM1870 73q0 -73 -46 -73h-704q13 0 22 9.5t8 22.5l-20 256q-1 13 -11 22.5t-23 9.5h-272q-13 0 -23 -9.5t-11 -22.5l-20 -256
+q-1 -13 8 -22.5t22 -9.5h-704q-46 0 -46 73q0 54 26 116l417 1044q8 19 26 33t38 14h339q-13 0 -23 -9.5t-11 -22.5l-15 -192q-1 -14 8 -23t22 -9h166q13 0 22 9t8 23l-15 192q-1 13 -11 22.5t-23 9.5h339q20 0 38 -14t26 -33l417 -1044q26 -62 26 -116z" />
+    <glyph glyph-name="download_alt" unicode="&#xf019;" horiz-adv-x="1664" 
+d="M1280 192q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1536 192q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1664 416v-320q0 -40 -28 -68t-68 -28h-1472q-40 0 -68 28t-28 68v320q0 40 28 68t68 28h465l135 -136
+q58 -56 136 -56t136 56l136 136h464q40 0 68 -28t28 -68zM1339 985q17 -41 -14 -70l-448 -448q-18 -19 -45 -19t-45 19l-448 448q-31 29 -14 70q17 39 59 39h256v448q0 26 19 45t45 19h256q26 0 45 -19t19 -45v-448h256q42 0 59 -39z" />
+    <glyph glyph-name="download" unicode="&#xf01a;" 
+d="M1120 608q0 -12 -10 -24l-319 -319q-11 -9 -23 -9t-23 9l-320 320q-15 16 -7 35q8 20 30 20h192v352q0 14 9 23t23 9h192q14 0 23 -9t9 -23v-352h192q14 0 23 -9t9 -23zM768 1184q-148 0 -273 -73t-198 -198t-73 -273t73 -273t198 -198t273 -73t273 73t198 198t73 273
+t-73 273t-198 198t-273 73zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="upload" unicode="&#xf01b;" 
+d="M1118 660q-8 -20 -30 -20h-192v-352q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v352h-192q-14 0 -23 9t-9 23q0 12 10 24l319 319q11 9 23 9t23 -9l320 -320q15 -16 7 -35zM768 1184q-148 0 -273 -73t-198 -198t-73 -273t73 -273t198 -198t273 -73t273 73t198 198
+t73 273t-73 273t-198 198t-273 73zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="inbox" unicode="&#xf01c;" 
+d="M1023 576h316q-1 3 -2.5 8.5t-2.5 7.5l-212 496h-708l-212 -496q-1 -3 -2.5 -8.5t-2.5 -7.5h316l95 -192h320zM1536 546v-482q0 -26 -19 -45t-45 -19h-1408q-26 0 -45 19t-19 45v482q0 62 25 123l238 552q10 25 36.5 42t52.5 17h832q26 0 52.5 -17t36.5 -42l238 -552
+q25 -61 25 -123z" />
+    <glyph glyph-name="play_circle" unicode="&#xf01d;" 
+d="M1184 640q0 -37 -32 -55l-544 -320q-15 -9 -32 -9q-16 0 -32 8q-32 19 -32 56v640q0 37 32 56q33 18 64 -1l544 -320q32 -18 32 -55zM1312 640q0 148 -73 273t-198 198t-273 73t-273 -73t-198 -198t-73 -273t73 -273t198 -198t273 -73t273 73t198 198t73 273zM1536 640
+q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="repeat" unicode="&#xf01e;" 
+d="M1536 1280v-448q0 -26 -19 -45t-45 -19h-448q-42 0 -59 40q-17 39 14 69l138 138q-148 137 -349 137q-104 0 -198.5 -40.5t-163.5 -109.5t-109.5 -163.5t-40.5 -198.5t40.5 -198.5t109.5 -163.5t163.5 -109.5t198.5 -40.5q119 0 225 52t179 147q7 10 23 12q15 0 25 -9
+l137 -138q9 -8 9.5 -20.5t-7.5 -22.5q-109 -132 -264 -204.5t-327 -72.5q-156 0 -298 61t-245 164t-164 245t-61 298t61 298t164 245t245 164t298 61q147 0 284.5 -55.5t244.5 -156.5l130 129q29 31 70 14q39 -17 39 -59z" />
+    <glyph glyph-name="refresh" unicode="&#xf021;" 
+d="M1511 480q0 -5 -1 -7q-64 -268 -268 -434.5t-478 -166.5q-146 0 -282.5 55t-243.5 157l-129 -129q-19 -19 -45 -19t-45 19t-19 45v448q0 26 19 45t45 19h448q26 0 45 -19t19 -45t-19 -45l-137 -137q71 -66 161 -102t187 -36q134 0 250 65t186 179q11 17 53 117
+q8 23 30 23h192q13 0 22.5 -9.5t9.5 -22.5zM1536 1280v-448q0 -26 -19 -45t-45 -19h-448q-26 0 -45 19t-19 45t19 45l138 138q-148 137 -349 137q-134 0 -250 -65t-186 -179q-11 -17 -53 -117q-8 -23 -30 -23h-199q-13 0 -22.5 9.5t-9.5 22.5v7q65 268 270 434.5t480 166.5
+q146 0 284 -55.5t245 -156.5l130 129q19 19 45 19t45 -19t19 -45z" />
+    <glyph glyph-name="list_alt" unicode="&#xf022;" horiz-adv-x="1792" 
+d="M384 352v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM384 608v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M384 864v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM1536 352v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-960q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h960q13 0 22.5 -9.5t9.5 -22.5z
+M1536 608v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-960q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h960q13 0 22.5 -9.5t9.5 -22.5zM1536 864v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-960q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h960q13 0 22.5 -9.5
+t9.5 -22.5zM1664 160v832q0 13 -9.5 22.5t-22.5 9.5h-1472q-13 0 -22.5 -9.5t-9.5 -22.5v-832q0 -13 9.5 -22.5t22.5 -9.5h1472q13 0 22.5 9.5t9.5 22.5zM1792 1248v-1088q0 -66 -47 -113t-113 -47h-1472q-66 0 -113 47t-47 113v1088q0 66 47 113t113 47h1472q66 0 113 -47
+t47 -113z" />
+    <glyph glyph-name="lock" unicode="&#xf023;" horiz-adv-x="1152" 
+d="M320 768h512v192q0 106 -75 181t-181 75t-181 -75t-75 -181v-192zM1152 672v-576q0 -40 -28 -68t-68 -28h-960q-40 0 -68 28t-28 68v576q0 40 28 68t68 28h32v192q0 184 132 316t316 132t316 -132t132 -316v-192h32q40 0 68 -28t28 -68z" />
+    <glyph glyph-name="flag" unicode="&#xf024;" horiz-adv-x="1792" 
+d="M320 1280q0 -72 -64 -110v-1266q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v1266q-64 38 -64 110q0 53 37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1792 1216v-763q0 -25 -12.5 -38.5t-39.5 -27.5q-215 -116 -369 -116q-61 0 -123.5 22t-108.5 48
+t-115.5 48t-142.5 22q-192 0 -464 -146q-17 -9 -33 -9q-26 0 -45 19t-19 45v742q0 32 31 55q21 14 79 43q236 120 421 120q107 0 200 -29t219 -88q38 -19 88 -19q54 0 117.5 21t110 47t88 47t54.5 21q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="headphones" unicode="&#xf025;" horiz-adv-x="1664" 
+d="M1664 650q0 -166 -60 -314l-20 -49l-185 -33q-22 -83 -90.5 -136.5t-156.5 -53.5v-32q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v576q0 14 9 23t23 9h64q14 0 23 -9t9 -23v-32q71 0 130 -35.5t93 -95.5l68 12q29 95 29 193q0 148 -88 279t-236.5 209t-315.5 78
+t-315.5 -78t-236.5 -209t-88 -279q0 -98 29 -193l68 -12q34 60 93 95.5t130 35.5v32q0 14 9 23t23 9h64q14 0 23 -9t9 -23v-576q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v32q-88 0 -156.5 53.5t-90.5 136.5l-185 33l-20 49q-60 148 -60 314q0 151 67 291t179 242.5
+t266 163.5t320 61t320 -61t266 -163.5t179 -242.5t67 -291z" />
+    <glyph glyph-name="volume_off" unicode="&#xf026;" horiz-adv-x="768" 
+d="M768 1184v-1088q0 -26 -19 -45t-45 -19t-45 19l-333 333h-262q-26 0 -45 19t-19 45v384q0 26 19 45t45 19h262l333 333q19 19 45 19t45 -19t19 -45z" />
+    <glyph glyph-name="volume_down" unicode="&#xf027;" horiz-adv-x="1152" 
+d="M768 1184v-1088q0 -26 -19 -45t-45 -19t-45 19l-333 333h-262q-26 0 -45 19t-19 45v384q0 26 19 45t45 19h262l333 333q19 19 45 19t45 -19t19 -45zM1152 640q0 -76 -42.5 -141.5t-112.5 -93.5q-10 -5 -25 -5q-26 0 -45 18.5t-19 45.5q0 21 12 35.5t29 25t34 23t29 36
+t12 56.5t-12 56.5t-29 36t-34 23t-29 25t-12 35.5q0 27 19 45.5t45 18.5q15 0 25 -5q70 -27 112.5 -93t42.5 -142z" />
+    <glyph glyph-name="volume_up" unicode="&#xf028;" horiz-adv-x="1664" 
+d="M768 1184v-1088q0 -26 -19 -45t-45 -19t-45 19l-333 333h-262q-26 0 -45 19t-19 45v384q0 26 19 45t45 19h262l333 333q19 19 45 19t45 -19t19 -45zM1152 640q0 -76 -42.5 -141.5t-112.5 -93.5q-10 -5 -25 -5q-26 0 -45 18.5t-19 45.5q0 21 12 35.5t29 25t34 23t29 36
+t12 56.5t-12 56.5t-29 36t-34 23t-29 25t-12 35.5q0 27 19 45.5t45 18.5q15 0 25 -5q70 -27 112.5 -93t42.5 -142zM1408 640q0 -153 -85 -282.5t-225 -188.5q-13 -5 -25 -5q-27 0 -46 19t-19 45q0 39 39 59q56 29 76 44q74 54 115.5 135.5t41.5 173.5t-41.5 173.5
+t-115.5 135.5q-20 15 -76 44q-39 20 -39 59q0 26 19 45t45 19q13 0 26 -5q140 -59 225 -188.5t85 -282.5zM1664 640q0 -230 -127 -422.5t-338 -283.5q-13 -5 -26 -5q-26 0 -45 19t-19 45q0 36 39 59q7 4 22.5 10.5t22.5 10.5q46 25 82 51q123 91 192 227t69 289t-69 289
+t-192 227q-36 26 -82 51q-7 4 -22.5 10.5t-22.5 10.5q-39 23 -39 59q0 26 19 45t45 19q13 0 26 -5q211 -91 338 -283.5t127 -422.5z" />
+    <glyph glyph-name="qrcode" unicode="&#xf029;" horiz-adv-x="1408" 
+d="M384 384v-128h-128v128h128zM384 1152v-128h-128v128h128zM1152 1152v-128h-128v128h128zM128 129h384v383h-384v-383zM128 896h384v384h-384v-384zM896 896h384v384h-384v-384zM640 640v-640h-640v640h640zM1152 128v-128h-128v128h128zM1408 128v-128h-128v128h128z
+M1408 640v-384h-384v128h-128v-384h-128v640h384v-128h128v128h128zM640 1408v-640h-640v640h640zM1408 1408v-640h-640v640h640z" />
+    <glyph glyph-name="barcode" unicode="&#xf02a;" horiz-adv-x="1792" 
+d="M63 0h-63v1408h63v-1408zM126 1h-32v1407h32v-1407zM220 1h-31v1407h31v-1407zM377 1h-31v1407h31v-1407zM534 1h-62v1407h62v-1407zM660 1h-31v1407h31v-1407zM723 1h-31v1407h31v-1407zM786 1h-31v1407h31v-1407zM943 1h-63v1407h63v-1407zM1100 1h-63v1407h63v-1407z
+M1226 1h-63v1407h63v-1407zM1352 1h-63v1407h63v-1407zM1446 1h-63v1407h63v-1407zM1635 1h-94v1407h94v-1407zM1698 1h-32v1407h32v-1407zM1792 0h-63v1408h63v-1408z" />
+    <glyph glyph-name="tag" unicode="&#xf02b;" 
+d="M448 1088q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1515 512q0 -53 -37 -90l-491 -492q-39 -37 -91 -37q-53 0 -90 37l-715 716q-38 37 -64.5 101t-26.5 117v416q0 52 38 90t90 38h416q53 0 117 -26.5t102 -64.5
+l715 -714q37 -39 37 -91z" />
+    <glyph glyph-name="tags" unicode="&#xf02c;" horiz-adv-x="1920" 
+d="M448 1088q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1515 512q0 -53 -37 -90l-491 -492q-39 -37 -91 -37q-53 0 -90 37l-715 716q-38 37 -64.5 101t-26.5 117v416q0 52 38 90t90 38h416q53 0 117 -26.5t102 -64.5
+l715 -714q37 -39 37 -91zM1899 512q0 -53 -37 -90l-491 -492q-39 -37 -91 -37q-36 0 -59 14t-53 45l470 470q37 37 37 90q0 52 -37 91l-715 714q-38 38 -102 64.5t-117 26.5h224q53 0 117 -26.5t102 -64.5l715 -714q37 -39 37 -91z" />
+    <glyph glyph-name="book" unicode="&#xf02d;" horiz-adv-x="1664" 
+d="M1639 1058q40 -57 18 -129l-275 -906q-19 -64 -76.5 -107.5t-122.5 -43.5h-923q-77 0 -148.5 53.5t-99.5 131.5q-24 67 -2 127q0 4 3 27t4 37q1 8 -3 21.5t-3 19.5q2 11 8 21t16.5 23.5t16.5 23.5q23 38 45 91.5t30 91.5q3 10 0.5 30t-0.5 28q3 11 17 28t17 23
+q21 36 42 92t25 90q1 9 -2.5 32t0.5 28q4 13 22 30.5t22 22.5q19 26 42.5 84.5t27.5 96.5q1 8 -3 25.5t-2 26.5q2 8 9 18t18 23t17 21q8 12 16.5 30.5t15 35t16 36t19.5 32t26.5 23.5t36 11.5t47.5 -5.5l-1 -3q38 9 51 9h761q74 0 114 -56t18 -130l-274 -906
+q-36 -119 -71.5 -153.5t-128.5 -34.5h-869q-27 0 -38 -15q-11 -16 -1 -43q24 -70 144 -70h923q29 0 56 15.5t35 41.5l300 987q7 22 5 57q38 -15 59 -43zM575 1056q-4 -13 2 -22.5t20 -9.5h608q13 0 25.5 9.5t16.5 22.5l21 64q4 13 -2 22.5t-20 9.5h-608q-13 0 -25.5 -9.5
+t-16.5 -22.5zM492 800q-4 -13 2 -22.5t20 -9.5h608q13 0 25.5 9.5t16.5 22.5l21 64q4 13 -2 22.5t-20 9.5h-608q-13 0 -25.5 -9.5t-16.5 -22.5z" />
+    <glyph glyph-name="bookmark" unicode="&#xf02e;" horiz-adv-x="1280" 
+d="M1164 1408q23 0 44 -9q33 -13 52.5 -41t19.5 -62v-1289q0 -34 -19.5 -62t-52.5 -41q-19 -8 -44 -8q-48 0 -83 32l-441 424l-441 -424q-36 -33 -83 -33q-23 0 -44 9q-33 13 -52.5 41t-19.5 62v1289q0 34 19.5 62t52.5 41q21 9 44 9h1048z" />
+    <glyph glyph-name="print" unicode="&#xf02f;" horiz-adv-x="1664" 
+d="M384 0h896v256h-896v-256zM384 640h896v384h-160q-40 0 -68 28t-28 68v160h-640v-640zM1536 576q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1664 576v-416q0 -13 -9.5 -22.5t-22.5 -9.5h-224v-160q0 -40 -28 -68t-68 -28h-960q-40 0 -68 28t-28 68
+v160h-224q-13 0 -22.5 9.5t-9.5 22.5v416q0 79 56.5 135.5t135.5 56.5h64v544q0 40 28 68t68 28h672q40 0 88 -20t76 -48l152 -152q28 -28 48 -76t20 -88v-256h64q79 0 135.5 -56.5t56.5 -135.5z" />
+    <glyph glyph-name="camera" unicode="&#xf030;" horiz-adv-x="1920" 
+d="M960 864q119 0 203.5 -84.5t84.5 -203.5t-84.5 -203.5t-203.5 -84.5t-203.5 84.5t-84.5 203.5t84.5 203.5t203.5 84.5zM1664 1280q106 0 181 -75t75 -181v-896q0 -106 -75 -181t-181 -75h-1408q-106 0 -181 75t-75 181v896q0 106 75 181t181 75h224l51 136
+q19 49 69.5 84.5t103.5 35.5h512q53 0 103.5 -35.5t69.5 -84.5l51 -136h224zM960 128q185 0 316.5 131.5t131.5 316.5t-131.5 316.5t-316.5 131.5t-316.5 -131.5t-131.5 -316.5t131.5 -316.5t316.5 -131.5z" />
+    <glyph glyph-name="font" unicode="&#xf031;" horiz-adv-x="1664" 
+d="M725 977l-170 -450q33 0 136.5 -2t160.5 -2q19 0 57 2q-87 253 -184 452zM0 -128l2 79q23 7 56 12.5t57 10.5t49.5 14.5t44.5 29t31 50.5l237 616l280 724h75h53q8 -14 11 -21l205 -480q33 -78 106 -257.5t114 -274.5q15 -34 58 -144.5t72 -168.5q20 -45 35 -57
+q19 -15 88 -29.5t84 -20.5q6 -38 6 -57q0 -5 -0.5 -13.5t-0.5 -12.5q-63 0 -190 8t-191 8q-76 0 -215 -7t-178 -8q0 43 4 78l131 28q1 0 12.5 2.5t15.5 3.5t14.5 4.5t15 6.5t11 8t9 11t2.5 14q0 16 -31 96.5t-72 177.5t-42 100l-450 2q-26 -58 -76.5 -195.5t-50.5 -162.5
+q0 -22 14 -37.5t43.5 -24.5t48.5 -13.5t57 -8.5t41 -4q1 -19 1 -58q0 -9 -2 -27q-58 0 -174.5 10t-174.5 10q-8 0 -26.5 -4t-21.5 -4q-80 -14 -188 -14z" />
+    <glyph glyph-name="bold" unicode="&#xf032;" horiz-adv-x="1408" 
+d="M555 15q74 -32 140 -32q376 0 376 335q0 114 -41 180q-27 44 -61.5 74t-67.5 46.5t-80.5 25t-84 10.5t-94.5 2q-73 0 -101 -10q0 -53 -0.5 -159t-0.5 -158q0 -8 -1 -67.5t-0.5 -96.5t4.5 -83.5t12 -66.5zM541 761q42 -7 109 -7q82 0 143 13t110 44.5t74.5 89.5t25.5 142
+q0 70 -29 122.5t-79 82t-108 43.5t-124 14q-50 0 -130 -13q0 -50 4 -151t4 -152q0 -27 -0.5 -80t-0.5 -79q0 -46 1 -69zM0 -128l2 94q15 4 85 16t106 27q7 12 12.5 27t8.5 33.5t5.5 32.5t3 37.5t0.5 34v35.5v30q0 982 -22 1025q-4 8 -22 14.5t-44.5 11t-49.5 7t-48.5 4.5
+t-30.5 3l-4 83q98 2 340 11.5t373 9.5q23 0 68 -0.5t68 -0.5q70 0 136.5 -13t128.5 -42t108 -71t74 -104.5t28 -137.5q0 -52 -16.5 -95.5t-39 -72t-64.5 -57.5t-73 -45t-84 -40q154 -35 256.5 -134t102.5 -248q0 -100 -35 -179.5t-93.5 -130.5t-138 -85.5t-163.5 -48.5
+t-176 -14q-44 0 -132 3t-132 3q-106 0 -307 -11t-231 -12z" />
+    <glyph glyph-name="italic" unicode="&#xf033;" horiz-adv-x="1024" 
+d="M0 -126l17 85q22 7 61.5 16.5t72 19t59.5 23.5q28 35 41 101q1 7 62 289t114 543.5t52 296.5v25q-24 13 -54.5 18.5t-69.5 8t-58 5.5l19 103q33 -2 120 -6.5t149.5 -7t120.5 -2.5q48 0 98.5 2.5t121 7t98.5 6.5q-5 -39 -19 -89q-30 -10 -101.5 -28.5t-108.5 -33.5
+q-8 -19 -14 -42.5t-9 -40t-7.5 -45.5t-6.5 -42q-27 -148 -87.5 -419.5t-77.5 -355.5q-2 -9 -13 -58t-20 -90t-16 -83.5t-6 -57.5l1 -18q17 -4 185 -31q-3 -44 -16 -99q-11 0 -32.5 -1.5t-32.5 -1.5q-29 0 -87 10t-86 10q-138 2 -206 2q-51 0 -143 -9t-121 -11z" />
+    <glyph glyph-name="text_height" unicode="&#xf034;" horiz-adv-x="1792" 
+d="M1744 128q33 0 42 -18.5t-11 -44.5l-126 -162q-20 -26 -49 -26t-49 26l-126 162q-20 26 -11 44.5t42 18.5h80v1024h-80q-33 0 -42 18.5t11 44.5l126 162q20 26 49 26t49 -26l126 -162q20 -26 11 -44.5t-42 -18.5h-80v-1024h80zM81 1407l54 -27q12 -5 211 -5q44 0 132 2
+t132 2q36 0 107.5 -0.5t107.5 -0.5h293q6 0 21 -0.5t20.5 0t16 3t17.5 9t15 17.5l42 1q4 0 14 -0.5t14 -0.5q2 -112 2 -336q0 -80 -5 -109q-39 -14 -68 -18q-25 44 -54 128q-3 9 -11 48t-14.5 73.5t-7.5 35.5q-6 8 -12 12.5t-15.5 6t-13 2.5t-18 0.5t-16.5 -0.5
+q-17 0 -66.5 0.5t-74.5 0.5t-64 -2t-71 -6q-9 -81 -8 -136q0 -94 2 -388t2 -455q0 -16 -2.5 -71.5t0 -91.5t12.5 -69q40 -21 124 -42.5t120 -37.5q5 -40 5 -50q0 -14 -3 -29l-34 -1q-76 -2 -218 8t-207 10q-50 0 -151 -9t-152 -9q-3 51 -3 52v9q17 27 61.5 43t98.5 29t78 27
+q19 42 19 383q0 101 -3 303t-3 303v117q0 2 0.5 15.5t0.5 25t-1 25.5t-3 24t-5 14q-11 12 -162 12q-33 0 -93 -12t-80 -26q-19 -13 -34 -72.5t-31.5 -111t-42.5 -53.5q-42 26 -56 44v383z" />
+    <glyph glyph-name="text_width" unicode="&#xf035;" 
+d="M81 1407l54 -27q12 -5 211 -5q44 0 132 2t132 2q70 0 246.5 1t304.5 0.5t247 -4.5q33 -1 56 31l42 1q4 0 14 -0.5t14 -0.5q2 -112 2 -336q0 -80 -5 -109q-39 -14 -68 -18q-25 44 -54 128q-3 9 -11 47.5t-15 73.5t-7 36q-10 13 -27 19q-5 2 -66 2q-30 0 -93 1t-103 1
+t-94 -2t-96 -7q-9 -81 -8 -136l1 -152v52q0 -55 1 -154t1.5 -180t0.5 -153q0 -16 -2.5 -71.5t0 -91.5t12.5 -69q40 -21 124 -42.5t120 -37.5q5 -40 5 -50q0 -14 -3 -29l-34 -1q-76 -2 -218 8t-207 10q-50 0 -151 -9t-152 -9q-3 51 -3 52v9q17 27 61.5 43t98.5 29t78 27
+q7 16 11.5 74t6 145.5t1.5 155t-0.5 153.5t-0.5 89q0 7 -2.5 21.5t-2.5 22.5q0 7 0.5 44t1 73t0 76.5t-3 67.5t-6.5 32q-11 12 -162 12q-41 0 -163 -13.5t-138 -24.5q-19 -12 -34 -71.5t-31.5 -111.5t-42.5 -54q-42 26 -56 44v383zM1310 125q12 0 42 -19.5t57.5 -41.5
+t59.5 -49t36 -30q26 -21 26 -49t-26 -49q-4 -3 -36 -30t-59.5 -49t-57.5 -41.5t-42 -19.5q-13 0 -20.5 10.5t-10 28.5t-2.5 33.5t1.5 33t1.5 19.5h-1024q0 -2 1.5 -19.5t1.5 -33t-2.5 -33.5t-10 -28.5t-20.5 -10.5q-12 0 -42 19.5t-57.5 41.5t-59.5 49t-36 30q-26 21 -26 49
+t26 49q4 3 36 30t59.5 49t57.5 41.5t42 19.5q13 0 20.5 -10.5t10 -28.5t2.5 -33.5t-1.5 -33t-1.5 -19.5h1024q0 2 -1.5 19.5t-1.5 33t2.5 33.5t10 28.5t20.5 10.5z" />
+    <glyph glyph-name="align_left" unicode="&#xf036;" horiz-adv-x="1792" 
+d="M1792 192v-128q0 -26 -19 -45t-45 -19h-1664q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1664q26 0 45 -19t19 -45zM1408 576v-128q0 -26 -19 -45t-45 -19h-1280q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1280q26 0 45 -19t19 -45zM1664 960v-128q0 -26 -19 -45
+t-45 -19h-1536q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1536q26 0 45 -19t19 -45zM1280 1344v-128q0 -26 -19 -45t-45 -19h-1152q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1152q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="align_center" unicode="&#xf037;" horiz-adv-x="1792" 
+d="M1792 192v-128q0 -26 -19 -45t-45 -19h-1664q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1664q26 0 45 -19t19 -45zM1408 576v-128q0 -26 -19 -45t-45 -19h-896q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h896q26 0 45 -19t19 -45zM1664 960v-128q0 -26 -19 -45t-45 -19
+h-1408q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1408q26 0 45 -19t19 -45zM1280 1344v-128q0 -26 -19 -45t-45 -19h-640q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h640q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="align_right" unicode="&#xf038;" horiz-adv-x="1792" 
+d="M1792 192v-128q0 -26 -19 -45t-45 -19h-1664q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1664q26 0 45 -19t19 -45zM1792 576v-128q0 -26 -19 -45t-45 -19h-1280q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1280q26 0 45 -19t19 -45zM1792 960v-128q0 -26 -19 -45
+t-45 -19h-1536q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1536q26 0 45 -19t19 -45zM1792 1344v-128q0 -26 -19 -45t-45 -19h-1152q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1152q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="align_justify" unicode="&#xf039;" horiz-adv-x="1792" 
+d="M1792 192v-128q0 -26 -19 -45t-45 -19h-1664q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1664q26 0 45 -19t19 -45zM1792 576v-128q0 -26 -19 -45t-45 -19h-1664q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1664q26 0 45 -19t19 -45zM1792 960v-128q0 -26 -19 -45
+t-45 -19h-1664q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1664q26 0 45 -19t19 -45zM1792 1344v-128q0 -26 -19 -45t-45 -19h-1664q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1664q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="list" unicode="&#xf03a;" horiz-adv-x="1792" 
+d="M256 224v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-192q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h192q13 0 22.5 -9.5t9.5 -22.5zM256 608v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-192q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h192q13 0 22.5 -9.5
+t9.5 -22.5zM256 992v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-192q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h192q13 0 22.5 -9.5t9.5 -22.5zM1792 224v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1344q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1344
+q13 0 22.5 -9.5t9.5 -22.5zM256 1376v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-192q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h192q13 0 22.5 -9.5t9.5 -22.5zM1792 608v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1344q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5
+t22.5 9.5h1344q13 0 22.5 -9.5t9.5 -22.5zM1792 992v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1344q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1344q13 0 22.5 -9.5t9.5 -22.5zM1792 1376v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1344q-13 0 -22.5 9.5t-9.5 22.5v192
+q0 13 9.5 22.5t22.5 9.5h1344q13 0 22.5 -9.5t9.5 -22.5z" />
+    <glyph glyph-name="indent_left" unicode="&#xf03b;" horiz-adv-x="1792" 
+d="M384 992v-576q0 -13 -9.5 -22.5t-22.5 -9.5q-14 0 -23 9l-288 288q-9 9 -9 23t9 23l288 288q9 9 23 9q13 0 22.5 -9.5t9.5 -22.5zM1792 224v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1728q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1728q13 0 22.5 -9.5
+t9.5 -22.5zM1792 608v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1088q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1088q13 0 22.5 -9.5t9.5 -22.5zM1792 992v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1088q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1088
+q13 0 22.5 -9.5t9.5 -22.5zM1792 1376v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1728q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1728q13 0 22.5 -9.5t9.5 -22.5z" />
+    <glyph glyph-name="indent_right" unicode="&#xf03c;" horiz-adv-x="1792" 
+d="M352 704q0 -14 -9 -23l-288 -288q-9 -9 -23 -9q-13 0 -22.5 9.5t-9.5 22.5v576q0 13 9.5 22.5t22.5 9.5q14 0 23 -9l288 -288q9 -9 9 -23zM1792 224v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1728q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1728q13 0 22.5 -9.5
+t9.5 -22.5zM1792 608v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1088q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1088q13 0 22.5 -9.5t9.5 -22.5zM1792 992v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1088q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1088
+q13 0 22.5 -9.5t9.5 -22.5zM1792 1376v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1728q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1728q13 0 22.5 -9.5t9.5 -22.5z" />
+    <glyph glyph-name="facetime_video" unicode="&#xf03d;" horiz-adv-x="1792" 
+d="M1792 1184v-1088q0 -42 -39 -59q-13 -5 -25 -5q-27 0 -45 19l-403 403v-166q0 -119 -84.5 -203.5t-203.5 -84.5h-704q-119 0 -203.5 84.5t-84.5 203.5v704q0 119 84.5 203.5t203.5 84.5h704q119 0 203.5 -84.5t84.5 -203.5v-165l403 402q18 19 45 19q12 0 25 -5
+q39 -17 39 -59z" />
+    <glyph glyph-name="picture" unicode="&#xf03e;" horiz-adv-x="1920" 
+d="M640 960q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM1664 576v-448h-1408v192l320 320l160 -160l512 512zM1760 1280h-1600q-13 0 -22.5 -9.5t-9.5 -22.5v-1216q0 -13 9.5 -22.5t22.5 -9.5h1600q13 0 22.5 9.5t9.5 22.5v1216
+q0 13 -9.5 22.5t-22.5 9.5zM1920 1248v-1216q0 -66 -47 -113t-113 -47h-1600q-66 0 -113 47t-47 113v1216q0 66 47 113t113 47h1600q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="pencil" unicode="&#xf040;" 
+d="M363 0l91 91l-235 235l-91 -91v-107h128v-128h107zM886 928q0 22 -22 22q-10 0 -17 -7l-542 -542q-7 -7 -7 -17q0 -22 22 -22q10 0 17 7l542 542q7 7 7 17zM832 1120l416 -416l-832 -832h-416v416zM1515 1024q0 -53 -37 -90l-166 -166l-416 416l166 165q36 38 90 38
+q53 0 91 -38l235 -234q37 -39 37 -91z" />
+    <glyph glyph-name="map_marker" unicode="&#xf041;" horiz-adv-x="1024" 
+d="M768 896q0 106 -75 181t-181 75t-181 -75t-75 -181t75 -181t181 -75t181 75t75 181zM1024 896q0 -109 -33 -179l-364 -774q-16 -33 -47.5 -52t-67.5 -19t-67.5 19t-46.5 52l-365 774q-33 70 -33 179q0 212 150 362t362 150t362 -150t150 -362z" />
+    <glyph glyph-name="adjust" unicode="&#xf042;" 
+d="M768 96v1088q-148 0 -273 -73t-198 -198t-73 -273t73 -273t198 -198t273 -73zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="tint" unicode="&#xf043;" horiz-adv-x="1024" 
+d="M512 384q0 36 -20 69q-1 1 -15.5 22.5t-25.5 38t-25 44t-21 50.5q-4 16 -21 16t-21 -16q-7 -23 -21 -50.5t-25 -44t-25.5 -38t-15.5 -22.5q-20 -33 -20 -69q0 -53 37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1024 512q0 -212 -150 -362t-362 -150t-362 150t-150 362
+q0 145 81 275q6 9 62.5 90.5t101 151t99.5 178t83 201.5q9 30 34 47t51 17t51.5 -17t33.5 -47q28 -93 83 -201.5t99.5 -178t101 -151t62.5 -90.5q81 -127 81 -275z" />
+    <glyph glyph-name="edit" unicode="&#xf044;" horiz-adv-x="1792" 
+d="M888 352l116 116l-152 152l-116 -116v-56h96v-96h56zM1328 1072q-16 16 -33 -1l-350 -350q-17 -17 -1 -33t33 1l350 350q17 17 1 33zM1408 478v-190q0 -119 -84.5 -203.5t-203.5 -84.5h-832q-119 0 -203.5 84.5t-84.5 203.5v832q0 119 84.5 203.5t203.5 84.5h832
+q63 0 117 -25q15 -7 18 -23q3 -17 -9 -29l-49 -49q-14 -14 -32 -8q-23 6 -45 6h-832q-66 0 -113 -47t-47 -113v-832q0 -66 47 -113t113 -47h832q66 0 113 47t47 113v126q0 13 9 22l64 64q15 15 35 7t20 -29zM1312 1216l288 -288l-672 -672h-288v288zM1756 1084l-92 -92
+l-288 288l92 92q28 28 68 28t68 -28l152 -152q28 -28 28 -68t-28 -68z" />
+    <glyph glyph-name="share" unicode="&#xf045;" horiz-adv-x="1664" 
+d="M1408 547v-259q0 -119 -84.5 -203.5t-203.5 -84.5h-832q-119 0 -203.5 84.5t-84.5 203.5v832q0 119 84.5 203.5t203.5 84.5h255v0q13 0 22.5 -9.5t9.5 -22.5q0 -27 -26 -32q-77 -26 -133 -60q-10 -4 -16 -4h-112q-66 0 -113 -47t-47 -113v-832q0 -66 47 -113t113 -47h832
+q66 0 113 47t47 113v214q0 19 18 29q28 13 54 37q16 16 35 8q21 -9 21 -29zM1645 1043l-384 -384q-18 -19 -45 -19q-12 0 -25 5q-39 17 -39 59v192h-160q-323 0 -438 -131q-119 -137 -74 -473q3 -23 -20 -34q-8 -2 -12 -2q-16 0 -26 13q-10 14 -21 31t-39.5 68.5t-49.5 99.5
+t-38.5 114t-17.5 122q0 49 3.5 91t14 90t28 88t47 81.5t68.5 74t94.5 61.5t124.5 48.5t159.5 30.5t196.5 11h160v192q0 42 39 59q13 5 25 5q26 0 45 -19l384 -384q19 -19 19 -45t-19 -45z" />
+    <glyph glyph-name="check" unicode="&#xf046;" horiz-adv-x="1664" 
+d="M1408 606v-318q0 -119 -84.5 -203.5t-203.5 -84.5h-832q-119 0 -203.5 84.5t-84.5 203.5v832q0 119 84.5 203.5t203.5 84.5h832q63 0 117 -25q15 -7 18 -23q3 -17 -9 -29l-49 -49q-10 -10 -23 -10q-3 0 -9 2q-23 6 -45 6h-832q-66 0 -113 -47t-47 -113v-832
+q0 -66 47 -113t113 -47h832q66 0 113 47t47 113v254q0 13 9 22l64 64q10 10 23 10q6 0 12 -3q20 -8 20 -29zM1639 1095l-814 -814q-24 -24 -57 -24t-57 24l-430 430q-24 24 -24 57t24 57l110 110q24 24 57 24t57 -24l263 -263l647 647q24 24 57 24t57 -24l110 -110
+q24 -24 24 -57t-24 -57z" />
+    <glyph glyph-name="move" unicode="&#xf047;" horiz-adv-x="1792" 
+d="M1792 640q0 -26 -19 -45l-256 -256q-19 -19 -45 -19t-45 19t-19 45v128h-384v-384h128q26 0 45 -19t19 -45t-19 -45l-256 -256q-19 -19 -45 -19t-45 19l-256 256q-19 19 -19 45t19 45t45 19h128v384h-384v-128q0 -26 -19 -45t-45 -19t-45 19l-256 256q-19 19 -19 45
+t19 45l256 256q19 19 45 19t45 -19t19 -45v-128h384v384h-128q-26 0 -45 19t-19 45t19 45l256 256q19 19 45 19t45 -19l256 -256q19 -19 19 -45t-19 -45t-45 -19h-128v-384h384v128q0 26 19 45t45 19t45 -19l256 -256q19 -19 19 -45z" />
+    <glyph glyph-name="step_backward" unicode="&#xf048;" horiz-adv-x="1024" 
+d="M979 1395q19 19 32 13t13 -32v-1472q0 -26 -13 -32t-32 13l-710 710q-9 9 -13 19v-678q0 -26 -19 -45t-45 -19h-128q-26 0 -45 19t-19 45v1408q0 26 19 45t45 19h128q26 0 45 -19t19 -45v-678q4 10 13 19z" />
+    <glyph glyph-name="fast_backward" unicode="&#xf049;" horiz-adv-x="1792" 
+d="M1747 1395q19 19 32 13t13 -32v-1472q0 -26 -13 -32t-32 13l-710 710q-9 9 -13 19v-710q0 -26 -13 -32t-32 13l-710 710q-9 9 -13 19v-678q0 -26 -19 -45t-45 -19h-128q-26 0 -45 19t-19 45v1408q0 26 19 45t45 19h128q26 0 45 -19t19 -45v-678q4 10 13 19l710 710
+q19 19 32 13t13 -32v-710q4 10 13 19z" />
+    <glyph glyph-name="backward" unicode="&#xf04a;" horiz-adv-x="1664" 
+d="M1619 1395q19 19 32 13t13 -32v-1472q0 -26 -13 -32t-32 13l-710 710q-9 9 -13 19v-710q0 -26 -13 -32t-32 13l-710 710q-19 19 -19 45t19 45l710 710q19 19 32 13t13 -32v-710q4 10 13 19z" />
+    <glyph glyph-name="play" unicode="&#xf04b;" horiz-adv-x="1408" 
+d="M1384 609l-1328 -738q-23 -13 -39.5 -3t-16.5 36v1472q0 26 16.5 36t39.5 -3l1328 -738q23 -13 23 -31t-23 -31z" />
+    <glyph glyph-name="pause" unicode="&#xf04c;" 
+d="M1536 1344v-1408q0 -26 -19 -45t-45 -19h-512q-26 0 -45 19t-19 45v1408q0 26 19 45t45 19h512q26 0 45 -19t19 -45zM640 1344v-1408q0 -26 -19 -45t-45 -19h-512q-26 0 -45 19t-19 45v1408q0 26 19 45t45 19h512q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="stop" unicode="&#xf04d;" 
+d="M1536 1344v-1408q0 -26 -19 -45t-45 -19h-1408q-26 0 -45 19t-19 45v1408q0 26 19 45t45 19h1408q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="forward" unicode="&#xf04e;" horiz-adv-x="1664" 
+d="M45 -115q-19 -19 -32 -13t-13 32v1472q0 26 13 32t32 -13l710 -710q9 -9 13 -19v710q0 26 13 32t32 -13l710 -710q19 -19 19 -45t-19 -45l-710 -710q-19 -19 -32 -13t-13 32v710q-4 -10 -13 -19z" />
+    <glyph glyph-name="fast_forward" unicode="&#xf050;" horiz-adv-x="1792" 
+d="M45 -115q-19 -19 -32 -13t-13 32v1472q0 26 13 32t32 -13l710 -710q9 -9 13 -19v710q0 26 13 32t32 -13l710 -710q9 -9 13 -19v678q0 26 19 45t45 19h128q26 0 45 -19t19 -45v-1408q0 -26 -19 -45t-45 -19h-128q-26 0 -45 19t-19 45v678q-4 -10 -13 -19l-710 -710
+q-19 -19 -32 -13t-13 32v710q-4 -10 -13 -19z" />
+    <glyph glyph-name="step_forward" unicode="&#xf051;" horiz-adv-x="1024" 
+d="M45 -115q-19 -19 -32 -13t-13 32v1472q0 26 13 32t32 -13l710 -710q9 -9 13 -19v678q0 26 19 45t45 19h128q26 0 45 -19t19 -45v-1408q0 -26 -19 -45t-45 -19h-128q-26 0 -45 19t-19 45v678q-4 -10 -13 -19z" />
+    <glyph glyph-name="eject" unicode="&#xf052;" horiz-adv-x="1538" 
+d="M14 557l710 710q19 19 45 19t45 -19l710 -710q19 -19 13 -32t-32 -13h-1472q-26 0 -32 13t13 32zM1473 0h-1408q-26 0 -45 19t-19 45v256q0 26 19 45t45 19h1408q26 0 45 -19t19 -45v-256q0 -26 -19 -45t-45 -19z" />
+    <glyph glyph-name="chevron_left" unicode="&#xf053;" horiz-adv-x="1280" 
+d="M1171 1235l-531 -531l531 -531q19 -19 19 -45t-19 -45l-166 -166q-19 -19 -45 -19t-45 19l-742 742q-19 19 -19 45t19 45l742 742q19 19 45 19t45 -19l166 -166q19 -19 19 -45t-19 -45z" />
+    <glyph glyph-name="chevron_right" unicode="&#xf054;" horiz-adv-x="1280" 
+d="M1107 659l-742 -742q-19 -19 -45 -19t-45 19l-166 166q-19 19 -19 45t19 45l531 531l-531 531q-19 19 -19 45t19 45l166 166q19 19 45 19t45 -19l742 -742q19 -19 19 -45t-19 -45z" />
+    <glyph glyph-name="plus_sign" unicode="&#xf055;" 
+d="M1216 576v128q0 26 -19 45t-45 19h-256v256q0 26 -19 45t-45 19h-128q-26 0 -45 -19t-19 -45v-256h-256q-26 0 -45 -19t-19 -45v-128q0 -26 19 -45t45 -19h256v-256q0 -26 19 -45t45 -19h128q26 0 45 19t19 45v256h256q26 0 45 19t19 45zM1536 640q0 -209 -103 -385.5
+t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="minus_sign" unicode="&#xf056;" 
+d="M1216 576v128q0 26 -19 45t-45 19h-768q-26 0 -45 -19t-19 -45v-128q0 -26 19 -45t45 -19h768q26 0 45 19t19 45zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5
+t103 -385.5z" />
+    <glyph glyph-name="remove_sign" unicode="&#xf057;" 
+d="M1149 414q0 26 -19 45l-181 181l181 181q19 19 19 45q0 27 -19 46l-90 90q-19 19 -46 19q-26 0 -45 -19l-181 -181l-181 181q-19 19 -45 19q-27 0 -46 -19l-90 -90q-19 -19 -19 -46q0 -26 19 -45l181 -181l-181 -181q-19 -19 -19 -45q0 -27 19 -46l90 -90q19 -19 46 -19
+q26 0 45 19l181 181l181 -181q19 -19 45 -19q27 0 46 19l90 90q19 19 19 46zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="ok_sign" unicode="&#xf058;" 
+d="M1284 802q0 28 -18 46l-91 90q-19 19 -45 19t-45 -19l-408 -407l-226 226q-19 19 -45 19t-45 -19l-91 -90q-18 -18 -18 -46q0 -27 18 -45l362 -362q19 -19 45 -19q27 0 46 19l543 543q18 18 18 45zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103
+t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="question_sign" unicode="&#xf059;" 
+d="M896 160v192q0 14 -9 23t-23 9h-192q-14 0 -23 -9t-9 -23v-192q0 -14 9 -23t23 -9h192q14 0 23 9t9 23zM1152 832q0 88 -55.5 163t-138.5 116t-170 41q-243 0 -371 -213q-15 -24 8 -42l132 -100q7 -6 19 -6q16 0 25 12q53 68 86 92q34 24 86 24q48 0 85.5 -26t37.5 -59
+q0 -38 -20 -61t-68 -45q-63 -28 -115.5 -86.5t-52.5 -125.5v-36q0 -14 9 -23t23 -9h192q14 0 23 9t9 23q0 19 21.5 49.5t54.5 49.5q32 18 49 28.5t46 35t44.5 48t28 60.5t12.5 81zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5
+t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="info_sign" unicode="&#xf05a;" 
+d="M1024 160v160q0 14 -9 23t-23 9h-96v512q0 14 -9 23t-23 9h-320q-14 0 -23 -9t-9 -23v-160q0 -14 9 -23t23 -9h96v-320h-96q-14 0 -23 -9t-9 -23v-160q0 -14 9 -23t23 -9h448q14 0 23 9t9 23zM896 1056v160q0 14 -9 23t-23 9h-192q-14 0 -23 -9t-9 -23v-160q0 -14 9 -23
+t23 -9h192q14 0 23 9t9 23zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="screenshot" unicode="&#xf05b;" 
+d="M1197 512h-109q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h109q-32 108 -112.5 188.5t-188.5 112.5v-109q0 -26 -19 -45t-45 -19h-128q-26 0 -45 19t-19 45v109q-108 -32 -188.5 -112.5t-112.5 -188.5h109q26 0 45 -19t19 -45v-128q0 -26 -19 -45t-45 -19h-109
+q32 -108 112.5 -188.5t188.5 -112.5v109q0 26 19 45t45 19h128q26 0 45 -19t19 -45v-109q108 32 188.5 112.5t112.5 188.5zM1536 704v-128q0 -26 -19 -45t-45 -19h-143q-37 -161 -154.5 -278.5t-278.5 -154.5v-143q0 -26 -19 -45t-45 -19h-128q-26 0 -45 19t-19 45v143
+q-161 37 -278.5 154.5t-154.5 278.5h-143q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h143q37 161 154.5 278.5t278.5 154.5v143q0 26 19 45t45 19h128q26 0 45 -19t19 -45v-143q161 -37 278.5 -154.5t154.5 -278.5h143q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="remove_circle" unicode="&#xf05c;" 
+d="M1097 457l-146 -146q-10 -10 -23 -10t-23 10l-137 137l-137 -137q-10 -10 -23 -10t-23 10l-146 146q-10 10 -10 23t10 23l137 137l-137 137q-10 10 -10 23t10 23l146 146q10 10 23 10t23 -10l137 -137l137 137q10 10 23 10t23 -10l146 -146q10 -10 10 -23t-10 -23
+l-137 -137l137 -137q10 -10 10 -23t-10 -23zM1312 640q0 148 -73 273t-198 198t-273 73t-273 -73t-198 -198t-73 -273t73 -273t198 -198t273 -73t273 73t198 198t73 273zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5
+t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="ok_circle" unicode="&#xf05d;" 
+d="M1171 723l-422 -422q-19 -19 -45 -19t-45 19l-294 294q-19 19 -19 45t19 45l102 102q19 19 45 19t45 -19l147 -147l275 275q19 19 45 19t45 -19l102 -102q19 -19 19 -45t-19 -45zM1312 640q0 148 -73 273t-198 198t-273 73t-273 -73t-198 -198t-73 -273t73 -273t198 -198
+t273 -73t273 73t198 198t73 273zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="ban_circle" unicode="&#xf05e;" 
+d="M1312 643q0 161 -87 295l-754 -753q137 -89 297 -89q111 0 211.5 43.5t173.5 116.5t116 174.5t43 212.5zM313 344l755 754q-135 91 -300 91q-148 0 -273 -73t-198 -199t-73 -274q0 -162 89 -299zM1536 643q0 -157 -61 -300t-163.5 -246t-245 -164t-298.5 -61t-298.5 61
+t-245 164t-163.5 246t-61 300t61 299.5t163.5 245.5t245 164t298.5 61t298.5 -61t245 -164t163.5 -245.5t61 -299.5z" />
+    <glyph glyph-name="arrow_left" unicode="&#xf060;" 
+d="M1536 640v-128q0 -53 -32.5 -90.5t-84.5 -37.5h-704l293 -294q38 -36 38 -90t-38 -90l-75 -76q-37 -37 -90 -37q-52 0 -91 37l-651 652q-37 37 -37 90q0 52 37 91l651 650q38 38 91 38q52 0 90 -38l75 -74q38 -38 38 -91t-38 -91l-293 -293h704q52 0 84.5 -37.5
+t32.5 -90.5z" />
+    <glyph glyph-name="arrow_right" unicode="&#xf061;" 
+d="M1472 576q0 -54 -37 -91l-651 -651q-39 -37 -91 -37q-51 0 -90 37l-75 75q-38 38 -38 91t38 91l293 293h-704q-52 0 -84.5 37.5t-32.5 90.5v128q0 53 32.5 90.5t84.5 37.5h704l-293 294q-38 36 -38 90t38 90l75 75q38 38 90 38q53 0 91 -38l651 -651q37 -35 37 -90z" />
+    <glyph glyph-name="arrow_up" unicode="&#xf062;" horiz-adv-x="1664" 
+d="M1611 565q0 -51 -37 -90l-75 -75q-38 -38 -91 -38q-54 0 -90 38l-294 293v-704q0 -52 -37.5 -84.5t-90.5 -32.5h-128q-53 0 -90.5 32.5t-37.5 84.5v704l-294 -293q-36 -38 -90 -38t-90 38l-75 75q-38 38 -38 90q0 53 38 91l651 651q35 37 90 37q54 0 91 -37l651 -651
+q37 -39 37 -91z" />
+    <glyph glyph-name="arrow_down" unicode="&#xf063;" horiz-adv-x="1664" 
+d="M1611 704q0 -53 -37 -90l-651 -652q-39 -37 -91 -37q-53 0 -90 37l-651 652q-38 36 -38 90q0 53 38 91l74 75q39 37 91 37q53 0 90 -37l294 -294v704q0 52 38 90t90 38h128q52 0 90 -38t38 -90v-704l294 294q37 37 90 37q52 0 91 -37l75 -75q37 -39 37 -91z" />
+    <glyph glyph-name="share_alt" unicode="&#xf064;" horiz-adv-x="1792" 
+d="M1792 896q0 -26 -19 -45l-512 -512q-19 -19 -45 -19t-45 19t-19 45v256h-224q-98 0 -175.5 -6t-154 -21.5t-133 -42.5t-105.5 -69.5t-80 -101t-48.5 -138.5t-17.5 -181q0 -55 5 -123q0 -6 2.5 -23.5t2.5 -26.5q0 -15 -8.5 -25t-23.5 -10q-16 0 -28 17q-7 9 -13 22
+t-13.5 30t-10.5 24q-127 285 -127 451q0 199 53 333q162 403 875 403h224v256q0 26 19 45t45 19t45 -19l512 -512q19 -19 19 -45z" />
+    <glyph glyph-name="resize_full" unicode="&#xf065;" 
+d="M755 480q0 -13 -10 -23l-332 -332l144 -144q19 -19 19 -45t-19 -45t-45 -19h-448q-26 0 -45 19t-19 45v448q0 26 19 45t45 19t45 -19l144 -144l332 332q10 10 23 10t23 -10l114 -114q10 -10 10 -23zM1536 1344v-448q0 -26 -19 -45t-45 -19t-45 19l-144 144l-332 -332
+q-10 -10 -23 -10t-23 10l-114 114q-10 10 -10 23t10 23l332 332l-144 144q-19 19 -19 45t19 45t45 19h448q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="resize_small" unicode="&#xf066;" 
+d="M768 576v-448q0 -26 -19 -45t-45 -19t-45 19l-144 144l-332 -332q-10 -10 -23 -10t-23 10l-114 114q-10 10 -10 23t10 23l332 332l-144 144q-19 19 -19 45t19 45t45 19h448q26 0 45 -19t19 -45zM1523 1248q0 -13 -10 -23l-332 -332l144 -144q19 -19 19 -45t-19 -45
+t-45 -19h-448q-26 0 -45 19t-19 45v448q0 26 19 45t45 19t45 -19l144 -144l332 332q10 10 23 10t23 -10l114 -114q10 -10 10 -23z" />
+    <glyph glyph-name="plus" unicode="&#xf067;" horiz-adv-x="1408" 
+d="M1408 800v-192q0 -40 -28 -68t-68 -28h-416v-416q0 -40 -28 -68t-68 -28h-192q-40 0 -68 28t-28 68v416h-416q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h416v416q0 40 28 68t68 28h192q40 0 68 -28t28 -68v-416h416q40 0 68 -28t28 -68z" />
+    <glyph glyph-name="minus" unicode="&#xf068;" horiz-adv-x="1408" 
+d="M1408 800v-192q0 -40 -28 -68t-68 -28h-1216q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h1216q40 0 68 -28t28 -68z" />
+    <glyph glyph-name="asterisk" unicode="&#xf069;" horiz-adv-x="1664" 
+d="M1482 486q46 -26 59.5 -77.5t-12.5 -97.5l-64 -110q-26 -46 -77.5 -59.5t-97.5 12.5l-266 153v-307q0 -52 -38 -90t-90 -38h-128q-52 0 -90 38t-38 90v307l-266 -153q-46 -26 -97.5 -12.5t-77.5 59.5l-64 110q-26 46 -12.5 97.5t59.5 77.5l266 154l-266 154
+q-46 26 -59.5 77.5t12.5 97.5l64 110q26 46 77.5 59.5t97.5 -12.5l266 -153v307q0 52 38 90t90 38h128q52 0 90 -38t38 -90v-307l266 153q46 26 97.5 12.5t77.5 -59.5l64 -110q26 -46 12.5 -97.5t-59.5 -77.5l-266 -154z" />
+    <glyph glyph-name="exclamation_sign" unicode="&#xf06a;" 
+d="M768 1408q209 0 385.5 -103t279.5 -279.5t103 -385.5t-103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103zM896 161v190q0 14 -9 23.5t-22 9.5h-192q-13 0 -23 -10t-10 -23v-190q0 -13 10 -23t23 -10h192
+q13 0 22 9.5t9 23.5zM894 505l18 621q0 12 -10 18q-10 8 -24 8h-220q-14 0 -24 -8q-10 -6 -10 -18l17 -621q0 -10 10 -17.5t24 -7.5h185q14 0 23.5 7.5t10.5 17.5z" />
+    <glyph glyph-name="gift" unicode="&#xf06b;" 
+d="M928 180v56v468v192h-320v-192v-468v-56q0 -25 18 -38.5t46 -13.5h192q28 0 46 13.5t18 38.5zM472 1024h195l-126 161q-26 31 -69 31q-40 0 -68 -28t-28 -68t28 -68t68 -28zM1160 1120q0 40 -28 68t-68 28q-43 0 -69 -31l-125 -161h194q40 0 68 28t28 68zM1536 864v-320
+q0 -14 -9 -23t-23 -9h-96v-416q0 -40 -28 -68t-68 -28h-1088q-40 0 -68 28t-28 68v416h-96q-14 0 -23 9t-9 23v320q0 14 9 23t23 9h440q-93 0 -158.5 65.5t-65.5 158.5t65.5 158.5t158.5 65.5q107 0 168 -77l128 -165l128 165q61 77 168 77q93 0 158.5 -65.5t65.5 -158.5
+t-65.5 -158.5t-158.5 -65.5h440q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="leaf" unicode="&#xf06c;" horiz-adv-x="1792" 
+d="M1280 832q0 26 -19 45t-45 19q-172 0 -318 -49.5t-259.5 -134t-235.5 -219.5q-19 -21 -19 -45q0 -26 19 -45t45 -19q24 0 45 19q27 24 74 71t67 66q137 124 268.5 176t313.5 52q26 0 45 19t19 45zM1792 1030q0 -95 -20 -193q-46 -224 -184.5 -383t-357.5 -268
+q-214 -108 -438 -108q-148 0 -286 47q-15 5 -88 42t-96 37q-16 0 -39.5 -32t-45 -70t-52.5 -70t-60 -32q-43 0 -63.5 17.5t-45.5 59.5q-2 4 -6 11t-5.5 10t-3 9.5t-1.5 13.5q0 35 31 73.5t68 65.5t68 56t31 48q0 4 -14 38t-16 44q-9 51 -9 104q0 115 43.5 220t119 184.5
+t170.5 139t204 95.5q55 18 145 25.5t179.5 9t178.5 6t163.5 24t113.5 56.5l29.5 29.5t29.5 28t27 20t36.5 16t43.5 4.5q39 0 70.5 -46t47.5 -112t24 -124t8 -96z" />
+    <glyph glyph-name="fire" unicode="&#xf06d;" horiz-adv-x="1408" 
+d="M1408 -160v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-1344q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h1344q13 0 22.5 -9.5t9.5 -22.5zM1152 896q0 -78 -24.5 -144t-64 -112.5t-87.5 -88t-96 -77.5t-87.5 -72t-64 -81.5t-24.5 -96.5q0 -96 67 -224l-4 1l1 -1
+q-90 41 -160 83t-138.5 100t-113.5 122.5t-72.5 150.5t-27.5 184q0 78 24.5 144t64 112.5t87.5 88t96 77.5t87.5 72t64 81.5t24.5 96.5q0 94 -66 224l3 -1l-1 1q90 -41 160 -83t138.5 -100t113.5 -122.5t72.5 -150.5t27.5 -184z" />
+    <glyph glyph-name="eye_open" unicode="&#xf06e;" horiz-adv-x="1792" 
+d="M1664 576q-152 236 -381 353q61 -104 61 -225q0 -185 -131.5 -316.5t-316.5 -131.5t-316.5 131.5t-131.5 316.5q0 121 61 225q-229 -117 -381 -353q133 -205 333.5 -326.5t434.5 -121.5t434.5 121.5t333.5 326.5zM944 960q0 20 -14 34t-34 14q-125 0 -214.5 -89.5
+t-89.5 -214.5q0 -20 14 -34t34 -14t34 14t14 34q0 86 61 147t147 61q20 0 34 14t14 34zM1792 576q0 -34 -20 -69q-140 -230 -376.5 -368.5t-499.5 -138.5t-499.5 139t-376.5 368q-20 35 -20 69t20 69q140 229 376.5 368t499.5 139t499.5 -139t376.5 -368q20 -35 20 -69z" />
+    <glyph glyph-name="eye_close" unicode="&#xf070;" horiz-adv-x="1792" 
+d="M555 201l78 141q-87 63 -136 159t-49 203q0 121 61 225q-229 -117 -381 -353q167 -258 427 -375zM944 960q0 20 -14 34t-34 14q-125 0 -214.5 -89.5t-89.5 -214.5q0 -20 14 -34t34 -14t34 14t14 34q0 86 61 147t147 61q20 0 34 14t14 34zM1307 1151q0 -7 -1 -9
+q-106 -189 -316 -567t-315 -566l-49 -89q-10 -16 -28 -16q-12 0 -134 70q-16 10 -16 28q0 12 44 87q-143 65 -263.5 173t-208.5 245q-20 31 -20 69t20 69q153 235 380 371t496 136q89 0 180 -17l54 97q10 16 28 16q5 0 18 -6t31 -15.5t33 -18.5t31.5 -18.5t19.5 -11.5
+q16 -10 16 -27zM1344 704q0 -139 -79 -253.5t-209 -164.5l280 502q8 -45 8 -84zM1792 576q0 -35 -20 -69q-39 -64 -109 -145q-150 -172 -347.5 -267t-419.5 -95l74 132q212 18 392.5 137t301.5 307q-115 179 -282 294l63 112q95 -64 182.5 -153t144.5 -184q20 -34 20 -69z
+" />
+    <glyph glyph-name="warning_sign" unicode="&#xf071;" horiz-adv-x="1792" 
+d="M1024 161v190q0 14 -9.5 23.5t-22.5 9.5h-192q-13 0 -22.5 -9.5t-9.5 -23.5v-190q0 -14 9.5 -23.5t22.5 -9.5h192q13 0 22.5 9.5t9.5 23.5zM1022 535l18 459q0 12 -10 19q-13 11 -24 11h-220q-11 0 -24 -11q-10 -7 -10 -21l17 -457q0 -10 10 -16.5t24 -6.5h185
+q14 0 23.5 6.5t10.5 16.5zM1008 1469l768 -1408q35 -63 -2 -126q-17 -29 -46.5 -46t-63.5 -17h-1536q-34 0 -63.5 17t-46.5 46q-37 63 -2 126l768 1408q17 31 47 49t65 18t65 -18t47 -49z" />
+    <glyph glyph-name="plane" unicode="&#xf072;" horiz-adv-x="1408" 
+d="M1376 1376q44 -52 12 -148t-108 -172l-161 -161l160 -696q5 -19 -12 -33l-128 -96q-7 -6 -19 -6q-4 0 -7 1q-15 3 -21 16l-279 508l-259 -259l53 -194q5 -17 -8 -31l-96 -96q-9 -9 -23 -9h-2q-15 2 -24 13l-189 252l-252 189q-11 7 -13 23q-1 13 9 25l96 97q9 9 23 9
+q6 0 8 -1l194 -53l259 259l-508 279q-14 8 -17 24q-2 16 9 27l128 128q14 13 30 8l665 -159l160 160q76 76 172 108t148 -12z" />
+    <glyph glyph-name="calendar" unicode="&#xf073;" horiz-adv-x="1664" 
+d="M128 -128h288v288h-288v-288zM480 -128h320v288h-320v-288zM128 224h288v320h-288v-320zM480 224h320v320h-320v-320zM128 608h288v288h-288v-288zM864 -128h320v288h-320v-288zM480 608h320v288h-320v-288zM1248 -128h288v288h-288v-288zM864 224h320v320h-320v-320z
+M512 1088v288q0 13 -9.5 22.5t-22.5 9.5h-64q-13 0 -22.5 -9.5t-9.5 -22.5v-288q0 -13 9.5 -22.5t22.5 -9.5h64q13 0 22.5 9.5t9.5 22.5zM1248 224h288v320h-288v-320zM864 608h320v288h-320v-288zM1248 608h288v288h-288v-288zM1280 1088v288q0 13 -9.5 22.5t-22.5 9.5h-64
+q-13 0 -22.5 -9.5t-9.5 -22.5v-288q0 -13 9.5 -22.5t22.5 -9.5h64q13 0 22.5 9.5t9.5 22.5zM1664 1152v-1280q0 -52 -38 -90t-90 -38h-1408q-52 0 -90 38t-38 90v1280q0 52 38 90t90 38h128v96q0 66 47 113t113 47h64q66 0 113 -47t47 -113v-96h384v96q0 66 47 113t113 47
+h64q66 0 113 -47t47 -113v-96h128q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="random" unicode="&#xf074;" horiz-adv-x="1792" 
+d="M666 1055q-60 -92 -137 -273q-22 45 -37 72.5t-40.5 63.5t-51 56.5t-63 35t-81.5 14.5h-224q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h224q250 0 410 -225zM1792 256q0 -14 -9 -23l-320 -320q-9 -9 -23 -9q-13 0 -22.5 9.5t-9.5 22.5v192q-32 0 -85 -0.5t-81 -1t-73 1
+t-71 5t-64 10.5t-63 18.5t-58 28.5t-59 40t-55 53.5t-56 69.5q59 93 136 273q22 -45 37 -72.5t40.5 -63.5t51 -56.5t63 -35t81.5 -14.5h256v192q0 14 9 23t23 9q12 0 24 -10l319 -319q9 -9 9 -23zM1792 1152q0 -14 -9 -23l-320 -320q-9 -9 -23 -9q-13 0 -22.5 9.5t-9.5 22.5
+v192h-256q-48 0 -87 -15t-69 -45t-51 -61.5t-45 -77.5q-32 -62 -78 -171q-29 -66 -49.5 -111t-54 -105t-64 -100t-74 -83t-90 -68.5t-106.5 -42t-128 -16.5h-224q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h224q48 0 87 15t69 45t51 61.5t45 77.5q32 62 78 171q29 66 49.5 111
+t54 105t64 100t74 83t90 68.5t106.5 42t128 16.5h256v192q0 14 9 23t23 9q12 0 24 -10l319 -319q9 -9 9 -23z" />
+    <glyph glyph-name="comment" unicode="&#xf075;" horiz-adv-x="1792" 
+d="M1792 640q0 -174 -120 -321.5t-326 -233t-450 -85.5q-70 0 -145 8q-198 -175 -460 -242q-49 -14 -114 -22q-17 -2 -30.5 9t-17.5 29v1q-3 4 -0.5 12t2 10t4.5 9.5l6 9t7 8.5t8 9q7 8 31 34.5t34.5 38t31 39.5t32.5 51t27 59t26 76q-157 89 -247.5 220t-90.5 281
+q0 130 71 248.5t191 204.5t286 136.5t348 50.5q244 0 450 -85.5t326 -233t120 -321.5z" />
+    <glyph glyph-name="magnet" unicode="&#xf076;" 
+d="M1536 704v-128q0 -201 -98.5 -362t-274 -251.5t-395.5 -90.5t-395.5 90.5t-274 251.5t-98.5 362v128q0 26 19 45t45 19h384q26 0 45 -19t19 -45v-128q0 -52 23.5 -90t53.5 -57t71 -30t64 -13t44 -2t44 2t64 13t71 30t53.5 57t23.5 90v128q0 26 19 45t45 19h384
+q26 0 45 -19t19 -45zM512 1344v-384q0 -26 -19 -45t-45 -19h-384q-26 0 -45 19t-19 45v384q0 26 19 45t45 19h384q26 0 45 -19t19 -45zM1536 1344v-384q0 -26 -19 -45t-45 -19h-384q-26 0 -45 19t-19 45v384q0 26 19 45t45 19h384q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="chevron_up" unicode="&#xf077;" horiz-adv-x="1792" 
+d="M1683 205l-166 -165q-19 -19 -45 -19t-45 19l-531 531l-531 -531q-19 -19 -45 -19t-45 19l-166 165q-19 19 -19 45.5t19 45.5l742 741q19 19 45 19t45 -19l742 -741q19 -19 19 -45.5t-19 -45.5z" />
+    <glyph glyph-name="chevron_down" unicode="&#xf078;" horiz-adv-x="1792" 
+d="M1683 728l-742 -741q-19 -19 -45 -19t-45 19l-742 741q-19 19 -19 45.5t19 45.5l166 165q19 19 45 19t45 -19l531 -531l531 531q19 19 45 19t45 -19l166 -165q19 -19 19 -45.5t-19 -45.5z" />
+    <glyph glyph-name="retweet" unicode="&#xf079;" horiz-adv-x="1920" 
+d="M1280 32q0 -13 -9.5 -22.5t-22.5 -9.5h-960q-8 0 -13.5 2t-9 7t-5.5 8t-3 11.5t-1 11.5v13v11v160v416h-192q-26 0 -45 19t-19 45q0 24 15 41l320 384q19 22 49 22t49 -22l320 -384q15 -17 15 -41q0 -26 -19 -45t-45 -19h-192v-384h576q16 0 25 -11l160 -192q7 -10 7 -21
+zM1920 448q0 -24 -15 -41l-320 -384q-20 -23 -49 -23t-49 23l-320 384q-15 17 -15 41q0 26 19 45t45 19h192v384h-576q-16 0 -25 12l-160 192q-7 9 -7 20q0 13 9.5 22.5t22.5 9.5h960q8 0 13.5 -2t9 -7t5.5 -8t3 -11.5t1 -11.5v-13v-11v-160v-416h192q26 0 45 -19t19 -45z
+" />
+    <glyph glyph-name="shopping_cart" unicode="&#xf07a;" horiz-adv-x="1664" 
+d="M640 0q0 -52 -38 -90t-90 -38t-90 38t-38 90t38 90t90 38t90 -38t38 -90zM1536 0q0 -52 -38 -90t-90 -38t-90 38t-38 90t38 90t90 38t90 -38t38 -90zM1664 1088v-512q0 -24 -16.5 -42.5t-40.5 -21.5l-1044 -122q13 -60 13 -70q0 -16 -24 -64h920q26 0 45 -19t19 -45
+t-19 -45t-45 -19h-1024q-26 0 -45 19t-19 45q0 11 8 31.5t16 36t21.5 40t15.5 29.5l-177 823h-204q-26 0 -45 19t-19 45t19 45t45 19h256q16 0 28.5 -6.5t19.5 -15.5t13 -24.5t8 -26t5.5 -29.5t4.5 -26h1201q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="folder_close" unicode="&#xf07b;" horiz-adv-x="1664" 
+d="M1664 928v-704q0 -92 -66 -158t-158 -66h-1216q-92 0 -158 66t-66 158v960q0 92 66 158t158 66h320q92 0 158 -66t66 -158v-32h672q92 0 158 -66t66 -158z" />
+    <glyph glyph-name="folder_open" unicode="&#xf07c;" horiz-adv-x="1920" 
+d="M1879 584q0 -31 -31 -66l-336 -396q-43 -51 -120.5 -86.5t-143.5 -35.5h-1088q-34 0 -60.5 13t-26.5 43q0 31 31 66l336 396q43 51 120.5 86.5t143.5 35.5h1088q34 0 60.5 -13t26.5 -43zM1536 928v-160h-832q-94 0 -197 -47.5t-164 -119.5l-337 -396l-5 -6q0 4 -0.5 12.5
+t-0.5 12.5v960q0 92 66 158t158 66h320q92 0 158 -66t66 -158v-32h544q92 0 158 -66t66 -158z" />
+    <glyph glyph-name="resize_vertical" unicode="&#xf07d;" horiz-adv-x="768" 
+d="M704 1216q0 -26 -19 -45t-45 -19h-128v-1024h128q26 0 45 -19t19 -45t-19 -45l-256 -256q-19 -19 -45 -19t-45 19l-256 256q-19 19 -19 45t19 45t45 19h128v1024h-128q-26 0 -45 19t-19 45t19 45l256 256q19 19 45 19t45 -19l256 -256q19 -19 19 -45z" />
+    <glyph glyph-name="resize_horizontal" unicode="&#xf07e;" horiz-adv-x="1792" 
+d="M1792 640q0 -26 -19 -45l-256 -256q-19 -19 -45 -19t-45 19t-19 45v128h-1024v-128q0 -26 -19 -45t-45 -19t-45 19l-256 256q-19 19 -19 45t19 45l256 256q19 19 45 19t45 -19t19 -45v-128h1024v128q0 26 19 45t45 19t45 -19l256 -256q19 -19 19 -45z" />
+    <glyph glyph-name="bar_chart" unicode="&#xf080;" horiz-adv-x="2048" 
+d="M640 640v-512h-256v512h256zM1024 1152v-1024h-256v1024h256zM2048 0v-128h-2048v1536h128v-1408h1920zM1408 896v-768h-256v768h256zM1792 1280v-1152h-256v1152h256z" />
+    <glyph glyph-name="twitter_sign" unicode="&#xf081;" 
+d="M1280 926q-56 -25 -121 -34q68 40 93 117q-65 -38 -134 -51q-61 66 -153 66q-87 0 -148.5 -61.5t-61.5 -148.5q0 -29 5 -48q-129 7 -242 65t-192 155q-29 -50 -29 -106q0 -114 91 -175q-47 1 -100 26v-2q0 -75 50 -133.5t123 -72.5q-29 -8 -51 -8q-13 0 -39 4
+q21 -63 74.5 -104t121.5 -42q-116 -90 -261 -90q-26 0 -50 3q148 -94 322 -94q112 0 210 35.5t168 95t120.5 137t75 162t24.5 168.5q0 18 -1 27q63 45 105 109zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5
+t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="facebook_sign" unicode="&#xf082;" 
+d="M1248 1408q119 0 203.5 -84.5t84.5 -203.5v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-188v595h199l30 232h-229v148q0 56 23.5 84t91.5 28l122 1v207q-63 9 -178 9q-136 0 -217.5 -80t-81.5 -226v-171h-200v-232h200v-595h-532q-119 0 -203.5 84.5t-84.5 203.5v960
+q0 119 84.5 203.5t203.5 84.5h960z" />
+    <glyph glyph-name="camera_retro" unicode="&#xf083;" horiz-adv-x="1792" 
+d="M928 704q0 14 -9 23t-23 9q-66 0 -113 -47t-47 -113q0 -14 9 -23t23 -9t23 9t9 23q0 40 28 68t68 28q14 0 23 9t9 23zM1152 574q0 -106 -75 -181t-181 -75t-181 75t-75 181t75 181t181 75t181 -75t75 -181zM128 0h1536v128h-1536v-128zM1280 574q0 159 -112.5 271.5
+t-271.5 112.5t-271.5 -112.5t-112.5 -271.5t112.5 -271.5t271.5 -112.5t271.5 112.5t112.5 271.5zM256 1216h384v128h-384v-128zM128 1024h1536v118v138h-828l-64 -128h-644v-128zM1792 1280v-1280q0 -53 -37.5 -90.5t-90.5 -37.5h-1536q-53 0 -90.5 37.5t-37.5 90.5v1280
+q0 53 37.5 90.5t90.5 37.5h1536q53 0 90.5 -37.5t37.5 -90.5z" />
+    <glyph glyph-name="key" unicode="&#xf084;" horiz-adv-x="1792" 
+d="M832 1024q0 80 -56 136t-136 56t-136 -56t-56 -136q0 -42 19 -83q-41 19 -83 19q-80 0 -136 -56t-56 -136t56 -136t136 -56t136 56t56 136q0 42 -19 83q41 -19 83 -19q80 0 136 56t56 136zM1683 320q0 -17 -49 -66t-66 -49q-9 0 -28.5 16t-36.5 33t-38.5 40t-24.5 26
+l-96 -96l220 -220q28 -28 28 -68q0 -42 -39 -81t-81 -39q-40 0 -68 28l-671 671q-176 -131 -365 -131q-163 0 -265.5 102.5t-102.5 265.5q0 160 95 313t248 248t313 95q163 0 265.5 -102.5t102.5 -265.5q0 -189 -131 -365l355 -355l96 96q-3 3 -26 24.5t-40 38.5t-33 36.5
+t-16 28.5q0 17 49 66t66 49q13 0 23 -10q6 -6 46 -44.5t82 -79.5t86.5 -86t73 -78t28.5 -41z" />
+    <glyph glyph-name="cogs" unicode="&#xf085;" horiz-adv-x="1920" 
+d="M896 640q0 106 -75 181t-181 75t-181 -75t-75 -181t75 -181t181 -75t181 75t75 181zM1664 128q0 52 -38 90t-90 38t-90 -38t-38 -90q0 -53 37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1664 1152q0 52 -38 90t-90 38t-90 -38t-38 -90q0 -53 37.5 -90.5t90.5 -37.5
+t90.5 37.5t37.5 90.5zM1280 731v-185q0 -10 -7 -19.5t-16 -10.5l-155 -24q-11 -35 -32 -76q34 -48 90 -115q7 -11 7 -20q0 -12 -7 -19q-23 -30 -82.5 -89.5t-78.5 -59.5q-11 0 -21 7l-115 90q-37 -19 -77 -31q-11 -108 -23 -155q-7 -24 -30 -24h-186q-11 0 -20 7.5t-10 17.5
+l-23 153q-34 10 -75 31l-118 -89q-7 -7 -20 -7q-11 0 -21 8q-144 133 -144 160q0 9 7 19q10 14 41 53t47 61q-23 44 -35 82l-152 24q-10 1 -17 9.5t-7 19.5v185q0 10 7 19.5t16 10.5l155 24q11 35 32 76q-34 48 -90 115q-7 11 -7 20q0 12 7 20q22 30 82 89t79 59q11 0 21 -7
+l115 -90q34 18 77 32q11 108 23 154q7 24 30 24h186q11 0 20 -7.5t10 -17.5l23 -153q34 -10 75 -31l118 89q8 7 20 7q11 0 21 -8q144 -133 144 -160q0 -8 -7 -19q-12 -16 -42 -54t-45 -60q23 -48 34 -82l152 -23q10 -2 17 -10.5t7 -19.5zM1920 198v-140q0 -16 -149 -31
+q-12 -27 -30 -52q51 -113 51 -138q0 -4 -4 -7q-122 -71 -124 -71q-8 0 -46 47t-52 68q-20 -2 -30 -2t-30 2q-14 -21 -52 -68t-46 -47q-2 0 -124 71q-4 3 -4 7q0 25 51 138q-18 25 -30 52q-149 15 -149 31v140q0 16 149 31q13 29 30 52q-51 113 -51 138q0 4 4 7q4 2 35 20
+t59 34t30 16q8 0 46 -46.5t52 -67.5q20 2 30 2t30 -2q51 71 92 112l6 2q4 0 124 -70q4 -3 4 -7q0 -25 -51 -138q17 -23 30 -52q149 -15 149 -31zM1920 1222v-140q0 -16 -149 -31q-12 -27 -30 -52q51 -113 51 -138q0 -4 -4 -7q-122 -71 -124 -71q-8 0 -46 47t-52 68
+q-20 -2 -30 -2t-30 2q-14 -21 -52 -68t-46 -47q-2 0 -124 71q-4 3 -4 7q0 25 51 138q-18 25 -30 52q-149 15 -149 31v140q0 16 149 31q13 29 30 52q-51 113 -51 138q0 4 4 7q4 2 35 20t59 34t30 16q8 0 46 -46.5t52 -67.5q20 2 30 2t30 -2q51 71 92 112l6 2q4 0 124 -70
+q4 -3 4 -7q0 -25 -51 -138q17 -23 30 -52q149 -15 149 -31z" />
+    <glyph glyph-name="comments" unicode="&#xf086;" horiz-adv-x="1792" 
+d="M1408 768q0 -139 -94 -257t-256.5 -186.5t-353.5 -68.5q-86 0 -176 16q-124 -88 -278 -128q-36 -9 -86 -16h-3q-11 0 -20.5 8t-11.5 21q-1 3 -1 6.5t0.5 6.5t2 6l2.5 5t3.5 5.5t4 5t4.5 5t4 4.5q5 6 23 25t26 29.5t22.5 29t25 38.5t20.5 44q-124 72 -195 177t-71 224
+q0 139 94 257t256.5 186.5t353.5 68.5t353.5 -68.5t256.5 -186.5t94 -257zM1792 512q0 -120 -71 -224.5t-195 -176.5q10 -24 20.5 -44t25 -38.5t22.5 -29t26 -29.5t23 -25q1 -1 4 -4.5t4.5 -5t4 -5t3.5 -5.5l2.5 -5t2 -6t0.5 -6.5t-1 -6.5q-3 -14 -13 -22t-22 -7
+q-50 7 -86 16q-154 40 -278 128q-90 -16 -176 -16q-271 0 -472 132q58 -4 88 -4q161 0 309 45t264 129q125 92 192 212t67 254q0 77 -23 152q129 -71 204 -178t75 -230z" />
+    <glyph glyph-name="thumbs_up_alt" unicode="&#xf087;" 
+d="M256 192q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1408 768q0 51 -39 89.5t-89 38.5h-352q0 58 48 159.5t48 160.5q0 98 -32 145t-128 47q-26 -26 -38 -85t-30.5 -125.5t-59.5 -109.5q-22 -23 -77 -91q-4 -5 -23 -30t-31.5 -41t-34.5 -42.5
+t-40 -44t-38.5 -35.5t-40 -27t-35.5 -9h-32v-640h32q13 0 31.5 -3t33 -6.5t38 -11t35 -11.5t35.5 -12.5t29 -10.5q211 -73 342 -73h121q192 0 192 167q0 26 -5 56q30 16 47.5 52.5t17.5 73.5t-18 69q53 50 53 119q0 25 -10 55.5t-25 47.5q32 1 53.5 47t21.5 81zM1536 769
+q0 -89 -49 -163q9 -33 9 -69q0 -77 -38 -144q3 -21 3 -43q0 -101 -60 -178q1 -139 -85 -219.5t-227 -80.5h-36h-93q-96 0 -189.5 22.5t-216.5 65.5q-116 40 -138 40h-288q-53 0 -90.5 37.5t-37.5 90.5v640q0 53 37.5 90.5t90.5 37.5h274q36 24 137 155q58 75 107 128
+q24 25 35.5 85.5t30.5 126.5t62 108q39 37 90 37q84 0 151 -32.5t102 -101.5t35 -186q0 -93 -48 -192h176q104 0 180 -76t76 -179z" />
+    <glyph glyph-name="thumbs_down_alt" unicode="&#xf088;" 
+d="M256 1088q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1408 512q0 35 -21.5 81t-53.5 47q15 17 25 47.5t10 55.5q0 69 -53 119q18 31 18 69q0 37 -17.5 73.5t-47.5 52.5q5 30 5 56q0 85 -49 126t-136 41h-128q-131 0 -342 -73q-5 -2 -29 -10.5
+t-35.5 -12.5t-35 -11.5t-38 -11t-33 -6.5t-31.5 -3h-32v-640h32q16 0 35.5 -9t40 -27t38.5 -35.5t40 -44t34.5 -42.5t31.5 -41t23 -30q55 -68 77 -91q41 -43 59.5 -109.5t30.5 -125.5t38 -85q96 0 128 47t32 145q0 59 -48 160.5t-48 159.5h352q50 0 89 38.5t39 89.5z
+M1536 511q0 -103 -76 -179t-180 -76h-176q48 -99 48 -192q0 -118 -35 -186q-35 -69 -102 -101.5t-151 -32.5q-51 0 -90 37q-34 33 -54 82t-25.5 90.5t-17.5 84.5t-31 64q-48 50 -107 127q-101 131 -137 155h-274q-53 0 -90.5 37.5t-37.5 90.5v640q0 53 37.5 90.5t90.5 37.5
+h288q22 0 138 40q128 44 223 66t200 22h112q140 0 226.5 -79t85.5 -216v-5q60 -77 60 -178q0 -22 -3 -43q38 -67 38 -144q0 -36 -9 -69q49 -73 49 -163z" />
+    <glyph glyph-name="star_half" unicode="&#xf089;" horiz-adv-x="896" 
+d="M832 1504v-1339l-449 -236q-22 -12 -40 -12q-21 0 -31.5 14.5t-10.5 35.5q0 6 2 20l86 500l-364 354q-25 27 -25 48q0 37 56 46l502 73l225 455q19 41 49 41z" />
+    <glyph glyph-name="heart_empty" unicode="&#xf08a;" horiz-adv-x="1792" 
+d="M1664 940q0 81 -21.5 143t-55 98.5t-81.5 59.5t-94 31t-98 8t-112 -25.5t-110.5 -64t-86.5 -72t-60 -61.5q-18 -22 -49 -22t-49 22q-24 28 -60 61.5t-86.5 72t-110.5 64t-112 25.5t-98 -8t-94 -31t-81.5 -59.5t-55 -98.5t-21.5 -143q0 -168 187 -355l581 -560l580 559
+q188 188 188 356zM1792 940q0 -221 -229 -450l-623 -600q-18 -18 -44 -18t-44 18l-624 602q-10 8 -27.5 26t-55.5 65.5t-68 97.5t-53.5 121t-23.5 138q0 220 127 344t351 124q62 0 126.5 -21.5t120 -58t95.5 -68.5t76 -68q36 36 76 68t95.5 68.5t120 58t126.5 21.5
+q224 0 351 -124t127 -344z" />
+    <glyph glyph-name="signout" unicode="&#xf08b;" horiz-adv-x="1664" 
+d="M640 96q0 -4 1 -20t0.5 -26.5t-3 -23.5t-10 -19.5t-20.5 -6.5h-320q-119 0 -203.5 84.5t-84.5 203.5v704q0 119 84.5 203.5t203.5 84.5h320q13 0 22.5 -9.5t9.5 -22.5q0 -4 1 -20t0.5 -26.5t-3 -23.5t-10 -19.5t-20.5 -6.5h-320q-66 0 -113 -47t-47 -113v-704
+q0 -66 47 -113t113 -47h288h11h13t11.5 -1t11.5 -3t8 -5.5t7 -9t2 -13.5zM1568 640q0 -26 -19 -45l-544 -544q-19 -19 -45 -19t-45 19t-19 45v288h-448q-26 0 -45 19t-19 45v384q0 26 19 45t45 19h448v288q0 26 19 45t45 19t45 -19l544 -544q19 -19 19 -45z" />
+    <glyph glyph-name="linkedin_sign" unicode="&#xf08c;" 
+d="M237 122h231v694h-231v-694zM483 1030q-1 52 -36 86t-93 34t-94.5 -34t-36.5 -86q0 -51 35.5 -85.5t92.5 -34.5h1q59 0 95 34.5t36 85.5zM1068 122h231v398q0 154 -73 233t-193 79q-136 0 -209 -117h2v101h-231q3 -66 0 -694h231v388q0 38 7 56q15 35 45 59.5t74 24.5
+q116 0 116 -157v-371zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="pushpin" unicode="&#xf08d;" horiz-adv-x="1152" 
+d="M480 672v448q0 14 -9 23t-23 9t-23 -9t-9 -23v-448q0 -14 9 -23t23 -9t23 9t9 23zM1152 320q0 -26 -19 -45t-45 -19h-429l-51 -483q-2 -12 -10.5 -20.5t-20.5 -8.5h-1q-27 0 -32 27l-76 485h-404q-26 0 -45 19t-19 45q0 123 78.5 221.5t177.5 98.5v512q-52 0 -90 38
+t-38 90t38 90t90 38h640q52 0 90 -38t38 -90t-38 -90t-90 -38v-512q99 0 177.5 -98.5t78.5 -221.5z" />
+    <glyph glyph-name="external_link" unicode="&#xf08e;" horiz-adv-x="1792" 
+d="M1408 608v-320q0 -119 -84.5 -203.5t-203.5 -84.5h-832q-119 0 -203.5 84.5t-84.5 203.5v832q0 119 84.5 203.5t203.5 84.5h704q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-704q-66 0 -113 -47t-47 -113v-832q0 -66 47 -113t113 -47h832q66 0 113 47t47 113v320
+q0 14 9 23t23 9h64q14 0 23 -9t9 -23zM1792 1472v-512q0 -26 -19 -45t-45 -19t-45 19l-176 176l-652 -652q-10 -10 -23 -10t-23 10l-114 114q-10 10 -10 23t10 23l652 652l-176 176q-19 19 -19 45t19 45t45 19h512q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="signin" unicode="&#xf090;" 
+d="M1184 640q0 -26 -19 -45l-544 -544q-19 -19 -45 -19t-45 19t-19 45v288h-448q-26 0 -45 19t-19 45v384q0 26 19 45t45 19h448v288q0 26 19 45t45 19t45 -19l544 -544q19 -19 19 -45zM1536 992v-704q0 -119 -84.5 -203.5t-203.5 -84.5h-320q-13 0 -22.5 9.5t-9.5 22.5
+q0 4 -1 20t-0.5 26.5t3 23.5t10 19.5t20.5 6.5h320q66 0 113 47t47 113v704q0 66 -47 113t-113 47h-288h-11h-13t-11.5 1t-11.5 3t-8 5.5t-7 9t-2 13.5q0 4 -1 20t-0.5 26.5t3 23.5t10 19.5t20.5 6.5h320q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="trophy" unicode="&#xf091;" horiz-adv-x="1664" 
+d="M458 653q-74 162 -74 371h-256v-96q0 -78 94.5 -162t235.5 -113zM1536 928v96h-256q0 -209 -74 -371q141 29 235.5 113t94.5 162zM1664 1056v-128q0 -71 -41.5 -143t-112 -130t-173 -97.5t-215.5 -44.5q-42 -54 -95 -95q-38 -34 -52.5 -72.5t-14.5 -89.5q0 -54 30.5 -91
+t97.5 -37q75 0 133.5 -45.5t58.5 -114.5v-64q0 -14 -9 -23t-23 -9h-832q-14 0 -23 9t-9 23v64q0 69 58.5 114.5t133.5 45.5q67 0 97.5 37t30.5 91q0 51 -14.5 89.5t-52.5 72.5q-53 41 -95 95q-113 5 -215.5 44.5t-173 97.5t-112 130t-41.5 143v128q0 40 28 68t68 28h288v96
+q0 66 47 113t113 47h576q66 0 113 -47t47 -113v-96h288q40 0 68 -28t28 -68z" />
+    <glyph glyph-name="github_sign" unicode="&#xf092;" 
+d="M519 336q4 6 -3 13q-9 7 -14 2q-4 -6 3 -13q9 -7 14 -2zM491 377q-5 7 -12 4q-6 -4 0 -12q7 -8 12 -5q6 4 0 13zM450 417q2 4 -5 8q-7 2 -8 -2q-3 -5 4 -8q8 -2 9 2zM471 394q2 1 1.5 4.5t-3.5 5.5q-6 7 -10 3t1 -11q6 -6 11 -2zM557 319q2 7 -9 11q-9 3 -13 -4
+q-2 -7 9 -11q9 -3 13 4zM599 316q0 8 -12 8q-10 0 -10 -8t11 -8t11 8zM638 323q-2 7 -13 5t-9 -9q2 -8 12 -6t10 10zM1280 640q0 212 -150 362t-362 150t-362 -150t-150 -362q0 -167 98 -300.5t252 -185.5q18 -3 26.5 5t8.5 20q0 52 -1 95q-6 -1 -15.5 -2.5t-35.5 -2t-48 4
+t-43.5 20t-29.5 41.5q-23 59 -57 74q-2 1 -4.5 3.5l-8 8t-7 9.5t4 7.5t19.5 3.5q6 0 15 -2t30 -15.5t33 -35.5q16 -28 37.5 -42t43.5 -14t38 3.5t30 9.5q7 47 33 69q-49 6 -86 18.5t-73 39t-55.5 76t-19.5 119.5q0 79 53 137q-24 62 5 136q19 6 54.5 -7.5t60.5 -29.5l26 -16
+q58 17 128 17t128 -17q11 7 28.5 18t55.5 26t57 9q29 -74 5 -136q53 -58 53 -137q0 -57 -14 -100.5t-35.5 -70t-53.5 -44.5t-62.5 -26t-68.5 -12q35 -31 35 -95q0 -40 -0.5 -89t-0.5 -51q0 -12 8.5 -20t26.5 -5q154 52 252 185.5t98 300.5zM1536 1120v-960
+q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="upload_alt" unicode="&#xf093;" horiz-adv-x="1664" 
+d="M1280 64q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1536 64q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1664 288v-320q0 -40 -28 -68t-68 -28h-1472q-40 0 -68 28t-28 68v320q0 40 28 68t68 28h427q21 -56 70.5 -92
+t110.5 -36h256q61 0 110.5 36t70.5 92h427q40 0 68 -28t28 -68zM1339 936q-17 -40 -59 -40h-256v-448q0 -26 -19 -45t-45 -19h-256q-26 0 -45 19t-19 45v448h-256q-42 0 -59 40q-17 39 14 69l448 448q18 19 45 19t45 -19l448 -448q31 -30 14 -69z" />
+    <glyph glyph-name="lemon" unicode="&#xf094;" 
+d="M1407 710q0 44 -7 113.5t-18 96.5q-12 30 -17 44t-9 36.5t-4 48.5q0 23 5 68.5t5 67.5q0 37 -10 55q-4 1 -13 1q-19 0 -58 -4.5t-59 -4.5q-60 0 -176 24t-175 24q-43 0 -94.5 -11.5t-85 -23.5t-89.5 -34q-137 -54 -202 -103q-96 -73 -159.5 -189.5t-88 -236t-24.5 -248.5
+q0 -40 12.5 -120t12.5 -121q0 -23 -11 -66.5t-11 -65.5t12 -36.5t34 -14.5q24 0 72.5 11t73.5 11q57 0 169.5 -15.5t169.5 -15.5q181 0 284 36q129 45 235.5 152.5t166 245.5t59.5 275zM1535 712q0 -165 -70 -327.5t-196 -288t-281 -180.5q-124 -44 -326 -44
+q-57 0 -170 14.5t-169 14.5q-24 0 -72.5 -14.5t-73.5 -14.5q-73 0 -123.5 55.5t-50.5 128.5q0 24 11 68t11 67q0 40 -12.5 120.5t-12.5 121.5q0 111 18 217.5t54.5 209.5t100.5 194t150 156q78 59 232 120q194 78 316 78q60 0 175.5 -24t173.5 -24q19 0 57 5t58 5
+q81 0 118 -50.5t37 -134.5q0 -23 -5 -68t-5 -68q0 -13 2 -25t3.5 -16.5t7.5 -20.5t8 -20q16 -40 25 -118.5t9 -136.5z" />
+    <glyph glyph-name="phone" unicode="&#xf095;" horiz-adv-x="1408" 
+d="M1408 296q0 -27 -10 -70.5t-21 -68.5q-21 -50 -122 -106q-94 -51 -186 -51q-27 0 -53 3.5t-57.5 12.5t-47 14.5t-55.5 20.5t-49 18q-98 35 -175 83q-127 79 -264 216t-216 264q-48 77 -83 175q-3 9 -18 49t-20.5 55.5t-14.5 47t-12.5 57.5t-3.5 53q0 92 51 186
+q56 101 106 122q25 11 68.5 21t70.5 10q14 0 21 -3q18 -6 53 -76q11 -19 30 -54t35 -63.5t31 -53.5q3 -4 17.5 -25t21.5 -35.5t7 -28.5q0 -20 -28.5 -50t-62 -55t-62 -53t-28.5 -46q0 -9 5 -22.5t8.5 -20.5t14 -24t11.5 -19q76 -137 174 -235t235 -174q2 -1 19 -11.5t24 -14
+t20.5 -8.5t22.5 -5q18 0 46 28.5t53 62t55 62t50 28.5q14 0 28.5 -7t35.5 -21.5t25 -17.5q25 -15 53.5 -31t63.5 -35t54 -30q70 -35 76 -53q3 -7 3 -21z" />
+    <glyph glyph-name="check_empty" unicode="&#xf096;" horiz-adv-x="1408" 
+d="M1120 1280h-832q-66 0 -113 -47t-47 -113v-832q0 -66 47 -113t113 -47h832q66 0 113 47t47 113v832q0 66 -47 113t-113 47zM1408 1120v-832q0 -119 -84.5 -203.5t-203.5 -84.5h-832q-119 0 -203.5 84.5t-84.5 203.5v832q0 119 84.5 203.5t203.5 84.5h832
+q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="bookmark_empty" unicode="&#xf097;" horiz-adv-x="1280" 
+d="M1152 1280h-1024v-1242l423 406l89 85l89 -85l423 -406v1242zM1164 1408q23 0 44 -9q33 -13 52.5 -41t19.5 -62v-1289q0 -34 -19.5 -62t-52.5 -41q-19 -8 -44 -8q-48 0 -83 32l-441 424l-441 -424q-36 -33 -83 -33q-23 0 -44 9q-33 13 -52.5 41t-19.5 62v1289
+q0 34 19.5 62t52.5 41q21 9 44 9h1048z" />
+    <glyph glyph-name="phone_sign" unicode="&#xf098;" 
+d="M1280 343q0 11 -2 16t-18 16.5t-40.5 25t-47.5 26.5t-45.5 25t-28.5 15q-5 3 -19 13t-25 15t-21 5q-15 0 -36.5 -20.5t-39.5 -45t-38.5 -45t-33.5 -20.5q-7 0 -16.5 3.5t-15.5 6.5t-17 9.5t-14 8.5q-99 55 -170 126.5t-127 170.5q-2 3 -8.5 14t-9.5 17t-6.5 15.5
+t-3.5 16.5q0 13 20.5 33.5t45 38.5t45 39.5t20.5 36.5q0 10 -5 21t-15 25t-13 19q-3 6 -15 28.5t-25 45.5t-26.5 47.5t-25 40.5t-16.5 18t-16 2q-48 0 -101 -22q-46 -21 -80 -94.5t-34 -130.5q0 -16 2.5 -34t5 -30.5t9 -33t10 -29.5t12.5 -33t11 -30q60 -164 216.5 -320.5
+t320.5 -216.5q6 -2 30 -11t33 -12.5t29.5 -10t33 -9t30.5 -5t34 -2.5q57 0 130.5 34t94.5 80q22 53 22 101zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z
+" />
+    <glyph glyph-name="twitter" unicode="&#xf099;" horiz-adv-x="1664" 
+d="M1620 1128q-67 -98 -162 -167q1 -14 1 -42q0 -130 -38 -259.5t-115.5 -248.5t-184.5 -210.5t-258 -146t-323 -54.5q-271 0 -496 145q35 -4 78 -4q225 0 401 138q-105 2 -188 64.5t-114 159.5q33 -5 61 -5q43 0 85 11q-112 23 -185.5 111.5t-73.5 205.5v4q68 -38 146 -41
+q-66 44 -105 115t-39 154q0 88 44 163q121 -149 294.5 -238.5t371.5 -99.5q-8 38 -8 74q0 134 94.5 228.5t228.5 94.5q140 0 236 -102q109 21 205 78q-37 -115 -142 -178q93 10 186 50z" />
+    <glyph glyph-name="facebook" unicode="&#xf09a;" horiz-adv-x="1024" 
+d="M959 1524v-264h-157q-86 0 -116 -36t-30 -108v-189h293l-39 -296h-254v-759h-306v759h-255v296h255v218q0 186 104 288.5t277 102.5q147 0 228 -12z" />
+    <glyph glyph-name="github" unicode="&#xf09b;" 
+d="M768 1408q209 0 385.5 -103t279.5 -279.5t103 -385.5q0 -251 -146.5 -451.5t-378.5 -277.5q-27 -5 -40 7t-13 30q0 3 0.5 76.5t0.5 134.5q0 97 -52 142q57 6 102.5 18t94 39t81 66.5t53 105t20.5 150.5q0 119 -79 206q37 91 -8 204q-28 9 -81 -11t-92 -44l-38 -24
+q-93 26 -192 26t-192 -26q-16 11 -42.5 27t-83.5 38.5t-85 13.5q-45 -113 -8 -204q-79 -87 -79 -206q0 -85 20.5 -150t52.5 -105t80.5 -67t94 -39t102.5 -18q-39 -36 -49 -103q-21 -10 -45 -15t-57 -5t-65.5 21.5t-55.5 62.5q-19 32 -48.5 52t-49.5 24l-20 3q-21 0 -29 -4.5
+t-5 -11.5t9 -14t13 -12l7 -5q22 -10 43.5 -38t31.5 -51l10 -23q13 -38 44 -61.5t67 -30t69.5 -7t55.5 3.5l23 4q0 -38 0.5 -88.5t0.5 -54.5q0 -18 -13 -30t-40 -7q-232 77 -378.5 277.5t-146.5 451.5q0 209 103 385.5t279.5 279.5t385.5 103zM291 305q3 7 -7 12
+q-10 3 -13 -2q-3 -7 7 -12q9 -6 13 2zM322 271q7 5 -2 16q-10 9 -16 3q-7 -5 2 -16q10 -10 16 -3zM352 226q9 7 0 19q-8 13 -17 6q-9 -5 0 -18t17 -7zM394 184q8 8 -4 19q-12 12 -20 3q-9 -8 4 -19q12 -12 20 -3zM451 159q3 11 -13 16q-15 4 -19 -7t13 -15q15 -6 19 6z
+M514 154q0 13 -17 11q-16 0 -16 -11q0 -13 17 -11q16 0 16 11zM572 164q-2 11 -18 9q-16 -3 -14 -15t18 -8t14 14z" />
+    <glyph glyph-name="unlock" unicode="&#xf09c;" horiz-adv-x="1664" 
+d="M1664 960v-256q0 -26 -19 -45t-45 -19h-64q-26 0 -45 19t-19 45v256q0 106 -75 181t-181 75t-181 -75t-75 -181v-192h96q40 0 68 -28t28 -68v-576q0 -40 -28 -68t-68 -28h-960q-40 0 -68 28t-28 68v576q0 40 28 68t68 28h672v192q0 185 131.5 316.5t316.5 131.5
+t316.5 -131.5t131.5 -316.5z" />
+    <glyph glyph-name="credit_card" unicode="&#xf09d;" horiz-adv-x="1920" 
+d="M1760 1408q66 0 113 -47t47 -113v-1216q0 -66 -47 -113t-113 -47h-1600q-66 0 -113 47t-47 113v1216q0 66 47 113t113 47h1600zM160 1280q-13 0 -22.5 -9.5t-9.5 -22.5v-224h1664v224q0 13 -9.5 22.5t-22.5 9.5h-1600zM1760 0q13 0 22.5 9.5t9.5 22.5v608h-1664v-608
+q0 -13 9.5 -22.5t22.5 -9.5h1600zM256 128v128h256v-128h-256zM640 128v128h384v-128h-384z" />
+    <glyph glyph-name="rss" unicode="&#xf09e;" horiz-adv-x="1408" 
+d="M384 192q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM896 69q2 -28 -17 -48q-18 -21 -47 -21h-135q-25 0 -43 16.5t-20 41.5q-22 229 -184.5 391.5t-391.5 184.5q-25 2 -41.5 20t-16.5 43v135q0 29 21 47q17 17 43 17h5q160 -13 306 -80.5
+t259 -181.5q114 -113 181.5 -259t80.5 -306zM1408 67q2 -27 -18 -47q-18 -20 -46 -20h-143q-26 0 -44.5 17.5t-19.5 42.5q-12 215 -101 408.5t-231.5 336t-336 231.5t-408.5 102q-25 1 -42.5 19.5t-17.5 43.5v143q0 28 20 46q18 18 44 18h3q262 -13 501.5 -120t425.5 -294
+q187 -186 294 -425.5t120 -501.5z" />
+    <glyph glyph-name="hdd" unicode="&#xf0a0;" 
+d="M1040 320q0 -33 -23.5 -56.5t-56.5 -23.5t-56.5 23.5t-23.5 56.5t23.5 56.5t56.5 23.5t56.5 -23.5t23.5 -56.5zM1296 320q0 -33 -23.5 -56.5t-56.5 -23.5t-56.5 23.5t-23.5 56.5t23.5 56.5t56.5 23.5t56.5 -23.5t23.5 -56.5zM1408 160v320q0 13 -9.5 22.5t-22.5 9.5
+h-1216q-13 0 -22.5 -9.5t-9.5 -22.5v-320q0 -13 9.5 -22.5t22.5 -9.5h1216q13 0 22.5 9.5t9.5 22.5zM178 640h1180l-157 482q-4 13 -16 21.5t-26 8.5h-782q-14 0 -26 -8.5t-16 -21.5zM1536 480v-320q0 -66 -47 -113t-113 -47h-1216q-66 0 -113 47t-47 113v320q0 25 16 75
+l197 606q17 53 63 86t101 33h782q55 0 101 -33t63 -86l197 -606q16 -50 16 -75z" />
+    <glyph glyph-name="bullhorn" unicode="&#xf0a1;" horiz-adv-x="1792" 
+d="M1664 896q53 0 90.5 -37.5t37.5 -90.5t-37.5 -90.5t-90.5 -37.5v-384q0 -52 -38 -90t-90 -38q-417 347 -812 380q-58 -19 -91 -66t-31 -100.5t40 -92.5q-20 -33 -23 -65.5t6 -58t33.5 -55t48 -50t61.5 -50.5q-29 -58 -111.5 -83t-168.5 -11.5t-132 55.5q-7 23 -29.5 87.5
+t-32 94.5t-23 89t-15 101t3.5 98.5t22 110.5h-122q-66 0 -113 47t-47 113v192q0 66 47 113t113 47h480q435 0 896 384q52 0 90 -38t38 -90v-384zM1536 292v954q-394 -302 -768 -343v-270q377 -42 768 -341z" />
+    <glyph glyph-name="bell" unicode="&#xf0a2;" horiz-adv-x="1792" 
+d="M912 -160q0 16 -16 16q-59 0 -101.5 42.5t-42.5 101.5q0 16 -16 16t-16 -16q0 -73 51.5 -124.5t124.5 -51.5q16 0 16 16zM246 128h1300q-266 300 -266 832q0 51 -24 105t-69 103t-121.5 80.5t-169.5 31.5t-169.5 -31.5t-121.5 -80.5t-69 -103t-24 -105q0 -532 -266 -832z
+M1728 128q0 -52 -38 -90t-90 -38h-448q0 -106 -75 -181t-181 -75t-181 75t-75 181h-448q-52 0 -90 38t-38 90q50 42 91 88t85 119.5t74.5 158.5t50 206t19.5 260q0 152 117 282.5t307 158.5q-8 19 -8 39q0 40 28 68t68 28t68 -28t28 -68q0 -20 -8 -39q190 -28 307 -158.5
+t117 -282.5q0 -139 19.5 -260t50 -206t74.5 -158.5t85 -119.5t91 -88z" />
+    <glyph glyph-name="certificate" unicode="&#xf0a3;" 
+d="M1376 640l138 -135q30 -28 20 -70q-12 -41 -52 -51l-188 -48l53 -186q12 -41 -19 -70q-29 -31 -70 -19l-186 53l-48 -188q-10 -40 -51 -52q-12 -2 -19 -2q-31 0 -51 22l-135 138l-135 -138q-28 -30 -70 -20q-41 11 -51 52l-48 188l-186 -53q-41 -12 -70 19q-31 29 -19 70
+l53 186l-188 48q-40 10 -52 51q-10 42 20 70l138 135l-138 135q-30 28 -20 70q12 41 52 51l188 48l-53 186q-12 41 19 70q29 31 70 19l186 -53l48 188q10 41 51 51q41 12 70 -19l135 -139l135 139q29 30 70 19q41 -10 51 -51l48 -188l186 53q41 12 70 -19q31 -29 19 -70
+l-53 -186l188 -48q40 -10 52 -51q10 -42 -20 -70z" />
+    <glyph glyph-name="hand_right" unicode="&#xf0a4;" horiz-adv-x="1792" 
+d="M256 192q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1664 768q0 51 -39 89.5t-89 38.5h-576q0 20 15 48.5t33 55t33 68t15 84.5q0 67 -44.5 97.5t-115.5 30.5q-24 0 -90 -139q-24 -44 -37 -65q-40 -64 -112 -145q-71 -81 -101 -106
+q-69 -57 -140 -57h-32v-640h32q72 0 167 -32t193.5 -64t179.5 -32q189 0 189 167q0 26 -5 56q30 16 47.5 52.5t17.5 73.5t-18 69q53 50 53 119q0 25 -10 55.5t-25 47.5h331q52 0 90 38t38 90zM1792 769q0 -105 -75.5 -181t-180.5 -76h-169q-4 -62 -37 -119q3 -21 3 -43
+q0 -101 -60 -178q1 -139 -85 -219.5t-227 -80.5q-133 0 -322 69q-164 59 -223 59h-288q-53 0 -90.5 37.5t-37.5 90.5v640q0 53 37.5 90.5t90.5 37.5h288q10 0 21.5 4.5t23.5 14t22.5 18t24 22.5t20.5 21.5t19 21.5t14 17q65 74 100 129q13 21 33 62t37 72t40.5 63t55 49.5
+t69.5 17.5q125 0 206.5 -67t81.5 -189q0 -68 -22 -128h374q104 0 180 -76t76 -179z" />
+    <glyph glyph-name="hand_left" unicode="&#xf0a5;" horiz-adv-x="1792" 
+d="M1376 128h32v640h-32q-35 0 -67.5 12t-62.5 37t-50 46t-49 54q-8 9 -12 14q-72 81 -112 145q-14 22 -38 68q-1 3 -10.5 22.5t-18.5 36t-20 35.5t-21.5 30.5t-18.5 11.5q-71 0 -115.5 -30.5t-44.5 -97.5q0 -43 15 -84.5t33 -68t33 -55t15 -48.5h-576q-50 0 -89 -38.5
+t-39 -89.5q0 -52 38 -90t90 -38h331q-15 -17 -25 -47.5t-10 -55.5q0 -69 53 -119q-18 -32 -18 -69t17.5 -73.5t47.5 -52.5q-4 -24 -4 -56q0 -85 48.5 -126t135.5 -41q84 0 183 32t194 64t167 32zM1664 192q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45z
+M1792 768v-640q0 -53 -37.5 -90.5t-90.5 -37.5h-288q-59 0 -223 -59q-190 -69 -317 -69q-142 0 -230 77.5t-87 217.5l1 5q-61 76 -61 178q0 22 3 43q-33 57 -37 119h-169q-105 0 -180.5 76t-75.5 181q0 103 76 179t180 76h374q-22 60 -22 128q0 122 81.5 189t206.5 67
+q38 0 69.5 -17.5t55 -49.5t40.5 -63t37 -72t33 -62q35 -55 100 -129q2 -3 14 -17t19 -21.5t20.5 -21.5t24 -22.5t22.5 -18t23.5 -14t21.5 -4.5h288q53 0 90.5 -37.5t37.5 -90.5z" />
+    <glyph glyph-name="hand_up" unicode="&#xf0a6;" 
+d="M1280 -64q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1408 700q0 189 -167 189q-26 0 -56 -5q-16 30 -52.5 47.5t-73.5 17.5t-69 -18q-50 53 -119 53q-25 0 -55.5 -10t-47.5 -25v331q0 52 -38 90t-90 38q-51 0 -89.5 -39t-38.5 -89v-576
+q-20 0 -48.5 15t-55 33t-68 33t-84.5 15q-67 0 -97.5 -44.5t-30.5 -115.5q0 -24 139 -90q44 -24 65 -37q64 -40 145 -112q81 -71 106 -101q57 -69 57 -140v-32h640v32q0 72 32 167t64 193.5t32 179.5zM1536 705q0 -133 -69 -322q-59 -164 -59 -223v-288q0 -53 -37.5 -90.5
+t-90.5 -37.5h-640q-53 0 -90.5 37.5t-37.5 90.5v288q0 10 -4.5 21.5t-14 23.5t-18 22.5t-22.5 24t-21.5 20.5t-21.5 19t-17 14q-74 65 -129 100q-21 13 -62 33t-72 37t-63 40.5t-49.5 55t-17.5 69.5q0 125 67 206.5t189 81.5q68 0 128 -22v374q0 104 76 180t179 76
+q105 0 181 -75.5t76 -180.5v-169q62 -4 119 -37q21 3 43 3q101 0 178 -60q139 1 219.5 -85t80.5 -227z" />
+    <glyph glyph-name="hand_down" unicode="&#xf0a7;" 
+d="M1408 576q0 84 -32 183t-64 194t-32 167v32h-640v-32q0 -35 -12 -67.5t-37 -62.5t-46 -50t-54 -49q-9 -8 -14 -12q-81 -72 -145 -112q-22 -14 -68 -38q-3 -1 -22.5 -10.5t-36 -18.5t-35.5 -20t-30.5 -21.5t-11.5 -18.5q0 -71 30.5 -115.5t97.5 -44.5q43 0 84.5 15t68 33
+t55 33t48.5 15v-576q0 -50 38.5 -89t89.5 -39q52 0 90 38t38 90v331q46 -35 103 -35q69 0 119 53q32 -18 69 -18t73.5 17.5t52.5 47.5q24 -4 56 -4q85 0 126 48.5t41 135.5zM1280 1344q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1536 580
+q0 -142 -77.5 -230t-217.5 -87l-5 1q-76 -61 -178 -61q-22 0 -43 3q-54 -30 -119 -37v-169q0 -105 -76 -180.5t-181 -75.5q-103 0 -179 76t-76 180v374q-54 -22 -128 -22q-121 0 -188.5 81.5t-67.5 206.5q0 38 17.5 69.5t49.5 55t63 40.5t72 37t62 33q55 35 129 100
+q3 2 17 14t21.5 19t21.5 20.5t22.5 24t18 22.5t14 23.5t4.5 21.5v288q0 53 37.5 90.5t90.5 37.5h640q53 0 90.5 -37.5t37.5 -90.5v-288q0 -59 59 -223q69 -190 69 -317z" />
+    <glyph glyph-name="circle_arrow_left" unicode="&#xf0a8;" 
+d="M1280 576v128q0 26 -19 45t-45 19h-502l189 189q19 19 19 45t-19 45l-91 91q-18 18 -45 18t-45 -18l-362 -362l-91 -91q-18 -18 -18 -45t18 -45l91 -91l362 -362q18 -18 45 -18t45 18l91 91q18 18 18 45t-18 45l-189 189h502q26 0 45 19t19 45zM1536 640
+q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="circle_arrow_right" unicode="&#xf0a9;" 
+d="M1285 640q0 27 -18 45l-91 91l-362 362q-18 18 -45 18t-45 -18l-91 -91q-18 -18 -18 -45t18 -45l189 -189h-502q-26 0 -45 -19t-19 -45v-128q0 -26 19 -45t45 -19h502l-189 -189q-19 -19 -19 -45t19 -45l91 -91q18 -18 45 -18t45 18l362 362l91 91q18 18 18 45zM1536 640
+q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="circle_arrow_up" unicode="&#xf0aa;" 
+d="M1284 641q0 27 -18 45l-362 362l-91 91q-18 18 -45 18t-45 -18l-91 -91l-362 -362q-18 -18 -18 -45t18 -45l91 -91q18 -18 45 -18t45 18l189 189v-502q0 -26 19 -45t45 -19h128q26 0 45 19t19 45v502l189 -189q19 -19 45 -19t45 19l91 91q18 18 18 45zM1536 640
+q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="circle_arrow_down" unicode="&#xf0ab;" 
+d="M1284 639q0 27 -18 45l-91 91q-18 18 -45 18t-45 -18l-189 -189v502q0 26 -19 45t-45 19h-128q-26 0 -45 -19t-19 -45v-502l-189 189q-19 19 -45 19t-45 -19l-91 -91q-18 -18 -18 -45t18 -45l362 -362l91 -91q18 -18 45 -18t45 18l91 91l362 362q18 18 18 45zM1536 640
+q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="globe" unicode="&#xf0ac;" 
+d="M768 1408q209 0 385.5 -103t279.5 -279.5t103 -385.5t-103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103zM1042 887q-2 -1 -9.5 -9.5t-13.5 -9.5q2 0 4.5 5t5 11t3.5 7q6 7 22 15q14 6 52 12q34 8 51 -11
+q-2 2 9.5 13t14.5 12q3 2 15 4.5t15 7.5l2 22q-12 -1 -17.5 7t-6.5 21q0 -2 -6 -8q0 7 -4.5 8t-11.5 -1t-9 -1q-10 3 -15 7.5t-8 16.5t-4 15q-2 5 -9.5 11t-9.5 10q-1 2 -2.5 5.5t-3 6.5t-4 5.5t-5.5 2.5t-7 -5t-7.5 -10t-4.5 -5q-3 2 -6 1.5t-4.5 -1t-4.5 -3t-5 -3.5
+q-3 -2 -8.5 -3t-8.5 -2q15 5 -1 11q-10 4 -16 3q9 4 7.5 12t-8.5 14h5q-1 4 -8.5 8.5t-17.5 8.5t-13 6q-8 5 -34 9.5t-33 0.5q-5 -6 -4.5 -10.5t4 -14t3.5 -12.5q1 -6 -5.5 -13t-6.5 -12q0 -7 14 -15.5t10 -21.5q-3 -8 -16 -16t-16 -12q-5 -8 -1.5 -18.5t10.5 -16.5
+q2 -2 1.5 -4t-3.5 -4.5t-5.5 -4t-6.5 -3.5l-3 -2q-11 -5 -20.5 6t-13.5 26q-7 25 -16 30q-23 8 -29 -1q-5 13 -41 26q-25 9 -58 4q6 1 0 15q-7 15 -19 12q3 6 4 17.5t1 13.5q3 13 12 23q1 1 7 8.5t9.5 13.5t0.5 6q35 -4 50 11q5 5 11.5 17t10.5 17q9 6 14 5.5t14.5 -5.5
+t14.5 -5q14 -1 15.5 11t-7.5 20q12 -1 3 17q-4 7 -8 9q-12 4 -27 -5q-8 -4 2 -8q-1 1 -9.5 -10.5t-16.5 -17.5t-16 5q-1 1 -5.5 13.5t-9.5 13.5q-8 0 -16 -15q3 8 -11 15t-24 8q19 12 -8 27q-7 4 -20.5 5t-19.5 -4q-5 -7 -5.5 -11.5t5 -8t10.5 -5.5t11.5 -4t8.5 -3
+q14 -10 8 -14q-2 -1 -8.5 -3.5t-11.5 -4.5t-6 -4q-3 -4 0 -14t-2 -14q-5 5 -9 17.5t-7 16.5q7 -9 -25 -6l-10 1q-4 0 -16 -2t-20.5 -1t-13.5 8q-4 8 0 20q1 4 4 2q-4 3 -11 9.5t-10 8.5q-46 -15 -94 -41q6 -1 12 1q5 2 13 6.5t10 5.5q34 14 42 7l5 5q14 -16 20 -25
+q-7 4 -30 1q-20 -6 -22 -12q7 -12 5 -18q-4 3 -11.5 10t-14.5 11t-15 5q-16 0 -22 -1q-146 -80 -235 -222q7 -7 12 -8q4 -1 5 -9t2.5 -11t11.5 3q9 -8 3 -19q1 1 44 -27q19 -17 21 -21q3 -11 -10 -18q-1 2 -9 9t-9 4q-3 -5 0.5 -18.5t10.5 -12.5q-7 0 -9.5 -16t-2.5 -35.5
+t-1 -23.5l2 -1q-3 -12 5.5 -34.5t21.5 -19.5q-13 -3 20 -43q6 -8 8 -9q3 -2 12 -7.5t15 -10t10 -10.5q4 -5 10 -22.5t14 -23.5q-2 -6 9.5 -20t10.5 -23q-1 0 -2.5 -1t-2.5 -1q3 -7 15.5 -14t15.5 -13q1 -3 2 -10t3 -11t8 -2q2 20 -24 62q-15 25 -17 29q-3 5 -5.5 15.5
+t-4.5 14.5q2 0 6 -1.5t8.5 -3.5t7.5 -4t2 -3q-3 -7 2 -17.5t12 -18.5t17 -19t12 -13q6 -6 14 -19.5t0 -13.5q9 0 20 -10.5t17 -19.5q5 -8 8 -26t5 -24q2 -7 8.5 -13.5t12.5 -9.5l16 -8t13 -7q5 -2 18.5 -10.5t21.5 -11.5q10 -4 16 -4t14.5 2.5t13.5 3.5q15 2 29 -15t21 -21
+q36 -19 55 -11q-2 -1 0.5 -7.5t8 -15.5t9 -14.5t5.5 -8.5q5 -6 18 -15t18 -15q6 4 7 9q-3 -8 7 -20t18 -10q14 3 14 32q-31 -15 -49 18q0 1 -2.5 5.5t-4 8.5t-2.5 8.5t0 7.5t5 3q9 0 10 3.5t-2 12.5t-4 13q-1 8 -11 20t-12 15q-5 -9 -16 -8t-16 9q0 -1 -1.5 -5.5t-1.5 -6.5
+q-13 0 -15 1q1 3 2.5 17.5t3.5 22.5q1 4 5.5 12t7.5 14.5t4 12.5t-4.5 9.5t-17.5 2.5q-19 -1 -26 -20q-1 -3 -3 -10.5t-5 -11.5t-9 -7q-7 -3 -24 -2t-24 5q-13 8 -22.5 29t-9.5 37q0 10 2.5 26.5t3 25t-5.5 24.5q3 2 9 9.5t10 10.5q2 1 4.5 1.5t4.5 0t4 1.5t3 6q-1 1 -4 3
+q-3 3 -4 3q7 -3 28.5 1.5t27.5 -1.5q15 -11 22 2q0 1 -2.5 9.5t-0.5 13.5q5 -27 29 -9q3 -3 15.5 -5t17.5 -5q3 -2 7 -5.5t5.5 -4.5t5 0.5t8.5 6.5q10 -14 12 -24q11 -40 19 -44q7 -3 11 -2t4.5 9.5t0 14t-1.5 12.5l-1 8v18l-1 8q-15 3 -18.5 12t1.5 18.5t15 18.5q1 1 8 3.5
+t15.5 6.5t12.5 8q21 19 15 35q7 0 11 9q-1 0 -5 3t-7.5 5t-4.5 2q9 5 2 16q5 3 7.5 11t7.5 10q9 -12 21 -2q8 8 1 16q5 7 20.5 10.5t18.5 9.5q7 -2 8 2t1 12t3 12q4 5 15 9t13 5l17 11q3 4 0 4q18 -2 31 11q10 11 -6 20q3 6 -3 9.5t-15 5.5q3 1 11.5 0.5t10.5 1.5
+q15 10 -7 16q-17 5 -43 -12zM879 10q206 36 351 189q-3 3 -12.5 4.5t-12.5 3.5q-18 7 -24 8q1 7 -2.5 13t-8 9t-12.5 8t-11 7q-2 2 -7 6t-7 5.5t-7.5 4.5t-8.5 2t-10 -1l-3 -1q-3 -1 -5.5 -2.5t-5.5 -3t-4 -3t0 -2.5q-21 17 -36 22q-5 1 -11 5.5t-10.5 7t-10 1.5t-11.5 -7
+q-5 -5 -6 -15t-2 -13q-7 5 0 17.5t2 18.5q-3 6 -10.5 4.5t-12 -4.5t-11.5 -8.5t-9 -6.5t-8.5 -5.5t-8.5 -7.5q-3 -4 -6 -12t-5 -11q-2 4 -11.5 6.5t-9.5 5.5q2 -10 4 -35t5 -38q7 -31 -12 -48q-27 -25 -29 -40q-4 -22 12 -26q0 -7 -8 -20.5t-7 -21.5q0 -6 2 -16z" />
+    <glyph glyph-name="wrench" unicode="&#xf0ad;" horiz-adv-x="1664" 
+d="M384 64q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1028 484l-682 -682q-37 -37 -90 -37q-52 0 -91 37l-106 108q-38 36 -38 90q0 53 38 91l681 681q39 -98 114.5 -173.5t173.5 -114.5zM1662 919q0 -39 -23 -106q-47 -134 -164.5 -217.5
+t-258.5 -83.5q-185 0 -316.5 131.5t-131.5 316.5t131.5 316.5t316.5 131.5q58 0 121.5 -16.5t107.5 -46.5q16 -11 16 -28t-16 -28l-293 -169v-224l193 -107q5 3 79 48.5t135.5 81t70.5 35.5q15 0 23.5 -10t8.5 -25z" />
+    <glyph glyph-name="tasks" unicode="&#xf0ae;" horiz-adv-x="1792" 
+d="M1024 128h640v128h-640v-128zM640 640h1024v128h-1024v-128zM1280 1152h384v128h-384v-128zM1792 320v-256q0 -26 -19 -45t-45 -19h-1664q-26 0 -45 19t-19 45v256q0 26 19 45t45 19h1664q26 0 45 -19t19 -45zM1792 832v-256q0 -26 -19 -45t-45 -19h-1664q-26 0 -45 19
+t-19 45v256q0 26 19 45t45 19h1664q26 0 45 -19t19 -45zM1792 1344v-256q0 -26 -19 -45t-45 -19h-1664q-26 0 -45 19t-19 45v256q0 26 19 45t45 19h1664q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="filter" unicode="&#xf0b0;" horiz-adv-x="1408" 
+d="M1403 1241q17 -41 -14 -70l-493 -493v-742q0 -42 -39 -59q-13 -5 -25 -5q-27 0 -45 19l-256 256q-19 19 -19 45v486l-493 493q-31 29 -14 70q17 39 59 39h1280q42 0 59 -39z" />
+    <glyph glyph-name="briefcase" unicode="&#xf0b1;" horiz-adv-x="1792" 
+d="M640 1280h512v128h-512v-128zM1792 640v-480q0 -66 -47 -113t-113 -47h-1472q-66 0 -113 47t-47 113v480h672v-160q0 -26 19 -45t45 -19h320q26 0 45 19t19 45v160h672zM1024 640v-128h-256v128h256zM1792 1120v-384h-1792v384q0 66 47 113t113 47h352v160q0 40 28 68
+t68 28h576q40 0 68 -28t28 -68v-160h352q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="fullscreen" unicode="&#xf0b2;" 
+d="M1283 995l-355 -355l355 -355l144 144q29 31 70 14q39 -17 39 -59v-448q0 -26 -19 -45t-45 -19h-448q-42 0 -59 40q-17 39 14 69l144 144l-355 355l-355 -355l144 -144q31 -30 14 -69q-17 -40 -59 -40h-448q-26 0 -45 19t-19 45v448q0 42 40 59q39 17 69 -14l144 -144
+l355 355l-355 355l-144 -144q-19 -19 -45 -19q-12 0 -24 5q-40 17 -40 59v448q0 26 19 45t45 19h448q42 0 59 -40q17 -39 -14 -69l-144 -144l355 -355l355 355l-144 144q-31 30 -14 69q17 40 59 40h448q26 0 45 -19t19 -45v-448q0 -42 -39 -59q-13 -5 -25 -5q-26 0 -45 19z
+" />
+    <glyph glyph-name="group" unicode="&#xf0c0;" horiz-adv-x="1920" 
+d="M593 640q-162 -5 -265 -128h-134q-82 0 -138 40.5t-56 118.5q0 353 124 353q6 0 43.5 -21t97.5 -42.5t119 -21.5q67 0 133 23q-5 -37 -5 -66q0 -139 81 -256zM1664 3q0 -120 -73 -189.5t-194 -69.5h-874q-121 0 -194 69.5t-73 189.5q0 53 3.5 103.5t14 109t26.5 108.5
+t43 97.5t62 81t85.5 53.5t111.5 20q10 0 43 -21.5t73 -48t107 -48t135 -21.5t135 21.5t107 48t73 48t43 21.5q61 0 111.5 -20t85.5 -53.5t62 -81t43 -97.5t26.5 -108.5t14 -109t3.5 -103.5zM640 1280q0 -106 -75 -181t-181 -75t-181 75t-75 181t75 181t181 75t181 -75
+t75 -181zM1344 896q0 -159 -112.5 -271.5t-271.5 -112.5t-271.5 112.5t-112.5 271.5t112.5 271.5t271.5 112.5t271.5 -112.5t112.5 -271.5zM1920 671q0 -78 -56 -118.5t-138 -40.5h-134q-103 123 -265 128q81 117 81 256q0 29 -5 66q66 -23 133 -23q59 0 119 21.5t97.5 42.5
+t43.5 21q124 0 124 -353zM1792 1280q0 -106 -75 -181t-181 -75t-181 75t-75 181t75 181t181 75t181 -75t75 -181z" />
+    <glyph glyph-name="link" unicode="&#xf0c1;" horiz-adv-x="1664" 
+d="M1456 320q0 40 -28 68l-208 208q-28 28 -68 28q-42 0 -72 -32q3 -3 19 -18.5t21.5 -21.5t15 -19t13 -25.5t3.5 -27.5q0 -40 -28 -68t-68 -28q-15 0 -27.5 3.5t-25.5 13t-19 15t-21.5 21.5t-18.5 19q-33 -31 -33 -73q0 -40 28 -68l206 -207q27 -27 68 -27q40 0 68 26
+l147 146q28 28 28 67zM753 1025q0 40 -28 68l-206 207q-28 28 -68 28q-39 0 -68 -27l-147 -146q-28 -28 -28 -67q0 -40 28 -68l208 -208q27 -27 68 -27q42 0 72 31q-3 3 -19 18.5t-21.5 21.5t-15 19t-13 25.5t-3.5 27.5q0 40 28 68t68 28q15 0 27.5 -3.5t25.5 -13t19 -15
+t21.5 -21.5t18.5 -19q33 31 33 73zM1648 320q0 -120 -85 -203l-147 -146q-83 -83 -203 -83q-121 0 -204 85l-206 207q-83 83 -83 203q0 123 88 209l-88 88q-86 -88 -208 -88q-120 0 -204 84l-208 208q-84 84 -84 204t85 203l147 146q83 83 203 83q121 0 204 -85l206 -207
+q83 -83 83 -203q0 -123 -88 -209l88 -88q86 88 208 88q120 0 204 -84l208 -208q84 -84 84 -204z" />
+    <glyph glyph-name="cloud" unicode="&#xf0c2;" horiz-adv-x="1920" 
+d="M1920 384q0 -159 -112.5 -271.5t-271.5 -112.5h-1088q-185 0 -316.5 131.5t-131.5 316.5q0 132 71 241.5t187 163.5q-2 28 -2 43q0 212 150 362t362 150q158 0 286.5 -88t187.5 -230q70 62 166 62q106 0 181 -75t75 -181q0 -75 -41 -138q129 -30 213 -134.5t84 -239.5z
+" />
+    <glyph glyph-name="beaker" unicode="&#xf0c3;" horiz-adv-x="1664" 
+d="M1527 88q56 -89 21.5 -152.5t-140.5 -63.5h-1152q-106 0 -140.5 63.5t21.5 152.5l503 793v399h-64q-26 0 -45 19t-19 45t19 45t45 19h512q26 0 45 -19t19 -45t-19 -45t-45 -19h-64v-399zM748 813l-272 -429h712l-272 429l-20 31v37v399h-128v-399v-37z" />
+    <glyph glyph-name="cut" unicode="&#xf0c4;" horiz-adv-x="1792" 
+d="M960 640q26 0 45 -19t19 -45t-19 -45t-45 -19t-45 19t-19 45t19 45t45 19zM1260 576l507 -398q28 -20 25 -56q-5 -35 -35 -51l-128 -64q-13 -7 -29 -7q-17 0 -31 8l-690 387l-110 -66q-8 -4 -12 -5q14 -49 10 -97q-7 -77 -56 -147.5t-132 -123.5q-132 -84 -277 -84
+q-136 0 -222 78q-90 84 -79 207q7 76 56 147t131 124q132 84 278 84q83 0 151 -31q9 13 22 22l122 73l-122 73q-13 9 -22 22q-68 -31 -151 -31q-146 0 -278 84q-82 53 -131 124t-56 147q-5 59 15.5 113t63.5 93q85 79 222 79q145 0 277 -84q83 -52 132 -123t56 -148
+q4 -48 -10 -97q4 -1 12 -5l110 -66l690 387q14 8 31 8q16 0 29 -7l128 -64q30 -16 35 -51q3 -36 -25 -56zM579 836q46 42 21 108t-106 117q-92 59 -192 59q-74 0 -113 -36q-46 -42 -21 -108t106 -117q92 -59 192 -59q74 0 113 36zM494 91q81 51 106 117t-21 108
+q-39 36 -113 36q-100 0 -192 -59q-81 -51 -106 -117t21 -108q39 -36 113 -36q100 0 192 59zM672 704l96 -58v11q0 36 33 56l14 8l-79 47l-26 -26q-3 -3 -10 -11t-12 -12q-2 -2 -4 -3.5t-3 -2.5zM896 480l96 -32l736 576l-128 64l-768 -431v-113l-160 -96l9 -8q2 -2 7 -6
+q4 -4 11 -12t11 -12l26 -26zM1600 64l128 64l-520 408l-177 -138q-2 -3 -13 -7z" />
+    <glyph glyph-name="copy" unicode="&#xf0c5;" horiz-adv-x="1792" 
+d="M1696 1152q40 0 68 -28t28 -68v-1216q0 -40 -28 -68t-68 -28h-960q-40 0 -68 28t-28 68v288h-544q-40 0 -68 28t-28 68v672q0 40 20 88t48 76l408 408q28 28 76 48t88 20h416q40 0 68 -28t28 -68v-328q68 40 128 40h416zM1152 939l-299 -299h299v299zM512 1323l-299 -299
+h299v299zM708 676l316 316v416h-384v-416q0 -40 -28 -68t-68 -28h-416v-640h512v256q0 40 20 88t48 76zM1664 -128v1152h-384v-416q0 -40 -28 -68t-68 -28h-416v-640h896z" />
+    <glyph glyph-name="paper_clip" unicode="&#xf0c6;" horiz-adv-x="1408" 
+d="M1404 151q0 -117 -79 -196t-196 -79q-135 0 -235 100l-777 776q-113 115 -113 271q0 159 110 270t269 111q158 0 273 -113l605 -606q10 -10 10 -22q0 -16 -30.5 -46.5t-46.5 -30.5q-13 0 -23 10l-606 607q-79 77 -181 77q-106 0 -179 -75t-73 -181q0 -105 76 -181
+l776 -777q63 -63 145 -63q64 0 106 42t42 106q0 82 -63 145l-581 581q-26 24 -60 24q-29 0 -48 -19t-19 -48q0 -32 25 -59l410 -410q10 -10 10 -22q0 -16 -31 -47t-47 -31q-12 0 -22 10l-410 410q-63 61 -63 149q0 82 57 139t139 57q88 0 149 -63l581 -581q100 -98 100 -235
+z" />
+    <glyph glyph-name="save" unicode="&#xf0c7;" 
+d="M384 0h768v384h-768v-384zM1280 0h128v896q0 14 -10 38.5t-20 34.5l-281 281q-10 10 -34 20t-39 10v-416q0 -40 -28 -68t-68 -28h-576q-40 0 -68 28t-28 68v416h-128v-1280h128v416q0 40 28 68t68 28h832q40 0 68 -28t28 -68v-416zM896 928v320q0 13 -9.5 22.5t-22.5 9.5
+h-192q-13 0 -22.5 -9.5t-9.5 -22.5v-320q0 -13 9.5 -22.5t22.5 -9.5h192q13 0 22.5 9.5t9.5 22.5zM1536 896v-928q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1344q0 40 28 68t68 28h928q40 0 88 -20t76 -48l280 -280q28 -28 48 -76t20 -88z" />
+    <glyph glyph-name="sign_blank" unicode="&#xf0c8;" 
+d="M1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="reorder" unicode="&#xf0c9;" 
+d="M1536 192v-128q0 -26 -19 -45t-45 -19h-1408q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1408q26 0 45 -19t19 -45zM1536 704v-128q0 -26 -19 -45t-45 -19h-1408q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1408q26 0 45 -19t19 -45zM1536 1216v-128q0 -26 -19 -45
+t-45 -19h-1408q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h1408q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="ul" unicode="&#xf0ca;" horiz-adv-x="1792" 
+d="M384 128q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM384 640q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM1792 224v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1216q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5
+t22.5 9.5h1216q13 0 22.5 -9.5t9.5 -22.5zM384 1152q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM1792 736v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1216q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1216q13 0 22.5 -9.5t9.5 -22.5z
+M1792 1248v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1216q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1216q13 0 22.5 -9.5t9.5 -22.5z" />
+    <glyph glyph-name="ol" unicode="&#xf0cb;" horiz-adv-x="1792" 
+d="M381 -84q0 -80 -54.5 -126t-135.5 -46q-106 0 -172 66l57 88q49 -45 106 -45q29 0 50.5 14.5t21.5 42.5q0 64 -105 56l-26 56q8 10 32.5 43.5t42.5 54t37 38.5v1q-16 0 -48.5 -1t-48.5 -1v-53h-106v152h333v-88l-95 -115q51 -12 81 -49t30 -88zM383 543v-159h-362
+q-6 36 -6 54q0 51 23.5 93t56.5 68t66 47.5t56.5 43.5t23.5 45q0 25 -14.5 38.5t-39.5 13.5q-46 0 -81 -58l-85 59q24 51 71.5 79.5t105.5 28.5q73 0 123 -41.5t50 -112.5q0 -50 -34 -91.5t-75 -64.5t-75.5 -50.5t-35.5 -52.5h127v60h105zM1792 224v-192q0 -13 -9.5 -22.5
+t-22.5 -9.5h-1216q-13 0 -22.5 9.5t-9.5 22.5v192q0 14 9 23t23 9h1216q13 0 22.5 -9.5t9.5 -22.5zM384 1123v-99h-335v99h107q0 41 0.5 121.5t0.5 121.5v12h-2q-8 -17 -50 -54l-71 76l136 127h106v-404h108zM1792 736v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1216
+q-13 0 -22.5 9.5t-9.5 22.5v192q0 14 9 23t23 9h1216q13 0 22.5 -9.5t9.5 -22.5zM1792 1248v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1216q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1216q13 0 22.5 -9.5t9.5 -22.5z" />
+    <glyph glyph-name="strikethrough" unicode="&#xf0cc;" horiz-adv-x="1792" 
+d="M1760 640q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-1728q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h1728zM483 704q-28 35 -51 80q-48 98 -48 188q0 181 134 309q133 127 393 127q50 0 167 -19q66 -12 177 -48q10 -38 21 -118q14 -123 14 -183q0 -18 -5 -45l-12 -3l-84 6
+l-14 2q-50 149 -103 205q-88 91 -210 91q-114 0 -182 -59q-67 -58 -67 -146q0 -73 66 -140t279 -129q69 -20 173 -66q58 -28 95 -52h-743zM990 448h411q7 -39 7 -92q0 -111 -41 -212q-23 -56 -71 -104q-37 -35 -109 -81q-80 -48 -153 -66q-80 -21 -203 -21q-114 0 -195 23
+l-140 40q-57 16 -72 28q-8 8 -8 22v13q0 108 -2 156q-1 30 0 68l2 37v44l102 2q15 -34 30 -71t22.5 -56t12.5 -27q35 -57 80 -94q43 -36 105 -57q59 -22 132 -22q64 0 139 27q77 26 122 86q47 61 47 129q0 84 -81 157q-34 29 -137 71z" />
+    <glyph glyph-name="underline" unicode="&#xf0cd;" 
+d="M48 1313q-37 2 -45 4l-3 88q13 1 40 1q60 0 112 -4q132 -7 166 -7q86 0 168 3q116 4 146 5q56 0 86 2l-1 -14l2 -64v-9q-60 -9 -124 -9q-60 0 -79 -25q-13 -14 -13 -132q0 -13 0.5 -32.5t0.5 -25.5l1 -229l14 -280q6 -124 51 -202q35 -59 96 -92q88 -47 177 -47
+q104 0 191 28q56 18 99 51q48 36 65 64q36 56 53 114q21 73 21 229q0 79 -3.5 128t-11 122.5t-13.5 159.5l-4 59q-5 67 -24 88q-34 35 -77 34l-100 -2l-14 3l2 86h84l205 -10q76 -3 196 10l18 -2q6 -38 6 -51q0 -7 -4 -31q-45 -12 -84 -13q-73 -11 -79 -17q-15 -15 -15 -41
+q0 -7 1.5 -27t1.5 -31q8 -19 22 -396q6 -195 -15 -304q-15 -76 -41 -122q-38 -65 -112 -123q-75 -57 -182 -89q-109 -33 -255 -33q-167 0 -284 46q-119 47 -179 122q-61 76 -83 195q-16 80 -16 237v333q0 188 -17 213q-25 36 -147 39zM1536 -96v64q0 14 -9 23t-23 9h-1472
+q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h1472q14 0 23 9t9 23z" />
+    <glyph glyph-name="table" unicode="&#xf0ce;" horiz-adv-x="1664" 
+d="M512 160v192q0 14 -9 23t-23 9h-320q-14 0 -23 -9t-9 -23v-192q0 -14 9 -23t23 -9h320q14 0 23 9t9 23zM512 544v192q0 14 -9 23t-23 9h-320q-14 0 -23 -9t-9 -23v-192q0 -14 9 -23t23 -9h320q14 0 23 9t9 23zM1024 160v192q0 14 -9 23t-23 9h-320q-14 0 -23 -9t-9 -23
+v-192q0 -14 9 -23t23 -9h320q14 0 23 9t9 23zM512 928v192q0 14 -9 23t-23 9h-320q-14 0 -23 -9t-9 -23v-192q0 -14 9 -23t23 -9h320q14 0 23 9t9 23zM1024 544v192q0 14 -9 23t-23 9h-320q-14 0 -23 -9t-9 -23v-192q0 -14 9 -23t23 -9h320q14 0 23 9t9 23zM1536 160v192
+q0 14 -9 23t-23 9h-320q-14 0 -23 -9t-9 -23v-192q0 -14 9 -23t23 -9h320q14 0 23 9t9 23zM1024 928v192q0 14 -9 23t-23 9h-320q-14 0 -23 -9t-9 -23v-192q0 -14 9 -23t23 -9h320q14 0 23 9t9 23zM1536 544v192q0 14 -9 23t-23 9h-320q-14 0 -23 -9t-9 -23v-192
+q0 -14 9 -23t23 -9h320q14 0 23 9t9 23zM1536 928v192q0 14 -9 23t-23 9h-320q-14 0 -23 -9t-9 -23v-192q0 -14 9 -23t23 -9h320q14 0 23 9t9 23zM1664 1248v-1088q0 -66 -47 -113t-113 -47h-1344q-66 0 -113 47t-47 113v1088q0 66 47 113t113 47h1344q66 0 113 -47t47 -113
+z" />
+    <glyph glyph-name="magic" unicode="&#xf0d0;" horiz-adv-x="1664" 
+d="M1190 955l293 293l-107 107l-293 -293zM1637 1248q0 -27 -18 -45l-1286 -1286q-18 -18 -45 -18t-45 18l-198 198q-18 18 -18 45t18 45l1286 1286q18 18 45 18t45 -18l198 -198q18 -18 18 -45zM286 1438l98 -30l-98 -30l-30 -98l-30 98l-98 30l98 30l30 98zM636 1276
+l196 -60l-196 -60l-60 -196l-60 196l-196 60l196 60l60 196zM1566 798l98 -30l-98 -30l-30 -98l-30 98l-98 30l98 30l30 98zM926 1438l98 -30l-98 -30l-30 -98l-30 98l-98 30l98 30l30 98z" />
+    <glyph glyph-name="truck" unicode="&#xf0d1;" horiz-adv-x="1792" 
+d="M640 128q0 52 -38 90t-90 38t-90 -38t-38 -90t38 -90t90 -38t90 38t38 90zM256 640h384v256h-158q-13 0 -22 -9l-195 -195q-9 -9 -9 -22v-30zM1536 128q0 52 -38 90t-90 38t-90 -38t-38 -90t38 -90t90 -38t90 38t38 90zM1792 1216v-1024q0 -15 -4 -26.5t-13.5 -18.5
+t-16.5 -11.5t-23.5 -6t-22.5 -2t-25.5 0t-22.5 0.5q0 -106 -75 -181t-181 -75t-181 75t-75 181h-384q0 -106 -75 -181t-181 -75t-181 75t-75 181h-64q-3 0 -22.5 -0.5t-25.5 0t-22.5 2t-23.5 6t-16.5 11.5t-13.5 18.5t-4 26.5q0 26 19 45t45 19v320q0 8 -0.5 35t0 38
+t2.5 34.5t6.5 37t14 30.5t22.5 30l198 198q19 19 50.5 32t58.5 13h160v192q0 26 19 45t45 19h1024q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="pinterest" unicode="&#xf0d2;" 
+d="M1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103q-111 0 -218 32q59 93 78 164q9 34 54 211q20 -39 73 -67.5t114 -28.5q121 0 216 68.5t147 188.5t52 270q0 114 -59.5 214t-172.5 163t-255 63q-105 0 -196 -29t-154.5 -77t-109 -110.5t-67 -129.5t-21.5 -134
+q0 -104 40 -183t117 -111q30 -12 38 20q2 7 8 31t8 30q6 23 -11 43q-51 61 -51 151q0 151 104.5 259.5t273.5 108.5q151 0 235.5 -82t84.5 -213q0 -170 -68.5 -289t-175.5 -119q-61 0 -98 43.5t-23 104.5q8 35 26.5 93.5t30 103t11.5 75.5q0 50 -27 83t-77 33
+q-62 0 -105 -57t-43 -142q0 -73 25 -122l-99 -418q-17 -70 -13 -177q-206 91 -333 281t-127 423q0 209 103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="pinterest_sign" unicode="&#xf0d3;" 
+d="M1248 1408q119 0 203.5 -84.5t84.5 -203.5v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-725q85 122 108 210q9 34 53 209q21 -39 73.5 -67t112.5 -28q181 0 295.5 147.5t114.5 373.5q0 84 -35 162.5t-96.5 139t-152.5 97t-197 36.5q-104 0 -194.5 -28.5t-153 -76.5
+t-107.5 -109.5t-66.5 -128t-21.5 -132.5q0 -102 39.5 -180t116.5 -110q13 -5 23.5 0t14.5 19q10 44 15 61q6 23 -11 42q-50 62 -50 150q0 150 103.5 256.5t270.5 106.5q149 0 232.5 -81t83.5 -210q0 -168 -67.5 -286t-173.5 -118q-60 0 -97 43.5t-23 103.5q8 34 26.5 92.5
+t29.5 102t11 74.5q0 49 -26.5 81.5t-75.5 32.5q-61 0 -103.5 -56.5t-42.5 -139.5q0 -72 24 -121l-98 -414q-24 -100 -7 -254h-183q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960z" />
+    <glyph glyph-name="google_plus_sign" unicode="&#xf0d4;" 
+d="M917 631q0 26 -6 64h-362v-132h217q-3 -24 -16.5 -50t-37.5 -53t-66.5 -44.5t-96.5 -17.5q-99 0 -169 71t-70 171t70 171t169 71q92 0 153 -59l104 101q-108 100 -257 100q-160 0 -272 -112.5t-112 -271.5t112 -271.5t272 -112.5q165 0 266.5 105t101.5 270zM1262 585
+h109v110h-109v110h-110v-110h-110v-110h110v-110h110v110zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="google_plus" unicode="&#xf0d5;" horiz-adv-x="2304" 
+d="M1437 623q0 -208 -87 -370.5t-248 -254t-369 -91.5q-149 0 -285 58t-234 156t-156 234t-58 285t58 285t156 234t234 156t285 58q286 0 491 -192l-199 -191q-117 113 -292 113q-123 0 -227.5 -62t-165.5 -168.5t-61 -232.5t61 -232.5t165.5 -168.5t227.5 -62
+q83 0 152.5 23t114.5 57.5t78.5 78.5t49 83t21.5 74h-416v252h692q12 -63 12 -122zM2304 745v-210h-209v-209h-210v209h-209v210h209v209h210v-209h209z" />
+    <glyph glyph-name="money" unicode="&#xf0d6;" horiz-adv-x="1920" 
+d="M768 384h384v96h-128v448h-114l-148 -137l77 -80q42 37 55 57h2v-288h-128v-96zM1280 640q0 -70 -21 -142t-59.5 -134t-101.5 -101t-138 -39t-138 39t-101.5 101t-59.5 134t-21 142t21 142t59.5 134t101.5 101t138 39t138 -39t101.5 -101t59.5 -134t21 -142zM1792 384
+v512q-106 0 -181 75t-75 181h-1152q0 -106 -75 -181t-181 -75v-512q106 0 181 -75t75 -181h1152q0 106 75 181t181 75zM1920 1216v-1152q0 -26 -19 -45t-45 -19h-1792q-26 0 -45 19t-19 45v1152q0 26 19 45t45 19h1792q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="caret_down" unicode="&#xf0d7;" horiz-adv-x="1024" 
+d="M1024 832q0 -26 -19 -45l-448 -448q-19 -19 -45 -19t-45 19l-448 448q-19 19 -19 45t19 45t45 19h896q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="caret_up" unicode="&#xf0d8;" horiz-adv-x="1024" 
+d="M1024 320q0 -26 -19 -45t-45 -19h-896q-26 0 -45 19t-19 45t19 45l448 448q19 19 45 19t45 -19l448 -448q19 -19 19 -45z" />
+    <glyph glyph-name="caret_left" unicode="&#xf0d9;" horiz-adv-x="640" 
+d="M640 1088v-896q0 -26 -19 -45t-45 -19t-45 19l-448 448q-19 19 -19 45t19 45l448 448q19 19 45 19t45 -19t19 -45z" />
+    <glyph glyph-name="caret_right" unicode="&#xf0da;" horiz-adv-x="640" 
+d="M576 640q0 -26 -19 -45l-448 -448q-19 -19 -45 -19t-45 19t-19 45v896q0 26 19 45t45 19t45 -19l448 -448q19 -19 19 -45z" />
+    <glyph glyph-name="columns" unicode="&#xf0db;" horiz-adv-x="1664" 
+d="M160 0h608v1152h-640v-1120q0 -13 9.5 -22.5t22.5 -9.5zM1536 32v1120h-640v-1152h608q13 0 22.5 9.5t9.5 22.5zM1664 1248v-1216q0 -66 -47 -113t-113 -47h-1344q-66 0 -113 47t-47 113v1216q0 66 47 113t113 47h1344q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="sort" unicode="&#xf0dc;" horiz-adv-x="1024" 
+d="M1024 448q0 -26 -19 -45l-448 -448q-19 -19 -45 -19t-45 19l-448 448q-19 19 -19 45t19 45t45 19h896q26 0 45 -19t19 -45zM1024 832q0 -26 -19 -45t-45 -19h-896q-26 0 -45 19t-19 45t19 45l448 448q19 19 45 19t45 -19l448 -448q19 -19 19 -45z" />
+    <glyph glyph-name="sort_down" unicode="&#xf0dd;" horiz-adv-x="1024" 
+d="M1024 448q0 -26 -19 -45l-448 -448q-19 -19 -45 -19t-45 19l-448 448q-19 19 -19 45t19 45t45 19h896q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="sort_up" unicode="&#xf0de;" horiz-adv-x="1024" 
+d="M1024 832q0 -26 -19 -45t-45 -19h-896q-26 0 -45 19t-19 45t19 45l448 448q19 19 45 19t45 -19l448 -448q19 -19 19 -45z" />
+    <glyph glyph-name="envelope_alt" unicode="&#xf0e0;" horiz-adv-x="1792" 
+d="M1792 826v-794q0 -66 -47 -113t-113 -47h-1472q-66 0 -113 47t-47 113v794q44 -49 101 -87q362 -246 497 -345q57 -42 92.5 -65.5t94.5 -48t110 -24.5h1h1q51 0 110 24.5t94.5 48t92.5 65.5q170 123 498 345q57 39 100 87zM1792 1120q0 -79 -49 -151t-122 -123
+q-376 -261 -468 -325q-10 -7 -42.5 -30.5t-54 -38t-52 -32.5t-57.5 -27t-50 -9h-1h-1q-23 0 -50 9t-57.5 27t-52 32.5t-54 38t-42.5 30.5q-91 64 -262 182.5t-205 142.5q-62 42 -117 115.5t-55 136.5q0 78 41.5 130t118.5 52h1472q65 0 112.5 -47t47.5 -113z" />
+    <glyph glyph-name="linkedin" unicode="&#xf0e1;" 
+d="M349 911v-991h-330v991h330zM370 1217q1 -73 -50.5 -122t-135.5 -49h-2q-82 0 -132 49t-50 122q0 74 51.5 122.5t134.5 48.5t133 -48.5t51 -122.5zM1536 488v-568h-329v530q0 105 -40.5 164.5t-126.5 59.5q-63 0 -105.5 -34.5t-63.5 -85.5q-11 -30 -11 -81v-553h-329
+q2 399 2 647t-1 296l-1 48h329v-144h-2q20 32 41 56t56.5 52t87 43.5t114.5 15.5q171 0 275 -113.5t104 -332.5z" />
+    <glyph glyph-name="undo" unicode="&#xf0e2;" 
+d="M1536 640q0 -156 -61 -298t-164 -245t-245 -164t-298 -61q-172 0 -327 72.5t-264 204.5q-7 10 -6.5 22.5t8.5 20.5l137 138q10 9 25 9q16 -2 23 -12q73 -95 179 -147t225 -52q104 0 198.5 40.5t163.5 109.5t109.5 163.5t40.5 198.5t-40.5 198.5t-109.5 163.5
+t-163.5 109.5t-198.5 40.5q-98 0 -188 -35.5t-160 -101.5l137 -138q31 -30 14 -69q-17 -40 -59 -40h-448q-26 0 -45 19t-19 45v448q0 42 40 59q39 17 69 -14l130 -129q107 101 244.5 156.5t284.5 55.5q156 0 298 -61t245 -164t164 -245t61 -298z" />
+    <glyph glyph-name="legal" unicode="&#xf0e3;" horiz-adv-x="1792" 
+d="M1771 0q0 -53 -37 -90l-107 -108q-39 -37 -91 -37q-53 0 -90 37l-363 364q-38 36 -38 90q0 53 43 96l-256 256l-126 -126q-14 -14 -34 -14t-34 14q2 -2 12.5 -12t12.5 -13t10 -11.5t10 -13.5t6 -13.5t5.5 -16.5t1.5 -18q0 -38 -28 -68q-3 -3 -16.5 -18t-19 -20.5
+t-18.5 -16.5t-22 -15.5t-22 -9t-26 -4.5q-40 0 -68 28l-408 408q-28 28 -28 68q0 13 4.5 26t9 22t15.5 22t16.5 18.5t20.5 19t18 16.5q30 28 68 28q10 0 18 -1.5t16.5 -5.5t13.5 -6t13.5 -10t11.5 -10t13 -12.5t12 -12.5q-14 14 -14 34t14 34l348 348q14 14 34 14t34 -14
+q-2 2 -12.5 12t-12.5 13t-10 11.5t-10 13.5t-6 13.5t-5.5 16.5t-1.5 18q0 38 28 68q3 3 16.5 18t19 20.5t18.5 16.5t22 15.5t22 9t26 4.5q40 0 68 -28l408 -408q28 -28 28 -68q0 -13 -4.5 -26t-9 -22t-15.5 -22t-16.5 -18.5t-20.5 -19t-18 -16.5q-30 -28 -68 -28
+q-10 0 -18 1.5t-16.5 5.5t-13.5 6t-13.5 10t-11.5 10t-13 12.5t-12 12.5q14 -14 14 -34t-14 -34l-126 -126l256 -256q43 43 96 43q52 0 91 -37l363 -363q37 -39 37 -91z" />
+    <glyph glyph-name="dashboard" unicode="&#xf0e4;" horiz-adv-x="1792" 
+d="M384 384q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM576 832q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1004 351l101 382q6 26 -7.5 48.5t-38.5 29.5
+t-48 -6.5t-30 -39.5l-101 -382q-60 -5 -107 -43.5t-63 -98.5q-20 -77 20 -146t117 -89t146 20t89 117q16 60 -6 117t-72 91zM1664 384q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1024 1024q0 53 -37.5 90.5
+t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1472 832q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1792 384q0 -261 -141 -483q-19 -29 -54 -29h-1402q-35 0 -54 29
+q-141 221 -141 483q0 182 71 348t191 286t286 191t348 71t348 -71t286 -191t191 -286t71 -348z" />
+    <glyph glyph-name="comment_alt" unicode="&#xf0e5;" horiz-adv-x="1792" 
+d="M896 1152q-204 0 -381.5 -69.5t-282 -187.5t-104.5 -255q0 -112 71.5 -213.5t201.5 -175.5l87 -50l-27 -96q-24 -91 -70 -172q152 63 275 171l43 38l57 -6q69 -8 130 -8q204 0 381.5 69.5t282 187.5t104.5 255t-104.5 255t-282 187.5t-381.5 69.5zM1792 640
+q0 -174 -120 -321.5t-326 -233t-450 -85.5q-70 0 -145 8q-198 -175 -460 -242q-49 -14 -114 -22h-5q-15 0 -27 10.5t-16 27.5v1q-3 4 -0.5 12t2 10t4.5 9.5l6 9t7 8.5t8 9q7 8 31 34.5t34.5 38t31 39.5t32.5 51t27 59t26 76q-157 89 -247.5 220t-90.5 281q0 174 120 321.5
+t326 233t450 85.5t450 -85.5t326 -233t120 -321.5z" />
+    <glyph glyph-name="comments_alt" unicode="&#xf0e6;" horiz-adv-x="1792" 
+d="M704 1152q-153 0 -286 -52t-211.5 -141t-78.5 -191q0 -82 53 -158t149 -132l97 -56l-35 -84q34 20 62 39l44 31l53 -10q78 -14 153 -14q153 0 286 52t211.5 141t78.5 191t-78.5 191t-211.5 141t-286 52zM704 1280q191 0 353.5 -68.5t256.5 -186.5t94 -257t-94 -257
+t-256.5 -186.5t-353.5 -68.5q-86 0 -176 16q-124 -88 -278 -128q-36 -9 -86 -16h-3q-11 0 -20.5 8t-11.5 21q-1 3 -1 6.5t0.5 6.5t2 6l2.5 5t3.5 5.5t4 5t4.5 5t4 4.5q5 6 23 25t26 29.5t22.5 29t25 38.5t20.5 44q-124 72 -195 177t-71 224q0 139 94 257t256.5 186.5
+t353.5 68.5zM1526 111q10 -24 20.5 -44t25 -38.5t22.5 -29t26 -29.5t23 -25q1 -1 4 -4.5t4.5 -5t4 -5t3.5 -5.5l2.5 -5t2 -6t0.5 -6.5t-1 -6.5q-3 -14 -13 -22t-22 -7q-50 7 -86 16q-154 40 -278 128q-90 -16 -176 -16q-271 0 -472 132q58 -4 88 -4q161 0 309 45t264 129
+q125 92 192 212t67 254q0 77 -23 152q129 -71 204 -178t75 -230q0 -120 -71 -224.5t-195 -176.5z" />
+    <glyph glyph-name="bolt" unicode="&#xf0e7;" horiz-adv-x="896" 
+d="M885 970q18 -20 7 -44l-540 -1157q-13 -25 -42 -25q-4 0 -14 2q-17 5 -25.5 19t-4.5 30l197 808l-406 -101q-4 -1 -12 -1q-18 0 -31 11q-18 15 -13 39l201 825q4 14 16 23t28 9h328q19 0 32 -12.5t13 -29.5q0 -8 -5 -18l-171 -463l396 98q8 2 12 2q19 0 34 -15z" />
+    <glyph glyph-name="sitemap" unicode="&#xf0e8;" horiz-adv-x="1792" 
+d="M1792 288v-320q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v320q0 40 28 68t68 28h96v192h-512v-192h96q40 0 68 -28t28 -68v-320q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v320q0 40 28 68t68 28h96v192h-512v-192h96q40 0 68 -28t28 -68v-320
+q0 -40 -28 -68t-68 -28h-320q-40 0 -68 28t-28 68v320q0 40 28 68t68 28h96v192q0 52 38 90t90 38h512v192h-96q-40 0 -68 28t-28 68v320q0 40 28 68t68 28h320q40 0 68 -28t28 -68v-320q0 -40 -28 -68t-68 -28h-96v-192h512q52 0 90 -38t38 -90v-192h96q40 0 68 -28t28 -68
+z" />
+    <glyph glyph-name="umbrella" unicode="&#xf0e9;" horiz-adv-x="1664" 
+d="M896 708v-580q0 -104 -76 -180t-180 -76t-180 76t-76 180q0 26 19 45t45 19t45 -19t19 -45q0 -50 39 -89t89 -39t89 39t39 89v580q33 11 64 11t64 -11zM1664 681q0 -13 -9.5 -22.5t-22.5 -9.5q-11 0 -23 10q-49 46 -93 69t-102 23q-68 0 -128 -37t-103 -97
+q-7 -10 -17.5 -28t-14.5 -24q-11 -17 -28 -17q-18 0 -29 17q-4 6 -14.5 24t-17.5 28q-43 60 -102.5 97t-127.5 37t-127.5 -37t-102.5 -97q-7 -10 -17.5 -28t-14.5 -24q-11 -17 -29 -17q-17 0 -28 17q-4 6 -14.5 24t-17.5 28q-43 60 -103 97t-128 37q-58 0 -102 -23t-93 -69
+q-12 -10 -23 -10q-13 0 -22.5 9.5t-9.5 22.5q0 5 1 7q45 183 172.5 319.5t298 204.5t360.5 68q140 0 274.5 -40t246.5 -113.5t194.5 -187t115.5 -251.5q1 -2 1 -7zM896 1408v-98q-42 2 -64 2t-64 -2v98q0 26 19 45t45 19t45 -19t19 -45z" />
+    <glyph glyph-name="paste" unicode="&#xf0ea;" horiz-adv-x="1792" 
+d="M768 -128h896v640h-416q-40 0 -68 28t-28 68v416h-384v-1152zM1024 1312v64q0 13 -9.5 22.5t-22.5 9.5h-704q-13 0 -22.5 -9.5t-9.5 -22.5v-64q0 -13 9.5 -22.5t22.5 -9.5h704q13 0 22.5 9.5t9.5 22.5zM1280 640h299l-299 299v-299zM1792 512v-672q0 -40 -28 -68t-68 -28
+h-960q-40 0 -68 28t-28 68v160h-544q-40 0 -68 28t-28 68v1344q0 40 28 68t68 28h1088q40 0 68 -28t28 -68v-328q21 -13 36 -28l408 -408q28 -28 48 -76t20 -88z" />
+    <glyph glyph-name="light_bulb" unicode="&#xf0eb;" horiz-adv-x="1024" 
+d="M736 960q0 -13 -9.5 -22.5t-22.5 -9.5t-22.5 9.5t-9.5 22.5q0 46 -54 71t-106 25q-13 0 -22.5 9.5t-9.5 22.5t9.5 22.5t22.5 9.5q50 0 99.5 -16t87 -54t37.5 -90zM896 960q0 72 -34.5 134t-90 101.5t-123 62t-136.5 22.5t-136.5 -22.5t-123 -62t-90 -101.5t-34.5 -134
+q0 -101 68 -180q10 -11 30.5 -33t30.5 -33q128 -153 141 -298h228q13 145 141 298q10 11 30.5 33t30.5 33q68 79 68 180zM1024 960q0 -155 -103 -268q-45 -49 -74.5 -87t-59.5 -95.5t-34 -107.5q47 -28 47 -82q0 -37 -25 -64q25 -27 25 -64q0 -52 -45 -81q13 -23 13 -47
+q0 -46 -31.5 -71t-77.5 -25q-20 -44 -60 -70t-87 -26t-87 26t-60 70q-46 0 -77.5 25t-31.5 71q0 24 13 47q-45 29 -45 81q0 37 25 64q-25 27 -25 64q0 54 47 82q-4 50 -34 107.5t-59.5 95.5t-74.5 87q-103 113 -103 268q0 99 44.5 184.5t117 142t164 89t186.5 32.5
+t186.5 -32.5t164 -89t117 -142t44.5 -184.5z" />
+    <glyph glyph-name="exchange" unicode="&#xf0ec;" horiz-adv-x="1792" 
+d="M1792 352v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-1376v-192q0 -13 -9.5 -22.5t-22.5 -9.5q-12 0 -24 10l-319 320q-9 9 -9 22q0 14 9 23l320 320q9 9 23 9q13 0 22.5 -9.5t9.5 -22.5v-192h1376q13 0 22.5 -9.5t9.5 -22.5zM1792 896q0 -14 -9 -23l-320 -320q-9 -9 -23 -9
+q-13 0 -22.5 9.5t-9.5 22.5v192h-1376q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h1376v192q0 14 9 23t23 9q12 0 24 -10l319 -319q9 -9 9 -23z" />
+    <glyph glyph-name="cloud_download" unicode="&#xf0ed;" horiz-adv-x="1920" 
+d="M1280 608q0 14 -9 23t-23 9h-224v352q0 13 -9.5 22.5t-22.5 9.5h-192q-13 0 -22.5 -9.5t-9.5 -22.5v-352h-224q-13 0 -22.5 -9.5t-9.5 -22.5q0 -14 9 -23l352 -352q9 -9 23 -9t23 9l351 351q10 12 10 24zM1920 384q0 -159 -112.5 -271.5t-271.5 -112.5h-1088
+q-185 0 -316.5 131.5t-131.5 316.5q0 130 70 240t188 165q-2 30 -2 43q0 212 150 362t362 150q156 0 285.5 -87t188.5 -231q71 62 166 62q106 0 181 -75t75 -181q0 -76 -41 -138q130 -31 213.5 -135.5t83.5 -238.5z" />
+    <glyph glyph-name="cloud_upload" unicode="&#xf0ee;" horiz-adv-x="1920" 
+d="M1280 672q0 14 -9 23l-352 352q-9 9 -23 9t-23 -9l-351 -351q-10 -12 -10 -24q0 -14 9 -23t23 -9h224v-352q0 -13 9.5 -22.5t22.5 -9.5h192q13 0 22.5 9.5t9.5 22.5v352h224q13 0 22.5 9.5t9.5 22.5zM1920 384q0 -159 -112.5 -271.5t-271.5 -112.5h-1088
+q-185 0 -316.5 131.5t-131.5 316.5q0 130 70 240t188 165q-2 30 -2 43q0 212 150 362t362 150q156 0 285.5 -87t188.5 -231q71 62 166 62q106 0 181 -75t75 -181q0 -76 -41 -138q130 -31 213.5 -135.5t83.5 -238.5z" />
+    <glyph glyph-name="user_md" unicode="&#xf0f0;" horiz-adv-x="1408" 
+d="M384 192q0 -26 -19 -45t-45 -19t-45 19t-19 45t19 45t45 19t45 -19t19 -45zM1408 131q0 -121 -73 -190t-194 -69h-874q-121 0 -194 69t-73 190q0 68 5.5 131t24 138t47.5 132.5t81 103t120 60.5q-22 -52 -22 -120v-203q-58 -20 -93 -70t-35 -111q0 -80 56 -136t136 -56
+t136 56t56 136q0 61 -35.5 111t-92.5 70v203q0 62 25 93q132 -104 295 -104t295 104q25 -31 25 -93v-64q-106 0 -181 -75t-75 -181v-89q-32 -29 -32 -71q0 -40 28 -68t68 -28t68 28t28 68q0 42 -32 71v89q0 52 38 90t90 38t90 -38t38 -90v-89q-32 -29 -32 -71q0 -40 28 -68
+t68 -28t68 28t28 68q0 42 -32 71v89q0 68 -34.5 127.5t-93.5 93.5q0 10 0.5 42.5t0 48t-2.5 41.5t-7 47t-13 40q68 -15 120 -60.5t81 -103t47.5 -132.5t24 -138t5.5 -131zM1088 1024q0 -159 -112.5 -271.5t-271.5 -112.5t-271.5 112.5t-112.5 271.5t112.5 271.5t271.5 112.5
+t271.5 -112.5t112.5 -271.5z" />
+    <glyph glyph-name="stethoscope" unicode="&#xf0f1;" horiz-adv-x="1408" 
+d="M1280 832q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1408 832q0 -62 -35.5 -111t-92.5 -70v-395q0 -159 -131.5 -271.5t-316.5 -112.5t-316.5 112.5t-131.5 271.5v132q-164 20 -274 128t-110 252v512q0 26 19 45t45 19q6 0 16 -2q17 30 47 48
+t65 18q53 0 90.5 -37.5t37.5 -90.5t-37.5 -90.5t-90.5 -37.5q-33 0 -64 18v-402q0 -106 94 -181t226 -75t226 75t94 181v402q-31 -18 -64 -18q-53 0 -90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5q35 0 65 -18t47 -48q10 2 16 2q26 0 45 -19t19 -45v-512q0 -144 -110 -252
+t-274 -128v-132q0 -106 94 -181t226 -75t226 75t94 181v395q-57 21 -92.5 70t-35.5 111q0 80 56 136t136 56t136 -56t56 -136z" />
+    <glyph glyph-name="suitcase" unicode="&#xf0f2;" horiz-adv-x="1792" 
+d="M640 1152h512v128h-512v-128zM288 1152v-1280h-64q-92 0 -158 66t-66 158v832q0 92 66 158t158 66h64zM1408 1152v-1280h-1024v1280h128v160q0 40 28 68t68 28h576q40 0 68 -28t28 -68v-160h128zM1792 928v-832q0 -92 -66 -158t-158 -66h-64v1280h64q92 0 158 -66
+t66 -158z" />
+    <glyph glyph-name="bell_alt" unicode="&#xf0f3;" horiz-adv-x="1792" 
+d="M912 -160q0 16 -16 16q-59 0 -101.5 42.5t-42.5 101.5q0 16 -16 16t-16 -16q0 -73 51.5 -124.5t124.5 -51.5q16 0 16 16zM1728 128q0 -52 -38 -90t-90 -38h-448q0 -106 -75 -181t-181 -75t-181 75t-75 181h-448q-52 0 -90 38t-38 90q50 42 91 88t85 119.5t74.5 158.5
+t50 206t19.5 260q0 152 117 282.5t307 158.5q-8 19 -8 39q0 40 28 68t68 28t68 -28t28 -68q0 -20 -8 -39q190 -28 307 -158.5t117 -282.5q0 -139 19.5 -260t50 -206t74.5 -158.5t85 -119.5t91 -88z" />
+    <glyph glyph-name="coffee" unicode="&#xf0f4;" horiz-adv-x="1920" 
+d="M1664 896q0 80 -56 136t-136 56h-64v-384h64q80 0 136 56t56 136zM0 128h1792q0 -106 -75 -181t-181 -75h-1280q-106 0 -181 75t-75 181zM1856 896q0 -159 -112.5 -271.5t-271.5 -112.5h-64v-32q0 -92 -66 -158t-158 -66h-704q-92 0 -158 66t-66 158v736q0 26 19 45
+t45 19h1152q159 0 271.5 -112.5t112.5 -271.5z" />
+    <glyph glyph-name="food" unicode="&#xf0f5;" horiz-adv-x="1408" 
+d="M640 1472v-640q0 -61 -35.5 -111t-92.5 -70v-779q0 -52 -38 -90t-90 -38h-128q-52 0 -90 38t-38 90v779q-57 20 -92.5 70t-35.5 111v640q0 26 19 45t45 19t45 -19t19 -45v-416q0 -26 19 -45t45 -19t45 19t19 45v416q0 26 19 45t45 19t45 -19t19 -45v-416q0 -26 19 -45
+t45 -19t45 19t19 45v416q0 26 19 45t45 19t45 -19t19 -45zM1408 1472v-1600q0 -52 -38 -90t-90 -38h-128q-52 0 -90 38t-38 90v512h-224q-13 0 -22.5 9.5t-9.5 22.5v800q0 132 94 226t226 94h256q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="file_text_alt" unicode="&#xf0f6;" 
+d="M1468 1156q28 -28 48 -76t20 -88v-1152q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1600q0 40 28 68t68 28h896q40 0 88 -20t76 -48zM1024 1400v-376h376q-10 29 -22 41l-313 313q-12 12 -41 22zM1408 -128v1024h-416q-40 0 -68 28t-28 68v416h-768v-1536h1280z
+M384 736q0 14 9 23t23 9h704q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-704q-14 0 -23 9t-9 23v64zM1120 512q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-704q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h704zM1120 256q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-704
+q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h704z" />
+    <glyph glyph-name="building" unicode="&#xf0f7;" horiz-adv-x="1408" 
+d="M384 224v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM384 480v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M640 480v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM384 736v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M1152 224v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM896 480v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M640 736v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM384 992v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M1152 480v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM896 736v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M640 992v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM384 1248v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M1152 736v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM896 992v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M640 1248v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM1152 992v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M896 1248v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM1152 1248v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M896 -128h384v1536h-1152v-1536h384v224q0 13 9.5 22.5t22.5 9.5h320q13 0 22.5 -9.5t9.5 -22.5v-224zM1408 1472v-1664q0 -26 -19 -45t-45 -19h-1280q-26 0 -45 19t-19 45v1664q0 26 19 45t45 19h1280q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="hospital" unicode="&#xf0f8;" horiz-adv-x="1408" 
+d="M384 224v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM384 480v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M640 480v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM384 736v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M1152 224v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM896 480v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M640 736v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM1152 480v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M896 736v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5zM1152 736v-64q0 -13 -9.5 -22.5t-22.5 -9.5h-64q-13 0 -22.5 9.5t-9.5 22.5v64q0 13 9.5 22.5t22.5 9.5h64q13 0 22.5 -9.5t9.5 -22.5z
+M896 -128h384v1152h-256v-32q0 -40 -28 -68t-68 -28h-448q-40 0 -68 28t-28 68v32h-256v-1152h384v224q0 13 9.5 22.5t22.5 9.5h320q13 0 22.5 -9.5t9.5 -22.5v-224zM896 1056v320q0 13 -9.5 22.5t-22.5 9.5h-64q-13 0 -22.5 -9.5t-9.5 -22.5v-96h-128v96q0 13 -9.5 22.5
+t-22.5 9.5h-64q-13 0 -22.5 -9.5t-9.5 -22.5v-320q0 -13 9.5 -22.5t22.5 -9.5h64q13 0 22.5 9.5t9.5 22.5v96h128v-96q0 -13 9.5 -22.5t22.5 -9.5h64q13 0 22.5 9.5t9.5 22.5zM1408 1088v-1280q0 -26 -19 -45t-45 -19h-1280q-26 0 -45 19t-19 45v1280q0 26 19 45t45 19h320
+v288q0 40 28 68t68 28h448q40 0 68 -28t28 -68v-288h320q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="ambulance" unicode="&#xf0f9;" horiz-adv-x="1920" 
+d="M640 128q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM256 640h384v256h-158q-14 -2 -22 -9l-195 -195q-7 -12 -9 -22v-30zM1536 128q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5
+t90.5 37.5t37.5 90.5zM1664 800v192q0 14 -9 23t-23 9h-224v224q0 14 -9 23t-23 9h-192q-14 0 -23 -9t-9 -23v-224h-224q-14 0 -23 -9t-9 -23v-192q0 -14 9 -23t23 -9h224v-224q0 -14 9 -23t23 -9h192q14 0 23 9t9 23v224h224q14 0 23 9t9 23zM1920 1344v-1152
+q0 -26 -19 -45t-45 -19h-192q0 -106 -75 -181t-181 -75t-181 75t-75 181h-384q0 -106 -75 -181t-181 -75t-181 75t-75 181h-128q-26 0 -45 19t-19 45t19 45t45 19v416q0 26 13 58t32 51l198 198q19 19 51 32t58 13h160v320q0 26 19 45t45 19h1152q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="medkit" unicode="&#xf0fa;" horiz-adv-x="1792" 
+d="M1280 416v192q0 14 -9 23t-23 9h-224v224q0 14 -9 23t-23 9h-192q-14 0 -23 -9t-9 -23v-224h-224q-14 0 -23 -9t-9 -23v-192q0 -14 9 -23t23 -9h224v-224q0 -14 9 -23t23 -9h192q14 0 23 9t9 23v224h224q14 0 23 9t9 23zM640 1152h512v128h-512v-128zM256 1152v-1280h-32
+q-92 0 -158 66t-66 158v832q0 92 66 158t158 66h32zM1440 1152v-1280h-1088v1280h160v160q0 40 28 68t68 28h576q40 0 68 -28t28 -68v-160h160zM1792 928v-832q0 -92 -66 -158t-158 -66h-32v1280h32q92 0 158 -66t66 -158z" />
+    <glyph glyph-name="fighter_jet" unicode="&#xf0fb;" horiz-adv-x="1920" 
+d="M1920 576q-1 -32 -288 -96l-352 -32l-224 -64h-64l-293 -352h69q26 0 45 -4.5t19 -11.5t-19 -11.5t-45 -4.5h-96h-160h-64v32h64v416h-160l-192 -224h-96l-32 32v192h32v32h128v8l-192 24v128l192 24v8h-128v32h-32v192l32 32h96l192 -224h160v416h-64v32h64h160h96
+q26 0 45 -4.5t19 -11.5t-19 -11.5t-45 -4.5h-69l293 -352h64l224 -64l352 -32q128 -28 200 -52t80 -34z" />
+    <glyph glyph-name="beer" unicode="&#xf0fc;" horiz-adv-x="1664" 
+d="M640 640v384h-256v-256q0 -53 37.5 -90.5t90.5 -37.5h128zM1664 192v-192h-1152v192l128 192h-128q-159 0 -271.5 112.5t-112.5 271.5v320l-64 64l32 128h480l32 128h960l32 -192l-64 -32v-800z" />
+    <glyph glyph-name="h_sign" unicode="&#xf0fd;" 
+d="M1280 192v896q0 26 -19 45t-45 19h-128q-26 0 -45 -19t-19 -45v-320h-512v320q0 26 -19 45t-45 19h-128q-26 0 -45 -19t-19 -45v-896q0 -26 19 -45t45 -19h128q26 0 45 19t19 45v320h512v-320q0 -26 19 -45t45 -19h128q26 0 45 19t19 45zM1536 1120v-960
+q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="f0fe" unicode="&#xf0fe;" 
+d="M1280 576v128q0 26 -19 45t-45 19h-320v320q0 26 -19 45t-45 19h-128q-26 0 -45 -19t-19 -45v-320h-320q-26 0 -45 -19t-19 -45v-128q0 -26 19 -45t45 -19h320v-320q0 -26 19 -45t45 -19h128q26 0 45 19t19 45v320h320q26 0 45 19t19 45zM1536 1120v-960
+q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="double_angle_left" unicode="&#xf100;" horiz-adv-x="1024" 
+d="M627 160q0 -13 -10 -23l-50 -50q-10 -10 -23 -10t-23 10l-466 466q-10 10 -10 23t10 23l466 466q10 10 23 10t23 -10l50 -50q10 -10 10 -23t-10 -23l-393 -393l393 -393q10 -10 10 -23zM1011 160q0 -13 -10 -23l-50 -50q-10 -10 -23 -10t-23 10l-466 466q-10 10 -10 23
+t10 23l466 466q10 10 23 10t23 -10l50 -50q10 -10 10 -23t-10 -23l-393 -393l393 -393q10 -10 10 -23z" />
+    <glyph glyph-name="double_angle_right" unicode="&#xf101;" horiz-adv-x="1024" 
+d="M595 576q0 -13 -10 -23l-466 -466q-10 -10 -23 -10t-23 10l-50 50q-10 10 -10 23t10 23l393 393l-393 393q-10 10 -10 23t10 23l50 50q10 10 23 10t23 -10l466 -466q10 -10 10 -23zM979 576q0 -13 -10 -23l-466 -466q-10 -10 -23 -10t-23 10l-50 50q-10 10 -10 23t10 23
+l393 393l-393 393q-10 10 -10 23t10 23l50 50q10 10 23 10t23 -10l466 -466q10 -10 10 -23z" />
+    <glyph glyph-name="double_angle_up" unicode="&#xf102;" horiz-adv-x="1152" 
+d="M1075 224q0 -13 -10 -23l-50 -50q-10 -10 -23 -10t-23 10l-393 393l-393 -393q-10 -10 -23 -10t-23 10l-50 50q-10 10 -10 23t10 23l466 466q10 10 23 10t23 -10l466 -466q10 -10 10 -23zM1075 608q0 -13 -10 -23l-50 -50q-10 -10 -23 -10t-23 10l-393 393l-393 -393
+q-10 -10 -23 -10t-23 10l-50 50q-10 10 -10 23t10 23l466 466q10 10 23 10t23 -10l466 -466q10 -10 10 -23z" />
+    <glyph glyph-name="double_angle_down" unicode="&#xf103;" horiz-adv-x="1152" 
+d="M1075 672q0 -13 -10 -23l-466 -466q-10 -10 -23 -10t-23 10l-466 466q-10 10 -10 23t10 23l50 50q10 10 23 10t23 -10l393 -393l393 393q10 10 23 10t23 -10l50 -50q10 -10 10 -23zM1075 1056q0 -13 -10 -23l-466 -466q-10 -10 -23 -10t-23 10l-466 466q-10 10 -10 23
+t10 23l50 50q10 10 23 10t23 -10l393 -393l393 393q10 10 23 10t23 -10l50 -50q10 -10 10 -23z" />
+    <glyph glyph-name="angle_left" unicode="&#xf104;" horiz-adv-x="640" 
+d="M627 992q0 -13 -10 -23l-393 -393l393 -393q10 -10 10 -23t-10 -23l-50 -50q-10 -10 -23 -10t-23 10l-466 466q-10 10 -10 23t10 23l466 466q10 10 23 10t23 -10l50 -50q10 -10 10 -23z" />
+    <glyph glyph-name="angle_right" unicode="&#xf105;" horiz-adv-x="640" 
+d="M595 576q0 -13 -10 -23l-466 -466q-10 -10 -23 -10t-23 10l-50 50q-10 10 -10 23t10 23l393 393l-393 393q-10 10 -10 23t10 23l50 50q10 10 23 10t23 -10l466 -466q10 -10 10 -23z" />
+    <glyph glyph-name="angle_up" unicode="&#xf106;" horiz-adv-x="1152" 
+d="M1075 352q0 -13 -10 -23l-50 -50q-10 -10 -23 -10t-23 10l-393 393l-393 -393q-10 -10 -23 -10t-23 10l-50 50q-10 10 -10 23t10 23l466 466q10 10 23 10t23 -10l466 -466q10 -10 10 -23z" />
+    <glyph glyph-name="angle_down" unicode="&#xf107;" horiz-adv-x="1152" 
+d="M1075 800q0 -13 -10 -23l-466 -466q-10 -10 -23 -10t-23 10l-466 466q-10 10 -10 23t10 23l50 50q10 10 23 10t23 -10l393 -393l393 393q10 10 23 10t23 -10l50 -50q10 -10 10 -23z" />
+    <glyph glyph-name="desktop" unicode="&#xf108;" horiz-adv-x="1920" 
+d="M1792 544v832q0 13 -9.5 22.5t-22.5 9.5h-1600q-13 0 -22.5 -9.5t-9.5 -22.5v-832q0 -13 9.5 -22.5t22.5 -9.5h1600q13 0 22.5 9.5t9.5 22.5zM1920 1376v-1088q0 -66 -47 -113t-113 -47h-544q0 -37 16 -77.5t32 -71t16 -43.5q0 -26 -19 -45t-45 -19h-512q-26 0 -45 19
+t-19 45q0 14 16 44t32 70t16 78h-544q-66 0 -113 47t-47 113v1088q0 66 47 113t113 47h1600q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="laptop" unicode="&#xf109;" horiz-adv-x="1920" 
+d="M416 256q-66 0 -113 47t-47 113v704q0 66 47 113t113 47h1088q66 0 113 -47t47 -113v-704q0 -66 -47 -113t-113 -47h-1088zM384 1120v-704q0 -13 9.5 -22.5t22.5 -9.5h1088q13 0 22.5 9.5t9.5 22.5v704q0 13 -9.5 22.5t-22.5 9.5h-1088q-13 0 -22.5 -9.5t-9.5 -22.5z
+M1760 192h160v-96q0 -40 -47 -68t-113 -28h-1600q-66 0 -113 28t-47 68v96h160h1600zM1040 96q16 0 16 16t-16 16h-160q-16 0 -16 -16t16 -16h160z" />
+    <glyph glyph-name="tablet" unicode="&#xf10a;" horiz-adv-x="1152" 
+d="M640 128q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1024 288v960q0 13 -9.5 22.5t-22.5 9.5h-832q-13 0 -22.5 -9.5t-9.5 -22.5v-960q0 -13 9.5 -22.5t22.5 -9.5h832q13 0 22.5 9.5t9.5 22.5zM1152 1248v-1088q0 -66 -47 -113t-113 -47h-832
+q-66 0 -113 47t-47 113v1088q0 66 47 113t113 47h832q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="mobile_phone" unicode="&#xf10b;" horiz-adv-x="768" 
+d="M464 128q0 33 -23.5 56.5t-56.5 23.5t-56.5 -23.5t-23.5 -56.5t23.5 -56.5t56.5 -23.5t56.5 23.5t23.5 56.5zM672 288v704q0 13 -9.5 22.5t-22.5 9.5h-512q-13 0 -22.5 -9.5t-9.5 -22.5v-704q0 -13 9.5 -22.5t22.5 -9.5h512q13 0 22.5 9.5t9.5 22.5zM480 1136
+q0 16 -16 16h-160q-16 0 -16 -16t16 -16h160q16 0 16 16zM768 1152v-1024q0 -52 -38 -90t-90 -38h-512q-52 0 -90 38t-38 90v1024q0 52 38 90t90 38h512q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="circle_blank" unicode="&#xf10c;" 
+d="M768 1184q-148 0 -273 -73t-198 -198t-73 -273t73 -273t198 -198t273 -73t273 73t198 198t73 273t-73 273t-198 198t-273 73zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103
+t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="quote_left" unicode="&#xf10d;" horiz-adv-x="1664" 
+d="M768 576v-384q0 -80 -56 -136t-136 -56h-384q-80 0 -136 56t-56 136v704q0 104 40.5 198.5t109.5 163.5t163.5 109.5t198.5 40.5h64q26 0 45 -19t19 -45v-128q0 -26 -19 -45t-45 -19h-64q-106 0 -181 -75t-75 -181v-32q0 -40 28 -68t68 -28h224q80 0 136 -56t56 -136z
+M1664 576v-384q0 -80 -56 -136t-136 -56h-384q-80 0 -136 56t-56 136v704q0 104 40.5 198.5t109.5 163.5t163.5 109.5t198.5 40.5h64q26 0 45 -19t19 -45v-128q0 -26 -19 -45t-45 -19h-64q-106 0 -181 -75t-75 -181v-32q0 -40 28 -68t68 -28h224q80 0 136 -56t56 -136z" />
+    <glyph glyph-name="quote_right" unicode="&#xf10e;" horiz-adv-x="1664" 
+d="M768 1216v-704q0 -104 -40.5 -198.5t-109.5 -163.5t-163.5 -109.5t-198.5 -40.5h-64q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h64q106 0 181 75t75 181v32q0 40 -28 68t-68 28h-224q-80 0 -136 56t-56 136v384q0 80 56 136t136 56h384q80 0 136 -56t56 -136zM1664 1216
+v-704q0 -104 -40.5 -198.5t-109.5 -163.5t-163.5 -109.5t-198.5 -40.5h-64q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h64q106 0 181 75t75 181v32q0 40 -28 68t-68 28h-224q-80 0 -136 56t-56 136v384q0 80 56 136t136 56h384q80 0 136 -56t56 -136z" />
+    <glyph glyph-name="spinner" unicode="&#xf110;" horiz-adv-x="1792" 
+d="M526 142q0 -53 -37.5 -90.5t-90.5 -37.5q-52 0 -90 38t-38 90q0 53 37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1024 -64q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM320 640q0 -53 -37.5 -90.5t-90.5 -37.5
+t-90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1522 142q0 -52 -38 -90t-90 -38q-53 0 -90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM558 1138q0 -66 -47 -113t-113 -47t-113 47t-47 113t47 113t113 47t113 -47t47 -113z
+M1728 640q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1088 1344q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM1618 1138q0 -93 -66 -158.5t-158 -65.5q-93 0 -158.5 65.5t-65.5 158.5
+q0 92 65.5 158t158.5 66q92 0 158 -66t66 -158z" />
+    <glyph glyph-name="circle" unicode="&#xf111;" 
+d="M1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="reply" unicode="&#xf112;" horiz-adv-x="1792" 
+d="M1792 416q0 -166 -127 -451q-3 -7 -10.5 -24t-13.5 -30t-13 -22q-12 -17 -28 -17q-15 0 -23.5 10t-8.5 25q0 9 2.5 26.5t2.5 23.5q5 68 5 123q0 101 -17.5 181t-48.5 138.5t-80 101t-105.5 69.5t-133 42.5t-154 21.5t-175.5 6h-224v-256q0 -26 -19 -45t-45 -19t-45 19
+l-512 512q-19 19 -19 45t19 45l512 512q19 19 45 19t45 -19t19 -45v-256h224q713 0 875 -403q53 -134 53 -333z" />
+    <glyph glyph-name="github_alt" unicode="&#xf113;" horiz-adv-x="1664" 
+d="M640 320q0 -40 -12.5 -82t-43 -76t-72.5 -34t-72.5 34t-43 76t-12.5 82t12.5 82t43 76t72.5 34t72.5 -34t43 -76t12.5 -82zM1280 320q0 -40 -12.5 -82t-43 -76t-72.5 -34t-72.5 34t-43 76t-12.5 82t12.5 82t43 76t72.5 34t72.5 -34t43 -76t12.5 -82zM1440 320
+q0 120 -69 204t-187 84q-41 0 -195 -21q-71 -11 -157 -11t-157 11q-152 21 -195 21q-118 0 -187 -84t-69 -204q0 -88 32 -153.5t81 -103t122 -60t140 -29.5t149 -7h168q82 0 149 7t140 29.5t122 60t81 103t32 153.5zM1664 496q0 -207 -61 -331q-38 -77 -105.5 -133t-141 -86
+t-170 -47.5t-171.5 -22t-167 -4.5q-78 0 -142 3t-147.5 12.5t-152.5 30t-137 51.5t-121 81t-86 115q-62 123 -62 331q0 237 136 396q-27 82 -27 170q0 116 51 218q108 0 190 -39.5t189 -123.5q147 35 309 35q148 0 280 -32q105 82 187 121t189 39q51 -102 51 -218
+q0 -87 -27 -168q136 -160 136 -398z" />
+    <glyph glyph-name="folder_close_alt" unicode="&#xf114;" horiz-adv-x="1664" 
+d="M1536 224v704q0 40 -28 68t-68 28h-704q-40 0 -68 28t-28 68v64q0 40 -28 68t-68 28h-320q-40 0 -68 -28t-28 -68v-960q0 -40 28 -68t68 -28h1216q40 0 68 28t28 68zM1664 928v-704q0 -92 -66 -158t-158 -66h-1216q-92 0 -158 66t-66 158v960q0 92 66 158t158 66h320
+q92 0 158 -66t66 -158v-32h672q92 0 158 -66t66 -158z" />
+    <glyph glyph-name="folder_open_alt" unicode="&#xf115;" horiz-adv-x="1920" 
+d="M1781 605q0 35 -53 35h-1088q-40 0 -85.5 -21.5t-71.5 -52.5l-294 -363q-18 -24 -18 -40q0 -35 53 -35h1088q40 0 86 22t71 53l294 363q18 22 18 39zM640 768h768v160q0 40 -28 68t-68 28h-576q-40 0 -68 28t-28 68v64q0 40 -28 68t-68 28h-320q-40 0 -68 -28t-28 -68
+v-853l256 315q44 53 116 87.5t140 34.5zM1909 605q0 -62 -46 -120l-295 -363q-43 -53 -116 -87.5t-140 -34.5h-1088q-92 0 -158 66t-66 158v960q0 92 66 158t158 66h320q92 0 158 -66t66 -158v-32h544q92 0 158 -66t66 -158v-160h192q54 0 99 -24.5t67 -70.5q15 -32 15 -68z
+" />
+    <glyph glyph-name="expand_alt" unicode="&#xf116;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="collapse_alt" unicode="&#xf117;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="smile" unicode="&#xf118;" 
+d="M1134 461q-37 -121 -138 -195t-228 -74t-228 74t-138 195q-8 25 4 48.5t38 31.5q25 8 48.5 -4t31.5 -38q25 -80 92.5 -129.5t151.5 -49.5t151.5 49.5t92.5 129.5q8 26 32 38t49 4t37 -31.5t4 -48.5zM640 896q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5t-37.5 90.5
+t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1152 896q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1408 640q0 130 -51 248.5t-136.5 204t-204 136.5t-248.5 51t-248.5 -51t-204 -136.5t-136.5 -204t-51 -248.5
+t51 -248.5t136.5 -204t204 -136.5t248.5 -51t248.5 51t204 136.5t136.5 204t51 248.5zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="frown" unicode="&#xf119;" 
+d="M1134 307q8 -25 -4 -48.5t-37 -31.5t-49 4t-32 38q-25 80 -92.5 129.5t-151.5 49.5t-151.5 -49.5t-92.5 -129.5q-8 -26 -31.5 -38t-48.5 -4q-26 8 -38 31.5t-4 48.5q37 121 138 195t228 74t228 -74t138 -195zM640 896q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5
+t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1152 896q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1408 640q0 130 -51 248.5t-136.5 204t-204 136.5t-248.5 51t-248.5 -51t-204 -136.5t-136.5 -204
+t-51 -248.5t51 -248.5t136.5 -204t204 -136.5t248.5 -51t248.5 51t204 136.5t136.5 204t51 248.5zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="meh" unicode="&#xf11a;" 
+d="M1152 448q0 -26 -19 -45t-45 -19h-640q-26 0 -45 19t-19 45t19 45t45 19h640q26 0 45 -19t19 -45zM640 896q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1152 896q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5
+t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1408 640q0 130 -51 248.5t-136.5 204t-204 136.5t-248.5 51t-248.5 -51t-204 -136.5t-136.5 -204t-51 -248.5t51 -248.5t136.5 -204t204 -136.5t248.5 -51t248.5 51t204 136.5t136.5 204t51 248.5zM1536 640
+q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="gamepad" unicode="&#xf11b;" horiz-adv-x="1920" 
+d="M832 448v128q0 14 -9 23t-23 9h-192v192q0 14 -9 23t-23 9h-128q-14 0 -23 -9t-9 -23v-192h-192q-14 0 -23 -9t-9 -23v-128q0 -14 9 -23t23 -9h192v-192q0 -14 9 -23t23 -9h128q14 0 23 9t9 23v192h192q14 0 23 9t9 23zM1408 384q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5
+t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1664 640q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1920 512q0 -212 -150 -362t-362 -150q-192 0 -338 128h-220q-146 -128 -338 -128q-212 0 -362 150
+t-150 362t150 362t362 150h896q212 0 362 -150t150 -362z" />
+    <glyph glyph-name="keyboard" unicode="&#xf11c;" horiz-adv-x="1920" 
+d="M384 368v-96q0 -16 -16 -16h-96q-16 0 -16 16v96q0 16 16 16h96q16 0 16 -16zM512 624v-96q0 -16 -16 -16h-224q-16 0 -16 16v96q0 16 16 16h224q16 0 16 -16zM384 880v-96q0 -16 -16 -16h-96q-16 0 -16 16v96q0 16 16 16h96q16 0 16 -16zM1408 368v-96q0 -16 -16 -16
+h-864q-16 0 -16 16v96q0 16 16 16h864q16 0 16 -16zM768 624v-96q0 -16 -16 -16h-96q-16 0 -16 16v96q0 16 16 16h96q16 0 16 -16zM640 880v-96q0 -16 -16 -16h-96q-16 0 -16 16v96q0 16 16 16h96q16 0 16 -16zM1024 624v-96q0 -16 -16 -16h-96q-16 0 -16 16v96q0 16 16 16
+h96q16 0 16 -16zM896 880v-96q0 -16 -16 -16h-96q-16 0 -16 16v96q0 16 16 16h96q16 0 16 -16zM1280 624v-96q0 -16 -16 -16h-96q-16 0 -16 16v96q0 16 16 16h96q16 0 16 -16zM1664 368v-96q0 -16 -16 -16h-96q-16 0 -16 16v96q0 16 16 16h96q16 0 16 -16zM1152 880v-96
+q0 -16 -16 -16h-96q-16 0 -16 16v96q0 16 16 16h96q16 0 16 -16zM1408 880v-96q0 -16 -16 -16h-96q-16 0 -16 16v96q0 16 16 16h96q16 0 16 -16zM1664 880v-352q0 -16 -16 -16h-224q-16 0 -16 16v96q0 16 16 16h112v240q0 16 16 16h96q16 0 16 -16zM1792 128v896h-1664v-896
+h1664zM1920 1024v-896q0 -53 -37.5 -90.5t-90.5 -37.5h-1664q-53 0 -90.5 37.5t-37.5 90.5v896q0 53 37.5 90.5t90.5 37.5h1664q53 0 90.5 -37.5t37.5 -90.5z" />
+    <glyph glyph-name="flag_alt" unicode="&#xf11d;" horiz-adv-x="1792" 
+d="M1664 491v616q-169 -91 -306 -91q-82 0 -145 32q-100 49 -184 76.5t-178 27.5q-173 0 -403 -127v-599q245 113 433 113q55 0 103.5 -7.5t98 -26t77 -31t82.5 -39.5l28 -14q44 -22 101 -22q120 0 293 92zM320 1280q0 -35 -17.5 -64t-46.5 -46v-1266q0 -14 -9 -23t-23 -9
+h-64q-14 0 -23 9t-9 23v1266q-29 17 -46.5 46t-17.5 64q0 53 37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1792 1216v-763q0 -39 -35 -57q-10 -5 -17 -9q-218 -116 -369 -116q-88 0 -158 35l-28 14q-64 33 -99 48t-91 29t-114 14q-102 0 -235.5 -44t-228.5 -102
+q-15 -9 -33 -9q-16 0 -32 8q-32 19 -32 56v742q0 35 31 55q35 21 78.5 42.5t114 52t152.5 49.5t155 19q112 0 209 -31t209 -86q38 -19 89 -19q122 0 310 112q22 12 31 17q31 16 62 -2q31 -20 31 -55z" />
+    <glyph glyph-name="flag_checkered" unicode="&#xf11e;" horiz-adv-x="1792" 
+d="M832 536v192q-181 -16 -384 -117v-185q205 96 384 110zM832 954v197q-172 -8 -384 -126v-189q215 111 384 118zM1664 491v184q-235 -116 -384 -71v224q-20 6 -39 15q-5 3 -33 17t-34.5 17t-31.5 15t-34.5 15.5t-32.5 13t-36 12.5t-35 8.5t-39.5 7.5t-39.5 4t-44 2
+q-23 0 -49 -3v-222h19q102 0 192.5 -29t197.5 -82q19 -9 39 -15v-188q42 -17 91 -17q120 0 293 92zM1664 918v189q-169 -91 -306 -91q-45 0 -78 8v-196q148 -42 384 90zM320 1280q0 -35 -17.5 -64t-46.5 -46v-1266q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v1266
+q-29 17 -46.5 46t-17.5 64q0 53 37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1792 1216v-763q0 -39 -35 -57q-10 -5 -17 -9q-218 -116 -369 -116q-88 0 -158 35l-28 14q-64 33 -99 48t-91 29t-114 14q-102 0 -235.5 -44t-228.5 -102q-15 -9 -33 -9q-16 0 -32 8
+q-32 19 -32 56v742q0 35 31 55q35 21 78.5 42.5t114 52t152.5 49.5t155 19q112 0 209 -31t209 -86q38 -19 89 -19q122 0 310 112q22 12 31 17q31 16 62 -2q31 -20 31 -55z" />
+    <glyph glyph-name="terminal" unicode="&#xf120;" horiz-adv-x="1664" 
+d="M585 553l-466 -466q-10 -10 -23 -10t-23 10l-50 50q-10 10 -10 23t10 23l393 393l-393 393q-10 10 -10 23t10 23l50 50q10 10 23 10t23 -10l466 -466q10 -10 10 -23t-10 -23zM1664 96v-64q0 -14 -9 -23t-23 -9h-960q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h960q14 0 23 -9
+t9 -23z" />
+    <glyph glyph-name="code" unicode="&#xf121;" horiz-adv-x="1920" 
+d="M617 137l-50 -50q-10 -10 -23 -10t-23 10l-466 466q-10 10 -10 23t10 23l466 466q10 10 23 10t23 -10l50 -50q10 -10 10 -23t-10 -23l-393 -393l393 -393q10 -10 10 -23t-10 -23zM1208 1204l-373 -1291q-4 -13 -15.5 -19.5t-23.5 -2.5l-62 17q-13 4 -19.5 15.5t-2.5 24.5
+l373 1291q4 13 15.5 19.5t23.5 2.5l62 -17q13 -4 19.5 -15.5t2.5 -24.5zM1865 553l-466 -466q-10 -10 -23 -10t-23 10l-50 50q-10 10 -10 23t10 23l393 393l-393 393q-10 10 -10 23t10 23l50 50q10 10 23 10t23 -10l466 -466q10 -10 10 -23t-10 -23z" />
+    <glyph glyph-name="reply_all" unicode="&#xf122;" horiz-adv-x="1792" 
+d="M640 454v-70q0 -42 -39 -59q-13 -5 -25 -5q-27 0 -45 19l-512 512q-19 19 -19 45t19 45l512 512q29 31 70 14q39 -17 39 -59v-69l-397 -398q-19 -19 -19 -45t19 -45zM1792 416q0 -58 -17 -133.5t-38.5 -138t-48 -125t-40.5 -90.5l-20 -40q-8 -17 -28 -17q-6 0 -9 1
+q-25 8 -23 34q43 400 -106 565q-64 71 -170.5 110.5t-267.5 52.5v-251q0 -42 -39 -59q-13 -5 -25 -5q-27 0 -45 19l-512 512q-19 19 -19 45t19 45l512 512q29 31 70 14q39 -17 39 -59v-262q411 -28 599 -221q169 -173 169 -509z" />
+    <glyph glyph-name="star_half_empty" unicode="&#xf123;" horiz-adv-x="1664" 
+d="M1186 579l257 250l-356 52l-66 10l-30 60l-159 322v-963l59 -31l318 -168l-60 355l-12 66zM1638 841l-363 -354l86 -500q5 -33 -6 -51.5t-34 -18.5q-17 0 -40 12l-449 236l-449 -236q-23 -12 -40 -12q-23 0 -34 18.5t-6 51.5l86 500l-364 354q-32 32 -23 59.5t54 34.5
+l502 73l225 455q20 41 49 41q28 0 49 -41l225 -455l502 -73q45 -7 54 -34.5t-24 -59.5z" />
+    <glyph glyph-name="location_arrow" unicode="&#xf124;" horiz-adv-x="1408" 
+d="M1401 1187l-640 -1280q-17 -35 -57 -35q-5 0 -15 2q-22 5 -35.5 22.5t-13.5 39.5v576h-576q-22 0 -39.5 13.5t-22.5 35.5t4 42t29 30l1280 640q13 7 29 7q27 0 45 -19q15 -14 18.5 -34.5t-6.5 -39.5z" />
+    <glyph glyph-name="crop" unicode="&#xf125;" horiz-adv-x="1664" 
+d="M557 256h595v595zM512 301l595 595h-595v-595zM1664 224v-192q0 -14 -9 -23t-23 -9h-224v-224q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v224h-864q-14 0 -23 9t-9 23v864h-224q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h224v224q0 14 9 23t23 9h192q14 0 23 -9t9 -23
+v-224h851l246 247q10 9 23 9t23 -9q9 -10 9 -23t-9 -23l-247 -246v-851h224q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="code_fork" unicode="&#xf126;" horiz-adv-x="1024" 
+d="M288 64q0 40 -28 68t-68 28t-68 -28t-28 -68t28 -68t68 -28t68 28t28 68zM288 1216q0 40 -28 68t-68 28t-68 -28t-28 -68t28 -68t68 -28t68 28t28 68zM928 1088q0 40 -28 68t-68 28t-68 -28t-28 -68t28 -68t68 -28t68 28t28 68zM1024 1088q0 -52 -26 -96.5t-70 -69.5
+q-2 -287 -226 -414q-67 -38 -203 -81q-128 -40 -169.5 -71t-41.5 -100v-26q44 -25 70 -69.5t26 -96.5q0 -80 -56 -136t-136 -56t-136 56t-56 136q0 52 26 96.5t70 69.5v820q-44 25 -70 69.5t-26 96.5q0 80 56 136t136 56t136 -56t56 -136q0 -52 -26 -96.5t-70 -69.5v-497
+q54 26 154 57q55 17 87.5 29.5t70.5 31t59 39.5t40.5 51t28 69.5t8.5 91.5q-44 25 -70 69.5t-26 96.5q0 80 56 136t136 56t136 -56t56 -136z" />
+    <glyph glyph-name="unlink" unicode="&#xf127;" horiz-adv-x="1664" 
+d="M439 265l-256 -256q-11 -9 -23 -9t-23 9q-9 10 -9 23t9 23l256 256q10 9 23 9t23 -9q9 -10 9 -23t-9 -23zM608 224v-320q0 -14 -9 -23t-23 -9t-23 9t-9 23v320q0 14 9 23t23 9t23 -9t9 -23zM384 448q0 -14 -9 -23t-23 -9h-320q-14 0 -23 9t-9 23t9 23t23 9h320
+q14 0 23 -9t9 -23zM1648 320q0 -120 -85 -203l-147 -146q-83 -83 -203 -83q-121 0 -204 85l-334 335q-21 21 -42 56l239 18l273 -274q27 -27 68 -27.5t68 26.5l147 146q28 28 28 67q0 40 -28 68l-274 275l18 239q35 -21 56 -42l336 -336q84 -86 84 -204zM1031 1044l-239 -18
+l-273 274q-28 28 -68 28q-39 0 -68 -27l-147 -146q-28 -28 -28 -67q0 -40 28 -68l274 -274l-18 -240q-35 21 -56 42l-336 336q-84 86 -84 204q0 120 85 203l147 146q83 83 203 83q121 0 204 -85l334 -335q21 -21 42 -56zM1664 960q0 -14 -9 -23t-23 -9h-320q-14 0 -23 9
+t-9 23t9 23t23 9h320q14 0 23 -9t9 -23zM1120 1504v-320q0 -14 -9 -23t-23 -9t-23 9t-9 23v320q0 14 9 23t23 9t23 -9t9 -23zM1527 1353l-256 -256q-11 -9 -23 -9t-23 9q-9 10 -9 23t9 23l256 256q10 9 23 9t23 -9q9 -10 9 -23t-9 -23z" />
+    <glyph glyph-name="question" unicode="&#xf128;" horiz-adv-x="1024" 
+d="M704 280v-240q0 -16 -12 -28t-28 -12h-240q-16 0 -28 12t-12 28v240q0 16 12 28t28 12h240q16 0 28 -12t12 -28zM1020 880q0 -54 -15.5 -101t-35 -76.5t-55 -59.5t-57.5 -43.5t-61 -35.5q-41 -23 -68.5 -65t-27.5 -67q0 -17 -12 -32.5t-28 -15.5h-240q-15 0 -25.5 18.5
+t-10.5 37.5v45q0 83 65 156.5t143 108.5q59 27 84 56t25 76q0 42 -46.5 74t-107.5 32q-65 0 -108 -29q-35 -25 -107 -115q-13 -16 -31 -16q-12 0 -25 8l-164 125q-13 10 -15.5 25t5.5 28q160 266 464 266q80 0 161 -31t146 -83t106 -127.5t41 -158.5z" />
+    <glyph glyph-name="_279" unicode="&#xf129;" horiz-adv-x="640" 
+d="M640 192v-128q0 -26 -19 -45t-45 -19h-512q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h64v384h-64q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h384q26 0 45 -19t19 -45v-576h64q26 0 45 -19t19 -45zM512 1344v-192q0 -26 -19 -45t-45 -19h-256q-26 0 -45 19t-19 45v192
+q0 26 19 45t45 19h256q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="exclamation" unicode="&#xf12a;" horiz-adv-x="640" 
+d="M512 288v-224q0 -26 -19 -45t-45 -19h-256q-26 0 -45 19t-19 45v224q0 26 19 45t45 19h256q26 0 45 -19t19 -45zM542 1344l-28 -768q-1 -26 -20.5 -45t-45.5 -19h-256q-26 0 -45.5 19t-20.5 45l-28 768q-1 26 17.5 45t44.5 19h320q26 0 44.5 -19t17.5 -45z" />
+    <glyph glyph-name="superscript" unicode="&#xf12b;" 
+d="M897 167v-167h-248l-159 252l-24 42q-8 9 -11 21h-3q-1 -3 -2.5 -6.5t-3.5 -8t-3 -6.5q-10 -20 -25 -44l-155 -250h-258v167h128l197 291l-185 272h-137v168h276l139 -228q2 -4 23 -42q8 -9 11 -21h3q3 9 11 21l25 42l140 228h257v-168h-125l-184 -267l204 -296h109z
+M1534 846v-206h-514l-3 27q-4 28 -4 46q0 64 26 117t65 86.5t84 65t84 54.5t65 54t26 64q0 38 -29.5 62.5t-70.5 24.5q-51 0 -97 -39q-14 -11 -36 -38l-105 92q26 37 63 66q83 65 188 65q110 0 178 -59.5t68 -158.5q0 -56 -24.5 -103t-62 -76.5t-81.5 -58.5t-82 -50.5
+t-65.5 -51.5t-30.5 -63h232v80h126z" />
+    <glyph glyph-name="subscript" unicode="&#xf12c;" 
+d="M897 167v-167h-248l-159 252l-24 42q-8 9 -11 21h-3q-1 -3 -2.5 -6.5t-3.5 -8t-3 -6.5q-10 -20 -25 -44l-155 -250h-258v167h128l197 291l-185 272h-137v168h276l139 -228q2 -4 23 -42q8 -9 11 -21h3q3 9 11 21l25 42l140 228h257v-168h-125l-184 -267l204 -296h109z
+M1536 -50v-206h-514l-4 27q-3 45 -3 46q0 64 26 117t65 86.5t84 65t84 54.5t65 54t26 64q0 38 -29.5 62.5t-70.5 24.5q-51 0 -97 -39q-14 -11 -36 -38l-105 92q26 37 63 66q80 65 188 65q110 0 178 -59.5t68 -158.5q0 -66 -34.5 -118.5t-84 -86t-99.5 -62.5t-87 -63t-41 -73
+h232v80h126z" />
+    <glyph glyph-name="_283" unicode="&#xf12d;" horiz-adv-x="1920" 
+d="M896 128l336 384h-768l-336 -384h768zM1909 1205q15 -34 9.5 -71.5t-30.5 -65.5l-896 -1024q-38 -44 -96 -44h-768q-38 0 -69.5 20.5t-47.5 54.5q-15 34 -9.5 71.5t30.5 65.5l896 1024q38 44 96 44h768q38 0 69.5 -20.5t47.5 -54.5z" />
+    <glyph glyph-name="puzzle_piece" unicode="&#xf12e;" horiz-adv-x="1664" 
+d="M1664 438q0 -81 -44.5 -135t-123.5 -54q-41 0 -77.5 17.5t-59 38t-56.5 38t-71 17.5q-110 0 -110 -124q0 -39 16 -115t15 -115v-5q-22 0 -33 -1q-34 -3 -97.5 -11.5t-115.5 -13.5t-98 -5q-61 0 -103 26.5t-42 83.5q0 37 17.5 71t38 56.5t38 59t17.5 77.5q0 79 -54 123.5
+t-135 44.5q-84 0 -143 -45.5t-59 -127.5q0 -43 15 -83t33.5 -64.5t33.5 -53t15 -50.5q0 -45 -46 -89q-37 -35 -117 -35q-95 0 -245 24q-9 2 -27.5 4t-27.5 4l-13 2q-1 0 -3 1q-2 0 -2 1v1024q2 -1 17.5 -3.5t34 -5t21.5 -3.5q150 -24 245 -24q80 0 117 35q46 44 46 89
+q0 22 -15 50.5t-33.5 53t-33.5 64.5t-15 83q0 82 59 127.5t144 45.5q80 0 134 -44.5t54 -123.5q0 -41 -17.5 -77.5t-38 -59t-38 -56.5t-17.5 -71q0 -57 42 -83.5t103 -26.5q64 0 180 15t163 17v-2q-1 -2 -3.5 -17.5t-5 -34t-3.5 -21.5q-24 -150 -24 -245q0 -80 35 -117
+q44 -46 89 -46q22 0 50.5 15t53 33.5t64.5 33.5t83 15q82 0 127.5 -59t45.5 -143z" />
+    <glyph glyph-name="microphone" unicode="&#xf130;" horiz-adv-x="1152" 
+d="M1152 832v-128q0 -221 -147.5 -384.5t-364.5 -187.5v-132h256q26 0 45 -19t19 -45t-19 -45t-45 -19h-640q-26 0 -45 19t-19 45t19 45t45 19h256v132q-217 24 -364.5 187.5t-147.5 384.5v128q0 26 19 45t45 19t45 -19t19 -45v-128q0 -185 131.5 -316.5t316.5 -131.5
+t316.5 131.5t131.5 316.5v128q0 26 19 45t45 19t45 -19t19 -45zM896 1216v-512q0 -132 -94 -226t-226 -94t-226 94t-94 226v512q0 132 94 226t226 94t226 -94t94 -226z" />
+    <glyph glyph-name="microphone_off" unicode="&#xf131;" horiz-adv-x="1408" 
+d="M271 591l-101 -101q-42 103 -42 214v128q0 26 19 45t45 19t45 -19t19 -45v-128q0 -53 15 -113zM1385 1193l-361 -361v-128q0 -132 -94 -226t-226 -94q-55 0 -109 19l-96 -96q97 -51 205 -51q185 0 316.5 131.5t131.5 316.5v128q0 26 19 45t45 19t45 -19t19 -45v-128
+q0 -221 -147.5 -384.5t-364.5 -187.5v-132h256q26 0 45 -19t19 -45t-19 -45t-45 -19h-640q-26 0 -45 19t-19 45t19 45t45 19h256v132q-125 13 -235 81l-254 -254q-10 -10 -23 -10t-23 10l-82 82q-10 10 -10 23t10 23l1234 1234q10 10 23 10t23 -10l82 -82q10 -10 10 -23
+t-10 -23zM1005 1325l-621 -621v512q0 132 94 226t226 94q102 0 184.5 -59t116.5 -152z" />
+    <glyph glyph-name="shield" unicode="&#xf132;" horiz-adv-x="1280" 
+d="M1088 576v640h-448v-1137q119 63 213 137q235 184 235 360zM1280 1344v-768q0 -86 -33.5 -170.5t-83 -150t-118 -127.5t-126.5 -103t-121 -77.5t-89.5 -49.5t-42.5 -20q-12 -6 -26 -6t-26 6q-16 7 -42.5 20t-89.5 49.5t-121 77.5t-126.5 103t-118 127.5t-83 150
+t-33.5 170.5v768q0 26 19 45t45 19h1152q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="calendar_empty" unicode="&#xf133;" horiz-adv-x="1664" 
+d="M128 -128h1408v1024h-1408v-1024zM512 1088v288q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-288q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM1280 1088v288q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-288q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM1664 1152v-1280
+q0 -52 -38 -90t-90 -38h-1408q-52 0 -90 38t-38 90v1280q0 52 38 90t90 38h128v96q0 66 47 113t113 47h64q66 0 113 -47t47 -113v-96h384v96q0 66 47 113t113 47h64q66 0 113 -47t47 -113v-96h128q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="fire_extinguisher" unicode="&#xf134;" horiz-adv-x="1408" 
+d="M512 1344q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1408 1376v-320q0 -16 -12 -25q-8 -7 -20 -7q-4 0 -7 1l-448 96q-11 2 -18 11t-7 20h-256v-102q111 -23 183.5 -111t72.5 -203v-800q0 -26 -19 -45t-45 -19h-512q-26 0 -45 19t-19 45v800
+q0 106 62.5 190.5t161.5 114.5v111h-32q-59 0 -115 -23.5t-91.5 -53t-66 -66.5t-40.5 -53.5t-14 -24.5q-17 -35 -57 -35q-16 0 -29 7q-23 12 -31.5 37t3.5 49q5 10 14.5 26t37.5 53.5t60.5 70t85 67t108.5 52.5q-25 42 -25 86q0 66 47 113t113 47t113 -47t47 -113
+q0 -33 -14 -64h302q0 11 7 20t18 11l448 96q3 1 7 1q12 0 20 -7q12 -9 12 -25z" />
+    <glyph glyph-name="rocket" unicode="&#xf135;" horiz-adv-x="1664" 
+d="M1440 1088q0 40 -28 68t-68 28t-68 -28t-28 -68t28 -68t68 -28t68 28t28 68zM1664 1376q0 -249 -75.5 -430.5t-253.5 -360.5q-81 -80 -195 -176l-20 -379q-2 -16 -16 -26l-384 -224q-7 -4 -16 -4q-12 0 -23 9l-64 64q-13 14 -8 32l85 276l-281 281l-276 -85q-3 -1 -9 -1
+q-14 0 -23 9l-64 64q-17 19 -5 39l224 384q10 14 26 16l379 20q96 114 176 195q188 187 358 258t431 71q14 0 24 -9.5t10 -22.5z" />
+    <glyph glyph-name="maxcdn" unicode="&#xf136;" horiz-adv-x="1792" 
+d="M1745 763l-164 -763h-334l178 832q13 56 -15 88q-27 33 -83 33h-169l-204 -953h-334l204 953h-286l-204 -953h-334l204 953l-153 327h1276q101 0 189.5 -40.5t147.5 -113.5q60 -73 81 -168.5t0 -194.5z" />
+    <glyph glyph-name="chevron_sign_left" unicode="&#xf137;" 
+d="M909 141l102 102q19 19 19 45t-19 45l-307 307l307 307q19 19 19 45t-19 45l-102 102q-19 19 -45 19t-45 -19l-454 -454q-19 -19 -19 -45t19 -45l454 -454q19 -19 45 -19t45 19zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5
+t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="chevron_sign_right" unicode="&#xf138;" 
+d="M717 141l454 454q19 19 19 45t-19 45l-454 454q-19 19 -45 19t-45 -19l-102 -102q-19 -19 -19 -45t19 -45l307 -307l-307 -307q-19 -19 -19 -45t19 -45l102 -102q19 -19 45 -19t45 19zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5
+t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="chevron_sign_up" unicode="&#xf139;" 
+d="M1165 397l102 102q19 19 19 45t-19 45l-454 454q-19 19 -45 19t-45 -19l-454 -454q-19 -19 -19 -45t19 -45l102 -102q19 -19 45 -19t45 19l307 307l307 -307q19 -19 45 -19t45 19zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5
+t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="chevron_sign_down" unicode="&#xf13a;" 
+d="M813 237l454 454q19 19 19 45t-19 45l-102 102q-19 19 -45 19t-45 -19l-307 -307l-307 307q-19 19 -45 19t-45 -19l-102 -102q-19 -19 -19 -45t19 -45l454 -454q19 -19 45 -19t45 19zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5
+t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="html5" unicode="&#xf13b;" horiz-adv-x="1408" 
+d="M1130 939l16 175h-884l47 -534h612l-22 -228l-197 -53l-196 53l-13 140h-175l22 -278l362 -100h4v1l359 99l50 544h-644l-15 181h674zM0 1408h1408l-128 -1438l-578 -162l-574 162z" />
+    <glyph glyph-name="css3" unicode="&#xf13c;" horiz-adv-x="1792" 
+d="M275 1408h1505l-266 -1333l-804 -267l-698 267l71 356h297l-29 -147l422 -161l486 161l68 339h-1208l58 297h1209l38 191h-1208z" />
+    <glyph glyph-name="anchor" unicode="&#xf13d;" horiz-adv-x="1792" 
+d="M960 1280q0 26 -19 45t-45 19t-45 -19t-19 -45t19 -45t45 -19t45 19t19 45zM1792 352v-352q0 -22 -20 -30q-8 -2 -12 -2q-12 0 -23 9l-93 93q-119 -143 -318.5 -226.5t-429.5 -83.5t-429.5 83.5t-318.5 226.5l-93 -93q-9 -9 -23 -9q-4 0 -12 2q-20 8 -20 30v352
+q0 14 9 23t23 9h352q22 0 30 -20q8 -19 -7 -35l-100 -100q67 -91 189.5 -153.5t271.5 -82.5v647h-192q-26 0 -45 19t-19 45v128q0 26 19 45t45 19h192v163q-58 34 -93 92.5t-35 128.5q0 106 75 181t181 75t181 -75t75 -181q0 -70 -35 -128.5t-93 -92.5v-163h192q26 0 45 -19
+t19 -45v-128q0 -26 -19 -45t-45 -19h-192v-647q149 20 271.5 82.5t189.5 153.5l-100 100q-15 16 -7 35q8 20 30 20h352q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="unlock_alt" unicode="&#xf13e;" horiz-adv-x="1152" 
+d="M1056 768q40 0 68 -28t28 -68v-576q0 -40 -28 -68t-68 -28h-960q-40 0 -68 28t-28 68v576q0 40 28 68t68 28h32v320q0 185 131.5 316.5t316.5 131.5t316.5 -131.5t131.5 -316.5q0 -26 -19 -45t-45 -19h-64q-26 0 -45 19t-19 45q0 106 -75 181t-181 75t-181 -75t-75 -181
+v-320h736z" />
+    <glyph glyph-name="bullseye" unicode="&#xf140;" 
+d="M1024 640q0 -106 -75 -181t-181 -75t-181 75t-75 181t75 181t181 75t181 -75t75 -181zM1152 640q0 159 -112.5 271.5t-271.5 112.5t-271.5 -112.5t-112.5 -271.5t112.5 -271.5t271.5 -112.5t271.5 112.5t112.5 271.5zM1280 640q0 -212 -150 -362t-362 -150t-362 150
+t-150 362t150 362t362 150t362 -150t150 -362zM1408 640q0 130 -51 248.5t-136.5 204t-204 136.5t-248.5 51t-248.5 -51t-204 -136.5t-136.5 -204t-51 -248.5t51 -248.5t136.5 -204t204 -136.5t248.5 -51t248.5 51t204 136.5t136.5 204t51 248.5zM1536 640
+q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="ellipsis_horizontal" unicode="&#xf141;" horiz-adv-x="1408" 
+d="M384 800v-192q0 -40 -28 -68t-68 -28h-192q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h192q40 0 68 -28t28 -68zM896 800v-192q0 -40 -28 -68t-68 -28h-192q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h192q40 0 68 -28t28 -68zM1408 800v-192q0 -40 -28 -68t-68 -28h-192
+q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h192q40 0 68 -28t28 -68z" />
+    <glyph glyph-name="ellipsis_vertical" unicode="&#xf142;" horiz-adv-x="384" 
+d="M384 288v-192q0 -40 -28 -68t-68 -28h-192q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h192q40 0 68 -28t28 -68zM384 800v-192q0 -40 -28 -68t-68 -28h-192q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h192q40 0 68 -28t28 -68zM384 1312v-192q0 -40 -28 -68t-68 -28h-192
+q-40 0 -68 28t-28 68v192q0 40 28 68t68 28h192q40 0 68 -28t28 -68z" />
+    <glyph glyph-name="_303" unicode="&#xf143;" 
+d="M512 256q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM863 162q-13 233 -176.5 396.5t-396.5 176.5q-14 1 -24 -9t-10 -23v-128q0 -13 8.5 -22t21.5 -10q154 -11 264 -121t121 -264q1 -13 10 -21.5t22 -8.5h128
+q13 0 23 10t9 24zM1247 161q-5 154 -56 297.5t-139.5 260t-205 205t-260 139.5t-297.5 56q-14 1 -23 -9q-10 -10 -10 -23v-128q0 -13 9 -22t22 -10q204 -7 378 -111.5t278.5 -278.5t111.5 -378q1 -13 10 -22t22 -9h128q13 0 23 10q11 9 9 23zM1536 1120v-960
+q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="play_sign" unicode="&#xf144;" 
+d="M768 1408q209 0 385.5 -103t279.5 -279.5t103 -385.5t-103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103zM1152 585q32 18 32 55t-32 55l-544 320q-31 19 -64 1q-32 -19 -32 -56v-640q0 -37 32 -56
+q16 -8 32 -8q17 0 32 9z" />
+    <glyph glyph-name="ticket" unicode="&#xf145;" horiz-adv-x="1792" 
+d="M1024 1084l316 -316l-572 -572l-316 316zM813 105l618 618q19 19 19 45t-19 45l-362 362q-18 18 -45 18t-45 -18l-618 -618q-19 -19 -19 -45t19 -45l362 -362q18 -18 45 -18t45 18zM1702 742l-907 -908q-37 -37 -90.5 -37t-90.5 37l-126 126q56 56 56 136t-56 136
+t-136 56t-136 -56l-125 126q-37 37 -37 90.5t37 90.5l907 906q37 37 90.5 37t90.5 -37l125 -125q-56 -56 -56 -136t56 -136t136 -56t136 56l126 -125q37 -37 37 -90.5t-37 -90.5z" />
+    <glyph glyph-name="minus_sign_alt" unicode="&#xf146;" 
+d="M1280 576v128q0 26 -19 45t-45 19h-896q-26 0 -45 -19t-19 -45v-128q0 -26 19 -45t45 -19h896q26 0 45 19t19 45zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5
+t84.5 -203.5z" />
+    <glyph glyph-name="check_minus" unicode="&#xf147;" horiz-adv-x="1408" 
+d="M1152 736v-64q0 -14 -9 -23t-23 -9h-832q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h832q14 0 23 -9t9 -23zM1280 288v832q0 66 -47 113t-113 47h-832q-66 0 -113 -47t-47 -113v-832q0 -66 47 -113t113 -47h832q66 0 113 47t47 113zM1408 1120v-832q0 -119 -84.5 -203.5
+t-203.5 -84.5h-832q-119 0 -203.5 84.5t-84.5 203.5v832q0 119 84.5 203.5t203.5 84.5h832q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="level_up" unicode="&#xf148;" horiz-adv-x="1024" 
+d="M1018 933q-18 -37 -58 -37h-192v-864q0 -14 -9 -23t-23 -9h-704q-21 0 -29 18q-8 20 4 35l160 192q9 11 25 11h320v640h-192q-40 0 -58 37q-17 37 9 68l320 384q18 22 49 22t49 -22l320 -384q27 -32 9 -68z" />
+    <glyph glyph-name="level_down" unicode="&#xf149;" horiz-adv-x="1024" 
+d="M32 1280h704q13 0 22.5 -9.5t9.5 -23.5v-863h192q40 0 58 -37t-9 -69l-320 -384q-18 -22 -49 -22t-49 22l-320 384q-26 31 -9 69q18 37 58 37h192v640h-320q-14 0 -25 11l-160 192q-13 14 -4 34q9 19 29 19z" />
+    <glyph glyph-name="check_sign" unicode="&#xf14a;" 
+d="M685 237l614 614q19 19 19 45t-19 45l-102 102q-19 19 -45 19t-45 -19l-467 -467l-211 211q-19 19 -45 19t-45 -19l-102 -102q-19 -19 -19 -45t19 -45l358 -358q19 -19 45 -19t45 19zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5
+t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="edit_sign" unicode="&#xf14b;" 
+d="M404 428l152 -152l-52 -52h-56v96h-96v56zM818 818q14 -13 -3 -30l-291 -291q-17 -17 -30 -3q-14 13 3 30l291 291q17 17 30 3zM544 128l544 544l-288 288l-544 -544v-288h288zM1152 736l92 92q28 28 28 68t-28 68l-152 152q-28 28 -68 28t-68 -28l-92 -92zM1536 1120
+v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="_312" unicode="&#xf14c;" 
+d="M1280 608v480q0 26 -19 45t-45 19h-480q-42 0 -59 -39q-17 -41 14 -70l144 -144l-534 -534q-19 -19 -19 -45t19 -45l102 -102q19 -19 45 -19t45 19l534 534l144 -144q18 -19 45 -19q12 0 25 5q39 17 39 59zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960
+q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="share_sign" unicode="&#xf14d;" 
+d="M1005 435l352 352q19 19 19 45t-19 45l-352 352q-30 31 -69 14q-40 -17 -40 -59v-160q-119 0 -216 -19.5t-162.5 -51t-114 -79t-76.5 -95.5t-44.5 -109t-21.5 -111.5t-5 -110.5q0 -181 167 -404q11 -12 25 -12q7 0 13 3q22 9 19 33q-44 354 62 473q46 52 130 75.5
+t224 23.5v-160q0 -42 40 -59q12 -5 24 -5q26 0 45 19zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="compass" unicode="&#xf14e;" 
+d="M640 448l256 128l-256 128v-256zM1024 1039v-542l-512 -256v542zM1312 640q0 148 -73 273t-198 198t-273 73t-273 -73t-198 -198t-73 -273t73 -273t198 -198t273 -73t273 73t198 198t73 273zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103
+t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="collapse" unicode="&#xf150;" 
+d="M1145 861q18 -35 -5 -66l-320 -448q-19 -27 -52 -27t-52 27l-320 448q-23 31 -5 66q17 35 57 35h640q40 0 57 -35zM1280 160v960q0 13 -9.5 22.5t-22.5 9.5h-960q-13 0 -22.5 -9.5t-9.5 -22.5v-960q0 -13 9.5 -22.5t22.5 -9.5h960q13 0 22.5 9.5t9.5 22.5zM1536 1120
+v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="collapse_top" unicode="&#xf151;" 
+d="M1145 419q-17 -35 -57 -35h-640q-40 0 -57 35q-18 35 5 66l320 448q19 27 52 27t52 -27l320 -448q23 -31 5 -66zM1280 160v960q0 13 -9.5 22.5t-22.5 9.5h-960q-13 0 -22.5 -9.5t-9.5 -22.5v-960q0 -13 9.5 -22.5t22.5 -9.5h960q13 0 22.5 9.5t9.5 22.5zM1536 1120v-960
+q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="_317" unicode="&#xf152;" 
+d="M1088 640q0 -33 -27 -52l-448 -320q-31 -23 -66 -5q-35 17 -35 57v640q0 40 35 57q35 18 66 -5l448 -320q27 -19 27 -52zM1280 160v960q0 14 -9 23t-23 9h-960q-14 0 -23 -9t-9 -23v-960q0 -14 9 -23t23 -9h960q14 0 23 9t9 23zM1536 1120v-960q0 -119 -84.5 -203.5
+t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="eur" unicode="&#xf153;" horiz-adv-x="1024" 
+d="M976 229l35 -159q3 -12 -3 -22.5t-17 -14.5l-5 -1q-4 -2 -10.5 -3.5t-16 -4.5t-21.5 -5.5t-25.5 -5t-30 -5t-33.5 -4.5t-36.5 -3t-38.5 -1q-234 0 -409 130.5t-238 351.5h-95q-13 0 -22.5 9.5t-9.5 22.5v113q0 13 9.5 22.5t22.5 9.5h66q-2 57 1 105h-67q-14 0 -23 9
+t-9 23v114q0 14 9 23t23 9h98q67 210 243.5 338t400.5 128q102 0 194 -23q11 -3 20 -15q6 -11 3 -24l-43 -159q-3 -13 -14 -19.5t-24 -2.5l-4 1q-4 1 -11.5 2.5l-17.5 3.5t-22.5 3.5t-26 3t-29 2.5t-29.5 1q-126 0 -226 -64t-150 -176h468q16 0 25 -12q10 -12 7 -26
+l-24 -114q-5 -26 -32 -26h-488q-3 -37 0 -105h459q15 0 25 -12q9 -12 6 -27l-24 -112q-2 -11 -11 -18.5t-20 -7.5h-387q48 -117 149.5 -185.5t228.5 -68.5q18 0 36 1.5t33.5 3.5t29.5 4.5t24.5 5t18.5 4.5l12 3l5 2q13 5 26 -2q12 -7 15 -21z" />
+    <glyph glyph-name="gbp" unicode="&#xf154;" horiz-adv-x="1024" 
+d="M1020 399v-367q0 -14 -9 -23t-23 -9h-956q-14 0 -23 9t-9 23v150q0 13 9.5 22.5t22.5 9.5h97v383h-95q-14 0 -23 9.5t-9 22.5v131q0 14 9 23t23 9h95v223q0 171 123.5 282t314.5 111q185 0 335 -125q9 -8 10 -20.5t-7 -22.5l-103 -127q-9 -11 -22 -12q-13 -2 -23 7
+q-5 5 -26 19t-69 32t-93 18q-85 0 -137 -47t-52 -123v-215h305q13 0 22.5 -9t9.5 -23v-131q0 -13 -9.5 -22.5t-22.5 -9.5h-305v-379h414v181q0 13 9 22.5t23 9.5h162q14 0 23 -9.5t9 -22.5z" />
+    <glyph glyph-name="usd" unicode="&#xf155;" horiz-adv-x="1024" 
+d="M978 351q0 -153 -99.5 -263.5t-258.5 -136.5v-175q0 -14 -9 -23t-23 -9h-135q-13 0 -22.5 9.5t-9.5 22.5v175q-66 9 -127.5 31t-101.5 44.5t-74 48t-46.5 37.5t-17.5 18q-17 21 -2 41l103 135q7 10 23 12q15 2 24 -9l2 -2q113 -99 243 -125q37 -8 74 -8q81 0 142.5 43
+t61.5 122q0 28 -15 53t-33.5 42t-58.5 37.5t-66 32t-80 32.5q-39 16 -61.5 25t-61.5 26.5t-62.5 31t-56.5 35.5t-53.5 42.5t-43.5 49t-35.5 58t-21 66.5t-8.5 78q0 138 98 242t255 134v180q0 13 9.5 22.5t22.5 9.5h135q14 0 23 -9t9 -23v-176q57 -6 110.5 -23t87 -33.5
+t63.5 -37.5t39 -29t15 -14q17 -18 5 -38l-81 -146q-8 -15 -23 -16q-14 -3 -27 7q-3 3 -14.5 12t-39 26.5t-58.5 32t-74.5 26t-85.5 11.5q-95 0 -155 -43t-60 -111q0 -26 8.5 -48t29.5 -41.5t39.5 -33t56 -31t60.5 -27t70 -27.5q53 -20 81 -31.5t76 -35t75.5 -42.5t62 -50
+t53 -63.5t31.5 -76.5t13 -94z" />
+    <glyph glyph-name="inr" unicode="&#xf156;" horiz-adv-x="898" 
+d="M898 1066v-102q0 -14 -9 -23t-23 -9h-168q-23 -144 -129 -234t-276 -110q167 -178 459 -536q14 -16 4 -34q-8 -18 -29 -18h-195q-16 0 -25 12q-306 367 -498 571q-9 9 -9 22v127q0 13 9.5 22.5t22.5 9.5h112q132 0 212.5 43t102.5 125h-427q-14 0 -23 9t-9 23v102
+q0 14 9 23t23 9h413q-57 113 -268 113h-145q-13 0 -22.5 9.5t-9.5 22.5v133q0 14 9 23t23 9h832q14 0 23 -9t9 -23v-102q0 -14 -9 -23t-23 -9h-233q47 -61 64 -144h171q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="jpy" unicode="&#xf157;" horiz-adv-x="1027" 
+d="M603 0h-172q-13 0 -22.5 9t-9.5 23v330h-288q-13 0 -22.5 9t-9.5 23v103q0 13 9.5 22.5t22.5 9.5h288v85h-288q-13 0 -22.5 9t-9.5 23v104q0 13 9.5 22.5t22.5 9.5h214l-321 578q-8 16 0 32q10 16 28 16h194q19 0 29 -18l215 -425q19 -38 56 -125q10 24 30.5 68t27.5 61
+l191 420q8 19 29 19h191q17 0 27 -16q9 -14 1 -31l-313 -579h215q13 0 22.5 -9.5t9.5 -22.5v-104q0 -14 -9.5 -23t-22.5 -9h-290v-85h290q13 0 22.5 -9.5t9.5 -22.5v-103q0 -14 -9.5 -23t-22.5 -9h-290v-330q0 -13 -9.5 -22.5t-22.5 -9.5z" />
+    <glyph glyph-name="rub" unicode="&#xf158;" horiz-adv-x="1280" 
+d="M1043 971q0 100 -65 162t-171 62h-320v-448h320q106 0 171 62t65 162zM1280 971q0 -193 -126.5 -315t-326.5 -122h-340v-118h505q14 0 23 -9t9 -23v-128q0 -14 -9 -23t-23 -9h-505v-192q0 -14 -9.5 -23t-22.5 -9h-167q-14 0 -23 9t-9 23v192h-224q-14 0 -23 9t-9 23v128
+q0 14 9 23t23 9h224v118h-224q-14 0 -23 9t-9 23v149q0 13 9 22.5t23 9.5h224v629q0 14 9 23t23 9h539q200 0 326.5 -122t126.5 -315z" />
+    <glyph glyph-name="krw" unicode="&#xf159;" horiz-adv-x="1792" 
+d="M514 341l81 299h-159l75 -300q1 -1 1 -3t1 -3q0 1 0.5 3.5t0.5 3.5zM630 768l35 128h-292l32 -128h225zM822 768h139l-35 128h-70zM1271 340l78 300h-162l81 -299q0 -1 0.5 -3.5t1.5 -3.5q0 1 0.5 3t0.5 3zM1382 768l33 128h-297l34 -128h230zM1792 736v-64q0 -14 -9 -23
+t-23 -9h-213l-164 -616q-7 -24 -31 -24h-159q-24 0 -31 24l-166 616h-209l-167 -616q-7 -24 -31 -24h-159q-11 0 -19.5 7t-10.5 17l-160 616h-208q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h175l-33 128h-142q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h109l-89 344q-5 15 5 28
+q10 12 26 12h137q26 0 31 -24l90 -360h359l97 360q7 24 31 24h126q24 0 31 -24l98 -360h365l93 360q5 24 31 24h137q16 0 26 -12q10 -13 5 -28l-91 -344h111q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-145l-34 -128h179q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="btc" unicode="&#xf15a;" horiz-adv-x="1280" 
+d="M1167 896q18 -182 -131 -258q117 -28 175 -103t45 -214q-7 -71 -32.5 -125t-64.5 -89t-97 -58.5t-121.5 -34.5t-145.5 -15v-255h-154v251q-80 0 -122 1v-252h-154v255q-18 0 -54 0.5t-55 0.5h-200l31 183h111q50 0 58 51v402h16q-6 1 -16 1v287q-13 68 -89 68h-111v164
+l212 -1q64 0 97 1v252h154v-247q82 2 122 2v245h154v-252q79 -7 140 -22.5t113 -45t82.5 -78t36.5 -114.5zM952 351q0 36 -15 64t-37 46t-57.5 30.5t-65.5 18.5t-74 9t-69 3t-64.5 -1t-47.5 -1v-338q8 0 37 -0.5t48 -0.5t53 1.5t58.5 4t57 8.5t55.5 14t47.5 21t39.5 30
+t24.5 40t9.5 51zM881 827q0 33 -12.5 58.5t-30.5 42t-48 28t-55 16.5t-61.5 8t-58 2.5t-54 -1t-39.5 -0.5v-307q5 0 34.5 -0.5t46.5 0t50 2t55 5.5t51.5 11t48.5 18.5t37 27t27 38.5t9 51z" />
+    <glyph glyph-name="file" unicode="&#xf15b;" 
+d="M1024 1024v472q22 -14 36 -28l408 -408q14 -14 28 -36h-472zM896 992q0 -40 28 -68t68 -28h544v-1056q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1600q0 40 28 68t68 28h800v-544z" />
+    <glyph glyph-name="file_text" unicode="&#xf15c;" 
+d="M1468 1060q14 -14 28 -36h-472v472q22 -14 36 -28zM992 896h544v-1056q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1600q0 40 28 68t68 28h800v-544q0 -40 28 -68t68 -28zM1152 160v64q0 14 -9 23t-23 9h-704q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h704
+q14 0 23 9t9 23zM1152 416v64q0 14 -9 23t-23 9h-704q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h704q14 0 23 9t9 23zM1152 672v64q0 14 -9 23t-23 9h-704q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h704q14 0 23 9t9 23z" />
+    <glyph glyph-name="sort_by_alphabet" unicode="&#xf15d;" horiz-adv-x="1664" 
+d="M1191 1128h177l-72 218l-12 47q-2 16 -2 20h-4l-3 -20q0 -1 -3.5 -18t-7.5 -29zM736 96q0 -12 -10 -24l-319 -319q-10 -9 -23 -9q-12 0 -23 9l-320 320q-15 16 -7 35q8 20 30 20h192v1376q0 14 9 23t23 9h192q14 0 23 -9t9 -23v-1376h192q14 0 23 -9t9 -23zM1572 -23
+v-233h-584v90l369 529q12 18 21 27l11 9v3q-2 0 -6.5 -0.5t-7.5 -0.5q-12 -3 -30 -3h-232v-115h-120v229h567v-89l-369 -530q-6 -8 -21 -26l-11 -11v-2l14 2q9 2 30 2h248v119h121zM1661 874v-106h-288v106h75l-47 144h-243l-47 -144h75v-106h-287v106h70l230 662h162
+l230 -662h70z" />
+    <glyph glyph-name="_329" unicode="&#xf15e;" horiz-adv-x="1664" 
+d="M1191 104h177l-72 218l-12 47q-2 16 -2 20h-4l-3 -20q0 -1 -3.5 -18t-7.5 -29zM736 96q0 -12 -10 -24l-319 -319q-10 -9 -23 -9q-12 0 -23 9l-320 320q-15 16 -7 35q8 20 30 20h192v1376q0 14 9 23t23 9h192q14 0 23 -9t9 -23v-1376h192q14 0 23 -9t9 -23zM1661 -150
+v-106h-288v106h75l-47 144h-243l-47 -144h75v-106h-287v106h70l230 662h162l230 -662h70zM1572 1001v-233h-584v90l369 529q12 18 21 27l11 9v3q-2 0 -6.5 -0.5t-7.5 -0.5q-12 -3 -30 -3h-232v-115h-120v229h567v-89l-369 -530q-6 -8 -21 -26l-11 -10v-3l14 3q9 1 30 1h248
+v119h121z" />
+    <glyph glyph-name="sort_by_attributes" unicode="&#xf160;" horiz-adv-x="1792" 
+d="M736 96q0 -12 -10 -24l-319 -319q-10 -9 -23 -9q-12 0 -23 9l-320 320q-15 16 -7 35q8 20 30 20h192v1376q0 14 9 23t23 9h192q14 0 23 -9t9 -23v-1376h192q14 0 23 -9t9 -23zM1792 -32v-192q0 -14 -9 -23t-23 -9h-832q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h832
+q14 0 23 -9t9 -23zM1600 480v-192q0 -14 -9 -23t-23 -9h-640q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h640q14 0 23 -9t9 -23zM1408 992v-192q0 -14 -9 -23t-23 -9h-448q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h448q14 0 23 -9t9 -23zM1216 1504v-192q0 -14 -9 -23t-23 -9h-256
+q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h256q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="sort_by_attributes_alt" unicode="&#xf161;" horiz-adv-x="1792" 
+d="M1216 -32v-192q0 -14 -9 -23t-23 -9h-256q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h256q14 0 23 -9t9 -23zM736 96q0 -12 -10 -24l-319 -319q-10 -9 -23 -9q-12 0 -23 9l-320 320q-15 16 -7 35q8 20 30 20h192v1376q0 14 9 23t23 9h192q14 0 23 -9t9 -23v-1376h192
+q14 0 23 -9t9 -23zM1408 480v-192q0 -14 -9 -23t-23 -9h-448q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h448q14 0 23 -9t9 -23zM1600 992v-192q0 -14 -9 -23t-23 -9h-640q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h640q14 0 23 -9t9 -23zM1792 1504v-192q0 -14 -9 -23t-23 -9h-832
+q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h832q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="sort_by_order" unicode="&#xf162;" 
+d="M1346 223q0 63 -44 116t-103 53q-52 0 -83 -37t-31 -94t36.5 -95t104.5 -38q50 0 85 27t35 68zM736 96q0 -12 -10 -24l-319 -319q-10 -9 -23 -9q-12 0 -23 9l-320 320q-15 16 -7 35q8 20 30 20h192v1376q0 14 9 23t23 9h192q14 0 23 -9t9 -23v-1376h192q14 0 23 -9t9 -23
+zM1486 165q0 -62 -13 -121.5t-41 -114t-68 -95.5t-98.5 -65.5t-127.5 -24.5q-62 0 -108 16q-24 8 -42 15l39 113q15 -7 31 -11q37 -13 75 -13q84 0 134.5 58.5t66.5 145.5h-2q-21 -23 -61.5 -37t-84.5 -14q-106 0 -173 71.5t-67 172.5q0 105 72 178t181 73q123 0 205 -94.5
+t82 -252.5zM1456 882v-114h-469v114h167v432q0 7 0.5 19t0.5 17v16h-2l-7 -12q-8 -13 -26 -31l-62 -58l-82 86l192 185h123v-654h165z" />
+    <glyph glyph-name="sort_by_order_alt" unicode="&#xf163;" 
+d="M1346 1247q0 63 -44 116t-103 53q-52 0 -83 -37t-31 -94t36.5 -95t104.5 -38q50 0 85 27t35 68zM736 96q0 -12 -10 -24l-319 -319q-10 -9 -23 -9q-12 0 -23 9l-320 320q-15 16 -7 35q8 20 30 20h192v1376q0 14 9 23t23 9h192q14 0 23 -9t9 -23v-1376h192q14 0 23 -9
+t9 -23zM1456 -142v-114h-469v114h167v432q0 7 0.5 19t0.5 17v16h-2l-7 -12q-8 -13 -26 -31l-62 -58l-82 86l192 185h123v-654h165zM1486 1189q0 -62 -13 -121.5t-41 -114t-68 -95.5t-98.5 -65.5t-127.5 -24.5q-62 0 -108 16q-24 8 -42 15l39 113q15 -7 31 -11q37 -13 75 -13
+q84 0 134.5 58.5t66.5 145.5h-2q-21 -23 -61.5 -37t-84.5 -14q-106 0 -173 71.5t-67 172.5q0 105 72 178t181 73q123 0 205 -94.5t82 -252.5z" />
+    <glyph glyph-name="_334" unicode="&#xf164;" horiz-adv-x="1664" 
+d="M256 192q0 26 -19 45t-45 19q-27 0 -45.5 -19t-18.5 -45q0 -27 18.5 -45.5t45.5 -18.5q26 0 45 18.5t19 45.5zM416 704v-640q0 -26 -19 -45t-45 -19h-288q-26 0 -45 19t-19 45v640q0 26 19 45t45 19h288q26 0 45 -19t19 -45zM1600 704q0 -86 -55 -149q15 -44 15 -76
+q3 -76 -43 -137q17 -56 0 -117q-15 -57 -54 -94q9 -112 -49 -181q-64 -76 -197 -78h-36h-76h-17q-66 0 -144 15.5t-121.5 29t-120.5 39.5q-123 43 -158 44q-26 1 -45 19.5t-19 44.5v641q0 25 18 43.5t43 20.5q24 2 76 59t101 121q68 87 101 120q18 18 31 48t17.5 48.5
+t13.5 60.5q7 39 12.5 61t19.5 52t34 50q19 19 45 19q46 0 82.5 -10.5t60 -26t40 -40.5t24 -45t12 -50t5 -45t0.5 -39q0 -38 -9.5 -76t-19 -60t-27.5 -56q-3 -6 -10 -18t-11 -22t-8 -24h277q78 0 135 -57t57 -135z" />
+    <glyph glyph-name="_335" unicode="&#xf165;" horiz-adv-x="1664" 
+d="M256 960q0 -26 -19 -45t-45 -19q-27 0 -45.5 19t-18.5 45q0 27 18.5 45.5t45.5 18.5q26 0 45 -18.5t19 -45.5zM416 448v640q0 26 -19 45t-45 19h-288q-26 0 -45 -19t-19 -45v-640q0 -26 19 -45t45 -19h288q26 0 45 19t19 45zM1545 597q55 -61 55 -149q-1 -78 -57.5 -135
+t-134.5 -57h-277q4 -14 8 -24t11 -22t10 -18q18 -37 27 -57t19 -58.5t10 -76.5q0 -24 -0.5 -39t-5 -45t-12 -50t-24 -45t-40 -40.5t-60 -26t-82.5 -10.5q-26 0 -45 19q-20 20 -34 50t-19.5 52t-12.5 61q-9 42 -13.5 60.5t-17.5 48.5t-31 48q-33 33 -101 120q-49 64 -101 121
+t-76 59q-25 2 -43 20.5t-18 43.5v641q0 26 19 44.5t45 19.5q35 1 158 44q77 26 120.5 39.5t121.5 29t144 15.5h17h76h36q133 -2 197 -78q58 -69 49 -181q39 -37 54 -94q17 -61 0 -117q46 -61 43 -137q0 -32 -15 -76z" />
+    <glyph glyph-name="youtube_sign" unicode="&#xf166;" 
+d="M919 233v157q0 50 -29 50q-17 0 -33 -16v-224q16 -16 33 -16q29 0 29 49zM1103 355h66v34q0 51 -33 51t-33 -51v-34zM532 621v-70h-80v-423h-74v423h-78v70h232zM733 495v-367h-67v40q-39 -45 -76 -45q-33 0 -42 28q-6 17 -6 54v290h66v-270q0 -24 1 -26q1 -15 15 -15
+q20 0 42 31v280h67zM985 384v-146q0 -52 -7 -73q-12 -42 -53 -42q-35 0 -68 41v-36h-67v493h67v-161q32 40 68 40q41 0 53 -42q7 -21 7 -74zM1236 255v-9q0 -29 -2 -43q-3 -22 -15 -40q-27 -40 -80 -40q-52 0 -81 38q-21 27 -21 86v129q0 59 20 86q29 38 80 38t78 -38
+q21 -29 21 -86v-76h-133v-65q0 -51 34 -51q24 0 30 26q0 1 0.5 7t0.5 16.5v21.5h68zM785 1079v-156q0 -51 -32 -51t-32 51v156q0 52 32 52t32 -52zM1318 366q0 177 -19 260q-10 44 -43 73.5t-76 34.5q-136 15 -412 15q-275 0 -411 -15q-44 -5 -76.5 -34.5t-42.5 -73.5
+q-20 -87 -20 -260q0 -176 20 -260q10 -43 42.5 -73t75.5 -35q137 -15 412 -15t412 15q43 5 75.5 35t42.5 73q20 84 20 260zM563 1017l90 296h-75l-51 -195l-53 195h-78q7 -23 23 -69l24 -69q35 -103 46 -158v-201h74v201zM852 936v130q0 58 -21 87q-29 38 -78 38
+q-51 0 -78 -38q-21 -29 -21 -87v-130q0 -58 21 -87q27 -38 78 -38q49 0 78 38q21 27 21 87zM1033 816h67v370h-67v-283q-22 -31 -42 -31q-15 0 -16 16q-1 2 -1 26v272h-67v-293q0 -37 6 -55q11 -27 43 -27q36 0 77 45v-40zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5
+h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="youtube" unicode="&#xf167;" 
+d="M971 292v-211q0 -67 -39 -67q-23 0 -45 22v301q22 22 45 22q39 0 39 -67zM1309 291v-46h-90v46q0 68 45 68t45 -68zM343 509h107v94h-312v-94h105v-569h100v569zM631 -60h89v494h-89v-378q-30 -42 -57 -42q-18 0 -21 21q-1 3 -1 35v364h-89v-391q0 -49 8 -73
+q12 -37 58 -37q48 0 102 61v-54zM1060 88v197q0 73 -9 99q-17 56 -71 56q-50 0 -93 -54v217h-89v-663h89v48q45 -55 93 -55q54 0 71 55q9 27 9 100zM1398 98v13h-91q0 -51 -2 -61q-7 -36 -40 -36q-46 0 -46 69v87h179v103q0 79 -27 116q-39 51 -106 51q-68 0 -107 -51
+q-28 -37 -28 -116v-173q0 -79 29 -116q39 -51 108 -51q72 0 108 53q18 27 21 54q2 9 2 58zM790 1011v210q0 69 -43 69t-43 -69v-210q0 -70 43 -70t43 70zM1509 260q0 -234 -26 -350q-14 -59 -58 -99t-102 -46q-184 -21 -555 -21t-555 21q-58 6 -102.5 46t-57.5 99
+q-26 112 -26 350q0 234 26 350q14 59 58 99t103 47q183 20 554 20t555 -20q58 -7 102.5 -47t57.5 -99q26 -112 26 -350zM511 1536h102l-121 -399v-271h-100v271q-14 74 -61 212q-37 103 -65 187h106l71 -263zM881 1203v-175q0 -81 -28 -118q-38 -51 -106 -51q-67 0 -105 51
+q-28 38 -28 118v175q0 80 28 117q38 51 105 51q68 0 106 -51q28 -37 28 -117zM1216 1365v-499h-91v55q-53 -62 -103 -62q-46 0 -59 37q-8 24 -8 75v394h91v-367q0 -33 1 -35q3 -22 21 -22q27 0 57 43v381h91z" />
+    <glyph glyph-name="xing" unicode="&#xf168;" horiz-adv-x="1408" 
+d="M597 869q-10 -18 -257 -456q-27 -46 -65 -46h-239q-21 0 -31 17t0 36l253 448q1 0 0 1l-161 279q-12 22 -1 37q9 15 32 15h239q40 0 66 -45zM1403 1511q11 -16 0 -37l-528 -934v-1l336 -615q11 -20 1 -37q-10 -15 -32 -15h-239q-42 0 -66 45l-339 622q18 32 531 942
+q25 45 64 45h241q22 0 31 -15z" />
+    <glyph glyph-name="xing_sign" unicode="&#xf169;" 
+d="M685 771q0 1 -126 222q-21 34 -52 34h-184q-18 0 -26 -11q-7 -12 1 -29l125 -216v-1l-196 -346q-9 -14 0 -28q8 -13 24 -13h185q31 0 50 36zM1309 1268q-7 12 -24 12h-187q-30 0 -49 -35l-411 -729q1 -2 262 -481q20 -35 52 -35h184q18 0 25 12q8 13 -1 28l-260 476v1
+l409 723q8 16 0 28zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="youtube_play" unicode="&#xf16a;" horiz-adv-x="1792" 
+d="M711 408l484 250l-484 253v-503zM896 1270q168 0 324.5 -4.5t229.5 -9.5l73 -4q1 0 17 -1.5t23 -3t23.5 -4.5t28.5 -8t28 -13t31 -19.5t29 -26.5q6 -6 15.5 -18.5t29 -58.5t26.5 -101q8 -64 12.5 -136.5t5.5 -113.5v-40v-136q1 -145 -18 -290q-7 -55 -25 -99.5t-32 -61.5
+l-14 -17q-14 -15 -29 -26.5t-31 -19t-28 -12.5t-28.5 -8t-24 -4.5t-23 -3t-16.5 -1.5q-251 -19 -627 -19q-207 2 -359.5 6.5t-200.5 7.5l-49 4l-36 4q-36 5 -54.5 10t-51 21t-56.5 41q-6 6 -15.5 18.5t-29 58.5t-26.5 101q-8 64 -12.5 136.5t-5.5 113.5v40v136
+q-1 145 18 290q7 55 25 99.5t32 61.5l14 17q14 15 29 26.5t31 19.5t28 13t28.5 8t23.5 4.5t23 3t17 1.5q251 18 627 18z" />
+    <glyph glyph-name="dropbox" unicode="&#xf16b;" horiz-adv-x="1792" 
+d="M402 829l494 -305l-342 -285l-490 319zM1388 274v-108l-490 -293v-1l-1 1l-1 -1v1l-489 293v108l147 -96l342 284v2l1 -1l1 1v-2l343 -284zM554 1418l342 -285l-494 -304l-338 270zM1390 829l338 -271l-489 -319l-343 285zM1239 1418l489 -319l-338 -270l-494 304z" />
+    <glyph glyph-name="stackexchange" unicode="&#xf16c;" 
+d="M1289 -96h-1118v480h-160v-640h1438v640h-160v-480zM347 428l33 157l783 -165l-33 -156zM450 802l67 146l725 -339l-67 -145zM651 1158l102 123l614 -513l-102 -123zM1048 1536l477 -641l-128 -96l-477 641zM330 65v159h800v-159h-800z" />
+    <glyph glyph-name="instagram" unicode="&#xf16d;" 
+d="M1024 640q0 106 -75 181t-181 75t-181 -75t-75 -181t75 -181t181 -75t181 75t75 181zM1162 640q0 -164 -115 -279t-279 -115t-279 115t-115 279t115 279t279 115t279 -115t115 -279zM1270 1050q0 -38 -27 -65t-65 -27t-65 27t-27 65t27 65t65 27t65 -27t27 -65zM768 1270
+q-7 0 -76.5 0.5t-105.5 0t-96.5 -3t-103 -10t-71.5 -18.5q-50 -20 -88 -58t-58 -88q-11 -29 -18.5 -71.5t-10 -103t-3 -96.5t0 -105.5t0.5 -76.5t-0.5 -76.5t0 -105.5t3 -96.5t10 -103t18.5 -71.5q20 -50 58 -88t88 -58q29 -11 71.5 -18.5t103 -10t96.5 -3t105.5 0t76.5 0.5
+t76.5 -0.5t105.5 0t96.5 3t103 10t71.5 18.5q50 20 88 58t58 88q11 29 18.5 71.5t10 103t3 96.5t0 105.5t-0.5 76.5t0.5 76.5t0 105.5t-3 96.5t-10 103t-18.5 71.5q-20 50 -58 88t-88 58q-29 11 -71.5 18.5t-103 10t-96.5 3t-105.5 0t-76.5 -0.5zM1536 640q0 -229 -5 -317
+q-10 -208 -124 -322t-322 -124q-88 -5 -317 -5t-317 5q-208 10 -322 124t-124 322q-5 88 -5 317t5 317q10 208 124 322t322 124q88 5 317 5t317 -5q208 -10 322 -124t124 -322q5 -88 5 -317z" />
+    <glyph glyph-name="flickr" unicode="&#xf16e;" 
+d="M1248 1408q119 0 203.5 -84.5t84.5 -203.5v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960zM698 640q0 88 -62 150t-150 62t-150 -62t-62 -150t62 -150t150 -62t150 62t62 150zM1262 640q0 88 -62 150
+t-150 62t-150 -62t-62 -150t62 -150t150 -62t150 62t62 150z" />
+    <glyph glyph-name="adn" unicode="&#xf170;" 
+d="M768 914l201 -306h-402zM1133 384h94l-459 691l-459 -691h94l104 160h522zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="f171" unicode="&#xf171;" horiz-adv-x="1408" 
+d="M815 677q8 -63 -50.5 -101t-111.5 -6q-39 17 -53.5 58t-0.5 82t52 58q36 18 72.5 12t64 -35.5t27.5 -67.5zM926 698q-14 107 -113 164t-197 13q-63 -28 -100.5 -88.5t-34.5 -129.5q4 -91 77.5 -155t165.5 -56q91 8 152 84t50 168zM1165 1240q-20 27 -56 44.5t-58 22
+t-71 12.5q-291 47 -566 -2q-43 -7 -66 -12t-55 -22t-50 -43q30 -28 76 -45.5t73.5 -22t87.5 -11.5q228 -29 448 -1q63 8 89.5 12t72.5 21.5t75 46.5zM1222 205q-8 -26 -15.5 -76.5t-14 -84t-28.5 -70t-58 -56.5q-86 -48 -189.5 -71.5t-202 -22t-201.5 18.5q-46 8 -81.5 18
+t-76.5 27t-73 43.5t-52 61.5q-25 96 -57 292l6 16l18 9q223 -148 506.5 -148t507.5 148q21 -6 24 -23t-5 -45t-8 -37zM1403 1166q-26 -167 -111 -655q-5 -30 -27 -56t-43.5 -40t-54.5 -31q-252 -126 -610 -88q-248 27 -394 139q-15 12 -25.5 26.5t-17 35t-9 34t-6 39.5
+t-5.5 35q-9 50 -26.5 150t-28 161.5t-23.5 147.5t-22 158q3 26 17.5 48.5t31.5 37.5t45 30t46 22.5t48 18.5q125 46 313 64q379 37 676 -50q155 -46 215 -122q16 -20 16.5 -51t-5.5 -54z" />
+    <glyph glyph-name="bitbucket_sign" unicode="&#xf172;" 
+d="M848 666q0 43 -41 66t-77 1q-43 -20 -42.5 -72.5t43.5 -70.5q39 -23 81 4t36 72zM928 682q8 -66 -36 -121t-110 -61t-119 40t-56 113q-2 49 25.5 93t72.5 64q70 31 141.5 -10t81.5 -118zM1100 1073q-20 -21 -53.5 -34t-53 -16t-63.5 -8q-155 -20 -324 0q-44 6 -63 9.5
+t-52.5 16t-54.5 32.5q13 19 36 31t40 15.5t47 8.5q198 35 408 1q33 -5 51 -8.5t43 -16t39 -31.5zM1142 327q0 7 5.5 26.5t3 32t-17.5 16.5q-161 -106 -365 -106t-366 106l-12 -6l-5 -12q26 -154 41 -210q47 -81 204 -108q249 -46 428 53q34 19 49 51.5t22.5 85.5t12.5 71z
+M1272 1020q9 53 -8 75q-43 55 -155 88q-216 63 -487 36q-132 -12 -226 -46q-38 -15 -59.5 -25t-47 -34t-29.5 -54q8 -68 19 -138t29 -171t24 -137q1 -5 5 -31t7 -36t12 -27t22 -28q105 -80 284 -100q259 -28 440 63q24 13 39.5 23t31 29t19.5 40q48 267 80 473zM1536 1120
+v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="tumblr" unicode="&#xf173;" horiz-adv-x="1024" 
+d="M944 207l80 -237q-23 -35 -111 -66t-177 -32q-104 -2 -190.5 26t-142.5 74t-95 106t-55.5 120t-16.5 118v544h-168v215q72 26 129 69.5t91 90t58 102t34 99t15 88.5q1 5 4.5 8.5t7.5 3.5h244v-424h333v-252h-334v-518q0 -30 6.5 -56t22.5 -52.5t49.5 -41.5t81.5 -14
+q78 2 134 29z" />
+    <glyph glyph-name="tumblr_sign" unicode="&#xf174;" 
+d="M1136 75l-62 183q-44 -22 -103 -22q-36 -1 -62 10.5t-38.5 31.5t-17.5 40.5t-5 43.5v398h257v194h-256v326h-188q-8 0 -9 -10q-5 -44 -17.5 -87t-39 -95t-77 -95t-118.5 -68v-165h130v-418q0 -57 21.5 -115t65 -111t121 -85.5t176.5 -30.5q69 1 136.5 25t85.5 50z
+M1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="long_arrow_down" unicode="&#xf175;" horiz-adv-x="768" 
+d="M765 237q8 -19 -5 -35l-350 -384q-10 -10 -23 -10q-14 0 -24 10l-355 384q-13 16 -5 35q9 19 29 19h224v1248q0 14 9 23t23 9h192q14 0 23 -9t9 -23v-1248h224q21 0 29 -19z" />
+    <glyph glyph-name="long_arrow_up" unicode="&#xf176;" horiz-adv-x="768" 
+d="M765 1043q-9 -19 -29 -19h-224v-1248q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v1248h-224q-21 0 -29 19t5 35l350 384q10 10 23 10q14 0 24 -10l355 -384q13 -16 5 -35z" />
+    <glyph glyph-name="long_arrow_left" unicode="&#xf177;" horiz-adv-x="1792" 
+d="M1792 736v-192q0 -14 -9 -23t-23 -9h-1248v-224q0 -21 -19 -29t-35 5l-384 350q-10 10 -10 23q0 14 10 24l384 354q16 14 35 6q19 -9 19 -29v-224h1248q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="long_arrow_right" unicode="&#xf178;" horiz-adv-x="1792" 
+d="M1728 643q0 -14 -10 -24l-384 -354q-16 -14 -35 -6q-19 9 -19 29v224h-1248q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h1248v224q0 21 19 29t35 -5l384 -350q10 -10 10 -23z" />
+    <glyph glyph-name="apple" unicode="&#xf179;" horiz-adv-x="1408" 
+d="M1393 321q-39 -125 -123 -250q-129 -196 -257 -196q-49 0 -140 32q-86 32 -151 32q-61 0 -142 -33q-81 -34 -132 -34q-152 0 -301 259q-147 261 -147 503q0 228 113 374q113 144 284 144q72 0 177 -30q104 -30 138 -30q45 0 143 34q102 34 173 34q119 0 213 -65
+q52 -36 104 -100q-79 -67 -114 -118q-65 -94 -65 -207q0 -124 69 -223t158 -126zM1017 1494q0 -61 -29 -136q-30 -75 -93 -138q-54 -54 -108 -72q-37 -11 -104 -17q3 149 78 257q74 107 250 148q1 -3 2.5 -11t2.5 -11q0 -4 0.5 -10t0.5 -10z" />
+    <glyph glyph-name="windows" unicode="&#xf17a;" horiz-adv-x="1664" 
+d="M682 530v-651l-682 94v557h682zM682 1273v-659h-682v565zM1664 530v-786l-907 125v661h907zM1664 1408v-794h-907v669z" />
+    <glyph glyph-name="android" unicode="&#xf17b;" horiz-adv-x="1408" 
+d="M493 1053q16 0 27.5 11.5t11.5 27.5t-11.5 27.5t-27.5 11.5t-27 -11.5t-11 -27.5t11 -27.5t27 -11.5zM915 1053q16 0 27 11.5t11 27.5t-11 27.5t-27 11.5t-27.5 -11.5t-11.5 -27.5t11.5 -27.5t27.5 -11.5zM103 869q42 0 72 -30t30 -72v-430q0 -43 -29.5 -73t-72.5 -30
+t-73 30t-30 73v430q0 42 30 72t73 30zM1163 850v-666q0 -46 -32 -78t-77 -32h-75v-227q0 -43 -30 -73t-73 -30t-73 30t-30 73v227h-138v-227q0 -43 -30 -73t-73 -30q-42 0 -72 30t-30 73l-1 227h-74q-46 0 -78 32t-32 78v666h918zM931 1255q107 -55 171 -153.5t64 -215.5
+h-925q0 117 64 215.5t172 153.5l-71 131q-7 13 5 20q13 6 20 -6l72 -132q95 42 201 42t201 -42l72 132q7 12 20 6q12 -7 5 -20zM1408 767v-430q0 -43 -30 -73t-73 -30q-42 0 -72 30t-30 73v430q0 43 30 72.5t72 29.5q43 0 73 -29.5t30 -72.5z" />
+    <glyph glyph-name="linux" unicode="&#xf17c;" 
+d="M663 1125q-11 -1 -15.5 -10.5t-8.5 -9.5q-5 -1 -5 5q0 12 19 15h10zM750 1111q-4 -1 -11.5 6.5t-17.5 4.5q24 11 32 -2q3 -6 -3 -9zM399 684q-4 1 -6 -3t-4.5 -12.5t-5.5 -13.5t-10 -13q-10 -11 -1 -12q4 -1 12.5 7t12.5 18q1 3 2 7t2 6t1.5 4.5t0.5 4v3t-1 2.5t-3 2z
+M1254 325q0 18 -55 42q4 15 7.5 27.5t5 26t3 21.5t0.5 22.5t-1 19.5t-3.5 22t-4 20.5t-5 25t-5.5 26.5q-10 48 -47 103t-72 75q24 -20 57 -83q87 -162 54 -278q-11 -40 -50 -42q-31 -4 -38.5 18.5t-8 83.5t-11.5 107q-9 39 -19.5 69t-19.5 45.5t-15.5 24.5t-13 15t-7.5 7
+q-14 62 -31 103t-29.5 56t-23.5 33t-15 40q-4 21 6 53.5t4.5 49.5t-44.5 25q-15 3 -44.5 18t-35.5 16q-8 1 -11 26t8 51t36 27q37 3 51 -30t4 -58q-11 -19 -2 -26.5t30 -0.5q13 4 13 36v37q-5 30 -13.5 50t-21 30.5t-23.5 15t-27 7.5q-107 -8 -89 -134q0 -15 -1 -15
+q-9 9 -29.5 10.5t-33 -0.5t-15.5 5q1 57 -16 90t-45 34q-27 1 -41.5 -27.5t-16.5 -59.5q-1 -15 3.5 -37t13 -37.5t15.5 -13.5q10 3 16 14q4 9 -7 8q-7 0 -15.5 14.5t-9.5 33.5q-1 22 9 37t34 14q17 0 27 -21t9.5 -39t-1.5 -22q-22 -15 -31 -29q-8 -12 -27.5 -23.5
+t-20.5 -12.5q-13 -14 -15.5 -27t7.5 -18q14 -8 25 -19.5t16 -19t18.5 -13t35.5 -6.5q47 -2 102 15q2 1 23 7t34.5 10.5t29.5 13t21 17.5q9 14 20 8q5 -3 6.5 -8.5t-3 -12t-16.5 -9.5q-20 -6 -56.5 -21.5t-45.5 -19.5q-44 -19 -70 -23q-25 -5 -79 2q-10 2 -9 -2t17 -19
+q25 -23 67 -22q17 1 36 7t36 14t33.5 17.5t30 17t24.5 12t17.5 2.5t8.5 -11q0 -2 -1 -4.5t-4 -5t-6 -4.5t-8.5 -5t-9 -4.5t-10 -5t-9.5 -4.5q-28 -14 -67.5 -44t-66.5 -43t-49 -1q-21 11 -63 73q-22 31 -25 22q-1 -3 -1 -10q0 -25 -15 -56.5t-29.5 -55.5t-21 -58t11.5 -63
+q-23 -6 -62.5 -90t-47.5 -141q-2 -18 -1.5 -69t-5.5 -59q-8 -24 -29 -3q-32 31 -36 94q-2 28 4 56q4 19 -1 18q-2 -1 -4 -5q-36 -65 10 -166q5 -12 25 -28t24 -20q20 -23 104 -90.5t93 -76.5q16 -15 17.5 -38t-14 -43t-45.5 -23q8 -15 29 -44.5t28 -54t7 -70.5q46 24 7 92
+q-4 8 -10.5 16t-9.5 12t-2 6q3 5 13 9.5t20 -2.5q46 -52 166 -36q133 15 177 87q23 38 34 30q12 -6 10 -52q-1 -25 -23 -92q-9 -23 -6 -37.5t24 -15.5q3 19 14.5 77t13.5 90q2 21 -6.5 73.5t-7.5 97t23 70.5q15 18 51 18q1 37 34.5 53t72.5 10.5t60 -22.5zM626 1152
+q3 17 -2.5 30t-11.5 15q-9 2 -9 -7q2 -5 5 -6q10 0 7 -15q-3 -20 8 -20q3 0 3 3zM1045 955q-2 8 -6.5 11.5t-13 5t-14.5 5.5q-5 3 -9.5 8t-7 8t-5.5 6.5t-4 4t-4 -1.5q-14 -16 7 -43.5t39 -31.5q9 -1 14.5 8t3.5 20zM867 1168q0 11 -5 19.5t-11 12.5t-9 3q-6 0 -8 -2t0 -4
+t5 -3q14 -4 18 -31q0 -3 8 2q2 2 2 3zM921 1401q0 2 -2.5 5t-9 7t-9.5 6q-15 15 -24 15q-9 -1 -11.5 -7.5t-1 -13t-0.5 -12.5q-1 -4 -6 -10.5t-6 -9t3 -8.5q4 -3 8 0t11 9t15 9q1 1 9 1t15 2t9 7zM1486 60q20 -12 31 -24.5t12 -24t-2.5 -22.5t-15.5 -22t-23.5 -19.5
+t-30 -18.5t-31.5 -16.5t-32 -15.5t-27 -13q-38 -19 -85.5 -56t-75.5 -64q-17 -16 -68 -19.5t-89 14.5q-18 9 -29.5 23.5t-16.5 25.5t-22 19.5t-47 9.5q-44 1 -130 1q-19 0 -57 -1.5t-58 -2.5q-44 -1 -79.5 -15t-53.5 -30t-43.5 -28.5t-53.5 -11.5q-29 1 -111 31t-146 43
+q-19 4 -51 9.5t-50 9t-39.5 9.5t-33.5 14.5t-17 19.5q-10 23 7 66.5t18 54.5q1 16 -4 40t-10 42.5t-4.5 36.5t10.5 27q14 12 57 14t60 12q30 18 42 35t12 51q21 -73 -32 -106q-32 -20 -83 -15q-34 3 -43 -10q-13 -15 5 -57q2 -6 8 -18t8.5 -18t4.5 -17t1 -22q0 -15 -17 -49
+t-14 -48q3 -17 37 -26q20 -6 84.5 -18.5t99.5 -20.5q24 -6 74 -22t82.5 -23t55.5 -4q43 6 64.5 28t23 48t-7.5 58.5t-19 52t-20 36.5q-121 190 -169 242q-68 74 -113 40q-11 -9 -15 15q-3 16 -2 38q1 29 10 52t24 47t22 42q8 21 26.5 72t29.5 78t30 61t39 54
+q110 143 124 195q-12 112 -16 310q-2 90 24 151.5t106 104.5q39 21 104 21q53 1 106 -13.5t89 -41.5q57 -42 91.5 -121.5t29.5 -147.5q-5 -95 30 -214q34 -113 133 -218q55 -59 99.5 -163t59.5 -191q8 -49 5 -84.5t-12 -55.5t-20 -22q-10 -2 -23.5 -19t-27 -35.5
+t-40.5 -33.5t-61 -14q-18 1 -31.5 5t-22.5 13.5t-13.5 15.5t-11.5 20.5t-9 19.5q-22 37 -41 30t-28 -49t7 -97q20 -70 1 -195q-10 -65 18 -100.5t73 -33t85 35.5q59 49 89.5 66.5t103.5 42.5q53 18 77 36.5t18.5 34.5t-25 28.5t-51.5 23.5q-33 11 -49.5 48t-15 72.5
+t15.5 47.5q1 -31 8 -56.5t14.5 -40.5t20.5 -28.5t21 -19t21.5 -13t16.5 -9.5z" />
+    <glyph glyph-name="dribble" unicode="&#xf17d;" 
+d="M1024 36q-42 241 -140 498h-2l-2 -1q-16 -6 -43 -16.5t-101 -49t-137 -82t-131 -114.5t-103 -148l-15 11q184 -150 418 -150q132 0 256 52zM839 643q-21 49 -53 111q-311 -93 -673 -93q-1 -7 -1 -21q0 -124 44 -236.5t124 -201.5q50 89 123.5 166.5t142.5 124.5t130.5 81
+t99.5 48l37 13q4 1 13 3.5t13 4.5zM732 855q-120 213 -244 378q-138 -65 -234 -186t-128 -272q302 0 606 80zM1416 536q-210 60 -409 29q87 -239 128 -469q111 75 185 189.5t96 250.5zM611 1277q-1 0 -2 -1q1 1 2 1zM1201 1132q-185 164 -433 164q-76 0 -155 -19
+q131 -170 246 -382q69 26 130 60.5t96.5 61.5t65.5 57t37.5 40.5zM1424 647q-3 232 -149 410l-1 -1q-9 -12 -19 -24.5t-43.5 -44.5t-71 -60.5t-100 -65t-131.5 -64.5q25 -53 44 -95q2 -5 6.5 -17t7.5 -17q36 5 74.5 7t73.5 2t69 -1.5t64 -4t56.5 -5.5t48 -6.5t36.5 -6
+t25 -4.5zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="skype" unicode="&#xf17e;" 
+d="M1173 473q0 50 -19.5 91.5t-48.5 68.5t-73 49t-82.5 34t-87.5 23l-104 24q-30 7 -44 10.5t-35 11.5t-30 16t-16.5 21t-7.5 30q0 77 144 77q43 0 77 -12t54 -28.5t38 -33.5t40 -29t48 -12q47 0 75.5 32t28.5 77q0 55 -56 99.5t-142 67.5t-182 23q-68 0 -132 -15.5
+t-119.5 -47t-89 -87t-33.5 -128.5q0 -61 19 -106.5t56 -75.5t80 -48.5t103 -32.5l146 -36q90 -22 112 -36q32 -20 32 -60q0 -39 -40 -64.5t-105 -25.5q-51 0 -91.5 16t-65 38.5t-45.5 45t-46 38.5t-54 16q-50 0 -75.5 -30t-25.5 -75q0 -92 122 -157.5t291 -65.5
+q73 0 140 18.5t122.5 53.5t88.5 93.5t33 131.5zM1536 256q0 -159 -112.5 -271.5t-271.5 -112.5q-130 0 -234 80q-77 -16 -150 -16q-143 0 -273.5 55.5t-225 150t-150 225t-55.5 273.5q0 73 16 150q-80 104 -80 234q0 159 112.5 271.5t271.5 112.5q130 0 234 -80
+q77 16 150 16q143 0 273.5 -55.5t225 -150t150 -225t55.5 -273.5q0 -73 -16 -150q80 -104 80 -234z" />
+    <glyph glyph-name="foursquare" unicode="&#xf180;" horiz-adv-x="1280" 
+d="M1000 1102l37 194q5 23 -9 40t-35 17h-712q-23 0 -38.5 -17t-15.5 -37v-1101q0 -7 6 -1l291 352q23 26 38 33.5t48 7.5h239q22 0 37 14.5t18 29.5q24 130 37 191q4 21 -11.5 40t-36.5 19h-294q-29 0 -48 19t-19 48v42q0 29 19 47.5t48 18.5h346q18 0 35 13.5t20 29.5z
+M1227 1324q-15 -73 -53.5 -266.5t-69.5 -350t-35 -173.5q-6 -22 -9 -32.5t-14 -32.5t-24.5 -33t-38.5 -21t-58 -10h-271q-13 0 -22 -10q-8 -9 -426 -494q-22 -25 -58.5 -28.5t-48.5 5.5q-55 22 -55 98v1410q0 55 38 102.5t120 47.5h888q95 0 127 -53t10 -159zM1227 1324
+l-158 -790q4 17 35 173.5t69.5 350t53.5 266.5z" />
+    <glyph glyph-name="trello" unicode="&#xf181;" 
+d="M704 192v1024q0 14 -9 23t-23 9h-480q-14 0 -23 -9t-9 -23v-1024q0 -14 9 -23t23 -9h480q14 0 23 9t9 23zM1376 576v640q0 14 -9 23t-23 9h-480q-14 0 -23 -9t-9 -23v-640q0 -14 9 -23t23 -9h480q14 0 23 9t9 23zM1536 1344v-1408q0 -26 -19 -45t-45 -19h-1408
+q-26 0 -45 19t-19 45v1408q0 26 19 45t45 19h1408q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="female" unicode="&#xf182;" horiz-adv-x="1280" 
+d="M1280 480q0 -40 -28 -68t-68 -28q-51 0 -80 43l-227 341h-45v-132l247 -411q9 -15 9 -33q0 -26 -19 -45t-45 -19h-192v-272q0 -46 -33 -79t-79 -33h-160q-46 0 -79 33t-33 79v272h-192q-26 0 -45 19t-19 45q0 18 9 33l247 411v132h-45l-227 -341q-29 -43 -80 -43
+q-40 0 -68 28t-28 68q0 29 16 53l256 384q73 107 176 107h384q103 0 176 -107l256 -384q16 -24 16 -53zM864 1280q0 -93 -65.5 -158.5t-158.5 -65.5t-158.5 65.5t-65.5 158.5t65.5 158.5t158.5 65.5t158.5 -65.5t65.5 -158.5z" />
+    <glyph glyph-name="male" unicode="&#xf183;" horiz-adv-x="1024" 
+d="M1024 832v-416q0 -40 -28 -68t-68 -28t-68 28t-28 68v352h-64v-912q0 -46 -33 -79t-79 -33t-79 33t-33 79v464h-64v-464q0 -46 -33 -79t-79 -33t-79 33t-33 79v912h-64v-352q0 -40 -28 -68t-68 -28t-68 28t-28 68v416q0 80 56 136t136 56h640q80 0 136 -56t56 -136z
+M736 1280q0 -93 -65.5 -158.5t-158.5 -65.5t-158.5 65.5t-65.5 158.5t65.5 158.5t158.5 65.5t158.5 -65.5t65.5 -158.5z" />
+    <glyph glyph-name="gittip" unicode="&#xf184;" 
+d="M773 234l350 473q16 22 24.5 59t-6 85t-61.5 79q-40 26 -83 25.5t-73.5 -17.5t-54.5 -45q-36 -40 -96 -40q-59 0 -95 40q-24 28 -54.5 45t-73.5 17.5t-84 -25.5q-46 -31 -60.5 -79t-6 -85t24.5 -59zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103
+t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="sun" unicode="&#xf185;" horiz-adv-x="1792" 
+d="M1472 640q0 117 -45.5 223.5t-123 184t-184 123t-223.5 45.5t-223.5 -45.5t-184 -123t-123 -184t-45.5 -223.5t45.5 -223.5t123 -184t184 -123t223.5 -45.5t223.5 45.5t184 123t123 184t45.5 223.5zM1748 363q-4 -15 -20 -20l-292 -96v-306q0 -16 -13 -26q-15 -10 -29 -4
+l-292 94l-180 -248q-10 -13 -26 -13t-26 13l-180 248l-292 -94q-14 -6 -29 4q-13 10 -13 26v306l-292 96q-16 5 -20 20q-5 17 4 29l180 248l-180 248q-9 13 -4 29q4 15 20 20l292 96v306q0 16 13 26q15 10 29 4l292 -94l180 248q9 12 26 12t26 -12l180 -248l292 94
+q14 6 29 -4q13 -10 13 -26v-306l292 -96q16 -5 20 -20q5 -16 -4 -29l-180 -248l180 -248q9 -12 4 -29z" />
+    <glyph glyph-name="_366" unicode="&#xf186;" 
+d="M1262 233q-54 -9 -110 -9q-182 0 -337 90t-245 245t-90 337q0 192 104 357q-201 -60 -328.5 -229t-127.5 -384q0 -130 51 -248.5t136.5 -204t204 -136.5t248.5 -51q144 0 273.5 61.5t220.5 171.5zM1465 318q-94 -203 -283.5 -324.5t-413.5 -121.5q-156 0 -298 61
+t-245 164t-164 245t-61 298q0 153 57.5 292.5t156 241.5t235.5 164.5t290 68.5q44 2 61 -39q18 -41 -15 -72q-86 -78 -131.5 -181.5t-45.5 -218.5q0 -148 73 -273t198 -198t273 -73q118 0 228 51q41 18 72 -13q14 -14 17.5 -34t-4.5 -38z" />
+    <glyph glyph-name="archive" unicode="&#xf187;" horiz-adv-x="1792" 
+d="M1088 704q0 26 -19 45t-45 19h-256q-26 0 -45 -19t-19 -45t19 -45t45 -19h256q26 0 45 19t19 45zM1664 896v-960q0 -26 -19 -45t-45 -19h-1408q-26 0 -45 19t-19 45v960q0 26 19 45t45 19h1408q26 0 45 -19t19 -45zM1728 1344v-256q0 -26 -19 -45t-45 -19h-1536
+q-26 0 -45 19t-19 45v256q0 26 19 45t45 19h1536q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="bug" unicode="&#xf188;" horiz-adv-x="1664" 
+d="M1632 576q0 -26 -19 -45t-45 -19h-224q0 -171 -67 -290l208 -209q19 -19 19 -45t-19 -45q-18 -19 -45 -19t-45 19l-198 197q-5 -5 -15 -13t-42 -28.5t-65 -36.5t-82 -29t-97 -13v896h-128v-896q-51 0 -101.5 13.5t-87 33t-66 39t-43.5 32.5l-15 14l-183 -207
+q-20 -21 -48 -21q-24 0 -43 16q-19 18 -20.5 44.5t15.5 46.5l202 227q-58 114 -58 274h-224q-26 0 -45 19t-19 45t19 45t45 19h224v294l-173 173q-19 19 -19 45t19 45t45 19t45 -19l173 -173h844l173 173q19 19 45 19t45 -19t19 -45t-19 -45l-173 -173v-294h224q26 0 45 -19
+t19 -45zM1152 1152h-640q0 133 93.5 226.5t226.5 93.5t226.5 -93.5t93.5 -226.5z" />
+    <glyph glyph-name="vk" unicode="&#xf189;" horiz-adv-x="1920" 
+d="M1917 1016q23 -64 -150 -294q-24 -32 -65 -85q-40 -51 -55 -72t-30.5 -49.5t-12 -42t13 -34.5t32.5 -43t57 -53q4 -2 5 -4q141 -131 191 -221q3 -5 6.5 -12.5t7 -26.5t-0.5 -34t-25 -27.5t-59 -12.5l-256 -4q-24 -5 -56 5t-52 22l-20 12q-30 21 -70 64t-68.5 77.5t-61 58
+t-56.5 15.5q-3 -1 -8 -3.5t-17 -14.5t-21.5 -29.5t-17 -52t-6.5 -77.5q0 -15 -3.5 -27.5t-7.5 -18.5l-4 -5q-18 -19 -53 -22h-115q-71 -4 -146 16.5t-131.5 53t-103 66t-70.5 57.5l-25 24q-10 10 -27.5 30t-71.5 91t-106 151t-122.5 211t-130.5 272q-6 16 -6 27t3 16l4 6
+q15 19 57 19l274 2q12 -2 23 -6.5t16 -8.5l5 -3q16 -11 24 -32q20 -50 46 -103.5t41 -81.5l16 -29q29 -60 56 -104t48.5 -68.5t41.5 -38.5t34 -14t27 5q2 1 5 5t12 22t13.5 47t9.5 81t0 125q-2 40 -9 73t-14 46l-6 12q-25 34 -85 43q-13 2 5 24q16 19 38 30q53 26 239 24
+q82 -1 135 -13q20 -5 33.5 -13.5t20.5 -24t10.5 -32t3.5 -45.5t-1 -55t-2.5 -70.5t-1.5 -82.5q0 -11 -1 -42t-0.5 -48t3.5 -40.5t11.5 -39t22.5 -24.5q8 -2 17 -4t26 11t38 34.5t52 67t68 107.5q60 104 107 225q4 10 10 17.5t11 10.5l4 3l5 2.5t13 3t20 0.5l288 2
+q39 5 64 -2.5t31 -16.5z" />
+    <glyph glyph-name="weibo" unicode="&#xf18a;" horiz-adv-x="1792" 
+d="M675 252q21 34 11 69t-45 50q-34 14 -73 1t-60 -46q-22 -34 -13 -68.5t43 -50.5t74.5 -2.5t62.5 47.5zM769 373q8 13 3.5 26.5t-17.5 18.5q-14 5 -28.5 -0.5t-21.5 -18.5q-17 -31 13 -45q14 -5 29 0.5t22 18.5zM943 266q-45 -102 -158 -150t-224 -12
+q-107 34 -147.5 126.5t6.5 187.5q47 93 151.5 139t210.5 19q111 -29 158.5 -119.5t2.5 -190.5zM1255 426q-9 96 -89 170t-208.5 109t-274.5 21q-223 -23 -369.5 -141.5t-132.5 -264.5q9 -96 89 -170t208.5 -109t274.5 -21q223 23 369.5 141.5t132.5 264.5zM1563 422
+q0 -68 -37 -139.5t-109 -137t-168.5 -117.5t-226 -83t-270.5 -31t-275 33.5t-240.5 93t-171.5 151t-65 199.5q0 115 69.5 245t197.5 258q169 169 341.5 236t246.5 -7q65 -64 20 -209q-4 -14 -1 -20t10 -7t14.5 0.5t13.5 3.5l6 2q139 59 246 59t153 -61q45 -63 0 -178
+q-2 -13 -4.5 -20t4.5 -12.5t12 -7.5t17 -6q57 -18 103 -47t80 -81.5t34 -116.5zM1489 1046q42 -47 54.5 -108.5t-6.5 -117.5q-8 -23 -29.5 -34t-44.5 -4q-23 8 -34 29.5t-4 44.5q20 63 -24 111t-107 35q-24 -5 -45 8t-25 37q-5 24 8 44.5t37 25.5q60 13 119 -5.5t101 -65.5z
+M1670 1209q87 -96 112.5 -222.5t-13.5 -241.5q-9 -27 -34 -40t-52 -4t-40 34t-5 52q28 82 10 172t-80 158q-62 69 -148 95.5t-173 8.5q-28 -6 -52 9.5t-30 43.5t9.5 51.5t43.5 29.5q123 26 244 -11.5t208 -134.5z" />
+    <glyph glyph-name="renren" unicode="&#xf18b;" 
+d="M1133 -34q-171 -94 -368 -94q-196 0 -367 94q138 87 235.5 211t131.5 268q35 -144 132.5 -268t235.5 -211zM638 1394v-485q0 -252 -126.5 -459.5t-330.5 -306.5q-181 215 -181 495q0 187 83.5 349.5t229.5 269.5t325 137zM1536 638q0 -280 -181 -495
+q-204 99 -330.5 306.5t-126.5 459.5v485q179 -30 325 -137t229.5 -269.5t83.5 -349.5z" />
+    <glyph glyph-name="_372" unicode="&#xf18c;" horiz-adv-x="1408" 
+d="M1402 433q-32 -80 -76 -138t-91 -88.5t-99 -46.5t-101.5 -14.5t-96.5 8.5t-86.5 22t-69.5 27.5t-46 22.5l-17 10q-113 -228 -289.5 -359.5t-384.5 -132.5q-19 0 -32 13t-13 32t13 31.5t32 12.5q173 1 322.5 107.5t251.5 294.5q-36 -14 -72 -23t-83 -13t-91 2.5t-93 28.5
+t-92 59t-84.5 100t-74.5 146q114 47 214 57t167.5 -7.5t124.5 -56.5t88.5 -77t56.5 -82q53 131 79 291q-7 -1 -18 -2.5t-46.5 -2.5t-69.5 0.5t-81.5 10t-88.5 23t-84 42.5t-75 65t-54.5 94.5t-28.5 127.5q70 28 133.5 36.5t112.5 -1t92 -30t73.5 -50t56 -61t42 -63t27.5 -56
+t16 -39.5l4 -16q12 122 12 195q-8 6 -21.5 16t-49 44.5t-63.5 71.5t-54 93t-33 112.5t12 127t70 138.5q73 -25 127.5 -61.5t84.5 -76.5t48 -85t20.5 -89t-0.5 -85.5t-13 -76.5t-19 -62t-17 -42l-7 -15q1 -4 1 -50t-1 -72q3 7 10 18.5t30.5 43t50.5 58t71 55.5t91.5 44.5
+t112 14.5t132.5 -24q-2 -78 -21.5 -141.5t-50 -104.5t-69.5 -71.5t-81.5 -45.5t-84.5 -24t-80 -9.5t-67.5 1t-46.5 4.5l-17 3q-23 -147 -73 -283q6 7 18 18.5t49.5 41t77.5 52.5t99.5 42t117.5 20t129 -23.5t137 -77.5z" />
+    <glyph glyph-name="stack_exchange" unicode="&#xf18d;" horiz-adv-x="1280" 
+d="M1259 283v-66q0 -85 -57.5 -144.5t-138.5 -59.5h-57l-260 -269v269h-529q-81 0 -138.5 59.5t-57.5 144.5v66h1238zM1259 609v-255h-1238v255h1238zM1259 937v-255h-1238v255h1238zM1259 1077v-67h-1238v67q0 84 57.5 143.5t138.5 59.5h846q81 0 138.5 -59.5t57.5 -143.5z
+" />
+    <glyph glyph-name="_374" unicode="&#xf18e;" 
+d="M1152 640q0 -14 -9 -23l-320 -320q-9 -9 -23 -9q-13 0 -22.5 9.5t-9.5 22.5v192h-352q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h352v192q0 14 9 23t23 9q12 0 24 -10l319 -319q9 -9 9 -23zM1312 640q0 148 -73 273t-198 198t-273 73t-273 -73t-198 -198
+t-73 -273t73 -273t198 -198t273 -73t273 73t198 198t73 273zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="arrow_circle_alt_left" unicode="&#xf190;" 
+d="M1152 736v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-352v-192q0 -14 -9 -23t-23 -9q-12 0 -24 10l-319 319q-9 9 -9 23t9 23l320 320q9 9 23 9q13 0 22.5 -9.5t9.5 -22.5v-192h352q13 0 22.5 -9.5t9.5 -22.5zM1312 640q0 148 -73 273t-198 198t-273 73t-273 -73t-198 -198
+t-73 -273t73 -273t198 -198t273 -73t273 73t198 198t73 273zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="_376" unicode="&#xf191;" 
+d="M1024 960v-640q0 -26 -19 -45t-45 -19q-20 0 -37 12l-448 320q-27 19 -27 52t27 52l448 320q17 12 37 12q26 0 45 -19t19 -45zM1280 160v960q0 13 -9.5 22.5t-22.5 9.5h-960q-13 0 -22.5 -9.5t-9.5 -22.5v-960q0 -13 9.5 -22.5t22.5 -9.5h960q13 0 22.5 9.5t9.5 22.5z
+M1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="dot_circle_alt" unicode="&#xf192;" 
+d="M1024 640q0 -106 -75 -181t-181 -75t-181 75t-75 181t75 181t181 75t181 -75t75 -181zM768 1184q-148 0 -273 -73t-198 -198t-73 -273t73 -273t198 -198t273 -73t273 73t198 198t73 273t-73 273t-198 198t-273 73zM1536 640q0 -209 -103 -385.5t-279.5 -279.5
+t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="_378" unicode="&#xf193;" horiz-adv-x="1664" 
+d="M1023 349l102 -204q-58 -179 -210 -290t-339 -111q-156 0 -288.5 77.5t-210 210t-77.5 288.5q0 181 104.5 330t274.5 211l17 -131q-122 -54 -195 -165.5t-73 -244.5q0 -185 131.5 -316.5t316.5 -131.5q126 0 232.5 65t165 175.5t49.5 236.5zM1571 249l58 -114l-256 -128
+q-13 -7 -29 -7q-40 0 -57 35l-239 477h-472q-24 0 -42.5 16.5t-21.5 40.5l-96 779q-2 17 6 42q14 51 57 82.5t97 31.5q66 0 113 -47t47 -113q0 -69 -52 -117.5t-120 -41.5l37 -289h423v-128h-407l16 -128h455q40 0 57 -35l228 -455z" />
+    <glyph glyph-name="vimeo_square" unicode="&#xf194;" 
+d="M1292 898q10 216 -161 222q-231 8 -312 -261q44 19 82 19q85 0 74 -96q-4 -57 -74 -167t-105 -110q-43 0 -82 169q-13 54 -45 255q-30 189 -160 177q-59 -7 -164 -100l-81 -72l-81 -72l52 -67q76 52 87 52q57 0 107 -179q15 -55 45 -164.5t45 -164.5q68 -179 164 -179
+q157 0 383 294q220 283 226 444zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="_380" unicode="&#xf195;" horiz-adv-x="1152" 
+d="M1152 704q0 -191 -94.5 -353t-256.5 -256.5t-353 -94.5h-160q-14 0 -23 9t-9 23v611l-215 -66q-3 -1 -9 -1q-10 0 -19 6q-13 10 -13 26v128q0 23 23 31l233 71v93l-215 -66q-3 -1 -9 -1q-10 0 -19 6q-13 10 -13 26v128q0 23 23 31l233 71v250q0 14 9 23t23 9h160
+q14 0 23 -9t9 -23v-181l375 116q15 5 28 -5t13 -26v-128q0 -23 -23 -31l-393 -121v-93l375 116q15 5 28 -5t13 -26v-128q0 -23 -23 -31l-393 -121v-487q188 13 318 151t130 328q0 14 9 23t23 9h160q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="plus_square_o" unicode="&#xf196;" horiz-adv-x="1408" 
+d="M1152 736v-64q0 -14 -9 -23t-23 -9h-352v-352q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v352h-352q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h352v352q0 14 9 23t23 9h64q14 0 23 -9t9 -23v-352h352q14 0 23 -9t9 -23zM1280 288v832q0 66 -47 113t-113 47h-832
+q-66 0 -113 -47t-47 -113v-832q0 -66 47 -113t113 -47h832q66 0 113 47t47 113zM1408 1120v-832q0 -119 -84.5 -203.5t-203.5 -84.5h-832q-119 0 -203.5 84.5t-84.5 203.5v832q0 119 84.5 203.5t203.5 84.5h832q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="_382" unicode="&#xf197;" horiz-adv-x="2176" 
+d="M620 416q-110 -64 -268 -64h-128v64h-64q-13 0 -22.5 23.5t-9.5 56.5q0 24 7 49q-58 2 -96.5 10.5t-38.5 20.5t38.5 20.5t96.5 10.5q-7 25 -7 49q0 33 9.5 56.5t22.5 23.5h64v64h128q158 0 268 -64h1113q42 -7 106.5 -18t80.5 -14q89 -15 150 -40.5t83.5 -47.5t22.5 -40
+t-22.5 -40t-83.5 -47.5t-150 -40.5q-16 -3 -80.5 -14t-106.5 -18h-1113zM1739 668q53 -36 53 -92t-53 -92l81 -30q68 48 68 122t-68 122zM625 400h1015q-217 -38 -456 -80q-57 0 -113 -24t-83 -48l-28 -24l-288 -288q-26 -26 -70.5 -45t-89.5 -19h-96l-93 464h29
+q157 0 273 64zM352 816h-29l93 464h96q46 0 90 -19t70 -45l288 -288q4 -4 11 -10.5t30.5 -23t48.5 -29t61.5 -23t72.5 -10.5l456 -80h-1015q-116 64 -273 64z" />
+    <glyph glyph-name="_383" unicode="&#xf198;" horiz-adv-x="1664" 
+d="M1519 760q62 0 103.5 -40.5t41.5 -101.5q0 -97 -93 -130l-172 -59l56 -167q7 -21 7 -47q0 -59 -42 -102t-101 -43q-47 0 -85.5 27t-53.5 72l-55 165l-310 -106l55 -164q8 -24 8 -47q0 -59 -42 -102t-102 -43q-47 0 -85 27t-53 72l-55 163l-153 -53q-29 -9 -50 -9
+q-61 0 -101.5 40t-40.5 101q0 47 27.5 85t71.5 53l156 53l-105 313l-156 -54q-26 -8 -48 -8q-60 0 -101 40.5t-41 100.5q0 47 27.5 85t71.5 53l157 53l-53 159q-8 24 -8 47q0 60 42 102.5t102 42.5q47 0 85 -27t53 -72l54 -160l310 105l-54 160q-8 24 -8 47q0 59 42.5 102
+t101.5 43q47 0 85.5 -27.5t53.5 -71.5l53 -161l162 55q21 6 43 6q60 0 102.5 -39.5t42.5 -98.5q0 -45 -30 -81.5t-74 -51.5l-157 -54l105 -316l164 56q24 8 46 8zM725 498l310 105l-105 315l-310 -107z" />
+    <glyph glyph-name="_384" unicode="&#xf199;" 
+d="M1248 1408q119 0 203.5 -84.5t84.5 -203.5v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960zM1280 352v436q-31 -35 -64 -55q-34 -22 -132.5 -85t-151.5 -99q-98 -69 -164 -69v0v0q-66 0 -164 69
+q-47 32 -142 92.5t-142 92.5q-12 8 -33 27t-31 27v-436q0 -40 28 -68t68 -28h832q40 0 68 28t28 68zM1280 925q0 41 -27.5 70t-68.5 29h-832q-40 0 -68 -28t-28 -68q0 -37 30.5 -76.5t67.5 -64.5q47 -32 137.5 -89t129.5 -83q3 -2 17 -11.5t21 -14t21 -13t23.5 -13
+t21.5 -9.5t22.5 -7.5t20.5 -2.5t20.5 2.5t22.5 7.5t21.5 9.5t23.5 13t21 13t21 14t17 11.5l267 174q35 23 66.5 62.5t31.5 73.5z" />
+    <glyph glyph-name="_385" unicode="&#xf19a;" horiz-adv-x="1792" 
+d="M127 640q0 163 67 313l367 -1005q-196 95 -315 281t-119 411zM1415 679q0 -19 -2.5 -38.5t-10 -49.5t-11.5 -44t-17.5 -59t-17.5 -58l-76 -256l-278 826q46 3 88 8q19 2 26 18.5t-2.5 31t-28.5 13.5l-205 -10q-75 1 -202 10q-12 1 -20.5 -5t-11.5 -15t-1.5 -18.5t9 -16.5
+t19.5 -8l80 -8l120 -328l-168 -504l-280 832q46 3 88 8q19 2 26 18.5t-2.5 31t-28.5 13.5l-205 -10q-7 0 -23 0.5t-26 0.5q105 160 274.5 253.5t367.5 93.5q147 0 280.5 -53t238.5 -149h-10q-55 0 -92 -40.5t-37 -95.5q0 -12 2 -24t4 -21.5t8 -23t9 -21t12 -22.5t12.5 -21
+t14.5 -24t14 -23q63 -107 63 -212zM909 573l237 -647q1 -6 5 -11q-126 -44 -255 -44q-112 0 -217 32zM1570 1009q95 -174 95 -369q0 -209 -104 -385.5t-279 -278.5l235 678q59 169 59 276q0 42 -6 79zM896 1536q182 0 348 -71t286 -191t191 -286t71 -348t-71 -348t-191 -286
+t-286 -191t-348 -71t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71zM896 -215q173 0 331.5 68t273 182.5t182.5 273t68 331.5t-68 331.5t-182.5 273t-273 182.5t-331.5 68t-331.5 -68t-273 -182.5t-182.5 -273t-68 -331.5t68 -331.5t182.5 -273
+t273 -182.5t331.5 -68z" />
+    <glyph glyph-name="_386" unicode="&#xf19b;" horiz-adv-x="1792" 
+d="M1086 1536v-1536l-272 -128q-228 20 -414 102t-293 208.5t-107 272.5q0 140 100.5 263.5t275 205.5t391.5 108v-172q-217 -38 -356.5 -150t-139.5 -255q0 -152 154.5 -267t388.5 -145v1360zM1755 954l37 -390l-525 114l147 83q-119 70 -280 99v172q277 -33 481 -157z" />
+    <glyph glyph-name="_387" unicode="&#xf19c;" horiz-adv-x="2048" 
+d="M960 1536l960 -384v-128h-128q0 -26 -20.5 -45t-48.5 -19h-1526q-28 0 -48.5 19t-20.5 45h-128v128zM256 896h256v-768h128v768h256v-768h128v768h256v-768h128v768h256v-768h59q28 0 48.5 -19t20.5 -45v-64h-1664v64q0 26 20.5 45t48.5 19h59v768zM1851 -64
+q28 0 48.5 -19t20.5 -45v-128h-1920v128q0 26 20.5 45t48.5 19h1782z" />
+    <glyph glyph-name="_388" unicode="&#xf19d;" horiz-adv-x="2304" 
+d="M1774 700l18 -316q4 -69 -82 -128t-235 -93.5t-323 -34.5t-323 34.5t-235 93.5t-82 128l18 316l574 -181q22 -7 48 -7t48 7zM2304 1024q0 -23 -22 -31l-1120 -352q-4 -1 -10 -1t-10 1l-652 206q-43 -34 -71 -111.5t-34 -178.5q63 -36 63 -109q0 -69 -58 -107l58 -433
+q2 -14 -8 -25q-9 -11 -24 -11h-192q-15 0 -24 11q-10 11 -8 25l58 433q-58 38 -58 107q0 73 65 111q11 207 98 330l-333 104q-22 8 -22 31t22 31l1120 352q4 1 10 1t10 -1l1120 -352q22 -8 22 -31z" />
+    <glyph glyph-name="_389" unicode="&#xf19e;" 
+d="M859 579l13 -707q-62 11 -105 11q-41 0 -105 -11l13 707q-40 69 -168.5 295.5t-216.5 374.5t-181 287q58 -15 108 -15q44 0 111 15q63 -111 133.5 -229.5t167 -276.5t138.5 -227q37 61 109.5 177.5t117.5 190t105 176t107 189.5q54 -14 107 -14q56 0 114 14v0
+q-28 -39 -60 -88.5t-49.5 -78.5t-56.5 -96t-49 -84q-146 -248 -353 -610z" />
+    <glyph glyph-name="uniF1A0" unicode="&#xf1a0;" 
+d="M768 750h725q12 -67 12 -128q0 -217 -91 -387.5t-259.5 -266.5t-386.5 -96q-157 0 -299 60.5t-245 163.5t-163.5 245t-60.5 299t60.5 299t163.5 245t245 163.5t299 60.5q300 0 515 -201l-209 -201q-123 119 -306 119q-129 0 -238.5 -65t-173.5 -176.5t-64 -243.5
+t64 -243.5t173.5 -176.5t238.5 -65q87 0 160 24t120 60t82 82t51.5 87t22.5 78h-436v264z" />
+    <glyph glyph-name="f1a1" unicode="&#xf1a1;" horiz-adv-x="1792" 
+d="M1095 369q16 -16 0 -31q-62 -62 -199 -62t-199 62q-16 15 0 31q6 6 15 6t15 -6q48 -49 169 -49q120 0 169 49q6 6 15 6t15 -6zM788 550q0 -37 -26 -63t-63 -26t-63.5 26t-26.5 63q0 38 26.5 64t63.5 26t63 -26.5t26 -63.5zM1183 550q0 -37 -26.5 -63t-63.5 -26t-63 26
+t-26 63t26 63.5t63 26.5t63.5 -26t26.5 -64zM1434 670q0 49 -35 84t-85 35t-86 -36q-130 90 -311 96l63 283l200 -45q0 -37 26 -63t63 -26t63.5 26.5t26.5 63.5t-26.5 63.5t-63.5 26.5q-54 0 -80 -50l-221 49q-19 5 -25 -16l-69 -312q-180 -7 -309 -97q-35 37 -87 37
+q-50 0 -85 -35t-35 -84q0 -35 18.5 -64t49.5 -44q-6 -27 -6 -56q0 -142 140 -243t337 -101q198 0 338 101t140 243q0 32 -7 57q30 15 48 43.5t18 63.5zM1792 640q0 -182 -71 -348t-191 -286t-286 -191t-348 -71t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191
+t348 71t348 -71t286 -191t191 -286t71 -348z" />
+    <glyph glyph-name="_392" unicode="&#xf1a2;" 
+d="M939 407q13 -13 0 -26q-53 -53 -171 -53t-171 53q-13 13 0 26q5 6 13 6t13 -6q42 -42 145 -42t145 42q5 6 13 6t13 -6zM676 563q0 -31 -23 -54t-54 -23t-54 23t-23 54q0 32 22.5 54.5t54.5 22.5t54.5 -22.5t22.5 -54.5zM1014 563q0 -31 -23 -54t-54 -23t-54 23t-23 54
+q0 32 22.5 54.5t54.5 22.5t54.5 -22.5t22.5 -54.5zM1229 666q0 42 -30 72t-73 30q-42 0 -73 -31q-113 78 -267 82l54 243l171 -39q1 -32 23.5 -54t53.5 -22q32 0 54.5 22.5t22.5 54.5t-22.5 54.5t-54.5 22.5q-48 0 -69 -43l-189 42q-17 5 -21 -13l-60 -268q-154 -6 -265 -83
+q-30 32 -74 32q-43 0 -73 -30t-30 -72q0 -30 16 -55t42 -38q-5 -25 -5 -48q0 -122 120 -208.5t289 -86.5q170 0 290 86.5t120 208.5q0 25 -6 49q25 13 40.5 37.5t15.5 54.5zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960
+q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="_393" unicode="&#xf1a3;" 
+d="M866 697l90 27v62q0 79 -58 135t-138 56t-138 -55.5t-58 -134.5v-283q0 -20 -14 -33.5t-33 -13.5t-32.5 13.5t-13.5 33.5v120h-151v-122q0 -82 57.5 -139t139.5 -57q81 0 138.5 56.5t57.5 136.5v280q0 19 13.5 33t33.5 14q19 0 32.5 -14t13.5 -33v-54zM1199 502v122h-150
+v-126q0 -20 -13.5 -33.5t-33.5 -13.5q-19 0 -32.5 14t-13.5 33v123l-90 -26l-60 28v-123q0 -80 58 -137t139 -57t138.5 57t57.5 139zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103
+t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="f1a4" unicode="&#xf1a4;" horiz-adv-x="1920" 
+d="M1062 824v118q0 42 -30 72t-72 30t-72 -30t-30 -72v-612q0 -175 -126 -299t-303 -124q-178 0 -303.5 125.5t-125.5 303.5v266h328v-262q0 -43 30 -72.5t72 -29.5t72 29.5t30 72.5v620q0 171 126.5 292t301.5 121q176 0 302 -122t126 -294v-136l-195 -58zM1592 602h328
+v-266q0 -178 -125.5 -303.5t-303.5 -125.5q-177 0 -303 124.5t-126 300.5v268l131 -61l195 58v-270q0 -42 30 -71.5t72 -29.5t72 29.5t30 71.5v275z" />
+    <glyph glyph-name="_395" unicode="&#xf1a5;" 
+d="M1472 160v480h-704v704h-480q-93 0 -158.5 -65.5t-65.5 -158.5v-480h704v-704h480q93 0 158.5 65.5t65.5 158.5zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5
+t84.5 -203.5z" />
+    <glyph glyph-name="_396" unicode="&#xf1a6;" horiz-adv-x="2048" 
+d="M328 1254h204v-983h-532v697h328v286zM328 435v369h-123v-369h123zM614 968v-697h205v697h-205zM614 1254v-204h205v204h-205zM901 968h533v-942h-533v163h328v82h-328v697zM1229 435v369h-123v-369h123zM1516 968h532v-942h-532v163h327v82h-327v697zM1843 435v369h-123
+v-369h123z" />
+    <glyph glyph-name="_397" unicode="&#xf1a7;" 
+d="M1046 516q0 -64 -38 -109t-91 -45q-43 0 -70 15v277q28 17 70 17q53 0 91 -45.5t38 -109.5zM703 944q0 -64 -38 -109.5t-91 -45.5q-43 0 -70 15v277q28 17 70 17q53 0 91 -45t38 -109zM1265 513q0 134 -88 229t-213 95q-20 0 -39 -3q-23 -78 -78 -136q-87 -95 -211 -101
+v-636l211 41v206q51 -19 117 -19q125 0 213 95t88 229zM922 940q0 134 -88.5 229t-213.5 95q-74 0 -141 -36h-186v-840l211 41v206q55 -19 116 -19q125 0 213.5 95t88.5 229zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960
+q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="_398" unicode="&#xf1a8;" horiz-adv-x="2038" 
+d="M1222 607q75 3 143.5 -20.5t118 -58.5t101 -94.5t84 -108t75.5 -120.5q33 -56 78.5 -109t75.5 -80.5t99 -88.5q-48 -30 -108.5 -57.5t-138.5 -59t-114 -47.5q-44 37 -74 115t-43.5 164.5t-33 180.5t-42.5 168.5t-72.5 123t-122.5 48.5l-10 -2l-6 -4q4 -5 13 -14
+q6 -5 28 -23.5t25.5 -22t19 -18t18 -20.5t11.5 -21t10.5 -27.5t4.5 -31t4 -40.5l1 -33q1 -26 -2.5 -57.5t-7.5 -52t-12.5 -58.5t-11.5 -53q-35 1 -101 -9.5t-98 -10.5q-39 0 -72 10q-2 16 -2 47q0 74 3 96q2 13 31.5 41.5t57 59t26.5 51.5q-24 2 -43 -24
+q-36 -53 -111.5 -99.5t-136.5 -46.5q-25 0 -75.5 63t-106.5 139.5t-84 96.5q-6 4 -27 30q-482 -112 -513 -112q-16 0 -28 11t-12 27q0 15 8.5 26.5t22.5 14.5l486 106q-8 14 -8 25t5.5 17.5t16 11.5t20 7t23 4.5t18.5 4.5q4 1 15.5 7.5t17.5 6.5q15 0 28 -16t20 -33
+q163 37 172 37q17 0 29.5 -11t12.5 -28q0 -15 -8.5 -26t-23.5 -14l-182 -40l-1 -16q-1 -26 81.5 -117.5t104.5 -91.5q47 0 119 80t72 129q0 36 -23.5 53t-51 18.5t-51 11.5t-23.5 34q0 16 10 34l-68 19q43 44 43 117q0 26 -5 58q82 16 144 16q44 0 71.5 -1.5t48.5 -8.5
+t31 -13.5t20.5 -24.5t15.5 -33.5t17 -47.5t24 -60l50 25q-3 -40 -23 -60t-42.5 -21t-40 -6.5t-16.5 -20.5zM1282 842q-5 5 -13.5 15.5t-12 14.5t-10.5 11.5t-10 10.5l-8 8t-8.5 7.5t-8 5t-8.5 4.5q-7 3 -14.5 5t-20.5 2.5t-22 0.5h-32.5h-37.5q-126 0 -217 -43
+q16 30 36 46.5t54 29.5t65.5 36t46 36.5t50 55t43.5 50.5q12 -9 28 -31.5t32 -36.5t38 -13l12 1v-76l22 -1q247 95 371 190q28 21 50 39t42.5 37.5t33 31t29.5 34t24 31t24.5 37t23 38t27 47.5t29.5 53l7 9q-2 -53 -43 -139q-79 -165 -205 -264t-306 -142q-14 -3 -42 -7.5
+t-50 -9.5t-39 -14q3 -19 24.5 -46t21.5 -34q0 -11 -26 -30zM1061 -79q39 26 131.5 47.5t146.5 21.5q9 0 22.5 -15.5t28 -42.5t26 -50t24 -51t14.5 -33q-121 -45 -244 -45q-61 0 -125 11zM822 568l48 12l109 -177l-73 -48zM1323 51q3 -15 3 -16q0 -7 -17.5 -14.5t-46 -13
+t-54 -9.5t-53.5 -7.5t-32 -4.5l-7 43q21 2 60.5 8.5t72 10t60.5 3.5h14zM866 679l-96 -20l-6 17q10 1 32.5 7t34.5 6q19 0 35 -10zM1061 45h31l10 -83l-41 -12v95zM1950 1535v1v-1zM1950 1535l-1 -5l-2 -2l1 3zM1950 1535l1 1z" />
+    <glyph glyph-name="_399" unicode="&#xf1a9;" 
+d="M1167 -50q-5 19 -24 5q-30 -22 -87 -39t-131 -17q-129 0 -193 49q-5 4 -13 4q-11 0 -26 -12q-7 -6 -7.5 -16t7.5 -20q34 -32 87.5 -46t102.5 -12.5t99 4.5q41 4 84.5 20.5t65 30t28.5 20.5q12 12 7 29zM1128 65q-19 47 -39 61q-23 15 -76 15q-47 0 -71 -10
+q-29 -12 -78 -56q-26 -24 -12 -44q9 -8 17.5 -4.5t31.5 23.5q3 2 10.5 8.5t10.5 8.5t10 7t11.5 7t12.5 5t15 4.5t16.5 2.5t20.5 1q27 0 44.5 -7.5t23 -14.5t13.5 -22q10 -17 12.5 -20t12.5 1q23 12 14 34zM1483 346q0 22 -5 44.5t-16.5 45t-34 36.5t-52.5 14
+q-33 0 -97 -41.5t-129 -83.5t-101 -42q-27 -1 -63.5 19t-76 49t-83.5 58t-100 49t-111 19q-115 -1 -197 -78.5t-84 -178.5q-2 -112 74 -164q29 -20 62.5 -28.5t103.5 -8.5q57 0 132 32.5t134 71t120 70.5t93 31q26 -1 65 -31.5t71.5 -67t68 -67.5t55.5 -32q35 -3 58.5 14
+t55.5 63q28 41 42.5 101t14.5 106zM1536 506q0 -164 -62 -304.5t-166 -236t-242.5 -149.5t-290.5 -54t-293 57.5t-247.5 157t-170.5 241.5t-64 302q0 89 19.5 172.5t49 145.5t70.5 118.5t78.5 94t78.5 69.5t64.5 46.5t42.5 24.5q14 8 51 26.5t54.5 28.5t48 30t60.5 44
+q36 28 58 72.5t30 125.5q129 -155 186 -193q44 -29 130 -68t129 -66q21 -13 39 -25t60.5 -46.5t76 -70.5t75 -95t69 -122t47 -148.5t19.5 -177.5z" />
+    <glyph glyph-name="_400" unicode="&#xf1aa;" 
+d="M1070 463l-160 -160l-151 -152l-30 -30q-65 -64 -151.5 -87t-171.5 -2q-16 -70 -72 -115t-129 -45q-85 0 -145 60.5t-60 145.5q0 72 44.5 128t113.5 72q-22 86 1 173t88 152l12 12l151 -152l-11 -11q-37 -37 -37 -89t37 -90q37 -37 89 -37t89 37l30 30l151 152l161 160z
+M729 1145l12 -12l-152 -152l-12 12q-37 37 -89 37t-89 -37t-37 -89.5t37 -89.5l29 -29l152 -152l160 -160l-151 -152l-161 160l-151 152l-30 30q-68 67 -90 159.5t5 179.5q-70 15 -115 71t-45 129q0 85 60 145.5t145 60.5q76 0 133.5 -49t69.5 -123q84 20 169.5 -3.5
+t149.5 -87.5zM1536 78q0 -85 -60 -145.5t-145 -60.5q-74 0 -131 47t-71 118q-86 -28 -179.5 -6t-161.5 90l-11 12l151 152l12 -12q37 -37 89 -37t89 37t37 89t-37 89l-30 30l-152 152l-160 160l152 152l160 -160l152 -152l29 -30q64 -64 87.5 -150.5t2.5 -171.5
+q76 -11 126.5 -68.5t50.5 -134.5zM1534 1202q0 -77 -51 -135t-127 -69q26 -85 3 -176.5t-90 -158.5l-12 -12l-151 152l12 12q37 37 37 89t-37 89t-89 37t-89 -37l-30 -30l-152 -152l-160 -160l-152 152l161 160l152 152l29 30q67 67 159 89.5t178 -3.5q11 75 68.5 126
+t135.5 51q85 0 145 -60.5t60 -145.5z" />
+    <glyph glyph-name="f1ab" unicode="&#xf1ab;" 
+d="M654 458q-1 -3 -12.5 0.5t-31.5 11.5l-20 9q-44 20 -87 49q-7 5 -41 31.5t-38 28.5q-67 -103 -134 -181q-81 -95 -105 -110q-4 -2 -19.5 -4t-18.5 0q6 4 82 92q21 24 85.5 115t78.5 118q17 30 51 98.5t36 77.5q-8 1 -110 -33q-8 -2 -27.5 -7.5t-34.5 -9.5t-17 -5
+q-2 -2 -2 -10.5t-1 -9.5q-5 -10 -31 -15q-23 -7 -47 0q-18 4 -28 21q-4 6 -5 23q6 2 24.5 5t29.5 6q58 16 105 32q100 35 102 35q10 2 43 19.5t44 21.5q9 3 21.5 8t14.5 5.5t6 -0.5q2 -12 -1 -33q0 -2 -12.5 -27t-26.5 -53.5t-17 -33.5q-25 -50 -77 -131l64 -28
+q12 -6 74.5 -32t67.5 -28q4 -1 10.5 -25.5t4.5 -30.5zM449 944q3 -15 -4 -28q-12 -23 -50 -38q-30 -12 -60 -12q-26 3 -49 26q-14 15 -18 41l1 3q3 -3 19.5 -5t26.5 0t58 16q36 12 55 14q17 0 21 -17zM1147 815l63 -227l-139 42zM39 15l694 232v1032l-694 -233v-1031z
+M1280 332l102 -31l-181 657l-100 31l-216 -536l102 -31l45 110l211 -65zM777 1294l573 -184v380zM1088 -29l158 -13l-54 -160l-40 66q-130 -83 -276 -108q-58 -12 -91 -12h-84q-79 0 -199.5 39t-183.5 85q-8 7 -8 16q0 8 5 13.5t13 5.5q4 0 18 -7.5t30.5 -16.5t20.5 -11
+q73 -37 159.5 -61.5t157.5 -24.5q95 0 167 14.5t157 50.5q15 7 30.5 15.5t34 19t28.5 16.5zM1536 1050v-1079l-774 246q-14 -6 -375 -127.5t-368 -121.5q-13 0 -18 13q0 1 -1 3v1078q3 9 4 10q5 6 20 11q107 36 149 50v384l558 -198q2 0 160.5 55t316 108.5t161.5 53.5
+q20 0 20 -21v-418z" />
+    <glyph glyph-name="_402" unicode="&#xf1ac;" horiz-adv-x="1792" 
+d="M288 1152q66 0 113 -47t47 -113v-1088q0 -66 -47 -113t-113 -47h-128q-66 0 -113 47t-47 113v1088q0 66 47 113t113 47h128zM1664 989q58 -34 93 -93t35 -128v-768q0 -106 -75 -181t-181 -75h-864q-66 0 -113 47t-47 113v1536q0 40 28 68t68 28h672q40 0 88 -20t76 -48
+l152 -152q28 -28 48 -76t20 -88v-163zM928 0v128q0 14 -9 23t-23 9h-128q-14 0 -23 -9t-9 -23v-128q0 -14 9 -23t23 -9h128q14 0 23 9t9 23zM928 256v128q0 14 -9 23t-23 9h-128q-14 0 -23 -9t-9 -23v-128q0 -14 9 -23t23 -9h128q14 0 23 9t9 23zM928 512v128q0 14 -9 23
+t-23 9h-128q-14 0 -23 -9t-9 -23v-128q0 -14 9 -23t23 -9h128q14 0 23 9t9 23zM1184 0v128q0 14 -9 23t-23 9h-128q-14 0 -23 -9t-9 -23v-128q0 -14 9 -23t23 -9h128q14 0 23 9t9 23zM1184 256v128q0 14 -9 23t-23 9h-128q-14 0 -23 -9t-9 -23v-128q0 -14 9 -23t23 -9h128
+q14 0 23 9t9 23zM1184 512v128q0 14 -9 23t-23 9h-128q-14 0 -23 -9t-9 -23v-128q0 -14 9 -23t23 -9h128q14 0 23 9t9 23zM1440 0v128q0 14 -9 23t-23 9h-128q-14 0 -23 -9t-9 -23v-128q0 -14 9 -23t23 -9h128q14 0 23 9t9 23zM1440 256v128q0 14 -9 23t-23 9h-128
+q-14 0 -23 -9t-9 -23v-128q0 -14 9 -23t23 -9h128q14 0 23 9t9 23zM1440 512v128q0 14 -9 23t-23 9h-128q-14 0 -23 -9t-9 -23v-128q0 -14 9 -23t23 -9h128q14 0 23 9t9 23zM1536 896v256h-160q-40 0 -68 28t-28 68v160h-640v-512h896z" />
+    <glyph glyph-name="_403" unicode="&#xf1ad;" 
+d="M1344 1536q26 0 45 -19t19 -45v-1664q0 -26 -19 -45t-45 -19h-1280q-26 0 -45 19t-19 45v1664q0 26 19 45t45 19h1280zM512 1248v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23zM512 992v-64q0 -14 9 -23t23 -9h64q14 0 23 9
+t9 23v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23zM512 736v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23zM512 480v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23zM384 160v64
+q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM384 416v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM384 672v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h64
+q14 0 23 9t9 23zM384 928v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM384 1184v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM896 -96v192q0 14 -9 23t-23 9h-320q-14 0 -23 -9
+t-9 -23v-192q0 -14 9 -23t23 -9h320q14 0 23 9t9 23zM896 416v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM896 672v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM896 928v64
+q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM896 1184v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM1152 160v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h64
+q14 0 23 9t9 23zM1152 416v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM1152 672v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM1152 928v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9
+t-9 -23v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM1152 1184v64q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h64q14 0 23 9t9 23z" />
+    <glyph glyph-name="_404" unicode="&#xf1ae;" horiz-adv-x="1280" 
+d="M1188 988l-292 -292v-824q0 -46 -33 -79t-79 -33t-79 33t-33 79v384h-64v-384q0 -46 -33 -79t-79 -33t-79 33t-33 79v824l-292 292q-28 28 -28 68t28 68q29 28 68.5 28t67.5 -28l228 -228h368l228 228q28 28 68 28t68 -28q28 -29 28 -68.5t-28 -67.5zM864 1152
+q0 -93 -65.5 -158.5t-158.5 -65.5t-158.5 65.5t-65.5 158.5t65.5 158.5t158.5 65.5t158.5 -65.5t65.5 -158.5z" />
+    <glyph glyph-name="uniF1B1" unicode="&#xf1b0;" horiz-adv-x="1664" 
+d="M780 1064q0 -60 -19 -113.5t-63 -92.5t-105 -39q-76 0 -138 57.5t-92 135.5t-30 151q0 60 19 113.5t63 92.5t105 39q77 0 138.5 -57.5t91.5 -135t30 -151.5zM438 581q0 -80 -42 -139t-119 -59q-76 0 -141.5 55.5t-100.5 133.5t-35 152q0 80 42 139.5t119 59.5
+q76 0 141.5 -55.5t100.5 -134t35 -152.5zM832 608q118 0 255 -97.5t229 -237t92 -254.5q0 -46 -17 -76.5t-48.5 -45t-64.5 -20t-76 -5.5q-68 0 -187.5 45t-182.5 45q-66 0 -192.5 -44.5t-200.5 -44.5q-183 0 -183 146q0 86 56 191.5t139.5 192.5t187.5 146t193 59zM1071 819
+q-61 0 -105 39t-63 92.5t-19 113.5q0 74 30 151.5t91.5 135t138.5 57.5q61 0 105 -39t63 -92.5t19 -113.5q0 -73 -30 -151t-92 -135.5t-138 -57.5zM1503 923q77 0 119 -59.5t42 -139.5q0 -74 -35 -152t-100.5 -133.5t-141.5 -55.5q-77 0 -119 59t-42 139q0 74 35 152.5
+t100.5 134t141.5 55.5z" />
+    <glyph glyph-name="_406" unicode="&#xf1b1;" horiz-adv-x="768" 
+d="M704 1008q0 -145 -57 -243.5t-152 -135.5l45 -821q2 -26 -16 -45t-44 -19h-192q-26 0 -44 19t-16 45l45 821q-95 37 -152 135.5t-57 243.5q0 128 42.5 249.5t117.5 200t160 78.5t160 -78.5t117.5 -200t42.5 -249.5z" />
+    <glyph glyph-name="_407" unicode="&#xf1b2;" horiz-adv-x="1792" 
+d="M896 -93l640 349v636l-640 -233v-752zM832 772l698 254l-698 254l-698 -254zM1664 1024v-768q0 -35 -18 -65t-49 -47l-704 -384q-28 -16 -61 -16t-61 16l-704 384q-31 17 -49 47t-18 65v768q0 40 23 73t61 47l704 256q22 8 44 8t44 -8l704 -256q38 -14 61 -47t23 -73z
+" />
+    <glyph glyph-name="_408" unicode="&#xf1b3;" horiz-adv-x="2304" 
+d="M640 -96l384 192v314l-384 -164v-342zM576 358l404 173l-404 173l-404 -173zM1664 -96l384 192v314l-384 -164v-342zM1600 358l404 173l-404 173l-404 -173zM1152 651l384 165v266l-384 -164v-267zM1088 1030l441 189l-441 189l-441 -189zM2176 512v-416q0 -36 -19 -67
+t-52 -47l-448 -224q-25 -14 -57 -14t-57 14l-448 224q-4 2 -7 4q-2 -2 -7 -4l-448 -224q-25 -14 -57 -14t-57 14l-448 224q-33 16 -52 47t-19 67v416q0 38 21.5 70t56.5 48l434 186v400q0 38 21.5 70t56.5 48l448 192q23 10 50 10t50 -10l448 -192q35 -16 56.5 -48t21.5 -70
+v-400l434 -186q36 -16 57 -48t21 -70z" />
+    <glyph glyph-name="_409" unicode="&#xf1b4;" horiz-adv-x="2048" 
+d="M1848 1197h-511v-124h511v124zM1596 771q-90 0 -146 -52.5t-62 -142.5h408q-18 195 -200 195zM1612 186q63 0 122 32t76 87h221q-100 -307 -427 -307q-214 0 -340.5 132t-126.5 347q0 208 130.5 345.5t336.5 137.5q138 0 240.5 -68t153 -179t50.5 -248q0 -17 -2 -47h-658
+q0 -111 57.5 -171.5t166.5 -60.5zM277 236h296q205 0 205 167q0 180 -199 180h-302v-347zM277 773h281q78 0 123.5 36.5t45.5 113.5q0 144 -190 144h-260v-294zM0 1282h594q87 0 155 -14t126.5 -47.5t90 -96.5t31.5 -154q0 -181 -172 -263q114 -32 172 -115t58 -204
+q0 -75 -24.5 -136.5t-66 -103.5t-98.5 -71t-121 -42t-134 -13h-611v1260z" />
+    <glyph glyph-name="_410" unicode="&#xf1b5;" 
+d="M1248 1408q119 0 203.5 -84.5t84.5 -203.5v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960zM499 1041h-371v-787h382q117 0 197 57.5t80 170.5q0 158 -143 200q107 52 107 164q0 57 -19.5 96.5
+t-56.5 60.5t-79 29.5t-97 8.5zM477 723h-176v184h163q119 0 119 -90q0 -94 -106 -94zM486 388h-185v217h189q124 0 124 -113q0 -104 -128 -104zM1136 356q-68 0 -104 38t-36 107h411q1 10 1 30q0 132 -74.5 220.5t-203.5 88.5q-128 0 -210 -86t-82 -216q0 -135 79 -217
+t213 -82q205 0 267 191h-138q-11 -34 -47.5 -54t-75.5 -20zM1126 722q113 0 124 -122h-254q4 56 39 89t91 33zM964 988h319v-77h-319v77z" />
+    <glyph glyph-name="_411" unicode="&#xf1b6;" horiz-adv-x="1792" 
+d="M1582 954q0 -101 -71.5 -172.5t-172.5 -71.5t-172.5 71.5t-71.5 172.5t71.5 172.5t172.5 71.5t172.5 -71.5t71.5 -172.5zM812 212q0 104 -73 177t-177 73q-27 0 -54 -6l104 -42q77 -31 109.5 -106.5t1.5 -151.5q-31 -77 -107 -109t-152 -1q-21 8 -62 24.5t-61 24.5
+q32 -60 91 -96.5t130 -36.5q104 0 177 73t73 177zM1642 953q0 126 -89.5 215.5t-215.5 89.5q-127 0 -216.5 -89.5t-89.5 -215.5q0 -127 89.5 -216t216.5 -89q126 0 215.5 89t89.5 216zM1792 953q0 -189 -133.5 -322t-321.5 -133l-437 -319q-12 -129 -109 -218t-229 -89
+q-121 0 -214 76t-118 192l-230 92v429l389 -157q79 48 173 48q13 0 35 -2l284 407q2 187 135.5 319t320.5 132q188 0 321.5 -133.5t133.5 -321.5z" />
+    <glyph glyph-name="_412" unicode="&#xf1b7;" 
+d="M1242 889q0 80 -57 136.5t-137 56.5t-136.5 -57t-56.5 -136q0 -80 56.5 -136.5t136.5 -56.5t137 56.5t57 136.5zM632 301q0 -83 -58 -140.5t-140 -57.5q-56 0 -103 29t-72 77q52 -20 98 -40q60 -24 120 1.5t85 86.5q24 60 -1.5 120t-86.5 84l-82 33q22 5 42 5
+q82 0 140 -57.5t58 -140.5zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v153l172 -69q20 -92 93.5 -152t168.5 -60q104 0 181 70t87 173l345 252q150 0 255.5 105.5t105.5 254.5q0 150 -105.5 255.5t-255.5 105.5
+q-148 0 -253 -104.5t-107 -252.5l-225 -322q-9 1 -28 1q-75 0 -137 -37l-297 119v468q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5zM1289 887q0 -100 -71 -170.5t-171 -70.5t-170.5 70.5t-70.5 170.5t70.5 171t170.5 71q101 0 171.5 -70.5t70.5 -171.5z
+" />
+    <glyph glyph-name="_413" unicode="&#xf1b8;" horiz-adv-x="1792" 
+d="M836 367l-15 -368l-2 -22l-420 29q-36 3 -67 31.5t-47 65.5q-11 27 -14.5 55t4 65t12 55t21.5 64t19 53q78 -12 509 -28zM449 953l180 -379l-147 92q-63 -72 -111.5 -144.5t-72.5 -125t-39.5 -94.5t-18.5 -63l-4 -21l-190 357q-17 26 -18 56t6 47l8 18q35 63 114 188
+l-140 86zM1680 436l-188 -359q-12 -29 -36.5 -46.5t-43.5 -20.5l-18 -4q-71 -7 -219 -12l8 -164l-230 367l211 362l7 -173q170 -16 283 -5t170 33zM895 1360q-47 -63 -265 -435l-317 187l-19 12l225 356q20 31 60 45t80 10q24 -2 48.5 -12t42 -21t41.5 -33t36 -34.5
+t36 -39.5t32 -35zM1550 1053l212 -363q18 -37 12.5 -76t-27.5 -74q-13 -20 -33 -37t-38 -28t-48.5 -22t-47 -16t-51.5 -14t-46 -12q-34 72 -265 436l313 195zM1407 1279l142 83l-220 -373l-419 20l151 86q-34 89 -75 166t-75.5 123.5t-64.5 80t-47 46.5l-17 13l405 -1
+q31 3 58 -10.5t39 -28.5l11 -15q39 -61 112 -190z" />
+    <glyph glyph-name="_414" unicode="&#xf1b9;" horiz-adv-x="2048" 
+d="M480 448q0 66 -47 113t-113 47t-113 -47t-47 -113t47 -113t113 -47t113 47t47 113zM516 768h1016l-89 357q-2 8 -14 17.5t-21 9.5h-768q-9 0 -21 -9.5t-14 -17.5zM1888 448q0 66 -47 113t-113 47t-113 -47t-47 -113t47 -113t113 -47t113 47t47 113zM2048 544v-384
+q0 -14 -9 -23t-23 -9h-96v-128q0 -80 -56 -136t-136 -56t-136 56t-56 136v128h-1024v-128q0 -80 -56 -136t-136 -56t-136 56t-56 136v128h-96q-14 0 -23 9t-9 23v384q0 93 65.5 158.5t158.5 65.5h28l105 419q23 94 104 157.5t179 63.5h768q98 0 179 -63.5t104 -157.5
+l105 -419h28q93 0 158.5 -65.5t65.5 -158.5z" />
+    <glyph glyph-name="_415" unicode="&#xf1ba;" horiz-adv-x="2048" 
+d="M1824 640q93 0 158.5 -65.5t65.5 -158.5v-384q0 -14 -9 -23t-23 -9h-96v-64q0 -80 -56 -136t-136 -56t-136 56t-56 136v64h-1024v-64q0 -80 -56 -136t-136 -56t-136 56t-56 136v64h-96q-14 0 -23 9t-9 23v384q0 93 65.5 158.5t158.5 65.5h28l105 419q23 94 104 157.5
+t179 63.5h128v224q0 14 9 23t23 9h448q14 0 23 -9t9 -23v-224h128q98 0 179 -63.5t104 -157.5l105 -419h28zM320 160q66 0 113 47t47 113t-47 113t-113 47t-113 -47t-47 -113t47 -113t113 -47zM516 640h1016l-89 357q-2 8 -14 17.5t-21 9.5h-768q-9 0 -21 -9.5t-14 -17.5z
+M1728 160q66 0 113 47t47 113t-47 113t-113 47t-113 -47t-47 -113t47 -113t113 -47z" />
+    <glyph glyph-name="_416" unicode="&#xf1bb;" 
+d="M1504 64q0 -26 -19 -45t-45 -19h-462q1 -17 6 -87.5t5 -108.5q0 -25 -18 -42.5t-43 -17.5h-320q-25 0 -43 17.5t-18 42.5q0 38 5 108.5t6 87.5h-462q-26 0 -45 19t-19 45t19 45l402 403h-229q-26 0 -45 19t-19 45t19 45l402 403h-197q-26 0 -45 19t-19 45t19 45l384 384
+q19 19 45 19t45 -19l384 -384q19 -19 19 -45t-19 -45t-45 -19h-197l402 -403q19 -19 19 -45t-19 -45t-45 -19h-229l402 -403q19 -19 19 -45z" />
+    <glyph glyph-name="_417" unicode="&#xf1bc;" 
+d="M1127 326q0 32 -30 51q-193 115 -447 115q-133 0 -287 -34q-42 -9 -42 -52q0 -20 13.5 -34.5t35.5 -14.5q5 0 37 8q132 27 243 27q226 0 397 -103q19 -11 33 -11q19 0 33 13.5t14 34.5zM1223 541q0 40 -35 61q-237 141 -548 141q-153 0 -303 -42q-48 -13 -48 -64
+q0 -25 17.5 -42.5t42.5 -17.5q7 0 37 8q122 33 251 33q279 0 488 -124q24 -13 38 -13q25 0 42.5 17.5t17.5 42.5zM1331 789q0 47 -40 70q-126 73 -293 110.5t-343 37.5q-204 0 -364 -47q-23 -7 -38.5 -25.5t-15.5 -48.5q0 -31 20.5 -52t51.5 -21q11 0 40 8q133 37 307 37
+q159 0 309.5 -34t253.5 -95q21 -12 40 -12q29 0 50.5 20.5t21.5 51.5zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="_418" unicode="&#xf1bd;" horiz-adv-x="1024" 
+d="M1024 1233l-303 -582l24 -31h279v-415h-507l-44 -30l-142 -273l-30 -30h-301v303l303 583l-24 30h-279v415h507l44 30l142 273l30 30h301v-303z" />
+    <glyph glyph-name="_419" unicode="&#xf1be;" horiz-adv-x="2304" 
+d="M784 164l16 241l-16 523q-1 10 -7.5 17t-16.5 7q-9 0 -16 -7t-7 -17l-14 -523l14 -241q1 -10 7.5 -16.5t15.5 -6.5q22 0 24 23zM1080 193l11 211l-12 586q0 16 -13 24q-8 5 -16 5t-16 -5q-13 -8 -13 -24l-1 -6l-10 -579q0 -1 11 -236v-1q0 -10 6 -17q9 -11 23 -11
+q11 0 20 9q9 7 9 20zM35 533l20 -128l-20 -126q-2 -9 -9 -9t-9 9l-17 126l17 128q2 9 9 9t9 -9zM121 612l26 -207l-26 -203q-2 -9 -10 -9q-9 0 -9 10l-23 202l23 207q0 9 9 9q8 0 10 -9zM401 159zM213 650l25 -245l-25 -237q0 -11 -11 -11q-10 0 -12 11l-21 237l21 245
+q2 12 12 12q11 0 11 -12zM307 657l23 -252l-23 -244q-2 -13 -14 -13q-13 0 -13 13l-21 244l21 252q0 13 13 13q12 0 14 -13zM401 639l21 -234l-21 -246q-2 -16 -16 -16q-6 0 -10.5 4.5t-4.5 11.5l-20 246l20 234q0 6 4.5 10.5t10.5 4.5q14 0 16 -15zM784 164zM495 785
+l21 -380l-21 -246q0 -7 -5 -12.5t-12 -5.5q-16 0 -18 18l-18 246l18 380q2 18 18 18q7 0 12 -5.5t5 -12.5zM589 871l19 -468l-19 -244q0 -8 -5.5 -13.5t-13.5 -5.5q-18 0 -20 19l-16 244l16 468q2 19 20 19q8 0 13.5 -5.5t5.5 -13.5zM687 911l18 -506l-18 -242
+q-2 -21 -22 -21q-19 0 -21 21l-16 242l16 506q0 9 6.5 15.5t14.5 6.5q9 0 15 -6.5t7 -15.5zM1079 169v0v0v0zM881 915l15 -510l-15 -239q0 -10 -7.5 -17.5t-17.5 -7.5t-17 7t-8 18l-14 239l14 510q0 11 7.5 18t17.5 7t17.5 -7t7.5 -18zM980 896l14 -492l-14 -236
+q0 -11 -8 -19t-19 -8t-19 8t-9 19l-12 236l12 492q1 12 9 20t19 8t18.5 -8t8.5 -20zM1192 404l-14 -231v0q0 -13 -9 -22t-22 -9t-22 9t-10 22l-6 114l-6 117l12 636v3q2 15 12 24q9 7 20 7q8 0 15 -5q14 -8 16 -26zM2304 423q0 -117 -83 -199.5t-200 -82.5h-786
+q-13 2 -22 11t-9 22v899q0 23 28 33q85 34 181 34q195 0 338 -131.5t160 -323.5q53 22 110 22q117 0 200 -83t83 -201z" />
+    <glyph glyph-name="uniF1C0" unicode="&#xf1c0;" 
+d="M768 768q237 0 443 43t325 127v-170q0 -69 -103 -128t-280 -93.5t-385 -34.5t-385 34.5t-280 93.5t-103 128v170q119 -84 325 -127t443 -43zM768 0q237 0 443 43t325 127v-170q0 -69 -103 -128t-280 -93.5t-385 -34.5t-385 34.5t-280 93.5t-103 128v170q119 -84 325 -127
+t443 -43zM768 384q237 0 443 43t325 127v-170q0 -69 -103 -128t-280 -93.5t-385 -34.5t-385 34.5t-280 93.5t-103 128v170q119 -84 325 -127t443 -43zM768 1536q208 0 385 -34.5t280 -93.5t103 -128v-128q0 -69 -103 -128t-280 -93.5t-385 -34.5t-385 34.5t-280 93.5
+t-103 128v128q0 69 103 128t280 93.5t385 34.5z" />
+    <glyph glyph-name="uniF1C1" unicode="&#xf1c1;" 
+d="M1468 1156q28 -28 48 -76t20 -88v-1152q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1600q0 40 28 68t68 28h896q40 0 88 -20t76 -48zM1024 1400v-376h376q-10 29 -22 41l-313 313q-12 12 -41 22zM1408 -128v1024h-416q-40 0 -68 28t-28 68v416h-768v-1536h1280z
+M894 465q33 -26 84 -56q59 7 117 7q147 0 177 -49q16 -22 2 -52q0 -1 -1 -2l-2 -2v-1q-6 -38 -71 -38q-48 0 -115 20t-130 53q-221 -24 -392 -83q-153 -262 -242 -262q-15 0 -28 7l-24 12q-1 1 -6 5q-10 10 -6 36q9 40 56 91.5t132 96.5q14 9 23 -6q2 -2 2 -4q52 85 107 197
+q68 136 104 262q-24 82 -30.5 159.5t6.5 127.5q11 40 42 40h21h1q23 0 35 -15q18 -21 9 -68q-2 -6 -4 -8q1 -3 1 -8v-30q-2 -123 -14 -192q55 -164 146 -238zM318 54q52 24 137 158q-51 -40 -87.5 -84t-49.5 -74zM716 974q-15 -42 -2 -132q1 7 7 44q0 3 7 43q1 4 4 8
+q-1 1 -1 2q-1 2 -1 3q-1 22 -13 36q0 -1 -1 -2v-2zM592 313q135 54 284 81q-2 1 -13 9.5t-16 13.5q-76 67 -127 176q-27 -86 -83 -197q-30 -56 -45 -83zM1238 329q-24 24 -140 24q76 -28 124 -28q14 0 18 1q0 1 -2 3z" />
+    <glyph glyph-name="_422" unicode="&#xf1c2;" 
+d="M1468 1156q28 -28 48 -76t20 -88v-1152q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1600q0 40 28 68t68 28h896q40 0 88 -20t76 -48zM1024 1400v-376h376q-10 29 -22 41l-313 313q-12 12 -41 22zM1408 -128v1024h-416q-40 0 -68 28t-28 68v416h-768v-1536h1280z
+M233 768v-107h70l164 -661h159l128 485q7 20 10 46q2 16 2 24h4l3 -24q1 -3 3.5 -20t5.5 -26l128 -485h159l164 661h70v107h-300v-107h90l-99 -438q-5 -20 -7 -46l-2 -21h-4q0 3 -0.5 6.5t-1.5 8t-1 6.5q-1 5 -4 21t-5 25l-144 545h-114l-144 -545q-2 -9 -4.5 -24.5
+t-3.5 -21.5l-4 -21h-4l-2 21q-2 26 -7 46l-99 438h90v107h-300z" />
+    <glyph glyph-name="_423" unicode="&#xf1c3;" 
+d="M1468 1156q28 -28 48 -76t20 -88v-1152q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1600q0 40 28 68t68 28h896q40 0 88 -20t76 -48zM1024 1400v-376h376q-10 29 -22 41l-313 313q-12 12 -41 22zM1408 -128v1024h-416q-40 0 -68 28t-28 68v416h-768v-1536h1280z
+M429 106v-106h281v106h-75l103 161q5 7 10 16.5t7.5 13.5t3.5 4h2q1 -4 5 -10q2 -4 4.5 -7.5t6 -8t6.5 -8.5l107 -161h-76v-106h291v106h-68l-192 273l195 282h67v107h-279v-107h74l-103 -159q-4 -7 -10 -16.5t-9 -13.5l-2 -3h-2q-1 4 -5 10q-6 11 -17 23l-106 159h76v107
+h-290v-107h68l189 -272l-194 -283h-68z" />
+    <glyph glyph-name="_424" unicode="&#xf1c4;" 
+d="M1468 1156q28 -28 48 -76t20 -88v-1152q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1600q0 40 28 68t68 28h896q40 0 88 -20t76 -48zM1024 1400v-376h376q-10 29 -22 41l-313 313q-12 12 -41 22zM1408 -128v1024h-416q-40 0 -68 28t-28 68v416h-768v-1536h1280z
+M416 106v-106h327v106h-93v167h137q76 0 118 15q67 23 106.5 87t39.5 146q0 81 -37 141t-100 87q-48 19 -130 19h-368v-107h92v-555h-92zM769 386h-119v268h120q52 0 83 -18q56 -33 56 -115q0 -89 -62 -120q-31 -15 -78 -15z" />
+    <glyph glyph-name="_425" unicode="&#xf1c5;" 
+d="M1468 1156q28 -28 48 -76t20 -88v-1152q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1600q0 40 28 68t68 28h896q40 0 88 -20t76 -48zM1024 1400v-376h376q-10 29 -22 41l-313 313q-12 12 -41 22zM1408 -128v1024h-416q-40 0 -68 28t-28 68v416h-768v-1536h1280z
+M1280 320v-320h-1024v192l192 192l128 -128l384 384zM448 512q-80 0 -136 56t-56 136t56 136t136 56t136 -56t56 -136t-56 -136t-136 -56z" />
+    <glyph glyph-name="_426" unicode="&#xf1c6;" 
+d="M640 1152v128h-128v-128h128zM768 1024v128h-128v-128h128zM640 896v128h-128v-128h128zM768 768v128h-128v-128h128zM1468 1156q28 -28 48 -76t20 -88v-1152q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1600q0 40 28 68t68 28h896q40 0 88 -20t76 -48zM1024 1400
+v-376h376q-10 29 -22 41l-313 313q-12 12 -41 22zM1408 -128v1024h-416q-40 0 -68 28t-28 68v416h-128v-128h-128v128h-512v-1536h1280zM781 593l107 -349q8 -27 8 -52q0 -83 -72.5 -137.5t-183.5 -54.5t-183.5 54.5t-72.5 137.5q0 25 8 52q21 63 120 396v128h128v-128h79
+q22 0 39 -13t23 -34zM640 128q53 0 90.5 19t37.5 45t-37.5 45t-90.5 19t-90.5 -19t-37.5 -45t37.5 -45t90.5 -19z" />
+    <glyph glyph-name="_427" unicode="&#xf1c7;" 
+d="M1468 1156q28 -28 48 -76t20 -88v-1152q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1600q0 40 28 68t68 28h896q40 0 88 -20t76 -48zM1024 1400v-376h376q-10 29 -22 41l-313 313q-12 12 -41 22zM1408 -128v1024h-416q-40 0 -68 28t-28 68v416h-768v-1536h1280z
+M620 686q20 -8 20 -30v-544q0 -22 -20 -30q-8 -2 -12 -2q-12 0 -23 9l-166 167h-131q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h131l166 167q16 15 35 7zM1037 -3q31 0 50 24q129 159 129 363t-129 363q-16 21 -43 24t-47 -14q-21 -17 -23.5 -43.5t14.5 -47.5
+q100 -123 100 -282t-100 -282q-17 -21 -14.5 -47.5t23.5 -42.5q18 -15 40 -15zM826 145q27 0 47 20q87 93 87 219t-87 219q-18 19 -45 20t-46 -17t-20 -44.5t18 -46.5q52 -57 52 -131t-52 -131q-19 -20 -18 -46.5t20 -44.5q20 -17 44 -17z" />
+    <glyph glyph-name="_428" unicode="&#xf1c8;" 
+d="M1468 1156q28 -28 48 -76t20 -88v-1152q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1600q0 40 28 68t68 28h896q40 0 88 -20t76 -48zM1024 1400v-376h376q-10 29 -22 41l-313 313q-12 12 -41 22zM1408 -128v1024h-416q-40 0 -68 28t-28 68v416h-768v-1536h1280z
+M768 768q52 0 90 -38t38 -90v-384q0 -52 -38 -90t-90 -38h-384q-52 0 -90 38t-38 90v384q0 52 38 90t90 38h384zM1260 766q20 -8 20 -30v-576q0 -22 -20 -30q-8 -2 -12 -2q-14 0 -23 9l-265 266v90l265 266q9 9 23 9q4 0 12 -2z" />
+    <glyph glyph-name="_429" unicode="&#xf1c9;" 
+d="M1468 1156q28 -28 48 -76t20 -88v-1152q0 -40 -28 -68t-68 -28h-1344q-40 0 -68 28t-28 68v1600q0 40 28 68t68 28h896q40 0 88 -20t76 -48zM1024 1400v-376h376q-10 29 -22 41l-313 313q-12 12 -41 22zM1408 -128v1024h-416q-40 0 -68 28t-28 68v416h-768v-1536h1280z
+M480 768q8 11 21 12.5t24 -6.5l51 -38q11 -8 12.5 -21t-6.5 -24l-182 -243l182 -243q8 -11 6.5 -24t-12.5 -21l-51 -38q-11 -8 -24 -6.5t-21 12.5l-226 301q-14 19 0 38zM1282 467q14 -19 0 -38l-226 -301q-8 -11 -21 -12.5t-24 6.5l-51 38q-11 8 -12.5 21t6.5 24l182 243
+l-182 243q-8 11 -6.5 24t12.5 21l51 38q11 8 24 6.5t21 -12.5zM662 6q-13 2 -20.5 13t-5.5 24l138 831q2 13 13 20.5t24 5.5l63 -10q13 -2 20.5 -13t5.5 -24l-138 -831q-2 -13 -13 -20.5t-24 -5.5z" />
+    <glyph glyph-name="_430" unicode="&#xf1ca;" 
+d="M1497 709v-198q-101 -23 -198 -23q-65 -136 -165.5 -271t-181.5 -215.5t-128 -106.5q-80 -45 -162 3q-28 17 -60.5 43.5t-85 83.5t-102.5 128.5t-107.5 184t-105.5 244t-91.5 314.5t-70.5 390h283q26 -218 70 -398.5t104.5 -317t121.5 -235.5t140 -195q169 169 287 406
+q-142 72 -223 220t-81 333q0 192 104 314.5t284 122.5q178 0 273 -105.5t95 -297.5q0 -159 -58 -286q-7 -1 -19.5 -3t-46 -2t-63 6t-62 25.5t-50.5 51.5q31 103 31 184q0 87 -29 132t-79 45q-53 0 -85 -49.5t-32 -140.5q0 -186 105 -293.5t267 -107.5q62 0 121 14z" />
+    <glyph glyph-name="_431" unicode="&#xf1cb;" horiz-adv-x="1792" 
+d="M216 367l603 -402v359l-334 223zM154 511l193 129l-193 129v-258zM973 -35l603 402l-269 180l-334 -223v-359zM896 458l272 182l-272 182l-272 -182zM485 733l334 223v359l-603 -402zM1445 640l193 -129v258zM1307 733l269 180l-603 402v-359zM1792 913v-546
+q0 -41 -34 -64l-819 -546q-21 -13 -43 -13t-43 13l-819 546q-34 23 -34 64v546q0 41 34 64l819 546q21 13 43 13t43 -13l819 -546q34 -23 34 -64z" />
+    <glyph glyph-name="_432" unicode="&#xf1cc;" horiz-adv-x="2048" 
+d="M1800 764q111 -46 179.5 -145.5t68.5 -221.5q0 -164 -118 -280.5t-285 -116.5q-4 0 -11.5 0.5t-10.5 0.5h-1209h-1h-2h-5q-170 10 -288 125.5t-118 280.5q0 110 55 203t147 147q-12 39 -12 82q0 115 82 196t199 81q95 0 172 -58q75 154 222.5 248t326.5 94
+q166 0 306 -80.5t221.5 -218.5t81.5 -301q0 -6 -0.5 -18t-0.5 -18zM468 498q0 -122 84 -193t208 -71q137 0 240 99q-16 20 -47.5 56.5t-43.5 50.5q-67 -65 -144 -65q-55 0 -93.5 33.5t-38.5 87.5q0 53 38.5 87t91.5 34q44 0 84.5 -21t73 -55t65 -75t69 -82t77 -75t97 -55
+t121.5 -21q121 0 204.5 71.5t83.5 190.5q0 121 -84 192t-207 71q-143 0 -241 -97l93 -108q66 64 142 64q52 0 92 -33t40 -84q0 -57 -37 -91.5t-94 -34.5q-43 0 -82.5 21t-72 55t-65.5 75t-69.5 82t-77.5 75t-96.5 55t-118.5 21q-122 0 -207 -70.5t-85 -189.5z" />
+    <glyph glyph-name="_433" unicode="&#xf1cd;" horiz-adv-x="1792" 
+d="M896 1536q182 0 348 -71t286 -191t191 -286t71 -348t-71 -348t-191 -286t-286 -191t-348 -71t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71zM896 1408q-190 0 -361 -90l194 -194q82 28 167 28t167 -28l194 194q-171 90 -361 90zM218 279l194 194
+q-28 82 -28 167t28 167l-194 194q-90 -171 -90 -361t90 -361zM896 -128q190 0 361 90l-194 194q-82 -28 -167 -28t-167 28l-194 -194q171 -90 361 -90zM896 256q159 0 271.5 112.5t112.5 271.5t-112.5 271.5t-271.5 112.5t-271.5 -112.5t-112.5 -271.5t112.5 -271.5
+t271.5 -112.5zM1380 473l194 -194q90 171 90 361t-90 361l-194 -194q28 -82 28 -167t-28 -167z" />
+    <glyph glyph-name="_434" unicode="&#xf1ce;" horiz-adv-x="1792" 
+d="M1760 640q0 -176 -68.5 -336t-184 -275.5t-275.5 -184t-336 -68.5t-336 68.5t-275.5 184t-184 275.5t-68.5 336q0 213 97 398.5t265 305.5t374 151v-228q-221 -45 -366.5 -221t-145.5 -406q0 -130 51 -248.5t136.5 -204t204 -136.5t248.5 -51t248.5 51t204 136.5
+t136.5 204t51 248.5q0 230 -145.5 406t-366.5 221v228q206 -31 374 -151t265 -305.5t97 -398.5z" />
+    <glyph glyph-name="uniF1D0" unicode="&#xf1d0;" horiz-adv-x="1792" 
+d="M19 662q8 217 116 406t305 318h5q0 -1 -1 -3q-8 -8 -28 -33.5t-52 -76.5t-60 -110.5t-44.5 -135.5t-14 -150.5t39 -157.5t108.5 -154q50 -50 102 -69.5t90.5 -11.5t69.5 23.5t47 32.5l16 16q39 51 53 116.5t6.5 122.5t-21 107t-26.5 80l-14 29q-10 25 -30.5 49.5t-43 41
+t-43.5 29.5t-35 19l-13 6l104 115q39 -17 78 -52t59 -61l19 -27q1 48 -18.5 103.5t-40.5 87.5l-20 31l161 183l160 -181q-33 -46 -52.5 -102.5t-22.5 -90.5l-4 -33q22 37 61.5 72.5t67.5 52.5l28 17l103 -115q-44 -14 -85 -50t-60 -65l-19 -29q-31 -56 -48 -133.5t-7 -170
+t57 -156.5q33 -45 77.5 -60.5t85 -5.5t76 26.5t57.5 33.5l21 16q60 53 96.5 115t48.5 121.5t10 121.5t-18 118t-37 107.5t-45.5 93t-45 72t-34.5 47.5l-13 17q-14 13 -7 13l10 -3q40 -29 62.5 -46t62 -50t64 -58t58.5 -65t55.5 -77t45.5 -88t38 -103t23.5 -117t10.5 -136
+q3 -259 -108 -465t-312 -321t-456 -115q-185 0 -351 74t-283.5 198t-184 293t-60.5 353z" />
+    <glyph glyph-name="uniF1D1" unicode="&#xf1d1;" horiz-adv-x="1792" 
+d="M874 -102v-66q-208 6 -385 109.5t-283 275.5l58 34q29 -49 73 -99l65 57q148 -168 368 -212l-17 -86q65 -12 121 -13zM276 428l-83 -28q22 -60 49 -112l-57 -33q-98 180 -98 385t98 385l57 -33q-30 -56 -49 -112l82 -28q-35 -100 -35 -212q0 -109 36 -212zM1528 251
+l58 -34q-106 -172 -283 -275.5t-385 -109.5v66q56 1 121 13l-17 86q220 44 368 212l65 -57q44 50 73 99zM1377 805l-233 -80q14 -42 14 -85t-14 -85l232 -80q-31 -92 -98 -169l-185 162q-57 -67 -147 -85l48 -241q-52 -10 -98 -10t-98 10l48 241q-90 18 -147 85l-185 -162
+q-67 77 -98 169l232 80q-14 42 -14 85t14 85l-233 80q33 93 99 169l185 -162q59 68 147 86l-48 240q44 10 98 10t98 -10l-48 -240q88 -18 147 -86l185 162q66 -76 99 -169zM874 1448v-66q-65 -2 -121 -13l17 -86q-220 -42 -368 -211l-65 56q-38 -42 -73 -98l-57 33
+q106 172 282 275.5t385 109.5zM1705 640q0 -205 -98 -385l-57 33q27 52 49 112l-83 28q36 103 36 212q0 112 -35 212l82 28q-19 56 -49 112l57 33q98 -180 98 -385zM1585 1063l-57 -33q-35 56 -73 98l-65 -56q-148 169 -368 211l17 86q-56 11 -121 13v66q209 -6 385 -109.5
+t282 -275.5zM1748 640q0 173 -67.5 331t-181.5 272t-272 181.5t-331 67.5t-331 -67.5t-272 -181.5t-181.5 -272t-67.5 -331t67.5 -331t181.5 -272t272 -181.5t331 -67.5t331 67.5t272 181.5t181.5 272t67.5 331zM1792 640q0 -182 -71 -348t-191 -286t-286 -191t-348 -71
+t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71t348 -71t286 -191t191 -286t71 -348z" />
+    <glyph glyph-name="uniF1D2" unicode="&#xf1d2;" 
+d="M582 228q0 -66 -93 -66q-107 0 -107 63q0 64 98 64q102 0 102 -61zM546 694q0 -85 -74 -85q-77 0 -77 84q0 90 77 90q36 0 55 -25.5t19 -63.5zM712 769v125q-78 -29 -135 -29q-50 29 -110 29q-86 0 -145 -57t-59 -143q0 -50 29.5 -102t73.5 -67v-3q-38 -17 -38 -85
+q0 -53 41 -77v-3q-113 -37 -113 -139q0 -45 20 -78.5t54 -51t72 -25.5t81 -8q224 0 224 188q0 67 -48 99t-126 46q-27 5 -51.5 20.5t-24.5 39.5q0 44 49 52q77 15 122 70t45 134q0 24 -10 52q37 9 49 13zM771 350h137q-2 27 -2 82v387q0 46 2 69h-137q3 -23 3 -71v-392
+q0 -50 -3 -75zM1280 366v121q-30 -21 -68 -21q-53 0 -53 82v225h52q9 0 26.5 -1t26.5 -1v117h-105q0 82 3 102h-140q4 -24 4 -55v-47h-60v-117q36 3 37 3q3 0 11 -0.5t12 -0.5v-2h-2v-217q0 -37 2.5 -64t11.5 -56.5t24.5 -48.5t43.5 -31t66 -12q64 0 108 24zM924 1072
+q0 36 -24 63.5t-60 27.5t-60.5 -27t-24.5 -64q0 -36 25 -62.5t60 -26.5t59.5 27t24.5 62zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="_438" unicode="&#xf1d3;" horiz-adv-x="1792" 
+d="M595 22q0 100 -165 100q-158 0 -158 -104q0 -101 172 -101q151 0 151 105zM536 777q0 61 -30 102t-89 41q-124 0 -124 -145q0 -135 124 -135q119 0 119 137zM805 1101v-202q-36 -12 -79 -22q16 -43 16 -84q0 -127 -73 -216.5t-197 -112.5q-40 -8 -59.5 -27t-19.5 -58
+q0 -31 22.5 -51.5t58 -32t78.5 -22t86 -25.5t78.5 -37.5t58 -64t22.5 -98.5q0 -304 -363 -304q-69 0 -130 12.5t-116 41t-87.5 82t-32.5 127.5q0 165 182 225v4q-67 41 -67 126q0 109 63 137v4q-72 24 -119.5 108.5t-47.5 165.5q0 139 95 231.5t235 92.5q96 0 178 -47
+q98 0 218 47zM1123 220h-222q4 45 4 134v609q0 94 -4 128h222q-4 -33 -4 -124v-613q0 -89 4 -134zM1724 442v-196q-71 -39 -174 -39q-62 0 -107 20t-70 50t-39.5 78t-18.5 92t-4 103v351h2v4q-7 0 -19 1t-18 1q-21 0 -59 -6v190h96v76q0 54 -6 89h227q-6 -41 -6 -165h171
+v-190q-15 0 -43.5 2t-42.5 2h-85v-365q0 -131 87 -131q61 0 109 33zM1148 1389q0 -58 -39 -101.5t-96 -43.5q-58 0 -98 43.5t-40 101.5q0 59 39.5 103t98.5 44q58 0 96.5 -44.5t38.5 -102.5z" />
+    <glyph glyph-name="_439" unicode="&#xf1d4;" 
+d="M809 532l266 499h-112l-157 -312q-24 -48 -44 -92l-42 92l-155 312h-120l263 -493v-324h101v318zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="uniF1D5" unicode="&#xf1d5;" horiz-adv-x="1280" 
+d="M842 964q0 -80 -57 -136.5t-136 -56.5q-60 0 -111 35q-62 -67 -115 -146q-247 -371 -202 -859q1 -22 -12.5 -38.5t-34.5 -18.5h-5q-20 0 -35 13.5t-17 33.5q-14 126 -3.5 247.5t29.5 217t54 186t69 155.5t74 125q61 90 132 165q-16 35 -16 77q0 80 56.5 136.5t136.5 56.5
+t136.5 -56.5t56.5 -136.5zM1223 953q0 -158 -78 -292t-212.5 -212t-292.5 -78q-64 0 -131 14q-21 5 -32.5 23.5t-6.5 39.5q5 20 23 31.5t39 7.5q51 -13 108 -13q97 0 186 38t153 102t102 153t38 186t-38 186t-102 153t-153 102t-186 38t-186 -38t-153 -102t-102 -153
+t-38 -186q0 -114 52 -218q10 -20 3.5 -40t-25.5 -30t-39.5 -3t-30.5 26q-64 123 -64 265q0 119 46.5 227t124.5 186t186 124t226 46q158 0 292.5 -78t212.5 -212.5t78 -292.5z" />
+    <glyph glyph-name="uniF1D6" unicode="&#xf1d6;" horiz-adv-x="1792" 
+d="M270 730q-8 19 -8 52q0 20 11 49t24 45q-1 22 7.5 53t22.5 43q0 139 92.5 288.5t217.5 209.5q139 66 324 66q133 0 266 -55q49 -21 90 -48t71 -56t55 -68t42 -74t32.5 -84.5t25.5 -89.5t22 -98l1 -5q55 -83 55 -150q0 -14 -9 -40t-9 -38q0 -1 1.5 -3.5t3.5 -5t2 -3.5
+q77 -114 120.5 -214.5t43.5 -208.5q0 -43 -19.5 -100t-55.5 -57q-9 0 -19.5 7.5t-19 17.5t-19 26t-16 26.5t-13.5 26t-9 17.5q-1 1 -3 1l-5 -4q-59 -154 -132 -223q20 -20 61.5 -38.5t69 -41.5t35.5 -65q-2 -4 -4 -16t-7 -18q-64 -97 -302 -97q-53 0 -110.5 9t-98 20
+t-104.5 30q-15 5 -23 7q-14 4 -46 4.5t-40 1.5q-41 -45 -127.5 -65t-168.5 -20q-35 0 -69 1.5t-93 9t-101 20.5t-74.5 40t-32.5 64q0 40 10 59.5t41 48.5q11 2 40.5 13t49.5 12q4 0 14 2q2 2 2 4l-2 3q-48 11 -108 105.5t-73 156.5l-5 3q-4 0 -12 -20q-18 -41 -54.5 -74.5
+t-77.5 -37.5h-1q-4 0 -6 4.5t-5 5.5q-23 54 -23 100q0 275 252 466z" />
+    <glyph glyph-name="uniF1D7" unicode="&#xf1d7;" horiz-adv-x="2048" 
+d="M580 1075q0 41 -25 66t-66 25q-43 0 -76 -25.5t-33 -65.5q0 -39 33 -64.5t76 -25.5q41 0 66 24.5t25 65.5zM1323 568q0 28 -25.5 50t-65.5 22q-27 0 -49.5 -22.5t-22.5 -49.5q0 -28 22.5 -50.5t49.5 -22.5q40 0 65.5 22t25.5 51zM1087 1075q0 41 -24.5 66t-65.5 25
+q-43 0 -76 -25.5t-33 -65.5q0 -39 33 -64.5t76 -25.5q41 0 65.5 24.5t24.5 65.5zM1722 568q0 28 -26 50t-65 22q-27 0 -49.5 -22.5t-22.5 -49.5q0 -28 22.5 -50.5t49.5 -22.5q39 0 65 22t26 51zM1456 965q-31 4 -70 4q-169 0 -311 -77t-223.5 -208.5t-81.5 -287.5
+q0 -78 23 -152q-35 -3 -68 -3q-26 0 -50 1.5t-55 6.5t-44.5 7t-54.5 10.5t-50 10.5l-253 -127l72 218q-290 203 -290 490q0 169 97.5 311t264 223.5t363.5 81.5q176 0 332.5 -66t262 -182.5t136.5 -260.5zM2048 404q0 -117 -68.5 -223.5t-185.5 -193.5l55 -181l-199 109
+q-150 -37 -218 -37q-169 0 -311 70.5t-223.5 191.5t-81.5 264t81.5 264t223.5 191.5t311 70.5q161 0 303 -70.5t227.5 -192t85.5 -263.5z" />
+    <glyph glyph-name="_443" unicode="&#xf1d8;" horiz-adv-x="1792" 
+d="M1764 1525q33 -24 27 -64l-256 -1536q-5 -29 -32 -45q-14 -8 -31 -8q-11 0 -24 5l-453 185l-242 -295q-18 -23 -49 -23q-13 0 -22 4q-19 7 -30.5 23.5t-11.5 36.5v349l864 1059l-1069 -925l-395 162q-37 14 -40 55q-2 40 32 59l1664 960q15 9 32 9q20 0 36 -11z" />
+    <glyph glyph-name="_444" unicode="&#xf1d9;" horiz-adv-x="1792" 
+d="M1764 1525q33 -24 27 -64l-256 -1536q-5 -29 -32 -45q-14 -8 -31 -8q-11 0 -24 5l-527 215l-298 -327q-18 -21 -47 -21q-14 0 -23 4q-19 7 -30 23.5t-11 36.5v452l-472 193q-37 14 -40 55q-3 39 32 59l1664 960q35 21 68 -2zM1422 26l221 1323l-1434 -827l336 -137
+l863 639l-478 -797z" />
+    <glyph glyph-name="_445" unicode="&#xf1da;" 
+d="M1536 640q0 -156 -61 -298t-164 -245t-245 -164t-298 -61q-172 0 -327 72.5t-264 204.5q-7 10 -6.5 22.5t8.5 20.5l137 138q10 9 25 9q16 -2 23 -12q73 -95 179 -147t225 -52q104 0 198.5 40.5t163.5 109.5t109.5 163.5t40.5 198.5t-40.5 198.5t-109.5 163.5
+t-163.5 109.5t-198.5 40.5q-98 0 -188 -35.5t-160 -101.5l137 -138q31 -30 14 -69q-17 -40 -59 -40h-448q-26 0 -45 19t-19 45v448q0 42 40 59q39 17 69 -14l130 -129q107 101 244.5 156.5t284.5 55.5q156 0 298 -61t245 -164t164 -245t61 -298zM896 928v-448q0 -14 -9 -23
+t-23 -9h-320q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h224v352q0 14 9 23t23 9h64q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="_446" unicode="&#xf1db;" 
+d="M768 1280q-130 0 -248.5 -51t-204 -136.5t-136.5 -204t-51 -248.5t51 -248.5t136.5 -204t204 -136.5t248.5 -51t248.5 51t204 136.5t136.5 204t51 248.5t-51 248.5t-136.5 204t-204 136.5t-248.5 51zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103
+t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="_447" unicode="&#xf1dc;" horiz-adv-x="1792" 
+d="M1682 -128q-44 0 -132.5 3.5t-133.5 3.5q-44 0 -132 -3.5t-132 -3.5q-24 0 -37 20.5t-13 45.5q0 31 17 46t39 17t51 7t45 15q33 21 33 140l-1 391q0 21 -1 31q-13 4 -50 4h-675q-38 0 -51 -4q-1 -10 -1 -31l-1 -371q0 -142 37 -164q16 -10 48 -13t57 -3.5t45 -15
+t20 -45.5q0 -26 -12.5 -48t-36.5 -22q-47 0 -139.5 3.5t-138.5 3.5q-43 0 -128 -3.5t-127 -3.5q-23 0 -35.5 21t-12.5 45q0 30 15.5 45t36 17.5t47.5 7.5t42 15q33 23 33 143l-1 57v813q0 3 0.5 26t0 36.5t-1.5 38.5t-3.5 42t-6.5 36.5t-11 31.5t-16 18q-15 10 -45 12t-53 2
+t-41 14t-18 45q0 26 12 48t36 22q46 0 138.5 -3.5t138.5 -3.5q42 0 126.5 3.5t126.5 3.5q25 0 37.5 -22t12.5 -48q0 -30 -17 -43.5t-38.5 -14.5t-49.5 -4t-43 -13q-35 -21 -35 -160l1 -320q0 -21 1 -32q13 -3 39 -3h699q25 0 38 3q1 11 1 32l1 320q0 139 -35 160
+q-18 11 -58.5 12.5t-66 13t-25.5 49.5q0 26 12.5 48t37.5 22q44 0 132 -3.5t132 -3.5q43 0 129 3.5t129 3.5q25 0 37.5 -22t12.5 -48q0 -30 -17.5 -44t-40 -14.5t-51.5 -3t-44 -12.5q-35 -23 -35 -161l1 -943q0 -119 34 -140q16 -10 46 -13.5t53.5 -4.5t41.5 -15.5t18 -44.5
+q0 -26 -12 -48t-36 -22z" />
+    <glyph glyph-name="_448" unicode="&#xf1dd;" horiz-adv-x="1280" 
+d="M1278 1347v-73q0 -29 -18.5 -61t-42.5 -32q-50 0 -54 -1q-26 -6 -32 -31q-3 -11 -3 -64v-1152q0 -25 -18 -43t-43 -18h-108q-25 0 -43 18t-18 43v1218h-143v-1218q0 -25 -17.5 -43t-43.5 -18h-108q-26 0 -43.5 18t-17.5 43v496q-147 12 -245 59q-126 58 -192 179
+q-64 117 -64 259q0 166 88 286q88 118 209 159q111 37 417 37h479q25 0 43 -18t18 -43z" />
+    <glyph glyph-name="_449" unicode="&#xf1de;" 
+d="M352 128v-128h-352v128h352zM704 256q26 0 45 -19t19 -45v-256q0 -26 -19 -45t-45 -19h-256q-26 0 -45 19t-19 45v256q0 26 19 45t45 19h256zM864 640v-128h-864v128h864zM224 1152v-128h-224v128h224zM1536 128v-128h-736v128h736zM576 1280q26 0 45 -19t19 -45v-256
+q0 -26 -19 -45t-45 -19h-256q-26 0 -45 19t-19 45v256q0 26 19 45t45 19h256zM1216 768q26 0 45 -19t19 -45v-256q0 -26 -19 -45t-45 -19h-256q-26 0 -45 19t-19 45v256q0 26 19 45t45 19h256zM1536 640v-128h-224v128h224zM1536 1152v-128h-864v128h864z" />
+    <glyph glyph-name="uniF1E0" unicode="&#xf1e0;" 
+d="M1216 512q133 0 226.5 -93.5t93.5 -226.5t-93.5 -226.5t-226.5 -93.5t-226.5 93.5t-93.5 226.5q0 12 2 34l-360 180q-92 -86 -218 -86q-133 0 -226.5 93.5t-93.5 226.5t93.5 226.5t226.5 93.5q126 0 218 -86l360 180q-2 22 -2 34q0 133 93.5 226.5t226.5 93.5
+t226.5 -93.5t93.5 -226.5t-93.5 -226.5t-226.5 -93.5q-126 0 -218 86l-360 -180q2 -22 2 -34t-2 -34l360 -180q92 86 218 86z" />
+    <glyph glyph-name="_451" unicode="&#xf1e1;" 
+d="M1280 341q0 88 -62.5 151t-150.5 63q-84 0 -145 -58l-241 120q2 16 2 23t-2 23l241 120q61 -58 145 -58q88 0 150.5 63t62.5 151t-62.5 150.5t-150.5 62.5t-151 -62.5t-63 -150.5q0 -7 2 -23l-241 -120q-62 57 -145 57q-88 0 -150.5 -62.5t-62.5 -150.5t62.5 -150.5
+t150.5 -62.5q83 0 145 57l241 -120q-2 -16 -2 -23q0 -88 63 -150.5t151 -62.5t150.5 62.5t62.5 150.5zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="_452" unicode="&#xf1e2;" horiz-adv-x="1792" 
+d="M571 947q-10 25 -34 35t-49 0q-108 -44 -191 -127t-127 -191q-10 -25 0 -49t35 -34q13 -5 24 -5q42 0 60 40q34 84 98.5 148.5t148.5 98.5q25 11 35 35t0 49zM1513 1303l46 -46l-244 -243l68 -68q19 -19 19 -45.5t-19 -45.5l-64 -64q89 -161 89 -343q0 -143 -55.5 -273.5
+t-150 -225t-225 -150t-273.5 -55.5t-273.5 55.5t-225 150t-150 225t-55.5 273.5t55.5 273.5t150 225t225 150t273.5 55.5q182 0 343 -89l64 64q19 19 45.5 19t45.5 -19l68 -68zM1521 1359q-10 -10 -22 -10q-13 0 -23 10l-91 90q-9 10 -9 23t9 23q10 9 23 9t23 -9l90 -91
+q10 -9 10 -22.5t-10 -22.5zM1751 1129q-11 -9 -23 -9t-23 9l-90 91q-10 9 -10 22.5t10 22.5q9 10 22.5 10t22.5 -10l91 -90q9 -10 9 -23t-9 -23zM1792 1312q0 -14 -9 -23t-23 -9h-96q-14 0 -23 9t-9 23t9 23t23 9h96q14 0 23 -9t9 -23zM1600 1504v-96q0 -14 -9 -23t-23 -9
+t-23 9t-9 23v96q0 14 9 23t23 9t23 -9t9 -23zM1751 1449l-91 -90q-10 -10 -22 -10q-13 0 -23 10q-10 9 -10 22.5t10 22.5l90 91q10 9 23 9t23 -9q9 -10 9 -23t-9 -23z" />
+    <glyph glyph-name="_453" unicode="&#xf1e3;" horiz-adv-x="1792" 
+d="M609 720l287 208l287 -208l-109 -336h-355zM896 1536q182 0 348 -71t286 -191t191 -286t71 -348t-71 -348t-191 -286t-286 -191t-348 -71t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71zM1515 186q149 203 149 454v3l-102 -89l-240 224l63 323
+l134 -12q-150 206 -389 282l53 -124l-287 -159l-287 159l53 124q-239 -76 -389 -282l135 12l62 -323l-240 -224l-102 89v-3q0 -251 149 -454l30 132l326 -40l139 -298l-116 -69q117 -39 240 -39t240 39l-116 69l139 298l326 40z" />
+    <glyph glyph-name="_454" unicode="&#xf1e4;" horiz-adv-x="1792" 
+d="M448 224v-192q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h192q14 0 23 -9t9 -23zM256 608v-192q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h192q14 0 23 -9t9 -23zM832 224v-192q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23
+v192q0 14 9 23t23 9h192q14 0 23 -9t9 -23zM640 608v-192q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h192q14 0 23 -9t9 -23zM66 768q-28 0 -47 19t-19 46v129h514v-129q0 -27 -19 -46t-46 -19h-383zM1216 224v-192q0 -14 -9 -23t-23 -9h-192
+q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h192q14 0 23 -9t9 -23zM1024 608v-192q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h192q14 0 23 -9t9 -23zM1600 224v-192q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h192q14 0 23 -9t9 -23
+zM1408 608v-192q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h192q14 0 23 -9t9 -23zM1792 1016v-13h-514v10q0 104 -382 102q-382 -1 -382 -102v-10h-514v13q0 17 8.5 43t34 64t65.5 75.5t110.5 76t160 67.5t224 47.5t293.5 18.5t293 -18.5t224 -47.5
+t160.5 -67.5t110.5 -76t65.5 -75.5t34 -64t8.5 -43zM1792 608v-192q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v192q0 14 9 23t23 9h192q14 0 23 -9t9 -23zM1792 962v-129q0 -27 -19 -46t-46 -19h-384q-27 0 -46 19t-19 46v129h514z" />
+    <glyph glyph-name="_455" unicode="&#xf1e5;" horiz-adv-x="1792" 
+d="M704 1216v-768q0 -26 -19 -45t-45 -19v-576q0 -26 -19 -45t-45 -19h-512q-26 0 -45 19t-19 45v512l249 873q7 23 31 23h424zM1024 1216v-704h-256v704h256zM1792 320v-512q0 -26 -19 -45t-45 -19h-512q-26 0 -45 19t-19 45v576q-26 0 -45 19t-19 45v768h424q24 0 31 -23z
+M736 1504v-224h-352v224q0 14 9 23t23 9h288q14 0 23 -9t9 -23zM1408 1504v-224h-352v224q0 14 9 23t23 9h288q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="_456" unicode="&#xf1e6;" horiz-adv-x="1792" 
+d="M1755 1083q37 -38 37 -90.5t-37 -90.5l-401 -400l150 -150l-160 -160q-163 -163 -389.5 -186.5t-411.5 100.5l-362 -362h-181v181l362 362q-124 185 -100.5 411.5t186.5 389.5l160 160l150 -150l400 401q38 37 91 37t90 -37t37 -90.5t-37 -90.5l-400 -401l234 -234
+l401 400q38 37 91 37t90 -37z" />
+    <glyph glyph-name="_457" unicode="&#xf1e7;" horiz-adv-x="1792" 
+d="M873 796q0 -83 -63.5 -142.5t-152.5 -59.5t-152.5 59.5t-63.5 142.5q0 84 63.5 143t152.5 59t152.5 -59t63.5 -143zM1375 796q0 -83 -63 -142.5t-153 -59.5q-89 0 -152.5 59.5t-63.5 142.5q0 84 63.5 143t152.5 59q90 0 153 -59t63 -143zM1600 616v667q0 87 -32 123.5
+t-111 36.5h-1112q-83 0 -112.5 -34t-29.5 -126v-673q43 -23 88.5 -40t81 -28t81 -18.5t71 -11t70 -4t58.5 -0.5t56.5 2t44.5 2q68 1 95 -27q6 -6 10 -9q26 -25 61 -51q7 91 118 87q5 0 36.5 -1.5t43 -2t45.5 -1t53 1t54.5 4.5t61 8.5t62 13.5t67 19.5t67.5 27t72 34.5z
+M1763 621q-121 -149 -372 -252q84 -285 -23 -465q-66 -113 -183 -148q-104 -32 -182 15q-86 51 -82 164l-1 326v1q-8 2 -24.5 6t-23.5 5l-1 -338q4 -114 -83 -164q-79 -47 -183 -15q-117 36 -182 150q-105 180 -22 463q-251 103 -372 252q-25 37 -4 63t60 -1q4 -2 11.5 -7
+t10.5 -8v694q0 72 47 123t114 51h1257q67 0 114 -51t47 -123v-694l21 15q39 27 60 1t-4 -63z" />
+    <glyph glyph-name="_458" unicode="&#xf1e8;" horiz-adv-x="1792" 
+d="M896 1102v-434h-145v434h145zM1294 1102v-434h-145v434h145zM1294 342l253 254v795h-1194v-1049h326v-217l217 217h398zM1692 1536v-1013l-434 -434h-326l-217 -217h-217v217h-398v1158l109 289h1483z" />
+    <glyph glyph-name="_459" unicode="&#xf1e9;" 
+d="M773 217v-127q-1 -292 -6 -305q-12 -32 -51 -40q-54 -9 -181.5 38t-162.5 89q-13 15 -17 36q-1 12 4 26q4 10 34 47t181 216q1 0 60 70q15 19 39.5 24.5t49.5 -3.5q24 -10 37.5 -29t12.5 -42zM624 468q-3 -55 -52 -70l-120 -39q-275 -88 -292 -88q-35 2 -54 36
+q-12 25 -17 75q-8 76 1 166.5t30 124.5t56 32q13 0 202 -77q71 -29 115 -47l84 -34q23 -9 35.5 -30.5t11.5 -48.5zM1450 171q-7 -54 -91.5 -161t-135.5 -127q-37 -14 -63 7q-14 10 -184 287l-47 77q-14 21 -11.5 46t19.5 46q35 43 83 26q1 -1 119 -40q203 -66 242 -79.5
+t47 -20.5q28 -22 22 -61zM778 803q5 -102 -54 -122q-58 -17 -114 71l-378 598q-8 35 19 62q41 43 207.5 89.5t224.5 31.5q40 -10 49 -45q3 -18 22 -305.5t24 -379.5zM1440 695q3 -39 -26 -59q-15 -10 -329 -86q-67 -15 -91 -23l1 2q-23 -6 -46 4t-37 32q-30 47 0 87
+q1 1 75 102q125 171 150 204t34 39q28 19 65 2q48 -23 123 -133.5t81 -167.5v-3z" />
+    <glyph glyph-name="_460" unicode="&#xf1ea;" horiz-adv-x="2048" 
+d="M1024 1024h-384v-384h384v384zM1152 384v-128h-640v128h640zM1152 1152v-640h-640v640h640zM1792 384v-128h-512v128h512zM1792 640v-128h-512v128h512zM1792 896v-128h-512v128h512zM1792 1152v-128h-512v128h512zM256 192v960h-128v-960q0 -26 19 -45t45 -19t45 19
+t19 45zM1920 192v1088h-1536v-1088q0 -33 -11 -64h1483q26 0 45 19t19 45zM2048 1408v-1216q0 -80 -56 -136t-136 -56h-1664q-80 0 -136 56t-56 136v1088h256v128h1792z" />
+    <glyph glyph-name="_461" unicode="&#xf1eb;" horiz-adv-x="2048" 
+d="M1024 13q-20 0 -93 73.5t-73 93.5q0 32 62.5 54t103.5 22t103.5 -22t62.5 -54q0 -20 -73 -93.5t-93 -73.5zM1294 284q-2 0 -40 25t-101.5 50t-128.5 25t-128.5 -25t-101 -50t-40.5 -25q-18 0 -93.5 75t-75.5 93q0 13 10 23q78 77 196 121t233 44t233 -44t196 -121
+q10 -10 10 -23q0 -18 -75.5 -93t-93.5 -75zM1567 556q-11 0 -23 8q-136 105 -252 154.5t-268 49.5q-85 0 -170.5 -22t-149 -53t-113.5 -62t-79 -53t-31 -22q-17 0 -92 75t-75 93q0 12 10 22q132 132 320 205t380 73t380 -73t320 -205q10 -10 10 -22q0 -18 -75 -93t-92 -75z
+M1838 827q-11 0 -22 9q-179 157 -371.5 236.5t-420.5 79.5t-420.5 -79.5t-371.5 -236.5q-11 -9 -22 -9q-17 0 -92.5 75t-75.5 93q0 13 10 23q187 186 445 288t527 102t527 -102t445 -288q10 -10 10 -23q0 -18 -75.5 -93t-92.5 -75z" />
+    <glyph glyph-name="_462" unicode="&#xf1ec;" horiz-adv-x="1792" 
+d="M384 0q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM768 0q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM384 384q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5
+t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1152 0q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM768 384q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5
+t37.5 90.5zM384 768q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1152 384q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM768 768q0 53 -37.5 90.5t-90.5 37.5
+t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1536 0v384q0 52 -38 90t-90 38t-90 -38t-38 -90v-384q0 -52 38 -90t90 -38t90 38t38 90zM1152 768q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5z
+M1536 1088v256q0 26 -19 45t-45 19h-1280q-26 0 -45 -19t-19 -45v-256q0 -26 19 -45t45 -19h1280q26 0 45 19t19 45zM1536 768q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1664 1408v-1536q0 -52 -38 -90t-90 -38
+h-1408q-52 0 -90 38t-38 90v1536q0 52 38 90t90 38h1408q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="_463" unicode="&#xf1ed;" 
+d="M1519 890q18 -84 -4 -204q-87 -444 -565 -444h-44q-25 0 -44 -16.5t-24 -42.5l-4 -19l-55 -346l-2 -15q-5 -26 -24.5 -42.5t-44.5 -16.5h-251q-21 0 -33 15t-9 36q9 56 26.5 168t26.5 168t27 167.5t27 167.5q5 37 43 37h131q133 -2 236 21q175 39 287 144q102 95 155 246
+q24 70 35 133q1 6 2.5 7.5t3.5 1t6 -3.5q79 -59 98 -162zM1347 1172q0 -107 -46 -236q-80 -233 -302 -315q-113 -40 -252 -42q0 -1 -90 -1l-90 1q-100 0 -118 -96q-2 -8 -85 -530q-1 -10 -12 -10h-295q-22 0 -36.5 16.5t-11.5 38.5l232 1471q5 29 27.5 48t51.5 19h598
+q34 0 97.5 -13t111.5 -32q107 -41 163.5 -123t56.5 -196z" />
+    <glyph glyph-name="_464" unicode="&#xf1ee;" horiz-adv-x="1792" 
+d="M441 864q33 0 52 -26q266 -364 362 -774h-446q-127 441 -367 749q-12 16 -3 33.5t29 17.5h373zM1000 507q-49 -199 -125 -393q-79 310 -256 594q40 221 44 449q211 -340 337 -650zM1099 1216q235 -324 384.5 -698.5t184.5 -773.5h-451q-41 665 -553 1472h435zM1792 640
+q0 -424 -101 -812q-67 560 -359 1083q-25 301 -106 584q-4 16 5.5 28.5t25.5 12.5h359q21 0 38.5 -13t22.5 -33q115 -409 115 -850z" />
+    <glyph glyph-name="uniF1F0" unicode="&#xf1f0;" horiz-adv-x="2304" 
+d="M1975 546h-138q14 37 66 179l3 9q4 10 10 26t9 26l12 -55zM531 611l-58 295q-11 54 -75 54h-268l-2 -13q311 -79 403 -336zM710 960l-162 -438l-17 89q-26 70 -85 129.5t-131 88.5l135 -510h175l261 641h-176zM849 318h166l104 642h-166zM1617 944q-69 27 -149 27
+q-123 0 -201 -59t-79 -153q-1 -102 145 -174q48 -23 67 -41t19 -39q0 -30 -30 -46t-69 -16q-86 0 -156 33l-22 11l-23 -144q74 -34 185 -34q130 -1 208.5 59t80.5 160q0 106 -140 174q-49 25 -71 42t-22 38q0 22 24.5 38.5t70.5 16.5q70 1 124 -24l15 -8zM2042 960h-128
+q-65 0 -87 -54l-246 -588h174l35 96h212q5 -22 20 -96h154zM2304 1280v-1280q0 -52 -38 -90t-90 -38h-2048q-52 0 -90 38t-38 90v1280q0 52 38 90t90 38h2048q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="_466" unicode="&#xf1f1;" horiz-adv-x="2304" 
+d="M1119 1195q-128 85 -281 85q-103 0 -197.5 -40.5t-162.5 -108.5t-108.5 -162t-40.5 -197q0 -104 40.5 -198t108.5 -162t162 -108.5t198 -40.5q153 0 281 85q-131 107 -178 265.5t0.5 316.5t177.5 265zM1152 1171q-126 -99 -172 -249.5t-0.5 -300.5t172.5 -249
+q127 99 172.5 249t-0.5 300.5t-172 249.5zM1185 1195q130 -107 177.5 -265.5t0.5 -317t-178 -264.5q128 -85 281 -85q104 0 198 40.5t162 108.5t108.5 162t40.5 198q0 103 -40.5 197t-108.5 162t-162.5 108.5t-197.5 40.5q-153 0 -281 -85zM1926 473h7v3h-17v-3h7v-17h3v17z
+M1955 456h4v20h-5l-6 -13l-6 13h-5v-20h3v15l6 -13h4l5 13v-15zM1947 16v-2h-2h-3v3h3h2v-1zM1947 7h3l-4 5h2l1 1q1 1 1 3t-1 3l-1 1h-3h-6v-13h3v5h1zM685 75q0 19 11 31t30 12q18 0 29 -12.5t11 -30.5q0 -19 -11 -31t-29 -12q-19 0 -30 12t-11 31zM1158 119q30 0 35 -32
+h-70q5 32 35 32zM1514 75q0 19 11 31t29 12t29.5 -12.5t11.5 -30.5q0 -19 -11 -31t-30 -12q-18 0 -29 12t-11 31zM1786 75q0 18 11.5 30.5t29.5 12.5t29.5 -12.5t11.5 -30.5q0 -19 -11.5 -31t-29.5 -12t-29.5 12.5t-11.5 30.5zM1944 3q-2 0 -4 1q-1 0 -3 2t-2 3q-1 2 -1 4
+q0 3 1 4q0 2 2 4l1 1q2 0 2 1q2 1 4 1q3 0 4 -1l4 -2l2 -4v-1q1 -2 1 -3l-1 -1v-3t-1 -1l-1 -2q-2 -2 -4 -2q-1 -1 -4 -1zM599 7h30v85q0 24 -14.5 38.5t-39.5 15.5q-32 0 -47 -24q-14 24 -45 24q-24 0 -39 -20v16h-30v-135h30v75q0 36 33 36q30 0 30 -36v-75h29v75
+q0 36 33 36q30 0 30 -36v-75zM765 7h29v68v67h-29v-16q-17 20 -43 20q-29 0 -48 -20t-19 -51t19 -51t48 -20q28 0 43 20v-17zM943 48q0 34 -47 40l-14 2q-23 4 -23 14q0 15 25 15q23 0 43 -11l12 24q-22 14 -55 14q-26 0 -41 -12t-15 -32q0 -33 47 -39l13 -2q24 -4 24 -14
+q0 -17 -31 -17q-25 0 -45 14l-13 -23q25 -17 58 -17q29 0 45.5 12t16.5 32zM1073 14l-8 25q-13 -7 -26 -7q-19 0 -19 22v61h48v27h-48v41h-30v-41h-28v-27h28v-61q0 -50 47 -50q21 0 36 10zM1159 146q-29 0 -48 -20t-19 -51q0 -32 19.5 -51.5t49.5 -19.5q33 0 55 19l-14 22
+q-18 -15 -39 -15q-34 0 -41 33h101v12q0 32 -18 51.5t-46 19.5zM1318 146q-23 0 -35 -20v16h-30v-135h30v76q0 35 29 35q10 0 18 -4l9 28q-9 4 -21 4zM1348 75q0 -31 19.5 -51t52.5 -20q29 0 48 16l-14 24q-18 -13 -35 -12q-18 0 -29.5 12t-11.5 31t11.5 31t29.5 12
+q19 0 35 -12l14 24q-20 16 -48 16q-33 0 -52.5 -20t-19.5 -51zM1593 7h30v68v67h-30v-16q-15 20 -42 20q-29 0 -48.5 -20t-19.5 -51t19.5 -51t48.5 -20q28 0 42 20v-17zM1726 146q-23 0 -35 -20v16h-29v-135h29v76q0 35 29 35q10 0 18 -4l9 28q-8 4 -21 4zM1866 7h29v68v122
+h-29v-71q-15 20 -43 20t-47.5 -20.5t-19.5 -50.5t19.5 -50.5t47.5 -20.5q29 0 43 20v-17zM1944 27l-2 -1h-3q-2 -1 -4 -3q-3 -1 -3 -4q-1 -2 -1 -6q0 -3 1 -5q0 -2 3 -4q2 -2 4 -3t5 -1q4 0 6 1q0 1 2 2l2 1q1 1 3 4q1 2 1 5q0 4 -1 6q-1 1 -3 4q0 1 -2 2l-2 1q-1 0 -3 0.5
+t-3 0.5zM2304 1280v-1280q0 -52 -38 -90t-90 -38h-2048q-52 0 -90 38t-38 90v1280q0 52 38 90t90 38h2048q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="_467" unicode="&#xf1f2;" horiz-adv-x="2304" 
+d="M313 759q0 -51 -36 -84q-29 -26 -89 -26h-17v220h17q61 0 89 -27q36 -31 36 -83zM2089 824q0 -52 -64 -52h-19v101h20q63 0 63 -49zM380 759q0 74 -50 120.5t-129 46.5h-95v-333h95q74 0 119 38q60 51 60 128zM410 593h65v333h-65v-333zM730 694q0 40 -20.5 62t-75.5 42
+q-29 10 -39.5 19t-10.5 23q0 16 13.5 26.5t34.5 10.5q29 0 53 -27l34 44q-41 37 -98 37q-44 0 -74 -27.5t-30 -67.5q0 -35 18 -55.5t64 -36.5q37 -13 45 -19q19 -12 19 -34q0 -20 -14 -33.5t-36 -13.5q-48 0 -71 44l-42 -40q44 -64 115 -64q51 0 83 30.5t32 79.5zM1008 604
+v77q-37 -37 -78 -37q-49 0 -80.5 32.5t-31.5 82.5q0 48 31.5 81.5t77.5 33.5q43 0 81 -38v77q-40 20 -80 20q-74 0 -125.5 -50.5t-51.5 -123.5t51 -123.5t125 -50.5q42 0 81 19zM2240 0v527q-65 -40 -144.5 -84t-237.5 -117t-329.5 -137.5t-417.5 -134.5t-504 -118h1569
+q26 0 45 19t19 45zM1389 757q0 75 -53 128t-128 53t-128 -53t-53 -128t53 -128t128 -53t128 53t53 128zM1541 584l144 342h-71l-90 -224l-89 224h-71l142 -342h35zM1714 593h184v56h-119v90h115v56h-115v74h119v57h-184v-333zM2105 593h80l-105 140q76 16 76 94q0 47 -31 73
+t-87 26h-97v-333h65v133h9zM2304 1274v-1268q0 -56 -38.5 -95t-93.5 -39h-2040q-55 0 -93.5 39t-38.5 95v1268q0 56 38.5 95t93.5 39h2040q55 0 93.5 -39t38.5 -95z" />
+    <glyph glyph-name="f1f3" unicode="&#xf1f3;" horiz-adv-x="2304" 
+d="M119 854h89l-45 108zM740 328l74 79l-70 79h-163v-49h142v-55h-142v-54h159zM898 406l99 -110v217zM1186 453q0 33 -40 33h-84v-69h83q41 0 41 36zM1475 457q0 29 -42 29h-82v-61h81q43 0 43 32zM1197 923q0 29 -42 29h-82v-60h81q43 0 43 31zM1656 854h89l-44 108z
+M699 1009v-271h-66v212l-94 -212h-57l-94 212v-212h-132l-25 60h-135l-25 -60h-70l116 271h96l110 -257v257h106l85 -184l77 184h108zM1255 453q0 -20 -5.5 -35t-14 -25t-22.5 -16.5t-26 -10t-31.5 -4.5t-31.5 -1t-32.5 0.5t-29.5 0.5v-91h-126l-80 90l-83 -90h-256v271h260
+l80 -89l82 89h207q109 0 109 -89zM964 794v-56h-217v271h217v-57h-152v-49h148v-55h-148v-54h152zM2304 235v-229q0 -55 -38.5 -94.5t-93.5 -39.5h-2040q-55 0 -93.5 39.5t-38.5 94.5v678h111l25 61h55l25 -61h218v46l19 -46h113l20 47v-47h541v99l10 1q10 0 10 -14v-86h279
+v23q23 -12 55 -18t52.5 -6.5t63 0.5t51.5 1l25 61h56l25 -61h227v58l34 -58h182v378h-180v-44l-25 44h-185v-44l-23 44h-249q-69 0 -109 -22v22h-172v-22q-24 22 -73 22h-628l-43 -97l-43 97h-198v-44l-22 44h-169l-78 -179v391q0 55 38.5 94.5t93.5 39.5h2040
+q55 0 93.5 -39.5t38.5 -94.5v-678h-120q-51 0 -81 -22v22h-177q-55 0 -78 -22v22h-316v-22q-31 22 -87 22h-209v-22q-23 22 -91 22h-234l-54 -58l-50 58h-349v-378h343l55 59l52 -59h211v89h21q59 0 90 13v-102h174v99h8q8 0 10 -2t2 -10v-87h529q57 0 88 24v-24h168
+q60 0 95 17zM1546 469q0 -23 -12 -43t-34 -29q25 -9 34 -26t9 -46v-54h-65v45q0 33 -12 43.5t-46 10.5h-69v-99h-65v271h154q48 0 77 -15t29 -58zM1269 936q0 -24 -12.5 -44t-33.5 -29q26 -9 34.5 -25.5t8.5 -46.5v-53h-65q0 9 0.5 26.5t0 25t-3 18.5t-8.5 16t-17.5 8.5
+t-29.5 3.5h-70v-98h-64v271l153 -1q49 0 78 -14.5t29 -57.5zM1798 327v-56h-216v271h216v-56h-151v-49h148v-55h-148v-54zM1372 1009v-271h-66v271h66zM2065 357q0 -86 -102 -86h-126v58h126q34 0 34 25q0 16 -17 21t-41.5 5t-49.5 3.5t-42 22.5t-17 55q0 39 26 60t66 21
+h130v-57h-119q-36 0 -36 -25q0 -16 17.5 -20.5t42 -4t49 -2.5t42 -21.5t17.5 -54.5zM2304 407v-101q-24 -35 -88 -35h-125v58h125q33 0 33 25q0 13 -12.5 19t-31 5.5t-40 2t-40 8t-31 24t-12.5 48.5q0 39 26.5 60t66.5 21h129v-57h-118q-36 0 -36 -25q0 -20 29 -22t68.5 -5
+t56.5 -26zM2139 1008v-270h-92l-122 203v-203h-132l-26 60h-134l-25 -60h-75q-129 0 -129 133q0 138 133 138h63v-59q-7 0 -28 1t-28.5 0.5t-23 -2t-21.5 -6.5t-14.5 -13.5t-11.5 -23t-3 -33.5q0 -38 13.5 -58t49.5 -20h29l92 213h97l109 -256v256h99l114 -188v188h66z" />
+    <glyph glyph-name="_469" unicode="&#xf1f4;" horiz-adv-x="2304" 
+d="M745 630q0 -37 -25.5 -61.5t-62.5 -24.5q-29 0 -46.5 16t-17.5 44q0 37 25 62.5t62 25.5q28 0 46.5 -16.5t18.5 -45.5zM1530 779q0 -42 -22 -57t-66 -15l-32 -1l17 107q2 11 13 11h18q22 0 35 -2t25 -12.5t12 -30.5zM1881 630q0 -36 -25.5 -61t-61.5 -25q-29 0 -47 16
+t-18 44q0 37 25 62.5t62 25.5q28 0 46.5 -16.5t18.5 -45.5zM513 801q0 59 -38.5 85.5t-100.5 26.5h-160q-19 0 -21 -19l-65 -408q-1 -6 3 -11t10 -5h76q20 0 22 19l18 110q1 8 7 13t15 6.5t17 1.5t19 -1t14 -1q86 0 135 48.5t49 134.5zM822 489l41 261q1 6 -3 11t-10 5h-76
+q-14 0 -17 -33q-27 40 -95 40q-72 0 -122.5 -54t-50.5 -127q0 -59 34.5 -94t92.5 -35q28 0 58 12t48 32q-4 -12 -4 -21q0 -16 13 -16h69q19 0 22 19zM1269 752q0 5 -4 9.5t-9 4.5h-77q-11 0 -18 -10l-106 -156l-44 150q-5 16 -22 16h-75q-5 0 -9 -4.5t-4 -9.5q0 -2 19.5 -59
+t42 -123t23.5 -70q-82 -112 -82 -120q0 -13 13 -13h77q11 0 18 10l255 368q2 2 2 7zM1649 801q0 59 -38.5 85.5t-100.5 26.5h-159q-20 0 -22 -19l-65 -408q-1 -6 3 -11t10 -5h82q12 0 16 13l18 116q1 8 7 13t15 6.5t17 1.5t19 -1t14 -1q86 0 135 48.5t49 134.5zM1958 489
+l41 261q1 6 -3 11t-10 5h-76q-14 0 -17 -33q-26 40 -95 40q-72 0 -122.5 -54t-50.5 -127q0 -59 34.5 -94t92.5 -35q29 0 59 12t47 32q0 -1 -2 -9t-2 -12q0 -16 13 -16h69q19 0 22 19zM2176 898v1q0 14 -13 14h-74q-11 0 -13 -11l-65 -416l-1 -2q0 -5 4 -9.5t10 -4.5h66
+q19 0 21 19zM392 764q-5 -35 -26 -46t-60 -11l-33 -1l17 107q2 11 13 11h19q40 0 58 -11.5t12 -48.5zM2304 1280v-1280q0 -52 -38 -90t-90 -38h-2048q-52 0 -90 38t-38 90v1280q0 52 38 90t90 38h2048q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="_470" unicode="&#xf1f5;" horiz-adv-x="2304" 
+d="M1597 633q0 -69 -21 -106q-19 -35 -52 -35q-23 0 -41 9v224q29 30 57 30q57 0 57 -122zM2035 669h-110q6 98 56 98q51 0 54 -98zM476 534q0 59 -33 91.5t-101 57.5q-36 13 -52 24t-16 25q0 26 38 26q58 0 124 -33l18 112q-67 32 -149 32q-77 0 -123 -38q-48 -39 -48 -109
+q0 -58 32.5 -90.5t99.5 -56.5q39 -14 54.5 -25.5t15.5 -27.5q0 -31 -48 -31q-29 0 -70 12.5t-72 30.5l-18 -113q72 -41 168 -41q81 0 129 37q51 41 51 117zM771 749l19 111h-96v135l-129 -21l-18 -114l-46 -8l-17 -103h62v-219q0 -84 44 -120q38 -30 111 -30q32 0 79 11v118
+q-32 -7 -44 -7q-42 0 -42 50v197h77zM1087 724v139q-15 3 -28 3q-32 0 -55.5 -16t-33.5 -46l-10 56h-131v-471h150v306q26 31 82 31q16 0 26 -2zM1124 389h150v471h-150v-471zM1746 638q0 122 -45 179q-40 52 -111 52q-64 0 -117 -56l-8 47h-132v-645l150 25v151
+q36 -11 68 -11q83 0 134 56q61 65 61 202zM1278 986q0 33 -23 56t-56 23t-56 -23t-23 -56t23 -56.5t56 -23.5t56 23.5t23 56.5zM2176 629q0 113 -48 176q-50 64 -144 64q-96 0 -151.5 -66t-55.5 -180q0 -128 63 -188q55 -55 161 -55q101 0 160 40l-16 103q-57 -31 -128 -31
+q-43 0 -63 19q-23 19 -28 66h248q2 14 2 52zM2304 1280v-1280q0 -52 -38 -90t-90 -38h-2048q-52 0 -90 38t-38 90v1280q0 52 38 90t90 38h2048q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="_471" unicode="&#xf1f6;" horiz-adv-x="2048" 
+d="M1558 684q61 -356 298 -556q0 -52 -38 -90t-90 -38h-448q0 -106 -75 -181t-181 -75t-180.5 74.5t-75.5 180.5zM1024 -176q16 0 16 16t-16 16q-59 0 -101.5 42.5t-42.5 101.5q0 16 -16 16t-16 -16q0 -73 51.5 -124.5t124.5 -51.5zM2026 1424q8 -10 7.5 -23.5t-10.5 -22.5
+l-1872 -1622q-10 -8 -23.5 -7t-21.5 11l-84 96q-8 10 -7.5 23.5t10.5 21.5l186 161q-19 32 -19 66q50 42 91 88t85 119.5t74.5 158.5t50 206t19.5 260q0 152 117 282.5t307 158.5q-8 19 -8 39q0 40 28 68t68 28t68 -28t28 -68q0 -20 -8 -39q124 -18 219 -82.5t148 -157.5
+l418 363q10 8 23.5 7t21.5 -11z" />
+    <glyph glyph-name="_472" unicode="&#xf1f7;" horiz-adv-x="2048" 
+d="M1040 -160q0 16 -16 16q-59 0 -101.5 42.5t-42.5 101.5q0 16 -16 16t-16 -16q0 -73 51.5 -124.5t124.5 -51.5q16 0 16 16zM503 315l877 760q-42 88 -132.5 146.5t-223.5 58.5q-93 0 -169.5 -31.5t-121.5 -80.5t-69 -103t-24 -105q0 -384 -137 -645zM1856 128
+q0 -52 -38 -90t-90 -38h-448q0 -106 -75 -181t-181 -75t-180.5 74.5t-75.5 180.5l149 129h757q-166 187 -227 459l111 97q61 -356 298 -556zM1942 1520l84 -96q8 -10 7.5 -23.5t-10.5 -22.5l-1872 -1622q-10 -8 -23.5 -7t-21.5 11l-84 96q-8 10 -7.5 23.5t10.5 21.5l186 161
+q-19 32 -19 66q50 42 91 88t85 119.5t74.5 158.5t50 206t19.5 260q0 152 117 282.5t307 158.5q-8 19 -8 39q0 40 28 68t68 28t68 -28t28 -68q0 -20 -8 -39q124 -18 219 -82.5t148 -157.5l418 363q10 8 23.5 7t21.5 -11z" />
+    <glyph glyph-name="_473" unicode="&#xf1f8;" horiz-adv-x="1408" 
+d="M512 160v704q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-704q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM768 160v704q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-704q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM1024 160v704q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-704
+q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM480 1152h448l-48 117q-7 9 -17 11h-317q-10 -2 -17 -11zM1408 1120v-64q0 -14 -9 -23t-23 -9h-96v-948q0 -83 -47 -143.5t-113 -60.5h-832q-66 0 -113 58.5t-47 141.5v952h-96q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h309l70 167
+q15 37 54 63t79 26h320q40 0 79 -26t54 -63l70 -167h309q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="_474" unicode="&#xf1f9;" 
+d="M1150 462v-109q0 -50 -36.5 -89t-94 -60.5t-118 -32.5t-117.5 -11q-205 0 -342.5 139t-137.5 346q0 203 136 339t339 136q34 0 75.5 -4.5t93 -18t92.5 -34t69 -56.5t28 -81v-109q0 -16 -16 -16h-118q-16 0 -16 16v70q0 43 -65.5 67.5t-137.5 24.5q-140 0 -228.5 -91.5
+t-88.5 -237.5q0 -151 91.5 -249.5t233.5 -98.5q68 0 138 24t70 66v70q0 7 4.5 11.5t10.5 4.5h119q6 0 11 -4.5t5 -11.5zM768 1280q-130 0 -248.5 -51t-204 -136.5t-136.5 -204t-51 -248.5t51 -248.5t136.5 -204t204 -136.5t248.5 -51t248.5 51t204 136.5t136.5 204t51 248.5
+t-51 248.5t-136.5 204t-204 136.5t-248.5 51zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="_475" unicode="&#xf1fa;" 
+d="M972 761q0 108 -53.5 169t-147.5 61q-63 0 -124 -30.5t-110 -84.5t-79.5 -137t-30.5 -180q0 -112 53.5 -173t150.5 -61q96 0 176 66.5t122.5 166t42.5 203.5zM1536 640q0 -111 -37 -197t-98.5 -135t-131.5 -74.5t-145 -27.5q-6 0 -15.5 -0.5t-16.5 -0.5q-95 0 -142 53
+q-28 33 -33 83q-52 -66 -131.5 -110t-173.5 -44q-161 0 -249.5 95.5t-88.5 269.5q0 157 66 290t179 210.5t246 77.5q87 0 155 -35.5t106 -99.5l2 19l11 56q1 6 5.5 12t9.5 6h118q5 0 13 -11q5 -5 3 -16l-120 -614q-5 -24 -5 -48q0 -39 12.5 -52t44.5 -13q28 1 57 5.5t73 24
+t77 50t57 89.5t24 137q0 292 -174 466t-466 174q-130 0 -248.5 -51t-204 -136.5t-136.5 -204t-51 -248.5t51 -248.5t136.5 -204t204 -136.5t248.5 -51q228 0 405 144q11 9 24 8t21 -12l41 -49q8 -12 7 -24q-2 -13 -12 -22q-102 -83 -227.5 -128t-258.5 -45q-156 0 -298 61
+t-245 164t-164 245t-61 298t61 298t164 245t245 164t298 61q344 0 556 -212t212 -556z" />
+    <glyph glyph-name="_476" unicode="&#xf1fb;" horiz-adv-x="1792" 
+d="M1698 1442q94 -94 94 -226.5t-94 -225.5l-225 -223l104 -104q10 -10 10 -23t-10 -23l-210 -210q-10 -10 -23 -10t-23 10l-105 105l-603 -603q-37 -37 -90 -37h-203l-256 -128l-64 64l128 256v203q0 53 37 90l603 603l-105 105q-10 10 -10 23t10 23l210 210q10 10 23 10
+t23 -10l104 -104l223 225q93 94 225.5 94t226.5 -94zM512 64l576 576l-192 192l-576 -576v-192h192z" />
+    <glyph glyph-name="f1fc" unicode="&#xf1fc;" horiz-adv-x="1792" 
+d="M1615 1536q70 0 122.5 -46.5t52.5 -116.5q0 -63 -45 -151q-332 -629 -465 -752q-97 -91 -218 -91q-126 0 -216.5 92.5t-90.5 219.5q0 128 92 212l638 579q59 54 130 54zM706 502q39 -76 106.5 -130t150.5 -76l1 -71q4 -213 -129.5 -347t-348.5 -134q-123 0 -218 46.5
+t-152.5 127.5t-86.5 183t-29 220q7 -5 41 -30t62 -44.5t59 -36.5t46 -17q41 0 55 37q25 66 57.5 112.5t69.5 76t88 47.5t103 25.5t125 10.5z" />
+    <glyph glyph-name="_478" unicode="&#xf1fd;" horiz-adv-x="1792" 
+d="M1792 128v-384h-1792v384q45 0 85 14t59 27.5t47 37.5q30 27 51.5 38t56.5 11q24 0 44 -7t31 -15t33 -27q29 -25 47 -38t58 -27t86 -14q45 0 85 14.5t58 27t48 37.5q21 19 32.5 27t31 15t43.5 7q35 0 56.5 -11t51.5 -38q28 -24 47 -37.5t59 -27.5t85 -14t85 14t59 27.5
+t47 37.5q30 27 51.5 38t56.5 11q34 0 55.5 -11t51.5 -38q28 -24 47 -37.5t59 -27.5t85 -14zM1792 448v-192q-24 0 -44 7t-31 15t-33 27q-29 25 -47 38t-58 27t-85 14q-46 0 -86 -14t-58 -27t-47 -38q-22 -19 -33 -27t-31 -15t-44 -7q-35 0 -56.5 11t-51.5 38q-29 25 -47 38
+t-58 27t-86 14q-45 0 -85 -14.5t-58 -27t-48 -37.5q-21 -19 -32.5 -27t-31 -15t-43.5 -7q-35 0 -56.5 11t-51.5 38q-28 24 -47 37.5t-59 27.5t-85 14q-46 0 -86 -14t-58 -27t-47 -38q-30 -27 -51.5 -38t-56.5 -11v192q0 80 56 136t136 56h64v448h256v-448h256v448h256v-448
+h256v448h256v-448h64q80 0 136 -56t56 -136zM512 1312q0 -77 -36 -118.5t-92 -41.5q-53 0 -90.5 37.5t-37.5 90.5q0 29 9.5 51t23.5 34t31 28t31 31.5t23.5 44.5t9.5 67q38 0 83 -74t45 -150zM1024 1312q0 -77 -36 -118.5t-92 -41.5q-53 0 -90.5 37.5t-37.5 90.5
+q0 29 9.5 51t23.5 34t31 28t31 31.5t23.5 44.5t9.5 67q38 0 83 -74t45 -150zM1536 1312q0 -77 -36 -118.5t-92 -41.5q-53 0 -90.5 37.5t-37.5 90.5q0 29 9.5 51t23.5 34t31 28t31 31.5t23.5 44.5t9.5 67q38 0 83 -74t45 -150z" />
+    <glyph glyph-name="_479" unicode="&#xf1fe;" horiz-adv-x="2048" 
+d="M2048 0v-128h-2048v1536h128v-1408h1920zM1664 1024l256 -896h-1664v576l448 576l576 -576z" />
+    <glyph glyph-name="_480" unicode="&#xf200;" horiz-adv-x="1792" 
+d="M768 646l546 -546q-106 -108 -247.5 -168t-298.5 -60q-209 0 -385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103v-762zM955 640h773q0 -157 -60 -298.5t-168 -247.5zM1664 768h-768v768q209 0 385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="_481" unicode="&#xf201;" horiz-adv-x="2048" 
+d="M2048 0v-128h-2048v1536h128v-1408h1920zM1920 1248v-435q0 -21 -19.5 -29.5t-35.5 7.5l-121 121l-633 -633q-10 -10 -23 -10t-23 10l-233 233l-416 -416l-192 192l585 585q10 10 23 10t23 -10l233 -233l464 464l-121 121q-16 16 -7.5 35.5t29.5 19.5h435q14 0 23 -9
+t9 -23z" />
+    <glyph glyph-name="_482" unicode="&#xf202;" horiz-adv-x="1792" 
+d="M1292 832q0 -6 10 -41q10 -29 25 -49.5t41 -34t44 -20t55 -16.5q325 -91 325 -332q0 -146 -105.5 -242.5t-254.5 -96.5q-59 0 -111.5 18.5t-91.5 45.5t-77 74.5t-63 87.5t-53.5 103.5t-43.5 103t-39.5 106.5t-35.5 95q-32 81 -61.5 133.5t-73.5 96.5t-104 64t-142 20
+q-96 0 -183 -55.5t-138 -144.5t-51 -185q0 -160 106.5 -279.5t263.5 -119.5q177 0 258 95q56 63 83 116l84 -152q-15 -34 -44 -70l1 -1q-131 -152 -388 -152q-147 0 -269.5 79t-190.5 207.5t-68 274.5q0 105 43.5 206t116 176.5t172 121.5t204.5 46q87 0 159 -19t123.5 -50
+t95 -80t72.5 -99t58.5 -117t50.5 -124.5t50 -130.5t55 -127q96 -200 233 -200q81 0 138.5 48.5t57.5 128.5q0 42 -19 72t-50.5 46t-72.5 31.5t-84.5 27t-87.5 34t-81 52t-65 82t-39 122.5q-3 16 -3 33q0 110 87.5 192t198.5 78q78 -3 120.5 -14.5t90.5 -53.5h-1
+q12 -11 23 -24.5t26 -36t19 -27.5l-129 -99q-26 49 -54 70v1q-23 21 -97 21q-49 0 -84 -33t-35 -83z" />
+    <glyph glyph-name="_483" unicode="&#xf203;" 
+d="M1432 484q0 173 -234 239q-35 10 -53 16.5t-38 25t-29 46.5q0 2 -2 8.5t-3 12t-1 7.5q0 36 24.5 59.5t60.5 23.5q54 0 71 -15h-1q20 -15 39 -51l93 71q-39 54 -49 64q-33 29 -67.5 39t-85.5 10q-80 0 -142 -57.5t-62 -137.5q0 -7 2 -23q16 -96 64.5 -140t148.5 -73
+q29 -8 49 -15.5t45 -21.5t38.5 -34.5t13.5 -46.5v-5q1 -58 -40.5 -93t-100.5 -35q-97 0 -167 144q-23 47 -51.5 121.5t-48 125.5t-54 110.5t-74 95.5t-103.5 60.5t-147 24.5q-101 0 -192 -56t-144 -148t-50 -192v-1q4 -108 50.5 -199t133.5 -147.5t196 -56.5q186 0 279 110
+q20 27 31 51l-60 109q-42 -80 -99 -116t-146 -36q-115 0 -191 87t-76 204q0 105 82 189t186 84q112 0 170 -53.5t104 -172.5q8 -21 25.5 -68.5t28.5 -76.5t31.5 -74.5t38.5 -74t45.5 -62.5t55.5 -53.5t66 -33t80 -13.5q107 0 183 69.5t76 174.5zM1536 1120v-960
+q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="_484" unicode="&#xf204;" horiz-adv-x="2048" 
+d="M1152 640q0 104 -40.5 198.5t-109.5 163.5t-163.5 109.5t-198.5 40.5t-198.5 -40.5t-163.5 -109.5t-109.5 -163.5t-40.5 -198.5t40.5 -198.5t109.5 -163.5t163.5 -109.5t198.5 -40.5t198.5 40.5t163.5 109.5t109.5 163.5t40.5 198.5zM1920 640q0 104 -40.5 198.5
+t-109.5 163.5t-163.5 109.5t-198.5 40.5h-386q119 -90 188.5 -224t69.5 -288t-69.5 -288t-188.5 -224h386q104 0 198.5 40.5t163.5 109.5t109.5 163.5t40.5 198.5zM2048 640q0 -130 -51 -248.5t-136.5 -204t-204 -136.5t-248.5 -51h-768q-130 0 -248.5 51t-204 136.5
+t-136.5 204t-51 248.5t51 248.5t136.5 204t204 136.5t248.5 51h768q130 0 248.5 -51t204 -136.5t136.5 -204t51 -248.5z" />
+    <glyph glyph-name="_485" unicode="&#xf205;" horiz-adv-x="2048" 
+d="M0 640q0 130 51 248.5t136.5 204t204 136.5t248.5 51h768q130 0 248.5 -51t204 -136.5t136.5 -204t51 -248.5t-51 -248.5t-136.5 -204t-204 -136.5t-248.5 -51h-768q-130 0 -248.5 51t-204 136.5t-136.5 204t-51 248.5zM1408 128q104 0 198.5 40.5t163.5 109.5
+t109.5 163.5t40.5 198.5t-40.5 198.5t-109.5 163.5t-163.5 109.5t-198.5 40.5t-198.5 -40.5t-163.5 -109.5t-109.5 -163.5t-40.5 -198.5t40.5 -198.5t109.5 -163.5t163.5 -109.5t198.5 -40.5z" />
+    <glyph glyph-name="_486" unicode="&#xf206;" horiz-adv-x="2304" 
+d="M762 384h-314q-40 0 -57.5 35t6.5 67l188 251q-65 31 -137 31q-132 0 -226 -94t-94 -226t94 -226t226 -94q115 0 203 72.5t111 183.5zM576 512h186q-18 85 -75 148zM1056 512l288 384h-480l-99 -132q105 -103 126 -252h165zM2176 448q0 132 -94 226t-226 94
+q-60 0 -121 -24l174 -260q15 -23 10 -49t-27 -40q-15 -11 -36 -11q-35 0 -53 29l-174 260q-93 -95 -93 -225q0 -132 94 -226t226 -94t226 94t94 226zM2304 448q0 -185 -131.5 -316.5t-316.5 -131.5t-316.5 131.5t-131.5 316.5q0 97 39.5 183.5t109.5 149.5l-65 98l-353 -469
+q-18 -26 -51 -26h-197q-23 -164 -149 -274t-294 -110q-185 0 -316.5 131.5t-131.5 316.5t131.5 316.5t316.5 131.5q114 0 215 -55l137 183h-224q-26 0 -45 19t-19 45t19 45t45 19h384v-128h435l-85 128h-222q-26 0 -45 19t-19 45t19 45t45 19h256q33 0 53 -28l267 -400
+q91 44 192 44q185 0 316.5 -131.5t131.5 -316.5z" />
+    <glyph glyph-name="_487" unicode="&#xf207;" 
+d="M384 320q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1408 320q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1362 716l-72 384q-5 23 -22.5 37.5t-40.5 14.5
+h-918q-23 0 -40.5 -14.5t-22.5 -37.5l-72 -384q-5 -30 14 -53t49 -23h1062q30 0 49 23t14 53zM1136 1328q0 20 -14 34t-34 14h-640q-20 0 -34 -14t-14 -34t14 -34t34 -14h640q20 0 34 14t14 34zM1536 603v-603h-128v-128q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5
+t-37.5 90.5v128h-768v-128q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5t-37.5 90.5v128h-128v603q0 112 25 223l103 454q9 78 97.5 137t230 89t312.5 30t312.5 -30t230 -89t97.5 -137l105 -454q23 -102 23 -223z" />
+    <glyph glyph-name="_488" unicode="&#xf208;" horiz-adv-x="2048" 
+d="M1463 704q0 -35 -25 -60.5t-61 -25.5h-702q-36 0 -61 25.5t-25 60.5t25 60.5t61 25.5h702q36 0 61 -25.5t25 -60.5zM1677 704q0 86 -23 170h-982q-36 0 -61 25t-25 60q0 36 25 61t61 25h908q-88 143 -235 227t-320 84q-177 0 -327.5 -87.5t-238 -237.5t-87.5 -327
+q0 -86 23 -170h982q36 0 61 -25t25 -60q0 -36 -25 -61t-61 -25h-908q88 -143 235.5 -227t320.5 -84q132 0 253 51.5t208 139t139 208t52 253.5zM2048 959q0 -35 -25 -60t-61 -25h-131q17 -85 17 -170q0 -167 -65.5 -319.5t-175.5 -263t-262.5 -176t-319.5 -65.5
+q-246 0 -448.5 133t-301.5 350h-189q-36 0 -61 25t-25 61q0 35 25 60t61 25h132q-17 85 -17 170q0 167 65.5 319.5t175.5 263t262.5 176t320.5 65.5q245 0 447.5 -133t301.5 -350h188q36 0 61 -25t25 -61z" />
+    <glyph glyph-name="_489" unicode="&#xf209;" horiz-adv-x="1280" 
+d="M953 1158l-114 -328l117 -21q165 451 165 518q0 56 -38 56q-57 0 -130 -225zM654 471l33 -88q37 42 71 67l-33 5.5t-38.5 7t-32.5 8.5zM362 1367q0 -98 159 -521q17 10 49 10q15 0 75 -5l-121 351q-75 220 -123 220q-19 0 -29 -17.5t-10 -37.5zM283 608q0 -36 51.5 -119
+t117.5 -153t100 -70q14 0 25.5 13t11.5 27q0 24 -32 102q-13 32 -32 72t-47.5 89t-61.5 81t-62 32q-20 0 -45.5 -27t-25.5 -47zM125 273q0 -41 25 -104q59 -145 183.5 -227t281.5 -82q227 0 382 170q152 169 152 427q0 43 -1 67t-11.5 62t-30.5 56q-56 49 -211.5 75.5
+t-270.5 26.5q-37 0 -49 -11q-12 -5 -12 -35q0 -34 21.5 -60t55.5 -40t77.5 -23.5t87.5 -11.5t85 -4t70 0h23q24 0 40 -19q15 -19 19 -55q-28 -28 -96 -54q-61 -22 -93 -46q-64 -46 -108.5 -114t-44.5 -137q0 -31 18.5 -88.5t18.5 -87.5l-3 -12q-4 -12 -4 -14
+q-137 10 -146 216q-8 -2 -41 -2q2 -7 2 -21q0 -53 -40.5 -89.5t-94.5 -36.5q-82 0 -166.5 78t-84.5 159q0 34 33 67q52 -64 60 -76q77 -104 133 -104q12 0 26.5 8.5t14.5 20.5q0 34 -87.5 145t-116.5 111q-43 0 -70 -44.5t-27 -90.5zM11 264q0 101 42.5 163t136.5 88
+q-28 74 -28 104q0 62 61 123t122 61q29 0 70 -15q-163 462 -163 567q0 80 41 130.5t119 50.5q131 0 325 -581q6 -17 8 -23q6 16 29 79.5t43.5 118.5t54 127.5t64.5 123t70.5 86.5t76.5 36q71 0 112 -49t41 -122q0 -108 -159 -550q61 -15 100.5 -46t58.5 -78t26 -93.5
+t7 -110.5q0 -150 -47 -280t-132 -225t-211 -150t-278 -55q-111 0 -223 42q-149 57 -258 191.5t-109 286.5z" />
+    <glyph glyph-name="_490" unicode="&#xf20a;" horiz-adv-x="2048" 
+d="M785 528h207q-14 -158 -98.5 -248.5t-214.5 -90.5q-162 0 -254.5 116t-92.5 316q0 194 93 311.5t233 117.5q148 0 232 -87t97 -247h-203q-5 64 -35.5 99t-81.5 35q-57 0 -88.5 -60.5t-31.5 -177.5q0 -48 5 -84t18 -69.5t40 -51.5t66 -18q95 0 109 139zM1497 528h206
+q-14 -158 -98 -248.5t-214 -90.5q-162 0 -254.5 116t-92.5 316q0 194 93 311.5t233 117.5q148 0 232 -87t97 -247h-204q-4 64 -35 99t-81 35q-57 0 -88.5 -60.5t-31.5 -177.5q0 -48 5 -84t18 -69.5t39.5 -51.5t65.5 -18q49 0 76.5 38t33.5 101zM1856 647q0 207 -15.5 307
+t-60.5 161q-6 8 -13.5 14t-21.5 15t-16 11q-86 63 -697 63q-625 0 -710 -63q-5 -4 -17.5 -11.5t-21 -14t-14.5 -14.5q-45 -60 -60 -159.5t-15 -308.5q0 -208 15 -307.5t60 -160.5q6 -8 15 -15t20.5 -14t17.5 -12q44 -33 239.5 -49t470.5 -16q610 0 697 65q5 4 17 11t20.5 14
+t13.5 16q46 60 61 159t15 309zM2048 1408v-1536h-2048v1536h2048z" />
+    <glyph glyph-name="_491" unicode="&#xf20b;" 
+d="M992 912v-496q0 -14 -9 -23t-23 -9h-160q-14 0 -23 9t-9 23v496q0 112 -80 192t-192 80h-272v-1152q0 -14 -9 -23t-23 -9h-160q-14 0 -23 9t-9 23v1344q0 14 9 23t23 9h464q135 0 249 -66.5t180.5 -180.5t66.5 -249zM1376 1376v-880q0 -135 -66.5 -249t-180.5 -180.5
+t-249 -66.5h-464q-14 0 -23 9t-9 23v960q0 14 9 23t23 9h160q14 0 23 -9t9 -23v-768h272q112 0 192 80t80 192v880q0 14 9 23t23 9h160q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="_492" unicode="&#xf20c;" 
+d="M1311 694v-114q0 -24 -13.5 -38t-37.5 -14h-202q-24 0 -38 14t-14 38v114q0 24 14 38t38 14h202q24 0 37.5 -14t13.5 -38zM821 464v250q0 53 -32.5 85.5t-85.5 32.5h-133q-68 0 -96 -52q-28 52 -96 52h-130q-53 0 -85.5 -32.5t-32.5 -85.5v-250q0 -22 21 -22h55
+q22 0 22 22v230q0 24 13.5 38t38.5 14h94q24 0 38 -14t14 -38v-230q0 -22 21 -22h54q22 0 22 22v230q0 24 14 38t38 14h97q24 0 37.5 -14t13.5 -38v-230q0 -22 22 -22h55q21 0 21 22zM1410 560v154q0 53 -33 85.5t-86 32.5h-264q-53 0 -86 -32.5t-33 -85.5v-410
+q0 -21 22 -21h55q21 0 21 21v180q31 -42 94 -42h191q53 0 86 32.5t33 85.5zM1536 1176v-1072q0 -96 -68 -164t-164 -68h-1072q-96 0 -164 68t-68 164v1072q0 96 68 164t164 68h1072q96 0 164 -68t68 -164z" />
+    <glyph glyph-name="_493" unicode="&#xf20d;" 
+d="M915 450h-294l147 551zM1001 128h311l-324 1024h-440l-324 -1024h311l383 314zM1536 1120v-960q0 -118 -85 -203t-203 -85h-960q-118 0 -203 85t-85 203v960q0 118 85 203t203 85h960q118 0 203 -85t85 -203z" />
+    <glyph glyph-name="_494" unicode="&#xf20e;" horiz-adv-x="2048" 
+d="M2048 641q0 -21 -13 -36.5t-33 -19.5l-205 -356q3 -9 3 -18q0 -20 -12.5 -35.5t-32.5 -19.5l-193 -337q3 -8 3 -16q0 -23 -16.5 -40t-40.5 -17q-25 0 -41 18h-400q-17 -20 -43 -20t-43 20h-399q-17 -20 -43 -20q-23 0 -40 16.5t-17 40.5q0 8 4 20l-193 335
+q-20 4 -32.5 19.5t-12.5 35.5q0 9 3 18l-206 356q-20 5 -32.5 20.5t-12.5 35.5q0 21 13.5 36.5t33.5 19.5l199 344q0 1 -0.5 3t-0.5 3q0 36 34 51l209 363q-4 10 -4 18q0 24 17 40.5t40 16.5q26 0 44 -21h396q16 21 43 21t43 -21h398q18 21 44 21q23 0 40 -16.5t17 -40.5
+q0 -6 -4 -18l207 -358q23 -1 39 -17.5t16 -38.5q0 -13 -7 -27l187 -324q19 -4 31.5 -19.5t12.5 -35.5zM1063 -158h389l-342 354h-143l-342 -354h360q18 16 39 16t39 -16zM112 654q1 -4 1 -13q0 -10 -2 -15l208 -360l15 -6l188 199v347l-187 194q-13 -8 -29 -10zM986 1438
+h-388l190 -200l554 200h-280q-16 -16 -38 -16t-38 16zM1689 226q1 6 5 11l-64 68l-17 -79h76zM1583 226l22 105l-252 266l-296 -307l63 -64h463zM1495 -142l16 28l65 310h-427l333 -343q8 4 13 5zM578 -158h5l342 354h-373v-335l4 -6q14 -5 22 -13zM552 226h402l64 66
+l-309 321l-157 -166v-221zM359 226h163v189l-168 -177q4 -8 5 -12zM358 1051q0 -1 0.5 -2t0.5 -2q0 -16 -8 -29l171 -177v269zM552 1121v-311l153 -157l297 314l-223 236zM556 1425l-4 -8v-264l205 74l-191 201q-6 -2 -10 -3zM1447 1438h-16l-621 -224l213 -225zM1023 946
+l-297 -315l311 -319l296 307zM688 634l-136 141v-284zM1038 270l-42 -44h85zM1374 618l238 -251l132 624l-3 5l-1 1zM1718 1018q-8 13 -8 29v2l-216 376q-5 1 -13 5l-437 -463l310 -327zM522 1142v223l-163 -282zM522 196h-163l163 -283v283zM1607 196l-48 -227l130 227h-82
+zM1729 266l207 361q-2 10 -2 14q0 1 3 16l-171 296l-129 -612l77 -82q5 3 15 7z" />
+    <glyph glyph-name="f210" unicode="&#xf210;" 
+d="M0 856q0 131 91.5 226.5t222.5 95.5h742l352 358v-1470q0 -132 -91.5 -227t-222.5 -95h-780q-131 0 -222.5 95t-91.5 227v790zM1232 102l-176 180v425q0 46 -32 79t-78 33h-484q-46 0 -78 -33t-32 -79v-492q0 -46 32.5 -79.5t77.5 -33.5h770z" />
+    <glyph glyph-name="_496" unicode="&#xf211;" 
+d="M934 1386q-317 -121 -556 -362.5t-358 -560.5q-20 89 -20 176q0 208 102.5 384.5t278.5 279t384 102.5q82 0 169 -19zM1203 1267q93 -65 164 -155q-389 -113 -674.5 -400.5t-396.5 -676.5q-93 72 -155 162q112 386 395 671t667 399zM470 -67q115 356 379.5 622t619.5 384
+q40 -92 54 -195q-292 -120 -516 -345t-343 -518q-103 14 -194 52zM1536 -125q-193 50 -367 115q-135 -84 -290 -107q109 205 274 370.5t369 275.5q-21 -152 -101 -284q65 -175 115 -370z" />
+    <glyph glyph-name="f212" unicode="&#xf212;" horiz-adv-x="2048" 
+d="M1893 1144l155 -1272q-131 0 -257 57q-200 91 -393 91q-226 0 -374 -148q-148 148 -374 148q-193 0 -393 -91q-128 -57 -252 -57h-5l155 1272q224 127 482 127q233 0 387 -106q154 106 387 106q258 0 482 -127zM1398 157q129 0 232 -28.5t260 -93.5l-124 1021
+q-171 78 -368 78q-224 0 -374 -141q-150 141 -374 141q-197 0 -368 -78l-124 -1021q105 43 165.5 65t148.5 39.5t178 17.5q202 0 374 -108q172 108 374 108zM1438 191l-55 907q-211 -4 -359 -155q-152 155 -374 155q-176 0 -336 -66l-114 -941q124 51 228.5 76t221.5 25
+q209 0 374 -102q172 107 374 102z" />
+    <glyph glyph-name="_498" unicode="&#xf213;" horiz-adv-x="2048" 
+d="M1500 165v733q0 21 -15 36t-35 15h-93q-20 0 -35 -15t-15 -36v-733q0 -20 15 -35t35 -15h93q20 0 35 15t15 35zM1216 165v531q0 20 -15 35t-35 15h-101q-20 0 -35 -15t-15 -35v-531q0 -20 15 -35t35 -15h101q20 0 35 15t15 35zM924 165v429q0 20 -15 35t-35 15h-101
+q-20 0 -35 -15t-15 -35v-429q0 -20 15 -35t35 -15h101q20 0 35 15t15 35zM632 165v362q0 20 -15 35t-35 15h-101q-20 0 -35 -15t-15 -35v-362q0 -20 15 -35t35 -15h101q20 0 35 15t15 35zM2048 311q0 -166 -118 -284t-284 -118h-1244q-166 0 -284 118t-118 284
+q0 116 63 214.5t168 148.5q-10 34 -10 73q0 113 80.5 193.5t193.5 80.5q102 0 180 -67q45 183 194 300t338 117q149 0 275 -73.5t199.5 -199.5t73.5 -275q0 -66 -14 -122q135 -33 221 -142.5t86 -247.5z" />
+    <glyph glyph-name="_499" unicode="&#xf214;" 
+d="M0 1536h1536v-1392l-776 -338l-760 338v1392zM1436 209v926h-1336v-926l661 -294zM1436 1235v201h-1336v-201h1336zM181 937v-115h-37v115h37zM181 789v-115h-37v115h37zM181 641v-115h-37v115h37zM181 493v-115h-37v115h37zM181 345v-115h-37v115h37zM207 202l15 34
+l105 -47l-15 -33zM343 142l15 34l105 -46l-15 -34zM478 82l15 34l105 -46l-15 -34zM614 23l15 33l104 -46l-15 -34zM797 10l105 46l15 -33l-105 -47zM932 70l105 46l15 -34l-105 -46zM1068 130l105 46l15 -34l-105 -46zM1203 189l105 47l15 -34l-105 -46zM259 1389v-36h-114
+v36h114zM421 1389v-36h-115v36h115zM583 1389v-36h-115v36h115zM744 1389v-36h-114v36h114zM906 1389v-36h-114v36h114zM1068 1389v-36h-115v36h115zM1230 1389v-36h-115v36h115zM1391 1389v-36h-114v36h114zM181 1049v-79h-37v115h115v-36h-78zM421 1085v-36h-115v36h115z
+M583 1085v-36h-115v36h115zM744 1085v-36h-114v36h114zM906 1085v-36h-114v36h114zM1068 1085v-36h-115v36h115zM1230 1085v-36h-115v36h115zM1355 970v79h-78v36h115v-115h-37zM1355 822v115h37v-115h-37zM1355 674v115h37v-115h-37zM1355 526v115h37v-115h-37zM1355 378
+v115h37v-115h-37zM1355 230v115h37v-115h-37zM760 265q-129 0 -221 91.5t-92 221.5q0 129 92 221t221 92q130 0 221.5 -92t91.5 -221q0 -130 -91.5 -221.5t-221.5 -91.5zM595 646q0 -36 19.5 -56.5t49.5 -25t64 -7t64 -2t49.5 -9t19.5 -30.5q0 -49 -112 -49q-97 0 -123 51
+h-3l-31 -63q67 -42 162 -42q29 0 56.5 5t55.5 16t45.5 33t17.5 53q0 46 -27.5 69.5t-67.5 27t-79.5 3t-67 5t-27.5 25.5q0 21 20.5 33t40.5 15t41 3q34 0 70.5 -11t51.5 -34h3l30 58q-3 1 -21 8.5t-22.5 9t-19.5 7t-22 7t-20 4.5t-24 4t-23 1q-29 0 -56.5 -5t-54 -16.5
+t-43 -34t-16.5 -53.5z" />
+    <glyph glyph-name="_500" unicode="&#xf215;" horiz-adv-x="2048" 
+d="M863 504q0 112 -79.5 191.5t-191.5 79.5t-191 -79.5t-79 -191.5t79 -191t191 -79t191.5 79t79.5 191zM1726 505q0 112 -79 191t-191 79t-191.5 -79t-79.5 -191q0 -113 79.5 -192t191.5 -79t191 79.5t79 191.5zM2048 1314v-1348q0 -44 -31.5 -75.5t-76.5 -31.5h-1832
+q-45 0 -76.5 31.5t-31.5 75.5v1348q0 44 31.5 75.5t76.5 31.5h431q44 0 76 -31.5t32 -75.5v-161h754v161q0 44 32 75.5t76 31.5h431q45 0 76.5 -31.5t31.5 -75.5z" />
+    <glyph glyph-name="_501" unicode="&#xf216;" horiz-adv-x="2048" 
+d="M1430 953zM1690 749q148 0 253 -98.5t105 -244.5q0 -157 -109 -261.5t-267 -104.5q-85 0 -162 27.5t-138 73.5t-118 106t-109 126t-103.5 132.5t-108.5 126.5t-117 106t-136 73.5t-159 27.5q-154 0 -251.5 -91.5t-97.5 -244.5q0 -157 104 -250t263 -93q100 0 208 37.5
+t193 98.5q5 4 21 18.5t30 24t22 9.5q14 0 24.5 -10.5t10.5 -24.5q0 -24 -60 -77q-101 -88 -234.5 -142t-260.5 -54q-133 0 -245.5 58t-180 165t-67.5 241q0 205 141.5 341t347.5 136q120 0 226.5 -43.5t185.5 -113t151.5 -153t139 -167.5t133.5 -153.5t149.5 -113
+t172.5 -43.5q102 0 168.5 61.5t66.5 162.5q0 95 -64.5 159t-159.5 64q-30 0 -81.5 -18.5t-68.5 -18.5q-20 0 -35.5 15t-15.5 35q0 18 8.5 57t8.5 59q0 159 -107.5 263t-266.5 104q-58 0 -111.5 -18.5t-84 -40.5t-55.5 -40.5t-33 -18.5q-15 0 -25.5 10.5t-10.5 25.5
+q0 19 25 46q59 67 147 103.5t182 36.5q191 0 318 -125.5t127 -315.5q0 -37 -4 -66q57 15 115 15z" />
+    <glyph glyph-name="_502" unicode="&#xf217;" horiz-adv-x="1664" 
+d="M1216 832q0 26 -19 45t-45 19h-128v128q0 26 -19 45t-45 19t-45 -19t-19 -45v-128h-128q-26 0 -45 -19t-19 -45t19 -45t45 -19h128v-128q0 -26 19 -45t45 -19t45 19t19 45v128h128q26 0 45 19t19 45zM640 0q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5t-37.5 90.5
+t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1536 0q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1664 1088v-512q0 -24 -16 -42.5t-41 -21.5l-1044 -122q1 -7 4.5 -21.5t6 -26.5t2.5 -22q0 -16 -24 -64h920
+q26 0 45 -19t19 -45t-19 -45t-45 -19h-1024q-26 0 -45 19t-19 45q0 14 11 39.5t29.5 59.5t20.5 38l-177 823h-204q-26 0 -45 19t-19 45t19 45t45 19h256q16 0 28.5 -6.5t20 -15.5t13 -24.5t7.5 -26.5t5.5 -29.5t4.5 -25.5h1201q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="_503" unicode="&#xf218;" horiz-adv-x="1664" 
+d="M1280 832q0 26 -19 45t-45 19t-45 -19l-147 -146v293q0 26 -19 45t-45 19t-45 -19t-19 -45v-293l-147 146q-19 19 -45 19t-45 -19t-19 -45t19 -45l256 -256q19 -19 45 -19t45 19l256 256q19 19 19 45zM640 0q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5t-37.5 90.5
+t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1536 0q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1664 1088v-512q0 -24 -16 -42.5t-41 -21.5l-1044 -122q1 -7 4.5 -21.5t6 -26.5t2.5 -22q0 -16 -24 -64h920
+q26 0 45 -19t19 -45t-19 -45t-45 -19h-1024q-26 0 -45 19t-19 45q0 14 11 39.5t29.5 59.5t20.5 38l-177 823h-204q-26 0 -45 19t-19 45t19 45t45 19h256q16 0 28.5 -6.5t20 -15.5t13 -24.5t7.5 -26.5t5.5 -29.5t4.5 -25.5h1201q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="_504" unicode="&#xf219;" horiz-adv-x="2048" 
+d="M212 768l623 -665l-300 665h-323zM1024 -4l349 772h-698zM538 896l204 384h-262l-288 -384h346zM1213 103l623 665h-323zM683 896h682l-204 384h-274zM1510 896h346l-288 384h-262zM1651 1382l384 -512q14 -18 13 -41.5t-17 -40.5l-960 -1024q-18 -20 -47 -20t-47 20
+l-960 1024q-16 17 -17 40.5t13 41.5l384 512q18 26 51 26h1152q33 0 51 -26z" />
+    <glyph glyph-name="_505" unicode="&#xf21a;" horiz-adv-x="2048" 
+d="M1811 -19q19 19 45 19t45 -19l128 -128l-90 -90l-83 83l-83 -83q-18 -19 -45 -19t-45 19l-83 83l-83 -83q-19 -19 -45 -19t-45 19l-83 83l-83 -83q-19 -19 -45 -19t-45 19l-83 83l-83 -83q-19 -19 -45 -19t-45 19l-83 83l-83 -83q-19 -19 -45 -19t-45 19l-83 83l-83 -83
+q-19 -19 -45 -19t-45 19l-83 83l-83 -83q-19 -19 -45 -19t-45 19l-128 128l90 90l83 -83l83 83q19 19 45 19t45 -19l83 -83l83 83q19 19 45 19t45 -19l83 -83l83 83q19 19 45 19t45 -19l83 -83l83 83q19 19 45 19t45 -19l83 -83l83 83q19 19 45 19t45 -19l83 -83l83 83
+q19 19 45 19t45 -19l83 -83zM237 19q-19 -19 -45 -19t-45 19l-128 128l90 90l83 -82l83 82q19 19 45 19t45 -19l83 -82l64 64v293l-210 314q-17 26 -7 56.5t40 40.5l177 58v299h128v128h256v128h256v-128h256v-128h128v-299l177 -58q30 -10 40 -40.5t-7 -56.5l-210 -314
+v-293l19 18q19 19 45 19t45 -19l83 -82l83 82q19 19 45 19t45 -19l128 -128l-90 -90l-83 83l-83 -83q-18 -19 -45 -19t-45 19l-83 83l-83 -83q-19 -19 -45 -19t-45 19l-83 83l-83 -83q-19 -19 -45 -19t-45 19l-83 83l-83 -83q-19 -19 -45 -19t-45 19l-83 83l-83 -83
+q-19 -19 -45 -19t-45 19l-83 83l-83 -83q-19 -19 -45 -19t-45 19l-83 83zM640 1152v-128l384 128l384 -128v128h-128v128h-512v-128h-128z" />
+    <glyph glyph-name="_506" unicode="&#xf21b;" 
+d="M576 0l96 448l-96 128l-128 64zM832 0l128 640l-128 -64l-96 -128zM992 1010q-2 4 -4 6q-10 8 -96 8q-70 0 -167 -19q-7 -2 -21 -2t-21 2q-97 19 -167 19q-86 0 -96 -8q-2 -2 -4 -6q2 -18 4 -27q2 -3 7.5 -6.5t7.5 -10.5q2 -4 7.5 -20.5t7 -20.5t7.5 -17t8.5 -17t9 -14
+t12 -13.5t14 -9.5t17.5 -8t20.5 -4t24.5 -2q36 0 59 12.5t32.5 30t14.5 34.5t11.5 29.5t17.5 12.5h12q11 0 17.5 -12.5t11.5 -29.5t14.5 -34.5t32.5 -30t59 -12.5q13 0 24.5 2t20.5 4t17.5 8t14 9.5t12 13.5t9 14t8.5 17t7.5 17t7 20.5t7.5 20.5q2 7 7.5 10.5t7.5 6.5
+q2 9 4 27zM1408 131q0 -121 -73 -190t-194 -69h-874q-121 0 -194 69t-73 190q0 61 4.5 118t19 125.5t37.5 123.5t63.5 103.5t93.5 74.5l-90 220h214q-22 64 -22 128q0 12 2 32q-194 40 -194 96q0 57 210 99q17 62 51.5 134t70.5 114q32 37 76 37q30 0 84 -31t84 -31t84 31
+t84 31q44 0 76 -37q36 -42 70.5 -114t51.5 -134q210 -42 210 -99q0 -56 -194 -96q7 -81 -20 -160h214l-82 -225q63 -33 107.5 -96.5t65.5 -143.5t29 -151.5t8 -148.5z" />
+    <glyph glyph-name="_507" unicode="&#xf21c;" horiz-adv-x="2304" 
+d="M2301 500q12 -103 -22 -198.5t-99 -163.5t-158.5 -106t-196.5 -31q-161 11 -279.5 125t-134.5 274q-12 111 27.5 210.5t118.5 170.5l-71 107q-96 -80 -151 -194t-55 -244q0 -27 -18.5 -46.5t-45.5 -19.5h-256h-69q-23 -164 -149 -274t-294 -110q-185 0 -316.5 131.5
+t-131.5 316.5t131.5 316.5t316.5 131.5q76 0 152 -27l24 45q-123 110 -304 110h-64q-26 0 -45 19t-19 45t19 45t45 19h128q78 0 145 -13.5t116.5 -38.5t71.5 -39.5t51 -36.5h512h115l-85 128h-222q-30 0 -49 22.5t-14 52.5q4 23 23 38t43 15h253q33 0 53 -28l70 -105
+l114 114q19 19 46 19h101q26 0 45 -19t19 -45v-128q0 -26 -19 -45t-45 -19h-179l115 -172q131 63 275 36q143 -26 244 -134.5t118 -253.5zM448 128q115 0 203 72.5t111 183.5h-314q-35 0 -55 31q-18 32 -1 63l147 277q-47 13 -91 13q-132 0 -226 -94t-94 -226t94 -226
+t226 -94zM1856 128q132 0 226 94t94 226t-94 226t-226 94q-60 0 -121 -24l174 -260q15 -23 10 -49t-27 -40q-15 -11 -36 -11q-35 0 -53 29l-174 260q-93 -95 -93 -225q0 -132 94 -226t226 -94z" />
+    <glyph glyph-name="_508" unicode="&#xf21d;" 
+d="M1408 0q0 -63 -61.5 -113.5t-164 -81t-225 -46t-253.5 -15.5t-253.5 15.5t-225 46t-164 81t-61.5 113.5q0 49 33 88.5t91 66.5t118 44.5t131 29.5q26 5 48 -10.5t26 -41.5q5 -26 -10.5 -48t-41.5 -26q-58 -10 -106 -23.5t-76.5 -25.5t-48.5 -23.5t-27.5 -19.5t-8.5 -12
+q3 -11 27 -26.5t73 -33t114 -32.5t160.5 -25t201.5 -10t201.5 10t160.5 25t114 33t73 33.5t27 27.5q-1 4 -8.5 11t-27.5 19t-48.5 23.5t-76.5 25t-106 23.5q-26 4 -41.5 26t-10.5 48q4 26 26 41.5t48 10.5q71 -12 131 -29.5t118 -44.5t91 -66.5t33 -88.5zM1024 896v-384
+q0 -26 -19 -45t-45 -19h-64v-384q0 -26 -19 -45t-45 -19h-256q-26 0 -45 19t-19 45v384h-64q-26 0 -45 19t-19 45v384q0 53 37.5 90.5t90.5 37.5h384q53 0 90.5 -37.5t37.5 -90.5zM928 1280q0 -93 -65.5 -158.5t-158.5 -65.5t-158.5 65.5t-65.5 158.5t65.5 158.5t158.5 65.5
+t158.5 -65.5t65.5 -158.5z" />
+    <glyph glyph-name="_509" unicode="&#xf21e;" horiz-adv-x="1792" 
+d="M1280 512h305q-5 -6 -10 -10.5t-9 -7.5l-3 -4l-623 -600q-18 -18 -44 -18t-44 18l-624 602q-5 2 -21 20h369q22 0 39.5 13.5t22.5 34.5l70 281l190 -667q6 -20 23 -33t39 -13q21 0 38 13t23 33l146 485l56 -112q18 -35 57 -35zM1792 940q0 -145 -103 -300h-369l-111 221
+q-8 17 -25.5 27t-36.5 8q-45 -5 -56 -46l-129 -430l-196 686q-6 20 -23.5 33t-39.5 13t-39 -13.5t-22 -34.5l-116 -464h-423q-103 155 -103 300q0 220 127 344t351 124q62 0 126.5 -21.5t120 -58t95.5 -68.5t76 -68q36 36 76 68t95.5 68.5t120 58t126.5 21.5q224 0 351 -124
+t127 -344z" />
+    <glyph glyph-name="venus" unicode="&#xf221;" horiz-adv-x="1280" 
+d="M1152 960q0 -221 -147.5 -384.5t-364.5 -187.5v-260h224q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-224v-224q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v224h-224q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h224v260q-150 16 -271.5 103t-186 224t-52.5 292
+q11 134 80.5 249t182 188t245.5 88q170 19 319 -54t236 -212t87 -306zM128 960q0 -185 131.5 -316.5t316.5 -131.5t316.5 131.5t131.5 316.5t-131.5 316.5t-316.5 131.5t-316.5 -131.5t-131.5 -316.5z" />
+    <glyph glyph-name="_511" unicode="&#xf222;" 
+d="M1472 1408q26 0 45 -19t19 -45v-416q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v262l-382 -383q126 -156 126 -359q0 -117 -45.5 -223.5t-123 -184t-184 -123t-223.5 -45.5t-223.5 45.5t-184 123t-123 184t-45.5 223.5t45.5 223.5t123 184t184 123t223.5 45.5
+q203 0 359 -126l382 382h-261q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h416zM576 0q185 0 316.5 131.5t131.5 316.5t-131.5 316.5t-316.5 131.5t-316.5 -131.5t-131.5 -316.5t131.5 -316.5t316.5 -131.5z" />
+    <glyph glyph-name="_512" unicode="&#xf223;" horiz-adv-x="1280" 
+d="M830 1220q145 -72 233.5 -210.5t88.5 -305.5q0 -221 -147.5 -384.5t-364.5 -187.5v-132h96q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-96v-96q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v96h-96q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h96v132q-217 24 -364.5 187.5
+t-147.5 384.5q0 167 88.5 305.5t233.5 210.5q-165 96 -228 273q-6 16 3.5 29.5t26.5 13.5h69q21 0 29 -20q44 -106 140 -171t214 -65t214 65t140 171q8 20 37 20h61q17 0 26.5 -13.5t3.5 -29.5q-63 -177 -228 -273zM576 256q185 0 316.5 131.5t131.5 316.5t-131.5 316.5
+t-316.5 131.5t-316.5 -131.5t-131.5 -316.5t131.5 -316.5t316.5 -131.5z" />
+    <glyph glyph-name="_513" unicode="&#xf224;" 
+d="M1024 1504q0 14 9 23t23 9h288q26 0 45 -19t19 -45v-288q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v134l-254 -255q126 -158 126 -359q0 -221 -147.5 -384.5t-364.5 -187.5v-132h96q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-96v-96q0 -14 -9 -23t-23 -9h-64
+q-14 0 -23 9t-9 23v96h-96q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h96v132q-149 16 -270.5 103t-186.5 223.5t-53 291.5q16 204 160 353.5t347 172.5q118 14 228 -19t198 -103l255 254h-134q-14 0 -23 9t-9 23v64zM576 256q185 0 316.5 131.5t131.5 316.5t-131.5 316.5
+t-316.5 131.5t-316.5 -131.5t-131.5 -316.5t131.5 -316.5t316.5 -131.5z" />
+    <glyph glyph-name="_514" unicode="&#xf225;" horiz-adv-x="1792" 
+d="M1280 1504q0 14 9 23t23 9h288q26 0 45 -19t19 -45v-288q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v134l-254 -255q126 -158 126 -359q0 -221 -147.5 -384.5t-364.5 -187.5v-132h96q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-96v-96q0 -14 -9 -23t-23 -9h-64
+q-14 0 -23 9t-9 23v96h-96q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h96v132q-217 24 -364.5 187.5t-147.5 384.5q0 201 126 359l-52 53l-101 -111q-9 -10 -22 -10.5t-23 7.5l-48 44q-10 8 -10.5 21.5t8.5 23.5l105 115l-111 112v-134q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9
+t-9 23v288q0 26 19 45t45 19h288q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-133l106 -107l86 94q9 10 22 10.5t23 -7.5l48 -44q10 -8 10.5 -21.5t-8.5 -23.5l-90 -99l57 -56q158 126 359 126t359 -126l255 254h-134q-14 0 -23 9t-9 23v64zM832 256q185 0 316.5 131.5
+t131.5 316.5t-131.5 316.5t-316.5 131.5t-316.5 -131.5t-131.5 -316.5t131.5 -316.5t316.5 -131.5z" />
+    <glyph glyph-name="_515" unicode="&#xf226;" horiz-adv-x="1792" 
+d="M1790 1007q12 -155 -52.5 -292t-186 -224t-271.5 -103v-260h224q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-224v-224q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v224h-512v-224q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v224h-224q-14 0 -23 9t-9 23v64q0 14 9 23
+t23 9h224v260q-150 16 -271.5 103t-186 224t-52.5 292q17 206 164.5 356.5t352.5 169.5q206 21 377 -94q171 115 377 94q205 -19 352.5 -169.5t164.5 -356.5zM896 647q128 131 128 313t-128 313q-128 -131 -128 -313t128 -313zM576 512q115 0 218 57q-154 165 -154 391
+q0 224 154 391q-103 57 -218 57q-185 0 -316.5 -131.5t-131.5 -316.5t131.5 -316.5t316.5 -131.5zM1152 128v260q-137 15 -256 94q-119 -79 -256 -94v-260h512zM1216 512q185 0 316.5 131.5t131.5 316.5t-131.5 316.5t-316.5 131.5q-115 0 -218 -57q154 -167 154 -391
+q0 -226 -154 -391q103 -57 218 -57z" />
+    <glyph glyph-name="_516" unicode="&#xf227;" horiz-adv-x="1920" 
+d="M1536 1120q0 14 9 23t23 9h288q26 0 45 -19t19 -45v-288q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v134l-254 -255q76 -95 107.5 -214t9.5 -247q-31 -182 -166 -312t-318 -156q-210 -29 -384.5 80t-241.5 300q-117 6 -221 57.5t-177.5 133t-113.5 192.5t-32 230
+q9 135 78 252t182 191.5t248 89.5q118 14 227.5 -19t198.5 -103l255 254h-134q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h288q26 0 45 -19t19 -45v-288q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v134l-254 -255q59 -74 93 -169q182 -9 328 -124l255 254h-134q-14 0 -23 9
+t-9 23v64zM1024 704q0 20 -4 58q-162 -25 -271 -150t-109 -292q0 -20 4 -58q162 25 271 150t109 292zM128 704q0 -168 111 -294t276 -149q-3 29 -3 59q0 210 135 369.5t338 196.5q-53 120 -163.5 193t-245.5 73q-185 0 -316.5 -131.5t-131.5 -316.5zM1088 -128
+q185 0 316.5 131.5t131.5 316.5q0 168 -111 294t-276 149q3 -28 3 -59q0 -210 -135 -369.5t-338 -196.5q53 -120 163.5 -193t245.5 -73z" />
+    <glyph glyph-name="_517" unicode="&#xf228;" horiz-adv-x="2048" 
+d="M1664 1504q0 14 9 23t23 9h288q26 0 45 -19t19 -45v-288q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v134l-254 -255q76 -95 107.5 -214t9.5 -247q-32 -180 -164.5 -310t-313.5 -157q-223 -34 -409 90q-117 -78 -256 -93v-132h96q14 0 23 -9t9 -23v-64q0 -14 -9 -23
+t-23 -9h-96v-96q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v96h-96q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h96v132q-155 17 -279.5 109.5t-187 237.5t-39.5 307q25 187 159.5 322.5t320.5 164.5q224 34 410 -90q146 97 320 97q201 0 359 -126l255 254h-134q-14 0 -23 9
+t-9 23v64zM896 391q128 131 128 313t-128 313q-128 -131 -128 -313t128 -313zM128 704q0 -185 131.5 -316.5t316.5 -131.5q117 0 218 57q-154 167 -154 391t154 391q-101 57 -218 57q-185 0 -316.5 -131.5t-131.5 -316.5zM1216 256q185 0 316.5 131.5t131.5 316.5
+t-131.5 316.5t-316.5 131.5q-117 0 -218 -57q154 -167 154 -391t-154 -391q101 -57 218 -57z" />
+    <glyph glyph-name="_518" unicode="&#xf229;" 
+d="M1472 1408q26 0 45 -19t19 -45v-416q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v262l-213 -214l140 -140q9 -10 9 -23t-9 -22l-46 -46q-9 -9 -22 -9t-23 9l-140 141l-78 -79q126 -156 126 -359q0 -117 -45.5 -223.5t-123 -184t-184 -123t-223.5 -45.5t-223.5 45.5
+t-184 123t-123 184t-45.5 223.5t45.5 223.5t123 184t184 123t223.5 45.5q203 0 359 -126l78 78l-172 172q-9 10 -9 23t9 22l46 46q9 9 22 9t23 -9l172 -172l213 213h-261q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h416zM576 0q185 0 316.5 131.5t131.5 316.5t-131.5 316.5
+t-316.5 131.5t-316.5 -131.5t-131.5 -316.5t131.5 -316.5t316.5 -131.5z" />
+    <glyph glyph-name="_519" unicode="&#xf22a;" horiz-adv-x="1280" 
+d="M640 892q217 -24 364.5 -187.5t147.5 -384.5q0 -167 -87 -306t-236 -212t-319 -54q-133 15 -245.5 88t-182 188t-80.5 249q-12 155 52.5 292t186 224t271.5 103v132h-160q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h160v165l-92 -92q-10 -9 -23 -9t-22 9l-46 46q-9 9 -9 22
+t9 23l202 201q19 19 45 19t45 -19l202 -201q9 -10 9 -23t-9 -22l-46 -46q-9 -9 -22 -9t-23 9l-92 92v-165h160q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-160v-132zM576 -128q185 0 316.5 131.5t131.5 316.5t-131.5 316.5t-316.5 131.5t-316.5 -131.5t-131.5 -316.5
+t131.5 -316.5t316.5 -131.5z" />
+    <glyph glyph-name="_520" unicode="&#xf22b;" horiz-adv-x="2048" 
+d="M1901 621q19 -19 19 -45t-19 -45l-294 -294q-9 -10 -22.5 -10t-22.5 10l-45 45q-10 9 -10 22.5t10 22.5l185 185h-294v-224q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v224h-132q-24 -217 -187.5 -364.5t-384.5 -147.5q-167 0 -306 87t-212 236t-54 319q15 133 88 245.5
+t188 182t249 80.5q155 12 292 -52.5t224 -186t103 -271.5h132v224q0 14 9 23t23 9h64q14 0 23 -9t9 -23v-224h294l-185 185q-10 9 -10 22.5t10 22.5l45 45q9 10 22.5 10t22.5 -10zM576 128q185 0 316.5 131.5t131.5 316.5t-131.5 316.5t-316.5 131.5t-316.5 -131.5
+t-131.5 -316.5t131.5 -316.5t316.5 -131.5z" />
+    <glyph glyph-name="_521" unicode="&#xf22c;" horiz-adv-x="1280" 
+d="M1152 960q0 -221 -147.5 -384.5t-364.5 -187.5v-612q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v612q-217 24 -364.5 187.5t-147.5 384.5q0 117 45.5 223.5t123 184t184 123t223.5 45.5t223.5 -45.5t184 -123t123 -184t45.5 -223.5zM576 512q185 0 316.5 131.5
+t131.5 316.5t-131.5 316.5t-316.5 131.5t-316.5 -131.5t-131.5 -316.5t131.5 -316.5t316.5 -131.5z" />
+    <glyph glyph-name="_522" unicode="&#xf22d;" horiz-adv-x="1280" 
+d="M1024 576q0 185 -131.5 316.5t-316.5 131.5t-316.5 -131.5t-131.5 -316.5t131.5 -316.5t316.5 -131.5t316.5 131.5t131.5 316.5zM1152 576q0 -117 -45.5 -223.5t-123 -184t-184 -123t-223.5 -45.5t-223.5 45.5t-184 123t-123 184t-45.5 223.5t45.5 223.5t123 184t184 123
+t223.5 45.5t223.5 -45.5t184 -123t123 -184t45.5 -223.5z" />
+    <glyph glyph-name="_523" unicode="&#xf22e;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="_524" unicode="&#xf22f;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="_525" unicode="&#xf230;" 
+d="M1451 1408q35 0 60 -25t25 -60v-1366q0 -35 -25 -60t-60 -25h-391v595h199l30 232h-229v148q0 56 23.5 84t91.5 28l122 1v207q-63 9 -178 9q-136 0 -217.5 -80t-81.5 -226v-171h-200v-232h200v-595h-735q-35 0 -60 25t-25 60v1366q0 35 25 60t60 25h1366z" />
+    <glyph glyph-name="_526" unicode="&#xf231;" horiz-adv-x="1280" 
+d="M0 939q0 108 37.5 203.5t103.5 166.5t152 123t185 78t202 26q158 0 294 -66.5t221 -193.5t85 -287q0 -96 -19 -188t-60 -177t-100 -149.5t-145 -103t-189 -38.5q-68 0 -135 32t-96 88q-10 -39 -28 -112.5t-23.5 -95t-20.5 -71t-26 -71t-32 -62.5t-46 -77.5t-62 -86.5
+l-14 -5l-9 10q-15 157 -15 188q0 92 21.5 206.5t66.5 287.5t52 203q-32 65 -32 169q0 83 52 156t132 73q61 0 95 -40.5t34 -102.5q0 -66 -44 -191t-44 -187q0 -63 45 -104.5t109 -41.5q55 0 102 25t78.5 68t56 95t38 110.5t20 111t6.5 99.5q0 173 -109.5 269.5t-285.5 96.5
+q-200 0 -334 -129.5t-134 -328.5q0 -44 12.5 -85t27 -65t27 -45.5t12.5 -30.5q0 -28 -15 -73t-37 -45q-2 0 -17 3q-51 15 -90.5 56t-61 94.5t-32.5 108t-11 106.5z" />
+    <glyph glyph-name="_527" unicode="&#xf232;" 
+d="M985 562q13 0 97.5 -44t89.5 -53q2 -5 2 -15q0 -33 -17 -76q-16 -39 -71 -65.5t-102 -26.5q-57 0 -190 62q-98 45 -170 118t-148 185q-72 107 -71 194v8q3 91 74 158q24 22 52 22q6 0 18 -1.5t19 -1.5q19 0 26.5 -6.5t15.5 -27.5q8 -20 33 -88t25 -75q0 -21 -34.5 -57.5
+t-34.5 -46.5q0 -7 5 -15q34 -73 102 -137q56 -53 151 -101q12 -7 22 -7q15 0 54 48.5t52 48.5zM782 32q127 0 243.5 50t200.5 134t134 200.5t50 243.5t-50 243.5t-134 200.5t-200.5 134t-243.5 50t-243.5 -50t-200.5 -134t-134 -200.5t-50 -243.5q0 -203 120 -368l-79 -233
+l242 77q158 -104 345 -104zM782 1414q153 0 292.5 -60t240.5 -161t161 -240.5t60 -292.5t-60 -292.5t-161 -240.5t-240.5 -161t-292.5 -60q-195 0 -365 94l-417 -134l136 405q-108 178 -108 389q0 153 60 292.5t161 240.5t240.5 161t292.5 60z" />
+    <glyph glyph-name="_528" unicode="&#xf233;" horiz-adv-x="1792" 
+d="M128 128h1024v128h-1024v-128zM128 640h1024v128h-1024v-128zM1696 192q0 40 -28 68t-68 28t-68 -28t-28 -68t28 -68t68 -28t68 28t28 68zM128 1152h1024v128h-1024v-128zM1696 704q0 40 -28 68t-68 28t-68 -28t-28 -68t28 -68t68 -28t68 28t28 68zM1696 1216
+q0 40 -28 68t-68 28t-68 -28t-28 -68t28 -68t68 -28t68 28t28 68zM1792 384v-384h-1792v384h1792zM1792 896v-384h-1792v384h1792zM1792 1408v-384h-1792v384h1792z" />
+    <glyph glyph-name="_529" unicode="&#xf234;" horiz-adv-x="2048" 
+d="M704 640q-159 0 -271.5 112.5t-112.5 271.5t112.5 271.5t271.5 112.5t271.5 -112.5t112.5 -271.5t-112.5 -271.5t-271.5 -112.5zM1664 512h352q13 0 22.5 -9.5t9.5 -22.5v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-352v-352q0 -13 -9.5 -22.5t-22.5 -9.5h-192q-13 0 -22.5 9.5
+t-9.5 22.5v352h-352q-13 0 -22.5 9.5t-9.5 22.5v192q0 13 9.5 22.5t22.5 9.5h352v352q0 13 9.5 22.5t22.5 9.5h192q13 0 22.5 -9.5t9.5 -22.5v-352zM928 288q0 -52 38 -90t90 -38h256v-238q-68 -50 -171 -50h-874q-121 0 -194 69t-73 190q0 53 3.5 103.5t14 109t26.5 108.5
+t43 97.5t62 81t85.5 53.5t111.5 20q19 0 39 -17q79 -61 154.5 -91.5t164.5 -30.5t164.5 30.5t154.5 91.5q20 17 39 17q132 0 217 -96h-223q-52 0 -90 -38t-38 -90v-192z" />
+    <glyph glyph-name="_530" unicode="&#xf235;" horiz-adv-x="2048" 
+d="M704 640q-159 0 -271.5 112.5t-112.5 271.5t112.5 271.5t271.5 112.5t271.5 -112.5t112.5 -271.5t-112.5 -271.5t-271.5 -112.5zM1781 320l249 -249q9 -9 9 -23q0 -13 -9 -22l-136 -136q-9 -9 -22 -9q-14 0 -23 9l-249 249l-249 -249q-9 -9 -23 -9q-13 0 -22 9l-136 136
+q-9 9 -9 22q0 14 9 23l249 249l-249 249q-9 9 -9 23q0 13 9 22l136 136q9 9 22 9q14 0 23 -9l249 -249l249 249q9 9 23 9q13 0 22 -9l136 -136q9 -9 9 -22q0 -14 -9 -23zM1283 320l-181 -181q-37 -37 -37 -91q0 -53 37 -90l83 -83q-21 -3 -44 -3h-874q-121 0 -194 69
+t-73 190q0 53 3.5 103.5t14 109t26.5 108.5t43 97.5t62 81t85.5 53.5t111.5 20q19 0 39 -17q154 -122 319 -122t319 122q20 17 39 17q28 0 57 -6q-28 -27 -41 -50t-13 -56q0 -54 37 -91z" />
+    <glyph glyph-name="_531" unicode="&#xf236;" horiz-adv-x="2048" 
+d="M256 512h1728q26 0 45 -19t19 -45v-448h-256v256h-1536v-256h-256v1216q0 26 19 45t45 19h128q26 0 45 -19t19 -45v-704zM832 832q0 106 -75 181t-181 75t-181 -75t-75 -181t75 -181t181 -75t181 75t75 181zM2048 576v64q0 159 -112.5 271.5t-271.5 112.5h-704
+q-26 0 -45 -19t-19 -45v-384h1152z" />
+    <glyph glyph-name="_532" unicode="&#xf237;" 
+d="M1536 1536l-192 -448h192v-192h-274l-55 -128h329v-192h-411l-357 -832l-357 832h-411v192h329l-55 128h-274v192h192l-192 448h256l323 -768h378l323 768h256zM768 320l108 256h-216z" />
+    <glyph glyph-name="_533" unicode="&#xf238;" 
+d="M1088 1536q185 0 316.5 -93.5t131.5 -226.5v-896q0 -130 -125.5 -222t-305.5 -97l213 -202q16 -15 8 -35t-30 -20h-1056q-22 0 -30 20t8 35l213 202q-180 5 -305.5 97t-125.5 222v896q0 133 131.5 226.5t316.5 93.5h640zM768 192q80 0 136 56t56 136t-56 136t-136 56
+t-136 -56t-56 -136t56 -136t136 -56zM1344 768v512h-1152v-512h1152z" />
+    <glyph glyph-name="_534" unicode="&#xf239;" 
+d="M1088 1536q185 0 316.5 -93.5t131.5 -226.5v-896q0 -130 -125.5 -222t-305.5 -97l213 -202q16 -15 8 -35t-30 -20h-1056q-22 0 -30 20t8 35l213 202q-180 5 -305.5 97t-125.5 222v896q0 133 131.5 226.5t316.5 93.5h640zM288 224q66 0 113 47t47 113t-47 113t-113 47
+t-113 -47t-47 -113t47 -113t113 -47zM704 768v512h-544v-512h544zM1248 224q66 0 113 47t47 113t-47 113t-113 47t-113 -47t-47 -113t47 -113t113 -47zM1408 768v512h-576v-512h576z" />
+    <glyph glyph-name="_535" unicode="&#xf23a;" horiz-adv-x="1792" 
+d="M597 1115v-1173q0 -25 -12.5 -42.5t-36.5 -17.5q-17 0 -33 8l-465 233q-21 10 -35.5 33.5t-14.5 46.5v1140q0 20 10 34t29 14q14 0 44 -15l511 -256q3 -3 3 -5zM661 1014l534 -866l-534 266v600zM1792 996v-1054q0 -25 -14 -40.5t-38 -15.5t-47 13l-441 220zM1789 1116
+q0 -3 -256.5 -419.5t-300.5 -487.5l-390 634l324 527q17 28 52 28q14 0 26 -6l541 -270q4 -2 4 -6z" />
+    <glyph glyph-name="_536" unicode="&#xf23b;" 
+d="M809 532l266 499h-112l-157 -312q-24 -48 -44 -92l-42 92l-155 312h-120l263 -493v-324h101v318zM1536 1408v-1536h-1536v1536h1536z" />
+    <glyph glyph-name="_537" unicode="&#xf23c;" horiz-adv-x="2296" 
+d="M478 -139q-8 -16 -27 -34.5t-37 -25.5q-25 -9 -51.5 3.5t-28.5 31.5q-1 22 40 55t68 38q23 4 34 -21.5t2 -46.5zM1819 -139q7 -16 26 -34.5t38 -25.5q25 -9 51.5 3.5t27.5 31.5q2 22 -39.5 55t-68.5 38q-22 4 -33 -21.5t-2 -46.5zM1867 -30q13 -27 56.5 -59.5t77.5 -41.5
+q45 -13 82 4.5t37 50.5q0 46 -67.5 100.5t-115.5 59.5q-40 5 -63.5 -37.5t-6.5 -76.5zM428 -30q-13 -27 -56 -59.5t-77 -41.5q-45 -13 -82 4.5t-37 50.5q0 46 67.5 100.5t115.5 59.5q40 5 63 -37.5t6 -76.5zM1158 1094h1q-41 0 -76 -15q27 -8 44 -30.5t17 -49.5
+q0 -35 -27 -60t-65 -25q-52 0 -80 43q-5 -23 -5 -42q0 -74 56 -126.5t135 -52.5q80 0 136 52.5t56 126.5t-56 126.5t-136 52.5zM1462 1312q-99 109 -220.5 131.5t-245.5 -44.5q27 60 82.5 96.5t118 39.5t121.5 -17t99.5 -74.5t44.5 -131.5zM2212 73q8 -11 -11 -42
+q7 -23 7 -40q1 -56 -44.5 -112.5t-109.5 -91.5t-118 -37q-48 -2 -92 21.5t-66 65.5q-687 -25 -1259 0q-23 -41 -66.5 -65t-92.5 -22q-86 3 -179.5 80.5t-92.5 160.5q2 22 7 40q-19 31 -11 42q6 10 31 1q14 22 41 51q-7 29 2 38q11 10 39 -4q29 20 59 34q0 29 13 37
+q23 12 51 -16q35 5 61 -2q18 -4 38 -19v73q-11 0 -18 2q-53 10 -97 44.5t-55 87.5q-9 38 0 81q15 62 93 95q2 17 19 35.5t36 23.5t33 -7.5t19 -30.5h13q46 -5 60 -23q3 -3 5 -7q10 1 30.5 3.5t30.5 3.5q-15 11 -30 17q-23 40 -91 43q0 6 1 10q-62 2 -118.5 18.5t-84.5 47.5
+q-32 36 -42.5 92t-2.5 112q16 126 90 179q23 16 52 4.5t32 -40.5q0 -1 1.5 -14t2.5 -21t3 -20t5.5 -19t8.5 -10q27 -14 76 -12q48 46 98 74q-40 4 -162 -14l47 46q61 58 163 111q145 73 282 86q-20 8 -41 15.5t-47 14t-42.5 10.5t-47.5 11t-43 10q595 126 904 -139
+q98 -84 158 -222q85 -10 121 9h1q5 3 8.5 10t5.5 19t3 19.5t3 21.5l1 14q3 28 32 40t52 -5q73 -52 91 -178q7 -57 -3.5 -113t-42.5 -91q-28 -32 -83.5 -48.5t-115.5 -18.5v-10q-71 -2 -95 -43q-14 -5 -31 -17q11 -1 32 -3.5t30 -3.5q1 5 5 8q16 18 60 23h13q5 18 19 30t33 8
+t36 -23t19 -36q79 -32 93 -95q9 -40 1 -81q-12 -53 -56 -88t-97 -44q-10 -2 -17 -2q0 -49 -1 -73q20 15 38 19q26 7 61 2q28 28 51 16q14 -9 14 -37q33 -16 59 -34q27 13 38 4q10 -10 2 -38q28 -30 41 -51q23 8 31 -1zM1937 1025q0 -29 -9 -54q82 -32 112 -132
+q4 37 -9.5 98.5t-41.5 90.5q-20 19 -36 17t-16 -20zM1859 925q35 -42 47.5 -108.5t-0.5 -124.5q67 13 97 45q13 14 18 28q-3 64 -31 114.5t-79 66.5q-15 -15 -52 -21zM1822 921q-30 0 -44 1q42 -115 53 -239q21 0 43 3q16 68 1 135t-53 100zM258 839q30 100 112 132
+q-9 25 -9 54q0 18 -16.5 20t-35.5 -17q-28 -29 -41.5 -90.5t-9.5 -98.5zM294 737q29 -31 97 -45q-13 58 -0.5 124.5t47.5 108.5v0q-37 6 -52 21q-51 -16 -78.5 -66t-31.5 -115q9 -17 18 -28zM471 683q14 124 73 235q-19 -4 -55 -18l-45 -19v1q-46 -89 -20 -196q25 -3 47 -3z
+M1434 644q8 -38 16.5 -108.5t11.5 -89.5q3 -18 9.5 -21.5t23.5 4.5q40 20 62 85.5t23 125.5q-24 2 -146 4zM1152 1285q-116 0 -199 -82.5t-83 -198.5q0 -117 83 -199.5t199 -82.5t199 82.5t83 199.5q0 116 -83 198.5t-199 82.5zM1380 646q-105 2 -211 0v1q-1 -27 2.5 -86
+t13.5 -66q29 -14 93.5 -14.5t95.5 10.5q9 3 11 39t-0.5 69.5t-4.5 46.5zM1112 447q8 4 9.5 48t-0.5 88t-4 63v1q-212 -3 -214 -3q-4 -20 -7 -62t0 -83t14 -46q34 -15 101 -16t101 10zM718 636q-16 -59 4.5 -118.5t77.5 -84.5q15 -8 24 -5t12 21q3 16 8 90t10 103
+q-69 -2 -136 -6zM591 510q3 -23 -34 -36q132 -141 271.5 -240t305.5 -154q172 49 310.5 146t293.5 250q-33 13 -30 34q0 2 0.5 3.5t1.5 3t1 2.5v1v-1q-17 2 -50 5.5t-48 4.5q-26 -90 -82 -132q-51 -38 -82 1q-5 6 -9 14q-7 13 -17 62q-2 -5 -5 -9t-7.5 -7t-8 -5.5t-9.5 -4
+l-10 -2.5t-12 -2l-12 -1.5t-13.5 -1t-13.5 -0.5q-106 -9 -163 11q-4 -17 -10 -26.5t-21 -15t-23 -7t-36 -3.5q-6 -1 -9 -1q-179 -17 -203 40q-2 -63 -56 -54q-47 8 -91 54q-12 13 -20 26q-17 29 -26 65q-58 -6 -87 -10q1 -2 4 -10zM507 -118q3 14 3 30q-17 71 -51 130
+t-73 70q-41 12 -101.5 -14.5t-104.5 -80t-39 -107.5q35 -53 100 -93t119 -42q51 -2 94 28t53 79zM510 53q23 -63 27 -119q195 113 392 174q-98 52 -180.5 120t-179.5 165q-6 -4 -29 -13q0 -1 -1 -4t-1 -5q31 -18 22 -37q-12 -23 -56 -34q-10 -13 -29 -24h-1q-2 -83 1 -150
+q19 -34 35 -73zM579 -113q532 -21 1145 0q-254 147 -428 196q-76 -35 -156 -57q-8 -3 -16 0q-65 21 -129 49q-208 -60 -416 -188h-1v-1q1 0 1 1zM1763 -67q4 54 28 120q14 38 33 71l-1 -1q3 77 3 153q-15 8 -30 25q-42 9 -56 33q-9 20 22 38q-2 4 -2 9q-16 4 -28 12
+q-204 -190 -383 -284q198 -59 414 -176zM2155 -90q5 54 -39 107.5t-104 80t-102 14.5q-38 -11 -72.5 -70.5t-51.5 -129.5q0 -16 3 -30q10 -49 53 -79t94 -28q54 2 119 42t100 93z" />
+    <glyph glyph-name="_538" unicode="&#xf23d;" horiz-adv-x="2304" 
+d="M1524 -25q0 -68 -48 -116t-116 -48t-116.5 48t-48.5 116t48.5 116.5t116.5 48.5t116 -48.5t48 -116.5zM775 -25q0 -68 -48.5 -116t-116.5 -48t-116 48t-48 116t48 116.5t116 48.5t116.5 -48.5t48.5 -116.5zM0 1469q57 -60 110.5 -104.5t121 -82t136 -63t166 -45.5
+t200 -31.5t250 -18.5t304 -9.5t372.5 -2.5q139 0 244.5 -5t181 -16.5t124 -27.5t71 -39.5t24 -51.5t-19.5 -64t-56.5 -76.5t-89.5 -91t-116 -104.5t-139 -119q-185 -157 -286 -247q29 51 76.5 109t94 105.5t94.5 98.5t83 91.5t54 80.5t13 70t-45.5 55.5t-116.5 41t-204 23.5
+t-304 5q-168 -2 -314 6t-256 23t-204.5 41t-159.5 51.5t-122.5 62.5t-91.5 66.5t-68 71.5t-50.5 69.5t-40 68t-36.5 59.5z" />
+    <glyph glyph-name="_539" unicode="&#xf23e;" horiz-adv-x="1792" 
+d="M896 1472q-169 0 -323 -66t-265.5 -177.5t-177.5 -265.5t-66 -323t66 -323t177.5 -265.5t265.5 -177.5t323 -66t323 66t265.5 177.5t177.5 265.5t66 323t-66 323t-177.5 265.5t-265.5 177.5t-323 66zM896 1536q182 0 348 -71t286 -191t191 -286t71 -348t-71 -348
+t-191 -286t-286 -191t-348 -71t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71zM496 704q16 0 16 -16v-480q0 -16 -16 -16h-32q-16 0 -16 16v480q0 16 16 16h32zM896 640q53 0 90.5 -37.5t37.5 -90.5q0 -35 -17.5 -64t-46.5 -46v-114q0 -14 -9 -23
+t-23 -9h-64q-14 0 -23 9t-9 23v114q-29 17 -46.5 46t-17.5 64q0 53 37.5 90.5t90.5 37.5zM896 1408q209 0 385.5 -103t279.5 -279.5t103 -385.5t-103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103zM544 928v-96
+q0 -14 9 -23t23 -9h64q14 0 23 9t9 23v96q0 93 65.5 158.5t158.5 65.5t158.5 -65.5t65.5 -158.5v-96q0 -14 9 -23t23 -9h64q14 0 23 9t9 23v96q0 146 -103 249t-249 103t-249 -103t-103 -249zM1408 192v512q0 26 -19 45t-45 19h-896q-26 0 -45 -19t-19 -45v-512
+q0 -26 19 -45t45 -19h896q26 0 45 19t19 45z" />
+    <glyph glyph-name="_540" unicode="&#xf240;" horiz-adv-x="2304" 
+d="M1920 1024v-768h-1664v768h1664zM2048 448h128v384h-128v288q0 14 -9 23t-23 9h-1856q-14 0 -23 -9t-9 -23v-960q0 -14 9 -23t23 -9h1856q14 0 23 9t9 23v288zM2304 832v-384q0 -53 -37.5 -90.5t-90.5 -37.5v-160q0 -66 -47 -113t-113 -47h-1856q-66 0 -113 47t-47 113
+v960q0 66 47 113t113 47h1856q66 0 113 -47t47 -113v-160q53 0 90.5 -37.5t37.5 -90.5z" />
+    <glyph glyph-name="_541" unicode="&#xf241;" horiz-adv-x="2304" 
+d="M256 256v768h1280v-768h-1280zM2176 960q53 0 90.5 -37.5t37.5 -90.5v-384q0 -53 -37.5 -90.5t-90.5 -37.5v-160q0 -66 -47 -113t-113 -47h-1856q-66 0 -113 47t-47 113v960q0 66 47 113t113 47h1856q66 0 113 -47t47 -113v-160zM2176 448v384h-128v288q0 14 -9 23t-23 9
+h-1856q-14 0 -23 -9t-9 -23v-960q0 -14 9 -23t23 -9h1856q14 0 23 9t9 23v288h128z" />
+    <glyph glyph-name="_542" unicode="&#xf242;" horiz-adv-x="2304" 
+d="M256 256v768h896v-768h-896zM2176 960q53 0 90.5 -37.5t37.5 -90.5v-384q0 -53 -37.5 -90.5t-90.5 -37.5v-160q0 -66 -47 -113t-113 -47h-1856q-66 0 -113 47t-47 113v960q0 66 47 113t113 47h1856q66 0 113 -47t47 -113v-160zM2176 448v384h-128v288q0 14 -9 23t-23 9
+h-1856q-14 0 -23 -9t-9 -23v-960q0 -14 9 -23t23 -9h1856q14 0 23 9t9 23v288h128z" />
+    <glyph glyph-name="_543" unicode="&#xf243;" horiz-adv-x="2304" 
+d="M256 256v768h512v-768h-512zM2176 960q53 0 90.5 -37.5t37.5 -90.5v-384q0 -53 -37.5 -90.5t-90.5 -37.5v-160q0 -66 -47 -113t-113 -47h-1856q-66 0 -113 47t-47 113v960q0 66 47 113t113 47h1856q66 0 113 -47t47 -113v-160zM2176 448v384h-128v288q0 14 -9 23t-23 9
+h-1856q-14 0 -23 -9t-9 -23v-960q0 -14 9 -23t23 -9h1856q14 0 23 9t9 23v288h128z" />
+    <glyph glyph-name="_544" unicode="&#xf244;" horiz-adv-x="2304" 
+d="M2176 960q53 0 90.5 -37.5t37.5 -90.5v-384q0 -53 -37.5 -90.5t-90.5 -37.5v-160q0 -66 -47 -113t-113 -47h-1856q-66 0 -113 47t-47 113v960q0 66 47 113t113 47h1856q66 0 113 -47t47 -113v-160zM2176 448v384h-128v288q0 14 -9 23t-23 9h-1856q-14 0 -23 -9t-9 -23
+v-960q0 -14 9 -23t23 -9h1856q14 0 23 9t9 23v288h128z" />
+    <glyph glyph-name="_545" unicode="&#xf245;" horiz-adv-x="1280" 
+d="M1133 493q31 -30 14 -69q-17 -40 -59 -40h-382l201 -476q10 -25 0 -49t-34 -35l-177 -75q-25 -10 -49 0t-35 34l-191 452l-312 -312q-19 -19 -45 -19q-12 0 -24 5q-40 17 -40 59v1504q0 42 40 59q12 5 24 5q27 0 45 -19z" />
+    <glyph glyph-name="_546" unicode="&#xf246;" horiz-adv-x="1024" 
+d="M832 1408q-320 0 -320 -224v-416h128v-128h-128v-544q0 -224 320 -224h64v-128h-64q-272 0 -384 146q-112 -146 -384 -146h-64v128h64q320 0 320 224v544h-128v128h128v416q0 224 -320 224h-64v128h64q272 0 384 -146q112 146 384 146h64v-128h-64z" />
+    <glyph glyph-name="_547" unicode="&#xf247;" horiz-adv-x="2048" 
+d="M2048 1152h-128v-1024h128v-384h-384v128h-1280v-128h-384v384h128v1024h-128v384h384v-128h1280v128h384v-384zM1792 1408v-128h128v128h-128zM128 1408v-128h128v128h-128zM256 -128v128h-128v-128h128zM1664 0v128h128v1024h-128v128h-1280v-128h-128v-1024h128v-128
+h1280zM1920 -128v128h-128v-128h128zM1280 896h384v-768h-896v256h-384v768h896v-256zM512 512h640v512h-640v-512zM1536 256v512h-256v-384h-384v-128h640z" />
+    <glyph glyph-name="_548" unicode="&#xf248;" horiz-adv-x="2304" 
+d="M2304 768h-128v-640h128v-384h-384v128h-896v-128h-384v384h128v128h-384v-128h-384v384h128v640h-128v384h384v-128h896v128h384v-384h-128v-128h384v128h384v-384zM2048 1024v-128h128v128h-128zM1408 1408v-128h128v128h-128zM128 1408v-128h128v128h-128zM256 256
+v128h-128v-128h128zM1536 384h-128v-128h128v128zM384 384h896v128h128v640h-128v128h-896v-128h-128v-640h128v-128zM896 -128v128h-128v-128h128zM2176 -128v128h-128v-128h128zM2048 128v640h-128v128h-384v-384h128v-384h-384v128h-384v-128h128v-128h896v128h128z" />
+    <glyph glyph-name="_549" unicode="&#xf249;" 
+d="M1024 288v-416h-928q-40 0 -68 28t-28 68v1344q0 40 28 68t68 28h1344q40 0 68 -28t28 -68v-928h-416q-40 0 -68 -28t-28 -68zM1152 256h381q-15 -82 -65 -132l-184 -184q-50 -50 -132 -65v381z" />
+    <glyph glyph-name="_550" unicode="&#xf24a;" 
+d="M1400 256h-248v-248q29 10 41 22l185 185q12 12 22 41zM1120 384h288v896h-1280v-1280h896v288q0 40 28 68t68 28zM1536 1312v-1024q0 -40 -20 -88t-48 -76l-184 -184q-28 -28 -76 -48t-88 -20h-1024q-40 0 -68 28t-28 68v1344q0 40 28 68t68 28h1344q40 0 68 -28t28 -68
+z" />
+    <glyph glyph-name="_551" unicode="&#xf24b;" horiz-adv-x="2304" 
+d="M1951 538q0 -26 -15.5 -44.5t-38.5 -23.5q-8 -2 -18 -2h-153v140h153q10 0 18 -2q23 -5 38.5 -23.5t15.5 -44.5zM1933 751q0 -25 -15 -42t-38 -21q-3 -1 -15 -1h-139v129h139q3 0 8.5 -0.5t6.5 -0.5q23 -4 38 -21.5t15 -42.5zM728 587v308h-228v-308q0 -58 -38 -94.5
+t-105 -36.5q-108 0 -229 59v-112q53 -15 121 -23t109 -9l42 -1q328 0 328 217zM1442 403v113q-99 -52 -200 -59q-108 -8 -169 41t-61 142t61 142t169 41q101 -7 200 -58v112q-48 12 -100 19.5t-80 9.5l-28 2q-127 6 -218.5 -14t-140.5 -60t-71 -88t-22 -106t22 -106t71 -88
+t140.5 -60t218.5 -14q101 4 208 31zM2176 518q0 54 -43 88.5t-109 39.5v3q57 8 89 41.5t32 79.5q0 55 -41 88t-107 36q-3 0 -12 0.5t-14 0.5h-455v-510h491q74 0 121.5 36.5t47.5 96.5zM2304 1280v-1280q0 -52 -38 -90t-90 -38h-2048q-52 0 -90 38t-38 90v1280q0 52 38 90
+t90 38h2048q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="_552" unicode="&#xf24c;" horiz-adv-x="2304" 
+d="M858 295v693q-106 -41 -172 -135.5t-66 -211.5t66 -211.5t172 -134.5zM1362 641q0 117 -66 211.5t-172 135.5v-694q106 41 172 135.5t66 211.5zM1577 641q0 -159 -78.5 -294t-213.5 -213.5t-294 -78.5q-119 0 -227.5 46.5t-187 125t-125 187t-46.5 227.5q0 159 78.5 294
+t213.5 213.5t294 78.5t294 -78.5t213.5 -213.5t78.5 -294zM1960 634q0 139 -55.5 261.5t-147.5 205.5t-213.5 131t-252.5 48h-301q-176 0 -323.5 -81t-235 -230t-87.5 -335q0 -171 87 -317.5t236 -231.5t323 -85h301q129 0 251.5 50.5t214.5 135t147.5 202.5t55.5 246z
+M2304 1280v-1280q0 -52 -38 -90t-90 -38h-2048q-52 0 -90 38t-38 90v1280q0 52 38 90t90 38h2048q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="_553" unicode="&#xf24d;" horiz-adv-x="1792" 
+d="M1664 -96v1088q0 13 -9.5 22.5t-22.5 9.5h-1088q-13 0 -22.5 -9.5t-9.5 -22.5v-1088q0 -13 9.5 -22.5t22.5 -9.5h1088q13 0 22.5 9.5t9.5 22.5zM1792 992v-1088q0 -66 -47 -113t-113 -47h-1088q-66 0 -113 47t-47 113v1088q0 66 47 113t113 47h1088q66 0 113 -47t47 -113
+zM1408 1376v-160h-128v160q0 13 -9.5 22.5t-22.5 9.5h-1088q-13 0 -22.5 -9.5t-9.5 -22.5v-1088q0 -13 9.5 -22.5t22.5 -9.5h160v-128h-160q-66 0 -113 47t-47 113v1088q0 66 47 113t113 47h1088q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="_554" unicode="&#xf24e;" horiz-adv-x="2304" 
+d="M1728 1088l-384 -704h768zM448 1088l-384 -704h768zM1269 1280q-14 -40 -45.5 -71.5t-71.5 -45.5v-1291h608q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-1344q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h608v1291q-40 14 -71.5 45.5t-45.5 71.5h-491q-14 0 -23 9t-9 23v64
+q0 14 9 23t23 9h491q21 57 70 92.5t111 35.5t111 -35.5t70 -92.5h491q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-491zM1088 1264q33 0 56.5 23.5t23.5 56.5t-23.5 56.5t-56.5 23.5t-56.5 -23.5t-23.5 -56.5t23.5 -56.5t56.5 -23.5zM2176 384q0 -73 -46.5 -131t-117.5 -91
+t-144.5 -49.5t-139.5 -16.5t-139.5 16.5t-144.5 49.5t-117.5 91t-46.5 131q0 11 35 81t92 174.5t107 195.5t102 184t56 100q18 33 56 33t56 -33q4 -7 56 -100t102 -184t107 -195.5t92 -174.5t35 -81zM896 384q0 -73 -46.5 -131t-117.5 -91t-144.5 -49.5t-139.5 -16.5
+t-139.5 16.5t-144.5 49.5t-117.5 91t-46.5 131q0 11 35 81t92 174.5t107 195.5t102 184t56 100q18 33 56 33t56 -33q4 -7 56 -100t102 -184t107 -195.5t92 -174.5t35 -81z" />
+    <glyph glyph-name="_555" unicode="&#xf250;" 
+d="M1408 1408q0 -261 -106.5 -461.5t-266.5 -306.5q160 -106 266.5 -306.5t106.5 -461.5h96q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-1472q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h96q0 261 106.5 461.5t266.5 306.5q-160 106 -266.5 306.5t-106.5 461.5h-96q-14 0 -23 9
+t-9 23v64q0 14 9 23t23 9h1472q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-96zM874 700q77 29 149 92.5t129.5 152.5t92.5 210t35 253h-1024q0 -132 35 -253t92.5 -210t129.5 -152.5t149 -92.5q19 -7 30.5 -23.5t11.5 -36.5t-11.5 -36.5t-30.5 -23.5q-77 -29 -149 -92.5
+t-129.5 -152.5t-92.5 -210t-35 -253h1024q0 132 -35 253t-92.5 210t-129.5 152.5t-149 92.5q-19 7 -30.5 23.5t-11.5 36.5t11.5 36.5t30.5 23.5z" />
+    <glyph glyph-name="_556" unicode="&#xf251;" 
+d="M1408 1408q0 -261 -106.5 -461.5t-266.5 -306.5q160 -106 266.5 -306.5t106.5 -461.5h96q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-1472q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h96q0 261 106.5 461.5t266.5 306.5q-160 106 -266.5 306.5t-106.5 461.5h-96q-14 0 -23 9
+t-9 23v64q0 14 9 23t23 9h1472q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-96zM1280 1408h-1024q0 -66 9 -128h1006q9 61 9 128zM1280 -128q0 130 -34 249.5t-90.5 208t-126.5 152t-146 94.5h-230q-76 -31 -146 -94.5t-126.5 -152t-90.5 -208t-34 -249.5h1024z" />
+    <glyph glyph-name="_557" unicode="&#xf252;" 
+d="M1408 1408q0 -261 -106.5 -461.5t-266.5 -306.5q160 -106 266.5 -306.5t106.5 -461.5h96q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-1472q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h96q0 261 106.5 461.5t266.5 306.5q-160 106 -266.5 306.5t-106.5 461.5h-96q-14 0 -23 9
+t-9 23v64q0 14 9 23t23 9h1472q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-96zM1280 1408h-1024q0 -206 85 -384h854q85 178 85 384zM1223 192q-54 141 -145.5 241.5t-194.5 142.5h-230q-103 -42 -194.5 -142.5t-145.5 -241.5h910z" />
+    <glyph glyph-name="_558" unicode="&#xf253;" 
+d="M1408 1408q0 -261 -106.5 -461.5t-266.5 -306.5q160 -106 266.5 -306.5t106.5 -461.5h96q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-1472q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h96q0 261 106.5 461.5t266.5 306.5q-160 106 -266.5 306.5t-106.5 461.5h-96q-14 0 -23 9
+t-9 23v64q0 14 9 23t23 9h1472q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-96zM874 700q77 29 149 92.5t129.5 152.5t92.5 210t35 253h-1024q0 -132 35 -253t92.5 -210t129.5 -152.5t149 -92.5q19 -7 30.5 -23.5t11.5 -36.5t-11.5 -36.5t-30.5 -23.5q-137 -51 -244 -196
+h700q-107 145 -244 196q-19 7 -30.5 23.5t-11.5 36.5t11.5 36.5t30.5 23.5z" />
+    <glyph glyph-name="_559" unicode="&#xf254;" 
+d="M1504 -64q14 0 23 -9t9 -23v-128q0 -14 -9 -23t-23 -9h-1472q-14 0 -23 9t-9 23v128q0 14 9 23t23 9h1472zM130 0q3 55 16 107t30 95t46 87t53.5 76t64.5 69.5t66 60t70.5 55t66.5 47.5t65 43q-43 28 -65 43t-66.5 47.5t-70.5 55t-66 60t-64.5 69.5t-53.5 76t-46 87
+t-30 95t-16 107h1276q-3 -55 -16 -107t-30 -95t-46 -87t-53.5 -76t-64.5 -69.5t-66 -60t-70.5 -55t-66.5 -47.5t-65 -43q43 -28 65 -43t66.5 -47.5t70.5 -55t66 -60t64.5 -69.5t53.5 -76t46 -87t30 -95t16 -107h-1276zM1504 1536q14 0 23 -9t9 -23v-128q0 -14 -9 -23t-23 -9
+h-1472q-14 0 -23 9t-9 23v128q0 14 9 23t23 9h1472z" />
+    <glyph glyph-name="_560" unicode="&#xf255;" 
+d="M768 1152q-53 0 -90.5 -37.5t-37.5 -90.5v-128h-32v93q0 48 -32 81.5t-80 33.5q-46 0 -79 -33t-33 -79v-429l-32 30v172q0 48 -32 81.5t-80 33.5q-46 0 -79 -33t-33 -79v-224q0 -47 35 -82l310 -296q39 -39 39 -102q0 -26 19 -45t45 -19h640q26 0 45 19t19 45v25
+q0 41 10 77l108 436q10 36 10 77v246q0 48 -32 81.5t-80 33.5q-46 0 -79 -33t-33 -79v-32h-32v125q0 40 -25 72.5t-64 40.5q-14 2 -23 2q-46 0 -79 -33t-33 -79v-128h-32v122q0 51 -32.5 89.5t-82.5 43.5q-5 1 -13 1zM768 1280q84 0 149 -50q57 34 123 34q59 0 111 -27
+t86 -76q27 7 59 7q100 0 170 -71.5t70 -171.5v-246q0 -51 -13 -108l-109 -436q-6 -24 -6 -71q0 -80 -56 -136t-136 -56h-640q-84 0 -138 58.5t-54 142.5l-308 296q-76 73 -76 175v224q0 99 70.5 169.5t169.5 70.5q11 0 16 -1q6 95 75.5 160t164.5 65q52 0 98 -21
+q72 69 174 69z" />
+    <glyph glyph-name="_561" unicode="&#xf256;" horiz-adv-x="1792" 
+d="M880 1408q-46 0 -79 -33t-33 -79v-656h-32v528q0 46 -33 79t-79 33t-79 -33t-33 -79v-528v-256l-154 205q-38 51 -102 51q-53 0 -90.5 -37.5t-37.5 -90.5q0 -43 26 -77l384 -512q38 -51 102 -51h688q34 0 61 22t34 56l76 405q5 32 5 59v498q0 46 -33 79t-79 33t-79 -33
+t-33 -79v-272h-32v528q0 46 -33 79t-79 33t-79 -33t-33 -79v-528h-32v656q0 46 -33 79t-79 33zM880 1536q68 0 125.5 -35.5t88.5 -96.5q19 4 42 4q99 0 169.5 -70.5t70.5 -169.5v-17q105 6 180.5 -64t75.5 -175v-498q0 -40 -8 -83l-76 -404q-14 -79 -76.5 -131t-143.5 -52
+h-688q-60 0 -114.5 27.5t-90.5 74.5l-384 512q-51 68 -51 154q0 106 75 181t181 75q78 0 128 -34v434q0 99 70.5 169.5t169.5 70.5q23 0 42 -4q31 61 88.5 96.5t125.5 35.5z" />
+    <glyph glyph-name="_562" unicode="&#xf257;" horiz-adv-x="1792" 
+d="M1073 -128h-177q-163 0 -226 141q-23 49 -23 102v5q-62 30 -98.5 88.5t-36.5 127.5q0 38 5 48h-261q-106 0 -181 75t-75 181t75 181t181 75h113l-44 17q-74 28 -119.5 93.5t-45.5 145.5q0 106 75 181t181 75q46 0 91 -17l628 -239h401q106 0 181 -75t75 -181v-668
+q0 -88 -54 -157.5t-140 -90.5l-339 -85q-92 -23 -186 -23zM1024 583l-155 -71l-163 -74q-30 -14 -48 -41.5t-18 -60.5q0 -46 33 -79t79 -33q26 0 46 10l338 154q-49 10 -80.5 50t-31.5 90v55zM1344 272q0 46 -33 79t-79 33q-26 0 -46 -10l-290 -132q-28 -13 -37 -17
+t-30.5 -17t-29.5 -23.5t-16 -29t-8 -40.5q0 -50 31.5 -82t81.5 -32q20 0 38 9l352 160q30 14 48 41.5t18 60.5zM1112 1024l-650 248q-24 8 -46 8q-53 0 -90.5 -37.5t-37.5 -90.5q0 -40 22.5 -73t59.5 -47l526 -200v-64h-640q-53 0 -90.5 -37.5t-37.5 -90.5t37.5 -90.5
+t90.5 -37.5h535l233 106v198q0 63 46 106l111 102h-69zM1073 0q82 0 155 19l339 85q43 11 70 45.5t27 78.5v668q0 53 -37.5 90.5t-90.5 37.5h-308l-136 -126q-36 -33 -36 -82v-296q0 -46 33 -77t79 -31t79 35t33 81v208h32v-208q0 -70 -57 -114q52 -8 86.5 -48.5t34.5 -93.5
+q0 -42 -23 -78t-61 -53l-310 -141h91z" />
+    <glyph glyph-name="_563" unicode="&#xf258;" horiz-adv-x="2048" 
+d="M1151 1536q61 0 116 -28t91 -77l572 -781q118 -159 118 -359v-355q0 -80 -56 -136t-136 -56h-384q-80 0 -136 56t-56 136v177l-286 143h-546q-80 0 -136 56t-56 136v32q0 119 84.5 203.5t203.5 84.5h420l42 128h-686q-100 0 -173.5 67.5t-81.5 166.5q-65 79 -65 182v32
+q0 80 56 136t136 56h959zM1920 -64v355q0 157 -93 284l-573 781q-39 52 -103 52h-959q-26 0 -45 -19t-19 -45q0 -32 1.5 -49.5t9.5 -40.5t25 -43q10 31 35.5 50t56.5 19h832v-32h-832q-26 0 -45 -19t-19 -45q0 -44 3 -58q8 -44 44 -73t81 -29h640h91q40 0 68 -28t28 -68
+q0 -15 -5 -30l-64 -192q-10 -29 -35 -47.5t-56 -18.5h-443q-66 0 -113 -47t-47 -113v-32q0 -26 19 -45t45 -19h561q16 0 29 -7l317 -158q24 -13 38.5 -36t14.5 -50v-197q0 -26 19 -45t45 -19h384q26 0 45 19t19 45z" />
+    <glyph glyph-name="_564" unicode="&#xf259;" horiz-adv-x="2048" 
+d="M459 -256q-77 0 -137.5 47.5t-79.5 122.5l-101 401q-13 57 -13 108q0 45 -5 67l-116 477q-7 27 -7 57q0 93 62 161t155 78q17 85 82.5 139t152.5 54q83 0 148 -51.5t85 -132.5l83 -348l103 428q20 81 85 132.5t148 51.5q89 0 155.5 -57.5t80.5 -144.5q92 -10 152 -79
+t60 -162q0 -24 -7 -59l-123 -512q10 7 37.5 28.5t38.5 29.5t35 23t41 20.5t41.5 11t49.5 5.5q105 0 180 -74t75 -179q0 -62 -28.5 -118t-78.5 -94l-507 -380q-68 -51 -153 -51h-694zM1104 1408q-38 0 -68.5 -24t-39.5 -62l-164 -682h-127l-145 602q-9 38 -39.5 62t-68.5 24
+q-48 0 -80 -33t-32 -80q0 -15 3 -28l132 -547h-26l-99 408q-9 37 -40 62.5t-69 25.5q-47 0 -80 -33t-33 -79q0 -14 3 -26l116 -478q7 -28 9 -86t10 -88l100 -401q8 -32 34 -52.5t59 -20.5h694q42 0 76 26l507 379q56 43 56 110q0 52 -37.5 88.5t-89.5 36.5q-43 0 -77 -26
+l-307 -230v227q0 4 32 138t68 282t39 161q4 18 4 29q0 47 -32 81t-79 34q-39 0 -69.5 -24t-39.5 -62l-116 -482h-26l150 624q3 14 3 28q0 48 -31.5 82t-79.5 34z" />
+    <glyph glyph-name="_565" unicode="&#xf25a;" horiz-adv-x="1792" 
+d="M640 1408q-53 0 -90.5 -37.5t-37.5 -90.5v-512v-384l-151 202q-41 54 -107 54q-52 0 -89 -38t-37 -90q0 -43 26 -77l384 -512q38 -51 102 -51h718q22 0 39.5 13.5t22.5 34.5l92 368q24 96 24 194v217q0 41 -28 71t-68 30t-68 -28t-28 -68h-32v61q0 48 -32 81.5t-80 33.5
+q-46 0 -79 -33t-33 -79v-64h-32v90q0 55 -37 94.5t-91 39.5q-53 0 -90.5 -37.5t-37.5 -90.5v-96h-32v570q0 55 -37 94.5t-91 39.5zM640 1536q107 0 181.5 -77.5t74.5 -184.5v-220q22 2 32 2q99 0 173 -69q47 21 99 21q113 0 184 -87q27 7 56 7q94 0 159 -67.5t65 -161.5
+v-217q0 -116 -28 -225l-92 -368q-16 -64 -68 -104.5t-118 -40.5h-718q-60 0 -114.5 27.5t-90.5 74.5l-384 512q-51 68 -51 154q0 105 74.5 180.5t179.5 75.5q71 0 130 -35v547q0 106 75 181t181 75zM768 128v384h-32v-384h32zM1024 128v384h-32v-384h32zM1280 128v384h-32
+v-384h32z" />
+    <glyph glyph-name="_566" unicode="&#xf25b;" 
+d="M1288 889q60 0 107 -23q141 -63 141 -226v-177q0 -94 -23 -186l-85 -339q-21 -86 -90.5 -140t-157.5 -54h-668q-106 0 -181 75t-75 181v401l-239 628q-17 45 -17 91q0 106 75 181t181 75q80 0 145.5 -45.5t93.5 -119.5l17 -44v113q0 106 75 181t181 75t181 -75t75 -181
+v-261q27 5 48 5q69 0 127.5 -36.5t88.5 -98.5zM1072 896q-33 0 -60.5 -18t-41.5 -48l-74 -163l-71 -155h55q50 0 90 -31.5t50 -80.5l154 338q10 20 10 46q0 46 -33 79t-79 33zM1293 761q-22 0 -40.5 -8t-29 -16t-23.5 -29.5t-17 -30.5t-17 -37l-132 -290q-10 -20 -10 -46
+q0 -46 33 -79t79 -33q33 0 60.5 18t41.5 48l160 352q9 18 9 38q0 50 -32 81.5t-82 31.5zM128 1120q0 -22 8 -46l248 -650v-69l102 111q43 46 106 46h198l106 233v535q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5v-640h-64l-200 526q-14 37 -47 59.5t-73 22.5
+q-53 0 -90.5 -37.5t-37.5 -90.5zM1180 -128q44 0 78.5 27t45.5 70l85 339q19 73 19 155v91l-141 -310q-17 -38 -53 -61t-78 -23q-53 0 -93.5 34.5t-48.5 86.5q-44 -57 -114 -57h-208v32h208q46 0 81 33t35 79t-31 79t-77 33h-296q-49 0 -82 -36l-126 -136v-308
+q0 -53 37.5 -90.5t90.5 -37.5h668z" />
+    <glyph glyph-name="_567" unicode="&#xf25c;" horiz-adv-x="1973" 
+d="M857 992v-117q0 -13 -9.5 -22t-22.5 -9h-298v-812q0 -13 -9 -22.5t-22 -9.5h-135q-13 0 -22.5 9t-9.5 23v812h-297q-13 0 -22.5 9t-9.5 22v117q0 14 9 23t23 9h793q13 0 22.5 -9.5t9.5 -22.5zM1895 995l77 -961q1 -13 -8 -24q-10 -10 -23 -10h-134q-12 0 -21 8.5
+t-10 20.5l-46 588l-189 -425q-8 -19 -29 -19h-120q-20 0 -29 19l-188 427l-45 -590q-1 -12 -10 -20.5t-21 -8.5h-135q-13 0 -23 10q-9 10 -9 24l78 961q1 12 10 20.5t21 8.5h142q20 0 29 -19l220 -520q10 -24 20 -51q3 7 9.5 24.5t10.5 26.5l221 520q9 19 29 19h141
+q13 0 22 -8.5t10 -20.5z" />
+    <glyph glyph-name="_568" unicode="&#xf25d;" horiz-adv-x="1792" 
+d="M1042 833q0 88 -60 121q-33 18 -117 18h-123v-281h162q66 0 102 37t36 105zM1094 548l205 -373q8 -17 -1 -31q-8 -16 -27 -16h-152q-20 0 -28 17l-194 365h-155v-350q0 -14 -9 -23t-23 -9h-134q-14 0 -23 9t-9 23v960q0 14 9 23t23 9h294q128 0 190 -24q85 -31 134 -109
+t49 -180q0 -92 -42.5 -165.5t-115.5 -109.5q6 -10 9 -16zM896 1376q-150 0 -286 -58.5t-234.5 -157t-157 -234.5t-58.5 -286t58.5 -286t157 -234.5t234.5 -157t286 -58.5t286 58.5t234.5 157t157 234.5t58.5 286t-58.5 286t-157 234.5t-234.5 157t-286 58.5zM1792 640
+q0 -182 -71 -348t-191 -286t-286 -191t-348 -71t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71t348 -71t286 -191t191 -286t71 -348z" />
+    <glyph glyph-name="_569" unicode="&#xf25e;" horiz-adv-x="1792" 
+d="M605 303q153 0 257 104q14 18 3 36l-45 82q-6 13 -24 17q-16 2 -27 -11l-4 -3q-4 -4 -11.5 -10t-17.5 -13.5t-23.5 -14.5t-28.5 -13t-33.5 -9.5t-37.5 -3.5q-76 0 -125 50t-49 127q0 76 48 125.5t122 49.5q37 0 71.5 -14t50.5 -28l16 -14q11 -11 26 -10q16 2 24 14l53 78
+q13 20 -2 39q-3 4 -11 12t-30 23.5t-48.5 28t-67.5 22.5t-86 10q-148 0 -246 -96.5t-98 -240.5q0 -146 97 -241.5t247 -95.5zM1235 303q153 0 257 104q14 18 4 36l-45 82q-8 14 -25 17q-16 2 -27 -11l-4 -3q-4 -4 -11.5 -10t-17.5 -13.5t-23.5 -14.5t-28.5 -13t-33.5 -9.5
+t-37.5 -3.5q-76 0 -125 50t-49 127q0 76 48 125.5t122 49.5q37 0 71.5 -14t50.5 -28l16 -14q11 -11 26 -10q16 2 24 14l53 78q13 20 -2 39q-3 4 -11 12t-30 23.5t-48.5 28t-67.5 22.5t-86 10q-147 0 -245.5 -96.5t-98.5 -240.5q0 -146 97 -241.5t247 -95.5zM896 1376
+q-150 0 -286 -58.5t-234.5 -157t-157 -234.5t-58.5 -286t58.5 -286t157 -234.5t234.5 -157t286 -58.5t286 58.5t234.5 157t157 234.5t58.5 286t-58.5 286t-157 234.5t-234.5 157t-286 58.5zM896 1536q182 0 348 -71t286 -191t191 -286t71 -348t-71 -348t-191 -286t-286 -191
+t-348 -71t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71z" />
+    <glyph glyph-name="f260" unicode="&#xf260;" horiz-adv-x="2048" 
+d="M736 736l384 -384l-384 -384l-672 672l672 672l168 -168l-96 -96l-72 72l-480 -480l480 -480l193 193l-289 287zM1312 1312l672 -672l-672 -672l-168 168l96 96l72 -72l480 480l-480 480l-193 -193l289 -287l-96 -96l-384 384z" />
+    <glyph glyph-name="f261" unicode="&#xf261;" horiz-adv-x="1792" 
+d="M717 182l271 271l-279 279l-88 -88l192 -191l-96 -96l-279 279l279 279l40 -40l87 87l-127 128l-454 -454zM1075 190l454 454l-454 454l-271 -271l279 -279l88 88l-192 191l96 96l279 -279l-279 -279l-40 40l-87 -88zM1792 640q0 -182 -71 -348t-191 -286t-286 -191
+t-348 -71t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71t348 -71t286 -191t191 -286t71 -348z" />
+    <glyph glyph-name="_572" unicode="&#xf262;" horiz-adv-x="2304" 
+d="M651 539q0 -39 -27.5 -66.5t-65.5 -27.5q-39 0 -66.5 27.5t-27.5 66.5q0 38 27.5 65.5t66.5 27.5q38 0 65.5 -27.5t27.5 -65.5zM1805 540q0 -39 -27.5 -66.5t-66.5 -27.5t-66.5 27.5t-27.5 66.5t27.5 66t66.5 27t66.5 -27t27.5 -66zM765 539q0 79 -56.5 136t-136.5 57
+t-136.5 -56.5t-56.5 -136.5t56.5 -136.5t136.5 -56.5t136.5 56.5t56.5 136.5zM1918 540q0 80 -56.5 136.5t-136.5 56.5q-79 0 -136 -56.5t-57 -136.5t56.5 -136.5t136.5 -56.5t136.5 56.5t56.5 136.5zM850 539q0 -116 -81.5 -197.5t-196.5 -81.5q-116 0 -197.5 82t-81.5 197
+t82 196.5t197 81.5t196.5 -81.5t81.5 -196.5zM2004 540q0 -115 -81.5 -196.5t-197.5 -81.5q-115 0 -196.5 81.5t-81.5 196.5t81.5 196.5t196.5 81.5q116 0 197.5 -81.5t81.5 -196.5zM1040 537q0 191 -135.5 326.5t-326.5 135.5q-125 0 -231 -62t-168 -168.5t-62 -231.5
+t62 -231.5t168 -168.5t231 -62q191 0 326.5 135.5t135.5 326.5zM1708 1110q-254 111 -556 111q-319 0 -573 -110q117 0 223 -45.5t182.5 -122.5t122 -183t45.5 -223q0 115 43.5 219.5t118 180.5t177.5 123t217 50zM2187 537q0 191 -135 326.5t-326 135.5t-326.5 -135.5
+t-135.5 -326.5t135.5 -326.5t326.5 -135.5t326 135.5t135 326.5zM1921 1103h383q-44 -51 -75 -114.5t-40 -114.5q110 -151 110 -337q0 -156 -77 -288t-209 -208.5t-287 -76.5q-133 0 -249 56t-196 155q-47 -56 -129 -179q-11 22 -53.5 82.5t-74.5 97.5
+q-80 -99 -196.5 -155.5t-249.5 -56.5q-155 0 -287 76.5t-209 208.5t-77 288q0 186 110 337q-9 51 -40 114.5t-75 114.5h365q149 100 355 156.5t432 56.5q224 0 421 -56t348 -157z" />
+    <glyph glyph-name="f263" unicode="&#xf263;" horiz-adv-x="1280" 
+d="M640 629q-188 0 -321 133t-133 320q0 188 133 321t321 133t321 -133t133 -321q0 -187 -133 -320t-321 -133zM640 1306q-92 0 -157.5 -65.5t-65.5 -158.5q0 -92 65.5 -157.5t157.5 -65.5t157.5 65.5t65.5 157.5q0 93 -65.5 158.5t-157.5 65.5zM1163 574q13 -27 15 -49.5
+t-4.5 -40.5t-26.5 -38.5t-42.5 -37t-61.5 -41.5q-115 -73 -315 -94l73 -72l267 -267q30 -31 30 -74t-30 -73l-12 -13q-31 -30 -74 -30t-74 30q-67 68 -267 268l-267 -268q-31 -30 -74 -30t-73 30l-12 13q-31 30 -31 73t31 74l267 267l72 72q-203 21 -317 94
+q-39 25 -61.5 41.5t-42.5 37t-26.5 38.5t-4.5 40.5t15 49.5q10 20 28 35t42 22t56 -2t65 -35q5 -4 15 -11t43 -24.5t69 -30.5t92 -24t113 -11q91 0 174 25.5t120 50.5l38 25q33 26 65 35t56 2t42 -22t28 -35z" />
+    <glyph glyph-name="_574" unicode="&#xf264;" 
+d="M927 956q0 -66 -46.5 -112.5t-112.5 -46.5t-112.5 46.5t-46.5 112.5t46.5 112.5t112.5 46.5t112.5 -46.5t46.5 -112.5zM1141 593q-10 20 -28 32t-47.5 9.5t-60.5 -27.5q-10 -8 -29 -20t-81 -32t-127 -20t-124 18t-86 36l-27 18q-31 25 -60.5 27.5t-47.5 -9.5t-28 -32
+q-22 -45 -2 -74.5t87 -73.5q83 -53 226 -67l-51 -52q-142 -142 -191 -190q-22 -22 -22 -52.5t22 -52.5l9 -9q22 -22 52.5 -22t52.5 22l191 191q114 -115 191 -191q22 -22 52.5 -22t52.5 22l9 9q22 22 22 52.5t-22 52.5l-191 190l-52 52q141 14 225 67q67 44 87 73.5t-2 74.5
+zM1092 956q0 134 -95 229t-229 95t-229 -95t-95 -229t95 -229t229 -95t229 95t95 229zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="_575" unicode="&#xf265;" horiz-adv-x="1720" 
+d="M1565 1408q65 0 110 -45.5t45 -110.5v-519q0 -176 -68 -336t-182.5 -275t-274 -182.5t-334.5 -67.5q-176 0 -335.5 67.5t-274.5 182.5t-183 275t-68 336v519q0 64 46 110t110 46h1409zM861 344q47 0 82 33l404 388q37 35 37 85q0 49 -34.5 83.5t-83.5 34.5q-47 0 -82 -33
+l-323 -310l-323 310q-35 33 -81 33q-49 0 -83.5 -34.5t-34.5 -83.5q0 -51 36 -85l405 -388q33 -33 81 -33z" />
+    <glyph glyph-name="_576" unicode="&#xf266;" horiz-adv-x="2304" 
+d="M1494 -103l-295 695q-25 -49 -158.5 -305.5t-198.5 -389.5q-1 -1 -27.5 -0.5t-26.5 1.5q-82 193 -255.5 587t-259.5 596q-21 50 -66.5 107.5t-103.5 100.5t-102 43q0 5 -0.5 24t-0.5 27h583v-50q-39 -2 -79.5 -16t-66.5 -43t-10 -64q26 -59 216.5 -499t235.5 -540
+q31 61 140 266.5t131 247.5q-19 39 -126 281t-136 295q-38 69 -201 71v50l513 -1v-47q-60 -2 -93.5 -25t-12.5 -69q33 -70 87 -189.5t86 -187.5q110 214 173 363q24 55 -10 79.5t-129 26.5q1 7 1 25v24q64 0 170.5 0.5t180 1t92.5 0.5v-49q-62 -2 -119 -33t-90 -81
+l-213 -442q13 -33 127.5 -290t121.5 -274l441 1017q-14 38 -49.5 62.5t-65 31.5t-55.5 8v50l460 -4l1 -2l-1 -44q-139 -4 -201 -145q-526 -1216 -559 -1291h-49z" />
+    <glyph glyph-name="_577" unicode="&#xf267;" horiz-adv-x="1792" 
+d="M949 643q0 -26 -16.5 -45t-41.5 -19q-26 0 -45 16.5t-19 41.5q0 26 17 45t42 19t44 -16.5t19 -41.5zM964 585l350 581q-9 -8 -67.5 -62.5t-125.5 -116.5t-136.5 -127t-117 -110.5t-50.5 -51.5l-349 -580q7 7 67 62t126 116.5t136 127t117 111t50 50.5zM1611 640
+q0 -201 -104 -371q-3 2 -17 11t-26.5 16.5t-16.5 7.5q-13 0 -13 -13q0 -10 59 -44q-74 -112 -184.5 -190.5t-241.5 -110.5l-16 67q-1 10 -15 10q-5 0 -8 -5.5t-2 -9.5l16 -68q-72 -15 -146 -15q-199 0 -372 105q1 2 13 20.5t21.5 33.5t9.5 19q0 13 -13 13q-6 0 -17 -14.5
+t-22.5 -34.5t-13.5 -23q-113 75 -192 187.5t-110 244.5l69 15q10 3 10 15q0 5 -5.5 8t-10.5 2l-68 -15q-14 72 -14 139q0 206 109 379q2 -1 18.5 -12t30 -19t17.5 -8q13 0 13 12q0 6 -12.5 15.5t-32.5 21.5l-20 12q77 112 189 189t244 107l15 -67q2 -10 15 -10q5 0 8 5.5
+t2 10.5l-15 66q71 13 134 13q204 0 379 -109q-39 -56 -39 -65q0 -13 12 -13q11 0 48 64q111 -75 187.5 -186t107.5 -241l-56 -12q-10 -2 -10 -16q0 -5 5.5 -8t9.5 -2l57 13q14 -72 14 -140zM1696 640q0 163 -63.5 311t-170.5 255t-255 170.5t-311 63.5t-311 -63.5
+t-255 -170.5t-170.5 -255t-63.5 -311t63.5 -311t170.5 -255t255 -170.5t311 -63.5t311 63.5t255 170.5t170.5 255t63.5 311zM1792 640q0 -182 -71 -348t-191 -286t-286 -191t-348 -71t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71t348 -71t286 -191
+t191 -286t71 -348z" />
+    <glyph glyph-name="_578" unicode="&#xf268;" horiz-adv-x="1792" 
+d="M893 1536q240 2 451 -120q232 -134 352 -372l-742 39q-160 9 -294 -74.5t-185 -229.5l-276 424q128 159 311 245.5t383 87.5zM146 1131l337 -663q72 -143 211 -217t293 -45l-230 -451q-212 33 -385 157.5t-272.5 316t-99.5 411.5q0 267 146 491zM1732 962
+q58 -150 59.5 -310.5t-48.5 -306t-153 -272t-246 -209.5q-230 -133 -498 -119l405 623q88 131 82.5 290.5t-106.5 277.5zM896 942q125 0 213.5 -88.5t88.5 -213.5t-88.5 -213.5t-213.5 -88.5t-213.5 88.5t-88.5 213.5t88.5 213.5t213.5 88.5z" />
+    <glyph glyph-name="_579" unicode="&#xf269;" horiz-adv-x="1792" 
+d="M903 -256q-283 0 -504.5 150.5t-329.5 398.5q-58 131 -67 301t26 332.5t111 312t179 242.5l-11 -281q11 14 68 15.5t70 -15.5q42 81 160.5 138t234.5 59q-54 -45 -119.5 -148.5t-58.5 -163.5q25 -8 62.5 -13.5t63 -7.5t68 -4t50.5 -3q15 -5 9.5 -45.5t-30.5 -75.5
+q-5 -7 -16.5 -18.5t-56.5 -35.5t-101 -34l15 -189l-139 67q-18 -43 -7.5 -81.5t36 -66.5t65.5 -41.5t81 -6.5q51 9 98 34.5t83.5 45t73.5 17.5q61 -4 89.5 -33t19.5 -65q-1 -2 -2.5 -5.5t-8.5 -12.5t-18 -15.5t-31.5 -10.5t-46.5 -1q-60 -95 -144.5 -135.5t-209.5 -29.5
+q74 -61 162.5 -82.5t168.5 -6t154.5 52t128 87.5t80.5 104q43 91 39 192.5t-37.5 188.5t-78.5 125q87 -38 137 -79.5t77 -112.5q15 170 -57.5 343t-209.5 284q265 -77 412 -279.5t151 -517.5q2 -127 -40.5 -255t-123.5 -238t-189 -196t-247.5 -135.5t-288.5 -49.5z" />
+    <glyph glyph-name="_580" unicode="&#xf26a;" horiz-adv-x="1792" 
+d="M1493 1308q-165 110 -359 110q-155 0 -293 -73t-240 -200q-75 -93 -119.5 -218t-48.5 -266v-42q4 -141 48.5 -266t119.5 -218q102 -127 240 -200t293 -73q194 0 359 110q-121 -108 -274.5 -168t-322.5 -60q-29 0 -43 1q-175 8 -333 82t-272 193t-181 281t-67 339
+q0 182 71 348t191 286t286 191t348 71h3q168 -1 320.5 -60.5t273.5 -167.5zM1792 640q0 -192 -77 -362.5t-213 -296.5q-104 -63 -222 -63q-137 0 -255 84q154 56 253.5 233t99.5 405q0 227 -99 404t-253 234q119 83 254 83q119 0 226 -65q135 -125 210.5 -295t75.5 -361z
+" />
+    <glyph glyph-name="_581" unicode="&#xf26b;" horiz-adv-x="1792" 
+d="M1792 599q0 -56 -7 -104h-1151q0 -146 109.5 -244.5t257.5 -98.5q99 0 185.5 46.5t136.5 130.5h423q-56 -159 -170.5 -281t-267.5 -188.5t-321 -66.5q-187 0 -356 83q-228 -116 -394 -116q-237 0 -237 263q0 115 45 275q17 60 109 229q199 360 475 606
+q-184 -79 -427 -354q63 274 283.5 449.5t501.5 175.5q30 0 45 -1q255 117 433 117q64 0 116 -13t94.5 -40.5t66.5 -76.5t24 -115q0 -116 -75 -286q101 -182 101 -390zM1722 1239q0 83 -53 132t-137 49q-108 0 -254 -70q121 -47 222.5 -131.5t170.5 -195.5q51 135 51 216z
+M128 2q0 -86 48.5 -132.5t134.5 -46.5q115 0 266 83q-122 72 -213.5 183t-137.5 245q-98 -205 -98 -332zM632 715h728q-5 142 -113 237t-251 95q-144 0 -251.5 -95t-112.5 -237z" />
+    <glyph glyph-name="_582" unicode="&#xf26c;" horiz-adv-x="2048" 
+d="M1792 288v960q0 13 -9.5 22.5t-22.5 9.5h-1600q-13 0 -22.5 -9.5t-9.5 -22.5v-960q0 -13 9.5 -22.5t22.5 -9.5h1600q13 0 22.5 9.5t9.5 22.5zM1920 1248v-960q0 -66 -47 -113t-113 -47h-736v-128h352q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-832q-14 0 -23 9t-9 23
+v64q0 14 9 23t23 9h352v128h-736q-66 0 -113 47t-47 113v960q0 66 47 113t113 47h1600q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="_583" unicode="&#xf26d;" horiz-adv-x="1792" 
+d="M138 1408h197q-70 -64 -126 -149q-36 -56 -59 -115t-30 -125.5t-8.5 -120t10.5 -132t21 -126t28 -136.5q4 -19 6 -28q51 -238 81 -329q57 -171 152 -275h-272q-48 0 -82 34t-34 82v1304q0 48 34 82t82 34zM1346 1408h308q48 0 82 -34t34 -82v-1304q0 -48 -34 -82t-82 -34
+h-178q212 210 196 565l-469 -101q-2 -45 -12 -82t-31 -72t-59.5 -59.5t-93.5 -36.5q-123 -26 -199 40q-32 27 -53 61t-51.5 129t-64.5 258q-35 163 -45.5 263t-5.5 139t23 77q20 41 62.5 73t102.5 45q45 12 83.5 6.5t67 -17t54 -35t43 -48t34.5 -56.5l468 100
+q-68 175 -180 287z" />
+    <glyph glyph-name="_584" unicode="&#xf26e;" 
+d="M1401 -11l-6 -6q-113 -113 -259 -175q-154 -64 -317 -64q-165 0 -317 64q-148 63 -259 175q-113 112 -175 258q-42 103 -54 189q-4 28 48 36q51 8 56 -20q1 -1 1 -4q18 -90 46 -159q50 -124 152 -226q98 -98 226 -152q132 -56 276 -56q143 0 276 56q128 55 225 152l6 6
+q10 10 25 6q12 -3 33 -22q36 -37 17 -58zM929 604l-66 -66l63 -63q21 -21 -7 -49q-17 -17 -32 -17q-10 0 -19 10l-62 61l-66 -66q-5 -5 -15 -5q-15 0 -31 16l-2 2q-18 15 -18 29q0 7 8 17l66 65l-66 66q-16 16 14 45q18 18 31 18q6 0 13 -5l65 -66l65 65q18 17 48 -13
+q27 -27 11 -44zM1400 547q0 -118 -46 -228q-45 -105 -126 -186q-80 -80 -187 -126t-228 -46t-228 46t-187 126q-82 82 -125 186q-15 33 -15 40h-1q-9 27 43 44q50 16 60 -12q37 -99 97 -167h1v339v2q3 136 102 232q105 103 253 103q147 0 251 -103t104 -249
+q0 -147 -104.5 -251t-250.5 -104q-58 0 -112 16q-28 11 -13 61q16 51 44 43l14 -3q14 -3 33 -6t30 -3q104 0 176 71.5t72 174.5q0 101 -72 171q-71 71 -175 71q-107 0 -178 -80q-64 -72 -64 -160v-413q110 -67 242 -67q96 0 185 36.5t156 103.5t103.5 155t36.5 183
+q0 198 -141 339q-140 140 -339 140q-200 0 -340 -140q-53 -53 -77 -87l-2 -2q-8 -11 -13 -15.5t-21.5 -9.5t-38.5 3q-21 5 -36.5 16.5t-15.5 26.5v680q0 15 10.5 26.5t27.5 11.5h877q30 0 30 -55t-30 -55h-811v-483h1q40 42 102 84t108 61q109 46 231 46q121 0 228 -46
+t187 -126q81 -81 126 -186q46 -112 46 -229zM1369 1128q9 -8 9 -18t-5.5 -18t-16.5 -21q-26 -26 -39 -26q-9 0 -16 7q-106 91 -207 133q-128 56 -276 56q-133 0 -262 -49q-27 -10 -45 37q-9 25 -8 38q3 16 16 20q130 57 299 57q164 0 316 -64q137 -58 235 -152z" />
+    <glyph glyph-name="_585" unicode="&#xf270;" horiz-adv-x="1792" 
+d="M1551 60q15 6 26 3t11 -17.5t-15 -33.5q-13 -16 -44 -43.5t-95.5 -68t-141 -74t-188 -58t-229.5 -24.5q-119 0 -238 31t-209 76.5t-172.5 104t-132.5 105t-84 87.5q-8 9 -10 16.5t1 12t8 7t11.5 2t11.5 -4.5q192 -117 300 -166q389 -176 799 -90q190 40 391 135z
+M1758 175q11 -16 2.5 -69.5t-28.5 -102.5q-34 -83 -85 -124q-17 -14 -26 -9t0 24q21 45 44.5 121.5t6.5 98.5q-5 7 -15.5 11.5t-27 6t-29.5 2.5t-35 0t-31.5 -2t-31 -3t-22.5 -2q-6 -1 -13 -1.5t-11 -1t-8.5 -1t-7 -0.5h-5.5h-4.5t-3 0.5t-2 1.5l-1.5 3q-6 16 47 40t103 30
+q46 7 108 1t76 -24zM1364 618q0 -31 13.5 -64t32 -58t37.5 -46t33 -32l13 -11l-227 -224q-40 37 -79 75.5t-58 58.5l-19 20q-11 11 -25 33q-38 -59 -97.5 -102.5t-127.5 -63.5t-140 -23t-137.5 21t-117.5 65.5t-83 113t-31 162.5q0 84 28 154t72 116.5t106.5 83t122.5 57
+t130 34.5t119.5 18.5t99.5 6.5v127q0 65 -21 97q-34 53 -121 53q-6 0 -16.5 -1t-40.5 -12t-56 -29.5t-56 -59.5t-48 -96l-294 27q0 60 22 119t67 113t108 95t151.5 65.5t190.5 24.5q100 0 181 -25t129.5 -61.5t81 -83t45 -86t12.5 -73.5v-589zM692 597q0 -86 70 -133
+q66 -44 139 -22q84 25 114 123q14 45 14 101v162q-59 -2 -111 -12t-106.5 -33.5t-87 -71t-32.5 -114.5z" />
+    <glyph glyph-name="_586" unicode="&#xf271;" horiz-adv-x="1792" 
+d="M1536 1280q52 0 90 -38t38 -90v-1280q0 -52 -38 -90t-90 -38h-1408q-52 0 -90 38t-38 90v1280q0 52 38 90t90 38h128v96q0 66 47 113t113 47h64q66 0 113 -47t47 -113v-96h384v96q0 66 47 113t113 47h64q66 0 113 -47t47 -113v-96h128zM1152 1376v-288q0 -14 9 -23t23 -9
+h64q14 0 23 9t9 23v288q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23zM384 1376v-288q0 -14 9 -23t23 -9h64q14 0 23 9t9 23v288q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23zM1536 -128v1024h-1408v-1024h1408zM896 448h224q14 0 23 -9t9 -23v-64q0 -14 -9 -23t-23 -9h-224
+v-224q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v224h-224q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h224v224q0 14 9 23t23 9h64q14 0 23 -9t9 -23v-224z" />
+    <glyph glyph-name="_587" unicode="&#xf272;" horiz-adv-x="1792" 
+d="M1152 416v-64q0 -14 -9 -23t-23 -9h-576q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h576q14 0 23 -9t9 -23zM128 -128h1408v1024h-1408v-1024zM512 1088v288q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-288q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM1280 1088v288q0 14 -9 23
+t-23 9h-64q-14 0 -23 -9t-9 -23v-288q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM1664 1152v-1280q0 -52 -38 -90t-90 -38h-1408q-52 0 -90 38t-38 90v1280q0 52 38 90t90 38h128v96q0 66 47 113t113 47h64q66 0 113 -47t47 -113v-96h384v96q0 66 47 113t113 47h64q66 0 113 -47
+t47 -113v-96h128q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="_588" unicode="&#xf273;" horiz-adv-x="1792" 
+d="M1111 151l-46 -46q-9 -9 -22 -9t-23 9l-188 189l-188 -189q-10 -9 -23 -9t-22 9l-46 46q-9 9 -9 22t9 23l189 188l-189 188q-9 10 -9 23t9 22l46 46q9 9 22 9t23 -9l188 -188l188 188q10 9 23 9t22 -9l46 -46q9 -9 9 -22t-9 -23l-188 -188l188 -188q9 -10 9 -23t-9 -22z
+M128 -128h1408v1024h-1408v-1024zM512 1088v288q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-288q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM1280 1088v288q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-288q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM1664 1152v-1280
+q0 -52 -38 -90t-90 -38h-1408q-52 0 -90 38t-38 90v1280q0 52 38 90t90 38h128v96q0 66 47 113t113 47h64q66 0 113 -47t47 -113v-96h384v96q0 66 47 113t113 47h64q66 0 113 -47t47 -113v-96h128q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="_589" unicode="&#xf274;" horiz-adv-x="1792" 
+d="M1303 572l-512 -512q-10 -9 -23 -9t-23 9l-288 288q-9 10 -9 23t9 22l46 46q9 9 22 9t23 -9l220 -220l444 444q10 9 23 9t22 -9l46 -46q9 -9 9 -22t-9 -23zM128 -128h1408v1024h-1408v-1024zM512 1088v288q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-288q0 -14 9 -23
+t23 -9h64q14 0 23 9t9 23zM1280 1088v288q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-288q0 -14 9 -23t23 -9h64q14 0 23 9t9 23zM1664 1152v-1280q0 -52 -38 -90t-90 -38h-1408q-52 0 -90 38t-38 90v1280q0 52 38 90t90 38h128v96q0 66 47 113t113 47h64q66 0 113 -47
+t47 -113v-96h384v96q0 66 47 113t113 47h64q66 0 113 -47t47 -113v-96h128q52 0 90 -38t38 -90z" />
+    <glyph glyph-name="_590" unicode="&#xf275;" horiz-adv-x="1792" 
+d="M448 1536q26 0 45 -19t19 -45v-891l536 429q17 14 40 14q26 0 45 -19t19 -45v-379l536 429q17 14 40 14q26 0 45 -19t19 -45v-1152q0 -26 -19 -45t-45 -19h-1664q-26 0 -45 19t-19 45v1664q0 26 19 45t45 19h384z" />
+    <glyph glyph-name="_591" unicode="&#xf276;" horiz-adv-x="1024" 
+d="M512 448q66 0 128 15v-655q0 -26 -19 -45t-45 -19h-128q-26 0 -45 19t-19 45v655q62 -15 128 -15zM512 1536q212 0 362 -150t150 -362t-150 -362t-362 -150t-362 150t-150 362t150 362t362 150zM512 1312q14 0 23 9t9 23t-9 23t-23 9q-146 0 -249 -103t-103 -249
+q0 -14 9 -23t23 -9t23 9t9 23q0 119 84.5 203.5t203.5 84.5z" />
+    <glyph glyph-name="_592" unicode="&#xf277;" horiz-adv-x="1792" 
+d="M1745 1239q10 -10 10 -23t-10 -23l-141 -141q-28 -28 -68 -28h-1344q-26 0 -45 19t-19 45v256q0 26 19 45t45 19h576v64q0 26 19 45t45 19h128q26 0 45 -19t19 -45v-64h512q40 0 68 -28zM768 320h256v-512q0 -26 -19 -45t-45 -19h-128q-26 0 -45 19t-19 45v512zM1600 768
+q26 0 45 -19t19 -45v-256q0 -26 -19 -45t-45 -19h-1344q-40 0 -68 28l-141 141q-10 10 -10 23t10 23l141 141q28 28 68 28h512v192h256v-192h576z" />
+    <glyph glyph-name="_593" unicode="&#xf278;" horiz-adv-x="2048" 
+d="M2020 1525q28 -20 28 -53v-1408q0 -20 -11 -36t-29 -23l-640 -256q-24 -11 -48 0l-616 246l-616 -246q-10 -5 -24 -5q-19 0 -36 11q-28 20 -28 53v1408q0 20 11 36t29 23l640 256q24 11 48 0l616 -246l616 246q32 13 60 -6zM736 1390v-1270l576 -230v1270zM128 1173
+v-1270l544 217v1270zM1920 107v1270l-544 -217v-1270z" />
+    <glyph glyph-name="_594" unicode="&#xf279;" horiz-adv-x="1792" 
+d="M512 1536q13 0 22.5 -9.5t9.5 -22.5v-1472q0 -20 -17 -28l-480 -256q-7 -4 -15 -4q-13 0 -22.5 9.5t-9.5 22.5v1472q0 20 17 28l480 256q7 4 15 4zM1760 1536q13 0 22.5 -9.5t9.5 -22.5v-1472q0 -20 -17 -28l-480 -256q-7 -4 -15 -4q-13 0 -22.5 9.5t-9.5 22.5v1472
+q0 20 17 28l480 256q7 4 15 4zM640 1536q8 0 14 -3l512 -256q18 -10 18 -29v-1472q0 -13 -9.5 -22.5t-22.5 -9.5q-8 0 -14 3l-512 256q-18 10 -18 29v1472q0 13 9.5 22.5t22.5 9.5z" />
+    <glyph glyph-name="_595" unicode="&#xf27a;" horiz-adv-x="1792" 
+d="M640 640q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1024 640q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1408 640q0 53 -37.5 90.5t-90.5 37.5
+t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5zM1792 640q0 -174 -120 -321.5t-326 -233t-450 -85.5q-110 0 -211 18q-173 -173 -435 -229q-52 -10 -86 -13q-12 -1 -22 6t-13 18q-4 15 20 37q5 5 23.5 21.5t25.5 23.5t23.5 25.5t24 31.5t20.5 37
+t20 48t14.5 57.5t12.5 72.5q-146 90 -229.5 216.5t-83.5 269.5q0 174 120 321.5t326 233t450 85.5t450 -85.5t326 -233t120 -321.5z" />
+    <glyph glyph-name="_596" unicode="&#xf27b;" horiz-adv-x="1792" 
+d="M640 640q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1024 640q0 -53 -37.5 -90.5t-90.5 -37.5t-90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM1408 640q0 -53 -37.5 -90.5t-90.5 -37.5
+t-90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5t90.5 -37.5t37.5 -90.5zM896 1152q-204 0 -381.5 -69.5t-282 -187.5t-104.5 -255q0 -112 71.5 -213.5t201.5 -175.5l87 -50l-27 -96q-24 -91 -70 -172q152 63 275 171l43 38l57 -6q69 -8 130 -8q204 0 381.5 69.5t282 187.5
+t104.5 255t-104.5 255t-282 187.5t-381.5 69.5zM1792 640q0 -174 -120 -321.5t-326 -233t-450 -85.5q-70 0 -145 8q-198 -175 -460 -242q-49 -14 -114 -22h-5q-15 0 -27 10.5t-16 27.5v1q-3 4 -0.5 12t2 10t4.5 9.5l6 9t7 8.5t8 9q7 8 31 34.5t34.5 38t31 39.5t32.5 51
+t27 59t26 76q-157 89 -247.5 220t-90.5 281q0 130 71 248.5t191 204.5t286 136.5t348 50.5t348 -50.5t286 -136.5t191 -204.5t71 -248.5z" />
+    <glyph glyph-name="_597" unicode="&#xf27c;" horiz-adv-x="1024" 
+d="M512 345l512 295v-591l-512 -296v592zM0 640v-591l512 296zM512 1527v-591l-512 -296v591zM512 936l512 295v-591z" />
+    <glyph glyph-name="_598" unicode="&#xf27d;" horiz-adv-x="1792" 
+d="M1709 1018q-10 -236 -332 -651q-333 -431 -562 -431q-142 0 -240 263q-44 160 -132 482q-72 262 -157 262q-18 0 -127 -76l-77 98q24 21 108 96.5t130 115.5q156 138 241 146q95 9 153 -55.5t81 -203.5q44 -287 66 -373q55 -249 120 -249q51 0 154 161q101 161 109 246
+q13 139 -109 139q-57 0 -121 -26q120 393 459 382q251 -8 236 -326z" />
+    <glyph glyph-name="f27e" unicode="&#xf27e;" 
+d="M0 1408h1536v-1536h-1536v1536zM1085 293l-221 631l221 297h-634l221 -297l-221 -631l317 -304z" />
+    <glyph glyph-name="uniF280" unicode="&#xf280;" 
+d="M0 1408h1536v-1536h-1536v1536zM908 1088l-12 -33l75 -83l-31 -114l25 -25l107 57l107 -57l25 25l-31 114l75 83l-12 33h-95l-53 96h-32l-53 -96h-95zM641 925q32 0 44.5 -16t11.5 -63l174 21q0 55 -17.5 92.5t-50.5 56t-69 25.5t-85 7q-133 0 -199 -57.5t-66 -182.5v-72
+h-96v-128h76q20 0 20 -8v-382q0 -14 -5 -20t-18 -7l-73 -7v-88h448v86l-149 14q-6 1 -8.5 1.5t-3.5 2.5t-0.5 4t1 7t0.5 10v387h191l38 128h-231q-6 0 -2 6t4 9v80q0 27 1.5 40.5t7.5 28t19.5 20t36.5 5.5zM1248 96v86l-54 9q-7 1 -9.5 2.5t-2.5 3t1 7.5t1 12v520h-275
+l-23 -101l83 -22q23 -7 23 -27v-370q0 -14 -6 -18.5t-20 -6.5l-70 -9v-86h352z" />
+    <glyph glyph-name="uniF281" unicode="&#xf281;" horiz-adv-x="1792" 
+d="M1792 690q0 -58 -29.5 -105.5t-79.5 -72.5q12 -46 12 -96q0 -155 -106.5 -287t-290.5 -208.5t-400 -76.5t-399.5 76.5t-290 208.5t-106.5 287q0 47 11 94q-51 25 -82 73.5t-31 106.5q0 82 58 140.5t141 58.5q85 0 145 -63q218 152 515 162l116 521q3 13 15 21t26 5
+l369 -81q18 37 54 59.5t79 22.5q62 0 106 -43.5t44 -105.5t-44 -106t-106 -44t-105.5 43.5t-43.5 105.5l-334 74l-104 -472q300 -9 519 -160q58 61 143 61q83 0 141 -58.5t58 -140.5zM418 491q0 -62 43.5 -106t105.5 -44t106 44t44 106t-44 105.5t-106 43.5q-61 0 -105 -44
+t-44 -105zM1228 136q11 11 11 26t-11 26q-10 10 -25 10t-26 -10q-41 -42 -121 -62t-160 -20t-160 20t-121 62q-11 10 -26 10t-25 -10q-11 -10 -11 -25.5t11 -26.5q43 -43 118.5 -68t122.5 -29.5t91 -4.5t91 4.5t122.5 29.5t118.5 68zM1225 341q62 0 105.5 44t43.5 106
+q0 61 -44 105t-105 44q-62 0 -106 -43.5t-44 -105.5t44 -106t106 -44z" />
+    <glyph glyph-name="_602" unicode="&#xf282;" horiz-adv-x="1792" 
+d="M69 741h1q16 126 58.5 241.5t115 217t167.5 176t223.5 117.5t276.5 43q231 0 414 -105.5t294 -303.5q104 -187 104 -442v-188h-1125q1 -111 53.5 -192.5t136.5 -122.5t189.5 -57t213 -3t208 46.5t173.5 84.5v-377q-92 -55 -229.5 -92t-312.5 -38t-316 53
+q-189 73 -311.5 249t-124.5 372q-3 242 111 412t325 268q-48 -60 -78 -125.5t-46 -159.5h635q8 77 -8 140t-47 101.5t-70.5 66.5t-80.5 41t-75 20.5t-56 8.5l-22 1q-135 -5 -259.5 -44.5t-223.5 -104.5t-176 -140.5t-138 -163.5z" />
+    <glyph glyph-name="_603" unicode="&#xf283;" horiz-adv-x="2304" 
+d="M0 32v608h2304v-608q0 -66 -47 -113t-113 -47h-1984q-66 0 -113 47t-47 113zM640 256v-128h384v128h-384zM256 256v-128h256v128h-256zM2144 1408q66 0 113 -47t47 -113v-224h-2304v224q0 66 47 113t113 47h1984z" />
+    <glyph glyph-name="_604" unicode="&#xf284;" horiz-adv-x="1792" 
+d="M1584 246l-218 111q-74 -120 -196.5 -189t-263.5 -69q-147 0 -271 72t-196 196t-72 270q0 110 42.5 209.5t115 172t172 115t209.5 42.5q131 0 247.5 -60.5t192.5 -168.5l215 125q-110 169 -286.5 265t-378.5 96q-161 0 -308 -63t-253 -169t-169 -253t-63 -308t63 -308
+t169 -253t253 -169t308 -63q213 0 397.5 107t290.5 292zM1030 643l693 -352q-116 -253 -334.5 -400t-492.5 -147q-182 0 -348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71q260 0 470.5 -133.5t335.5 -366.5zM1543 640h-39v-160h-96v352h136q32 0 54.5 -20
+t28.5 -48t1 -56t-27.5 -48t-57.5 -20z" />
+    <glyph glyph-name="uniF285" unicode="&#xf285;" horiz-adv-x="1792" 
+d="M1427 827l-614 386l92 151h855zM405 562l-184 116v858l1183 -743zM1424 697l147 -95v-858l-532 335zM1387 718l-500 -802h-855l356 571z" />
+    <glyph glyph-name="uniF286" unicode="&#xf286;" horiz-adv-x="1792" 
+d="M640 528v224q0 16 -16 16h-96q-16 0 -16 -16v-224q0 -16 16 -16h96q16 0 16 16zM1152 528v224q0 16 -16 16h-96q-16 0 -16 -16v-224q0 -16 16 -16h96q16 0 16 16zM1664 496v-752h-640v320q0 80 -56 136t-136 56t-136 -56t-56 -136v-320h-640v752q0 16 16 16h96
+q16 0 16 -16v-112h128v624q0 16 16 16h96q16 0 16 -16v-112h128v112q0 16 16 16h96q16 0 16 -16v-112h128v112q0 6 2.5 9.5t8.5 5t9.5 2t11.5 0t9 -0.5v391q-32 15 -32 50q0 23 16.5 39t38.5 16t38.5 -16t16.5 -39q0 -35 -32 -50v-17q45 10 83 10q21 0 59.5 -7.5t54.5 -7.5
+q17 0 47 7.5t37 7.5q16 0 16 -16v-210q0 -15 -35 -21.5t-62 -6.5q-18 0 -54.5 7.5t-55.5 7.5q-40 0 -90 -12v-133q1 0 9 0.5t11.5 0t9.5 -2t8.5 -5t2.5 -9.5v-112h128v112q0 16 16 16h96q16 0 16 -16v-112h128v112q0 16 16 16h96q16 0 16 -16v-624h128v112q0 16 16 16h96
+q16 0 16 -16z" />
+    <glyph glyph-name="_607" unicode="&#xf287;" horiz-adv-x="2304" 
+d="M2288 731q16 -8 16 -27t-16 -27l-320 -192q-8 -5 -16 -5q-9 0 -16 4q-16 10 -16 28v128h-858q37 -58 83 -165q16 -37 24.5 -55t24 -49t27 -47t27 -34t31.5 -26t33 -8h96v96q0 14 9 23t23 9h320q14 0 23 -9t9 -23v-320q0 -14 -9 -23t-23 -9h-320q-14 0 -23 9t-9 23v96h-96
+q-32 0 -61 10t-51 23.5t-45 40.5t-37 46t-33.5 57t-28.5 57.5t-28 60.5q-23 53 -37 81.5t-36 65t-44.5 53.5t-46.5 17h-360q-22 -84 -91 -138t-157 -54q-106 0 -181 75t-75 181t75 181t181 75q88 0 157 -54t91 -138h104q24 0 46.5 17t44.5 53.5t36 65t37 81.5q19 41 28 60.5
+t28.5 57.5t33.5 57t37 46t45 40.5t51 23.5t61 10h107q21 57 70 92.5t111 35.5q80 0 136 -56t56 -136t-56 -136t-136 -56q-62 0 -111 35.5t-70 92.5h-107q-17 0 -33 -8t-31.5 -26t-27 -34t-27 -47t-24 -49t-24.5 -55q-46 -107 -83 -165h1114v128q0 18 16 28t32 -1z" />
+    <glyph glyph-name="_608" unicode="&#xf288;" horiz-adv-x="1792" 
+d="M1150 774q0 -56 -39.5 -95t-95.5 -39h-253v269h253q56 0 95.5 -39.5t39.5 -95.5zM1329 774q0 130 -91.5 222t-222.5 92h-433v-896h180v269h253q130 0 222 91.5t92 221.5zM1792 640q0 -182 -71 -348t-191 -286t-286 -191t-348 -71t-348 71t-286 191t-191 286t-71 348
+t71 348t191 286t286 191t348 71t348 -71t286 -191t191 -286t71 -348z" />
+    <glyph glyph-name="_609" unicode="&#xf289;" horiz-adv-x="2304" 
+d="M1645 438q0 59 -34 106.5t-87 68.5q-7 -45 -23 -92q-7 -24 -27.5 -38t-44.5 -14q-12 0 -24 3q-31 10 -45 38.5t-4 58.5q23 71 23 143q0 123 -61 227.5t-166 165.5t-228 61q-134 0 -247 -73t-167 -194q108 -28 188 -106q22 -23 22 -55t-22 -54t-54 -22t-55 22
+q-75 75 -180 75q-106 0 -181 -74.5t-75 -180.5t75 -180.5t181 -74.5h1046q79 0 134.5 55.5t55.5 133.5zM1798 438q0 -142 -100.5 -242t-242.5 -100h-1046q-169 0 -289 119.5t-120 288.5q0 153 100 267t249 136q62 184 221 298t354 114q235 0 408.5 -158.5t196.5 -389.5
+q116 -25 192.5 -118.5t76.5 -214.5zM2048 438q0 -175 -97 -319q-23 -33 -64 -33q-24 0 -43 13q-26 17 -32 48.5t12 57.5q71 104 71 233t-71 233q-18 26 -12 57t32 49t57.5 11.5t49.5 -32.5q97 -142 97 -318zM2304 438q0 -244 -134 -443q-23 -34 -64 -34q-23 0 -42 13
+q-26 18 -32.5 49t11.5 57q108 164 108 358q0 195 -108 357q-18 26 -11.5 57.5t32.5 48.5q26 18 57 12t49 -33q134 -198 134 -442z" />
+    <glyph glyph-name="_610" unicode="&#xf28a;" 
+d="M1500 -13q0 -89 -63 -152.5t-153 -63.5t-153.5 63.5t-63.5 152.5q0 90 63.5 153.5t153.5 63.5t153 -63.5t63 -153.5zM1267 268q-115 -15 -192.5 -102.5t-77.5 -205.5q0 -74 33 -138q-146 -78 -379 -78q-109 0 -201 21t-153.5 54.5t-110.5 76.5t-76 85t-44.5 83
+t-23.5 66.5t-6 39.5q0 19 4.5 42.5t18.5 56t36.5 58t64 43.5t94.5 18t94 -17.5t63 -41t35.5 -53t17.5 -49t4 -33.5q0 -34 -23 -81q28 -27 82 -42t93 -17l40 -1q115 0 190 51t75 133q0 26 -9 48.5t-31.5 44.5t-49.5 41t-74 44t-93.5 47.5t-119.5 56.5q-28 13 -43 20
+q-116 55 -187 100t-122.5 102t-72 125.5t-20.5 162.5q0 78 20.5 150t66 137.5t112.5 114t166.5 77t221.5 28.5q120 0 220 -26t164.5 -67t109.5 -94t64 -105.5t19 -103.5q0 -46 -15 -82.5t-36.5 -58t-48.5 -36t-49 -19.5t-39 -5h-8h-32t-39 5t-44 14t-41 28t-37 46t-24 70.5
+t-10 97.5q-15 16 -59 25.5t-81 10.5l-37 1q-68 0 -117.5 -31t-70.5 -70t-21 -76q0 -24 5 -43t24 -46t53 -51t97 -53.5t150 -58.5q76 -25 138.5 -53.5t109 -55.5t83 -59t60.5 -59.5t41 -62.5t26.5 -62t14.5 -63.5t6 -62t1 -62.5z" />
+    <glyph glyph-name="_611" unicode="&#xf28b;" 
+d="M704 352v576q0 14 -9 23t-23 9h-256q-14 0 -23 -9t-9 -23v-576q0 -14 9 -23t23 -9h256q14 0 23 9t9 23zM1152 352v576q0 14 -9 23t-23 9h-256q-14 0 -23 -9t-9 -23v-576q0 -14 9 -23t23 -9h256q14 0 23 9t9 23zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103
+t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="_612" unicode="&#xf28c;" 
+d="M768 1408q209 0 385.5 -103t279.5 -279.5t103 -385.5t-103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103zM768 96q148 0 273 73t198 198t73 273t-73 273t-198 198t-273 73t-273 -73t-198 -198t-73 -273
+t73 -273t198 -198t273 -73zM864 320q-14 0 -23 9t-9 23v576q0 14 9 23t23 9h192q14 0 23 -9t9 -23v-576q0 -14 -9 -23t-23 -9h-192zM480 320q-14 0 -23 9t-9 23v576q0 14 9 23t23 9h192q14 0 23 -9t9 -23v-576q0 -14 -9 -23t-23 -9h-192z" />
+    <glyph glyph-name="_613" unicode="&#xf28d;" 
+d="M1088 352v576q0 14 -9 23t-23 9h-576q-14 0 -23 -9t-9 -23v-576q0 -14 9 -23t23 -9h576q14 0 23 9t9 23zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5
+t103 -385.5z" />
+    <glyph glyph-name="_614" unicode="&#xf28e;" 
+d="M768 1408q209 0 385.5 -103t279.5 -279.5t103 -385.5t-103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103zM768 96q148 0 273 73t198 198t73 273t-73 273t-198 198t-273 73t-273 -73t-198 -198t-73 -273
+t73 -273t198 -198t273 -73zM480 320q-14 0 -23 9t-9 23v576q0 14 9 23t23 9h576q14 0 23 -9t9 -23v-576q0 -14 -9 -23t-23 -9h-576z" />
+    <glyph glyph-name="_615" unicode="&#xf290;" horiz-adv-x="1792" 
+d="M1757 128l35 -313q3 -28 -16 -50q-19 -21 -48 -21h-1664q-29 0 -48 21q-19 22 -16 50l35 313h1722zM1664 967l86 -775h-1708l86 775q3 24 21 40.5t43 16.5h256v-128q0 -53 37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5v128h384v-128q0 -53 37.5 -90.5t90.5 -37.5
+t90.5 37.5t37.5 90.5v128h256q25 0 43 -16.5t21 -40.5zM1280 1152v-256q0 -26 -19 -45t-45 -19t-45 19t-19 45v256q0 106 -75 181t-181 75t-181 -75t-75 -181v-256q0 -26 -19 -45t-45 -19t-45 19t-19 45v256q0 159 112.5 271.5t271.5 112.5t271.5 -112.5t112.5 -271.5z" />
+    <glyph glyph-name="_616" unicode="&#xf291;" horiz-adv-x="2048" 
+d="M1920 768q53 0 90.5 -37.5t37.5 -90.5t-37.5 -90.5t-90.5 -37.5h-15l-115 -662q-8 -46 -44 -76t-82 -30h-1280q-46 0 -82 30t-44 76l-115 662h-15q-53 0 -90.5 37.5t-37.5 90.5t37.5 90.5t90.5 37.5h1792zM485 -32q26 2 43.5 22.5t15.5 46.5l-32 416q-2 26 -22.5 43.5
+t-46.5 15.5t-43.5 -22.5t-15.5 -46.5l32 -416q2 -25 20.5 -42t43.5 -17h5zM896 32v416q0 26 -19 45t-45 19t-45 -19t-19 -45v-416q0 -26 19 -45t45 -19t45 19t19 45zM1280 32v416q0 26 -19 45t-45 19t-45 -19t-19 -45v-416q0 -26 19 -45t45 -19t45 19t19 45zM1632 27l32 416
+q2 26 -15.5 46.5t-43.5 22.5t-46.5 -15.5t-22.5 -43.5l-32 -416q-2 -26 15.5 -46.5t43.5 -22.5h5q25 0 43.5 17t20.5 42zM476 1244l-93 -412h-132l101 441q19 88 89 143.5t160 55.5h167q0 26 19 45t45 19h384q26 0 45 -19t19 -45h167q90 0 160 -55.5t89 -143.5l101 -441
+h-132l-93 412q-11 44 -45.5 72t-79.5 28h-167q0 -26 -19 -45t-45 -19h-384q-26 0 -45 19t-19 45h-167q-45 0 -79.5 -28t-45.5 -72z" />
+    <glyph glyph-name="_617" unicode="&#xf292;" horiz-adv-x="1792" 
+d="M991 512l64 256h-254l-64 -256h254zM1759 1016l-56 -224q-7 -24 -31 -24h-327l-64 -256h311q15 0 25 -12q10 -14 6 -28l-56 -224q-5 -24 -31 -24h-327l-81 -328q-7 -24 -31 -24h-224q-16 0 -26 12q-9 12 -6 28l78 312h-254l-81 -328q-7 -24 -31 -24h-225q-15 0 -25 12
+q-9 12 -6 28l78 312h-311q-15 0 -25 12q-9 12 -6 28l56 224q7 24 31 24h327l64 256h-311q-15 0 -25 12q-10 14 -6 28l56 224q5 24 31 24h327l81 328q7 24 32 24h224q15 0 25 -12q9 -12 6 -28l-78 -312h254l81 328q7 24 32 24h224q15 0 25 -12q9 -12 6 -28l-78 -312h311
+q15 0 25 -12q9 -12 6 -28z" />
+    <glyph glyph-name="_618" unicode="&#xf293;" 
+d="M841 483l148 -148l-149 -149zM840 1094l149 -149l-148 -148zM710 -130l464 464l-306 306l306 306l-464 464v-611l-255 255l-93 -93l320 -321l-320 -321l93 -93l255 255v-611zM1429 640q0 -209 -32 -365.5t-87.5 -257t-140.5 -162.5t-181.5 -86.5t-219.5 -24.5
+t-219.5 24.5t-181.5 86.5t-140.5 162.5t-87.5 257t-32 365.5t32 365.5t87.5 257t140.5 162.5t181.5 86.5t219.5 24.5t219.5 -24.5t181.5 -86.5t140.5 -162.5t87.5 -257t32 -365.5z" />
+    <glyph glyph-name="_619" unicode="&#xf294;" horiz-adv-x="1024" 
+d="M596 113l173 172l-173 172v-344zM596 823l173 172l-173 172v-344zM628 640l356 -356l-539 -540v711l-297 -296l-108 108l372 373l-372 373l108 108l297 -296v711l539 -540z" />
+    <glyph glyph-name="_620" unicode="&#xf295;" 
+d="M1280 256q0 52 -38 90t-90 38t-90 -38t-38 -90t38 -90t90 -38t90 38t38 90zM512 1024q0 52 -38 90t-90 38t-90 -38t-38 -90t38 -90t90 -38t90 38t38 90zM1536 256q0 -159 -112.5 -271.5t-271.5 -112.5t-271.5 112.5t-112.5 271.5t112.5 271.5t271.5 112.5t271.5 -112.5
+t112.5 -271.5zM1440 1344q0 -20 -13 -38l-1056 -1408q-19 -26 -51 -26h-160q-26 0 -45 19t-19 45q0 20 13 38l1056 1408q19 26 51 26h160q26 0 45 -19t19 -45zM768 1024q0 -159 -112.5 -271.5t-271.5 -112.5t-271.5 112.5t-112.5 271.5t112.5 271.5t271.5 112.5
+t271.5 -112.5t112.5 -271.5z" />
+    <glyph glyph-name="_621" unicode="&#xf296;" horiz-adv-x="1792" 
+d="M104 830l792 -1015l-868 630q-18 13 -25 34.5t0 42.5l101 308v0zM566 830h660l-330 -1015v0zM368 1442l198 -612h-462l198 612q8 23 33 23t33 -23zM1688 830l101 -308q7 -21 0 -42.5t-25 -34.5l-868 -630l792 1015v0zM1688 830h-462l198 612q8 23 33 23t33 -23z" />
+    <glyph glyph-name="_622" unicode="&#xf297;" horiz-adv-x="1792" 
+d="M384 704h160v224h-160v-224zM1221 372v92q-104 -36 -243 -38q-135 -1 -259.5 46.5t-220.5 122.5l1 -96q88 -80 212 -128.5t272 -47.5q129 0 238 49zM640 704h640v224h-640v-224zM1792 736q0 -187 -99 -352q89 -102 89 -229q0 -157 -129.5 -268t-313.5 -111
+q-122 0 -225 52.5t-161 140.5q-19 -1 -57 -1t-57 1q-58 -88 -161 -140.5t-225 -52.5q-184 0 -313.5 111t-129.5 268q0 127 89 229q-99 165 -99 352q0 209 120 385.5t326.5 279.5t449.5 103t449.5 -103t326.5 -279.5t120 -385.5z" />
+    <glyph glyph-name="_623" unicode="&#xf298;" 
+d="M515 625v-128h-252v128h252zM515 880v-127h-252v127h252zM1273 369v-128h-341v128h341zM1273 625v-128h-672v128h672zM1273 880v-127h-672v127h672zM1408 20v1240q0 8 -6 14t-14 6h-32l-378 -256l-210 171l-210 -171l-378 256h-32q-8 0 -14 -6t-6 -14v-1240q0 -8 6 -14
+t14 -6h1240q8 0 14 6t6 14zM553 1130l185 150h-406zM983 1130l221 150h-406zM1536 1260v-1240q0 -62 -43 -105t-105 -43h-1240q-62 0 -105 43t-43 105v1240q0 62 43 105t105 43h1240q62 0 105 -43t43 -105z" />
+    <glyph glyph-name="_624" unicode="&#xf299;" horiz-adv-x="1792" 
+d="M896 720q-104 196 -160 278q-139 202 -347 318q-34 19 -70 36q-89 40 -94 32t34 -38l39 -31q62 -43 112.5 -93.5t94.5 -116.5t70.5 -113t70.5 -131q9 -17 13 -25q44 -84 84 -153t98 -154t115.5 -150t131 -123.5t148.5 -90.5q153 -66 154 -60q1 3 -49 37q-53 36 -81 57
+q-77 58 -179 211t-185 310zM549 177q-76 60 -132.5 125t-98 143.5t-71 154.5t-58.5 186t-52 209t-60.5 252t-76.5 289q273 0 497.5 -36t379 -92t271 -144.5t185.5 -172.5t110 -198.5t56 -199.5t12.5 -198.5t-9.5 -173t-20 -143.5t-13 -107l323 -327h-104l-281 285
+q-22 -2 -91.5 -14t-121.5 -19t-138 -6t-160.5 17t-167.5 59t-179 111z" />
+    <glyph glyph-name="_625" unicode="&#xf29a;" horiz-adv-x="1792" 
+d="M1374 879q-6 26 -28.5 39.5t-48.5 7.5q-261 -62 -401 -62t-401 62q-26 6 -48.5 -7.5t-28.5 -39.5t7.5 -48.5t39.5 -28.5q194 -46 303 -58q-2 -158 -15.5 -269t-26.5 -155.5t-41 -115.5l-9 -21q-10 -25 1 -49t36 -34q9 -4 23 -4q44 0 60 41l8 20q54 139 71 259h42
+q17 -120 71 -259l8 -20q16 -41 60 -41q14 0 23 4q25 10 36 34t1 49l-9 21q-28 71 -41 115.5t-26.5 155.5t-15.5 269q109 12 303 58q26 6 39.5 28.5t7.5 48.5zM1024 1024q0 53 -37.5 90.5t-90.5 37.5t-90.5 -37.5t-37.5 -90.5t37.5 -90.5t90.5 -37.5t90.5 37.5t37.5 90.5z
+M1600 640q0 -143 -55.5 -273.5t-150 -225t-225 -150t-273.5 -55.5t-273.5 55.5t-225 150t-150 225t-55.5 273.5t55.5 273.5t150 225t225 150t273.5 55.5t273.5 -55.5t225 -150t150 -225t55.5 -273.5zM896 1408q-156 0 -298 -61t-245 -164t-164 -245t-61 -298t61 -298
+t164 -245t245 -164t298 -61t298 61t245 164t164 245t61 298t-61 298t-164 245t-245 164t-298 61zM1792 640q0 -182 -71 -348t-191 -286t-286 -191t-348 -71t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71t348 -71t286 -191t191 -286t71 -348z" />
+    <glyph glyph-name="_626" unicode="&#xf29b;" 
+d="M1438 723q34 -35 29 -82l-44 -551q-4 -42 -34.5 -70t-71.5 -28q-6 0 -9 1q-44 3 -72.5 36.5t-25.5 77.5l35 429l-143 -8q55 -113 55 -240q0 -216 -148 -372l-137 137q91 101 91 235q0 145 -102.5 248t-247.5 103q-134 0 -236 -92l-137 138q120 114 284 141l264 300
+l-149 87l-181 -161q-33 -30 -77 -27.5t-73 35.5t-26.5 77t34.5 73l239 213q26 23 60 26.5t64 -14.5l488 -283q36 -21 48 -68q17 -67 -26 -117l-205 -232l371 20q49 3 83 -32zM1240 1180q-74 0 -126 52t-52 126t52 126t126 52t126.5 -52t52.5 -126t-52.5 -126t-126.5 -52z
+M613 -62q106 0 196 61l139 -139q-146 -116 -335 -116q-148 0 -273.5 73t-198.5 198t-73 273q0 188 116 336l139 -139q-60 -88 -60 -197q0 -145 102.5 -247.5t247.5 -102.5z" />
+    <glyph glyph-name="_627" unicode="&#xf29c;" 
+d="M880 336v-160q0 -14 -9 -23t-23 -9h-160q-14 0 -23 9t-9 23v160q0 14 9 23t23 9h160q14 0 23 -9t9 -23zM1136 832q0 -50 -15 -90t-45.5 -69t-52 -44t-59.5 -36q-32 -18 -46.5 -28t-26 -24t-11.5 -29v-32q0 -14 -9 -23t-23 -9h-160q-14 0 -23 9t-9 23v68q0 35 10.5 64.5
+t24 47.5t39 35.5t41 25.5t44.5 21q53 25 75 43t22 49q0 42 -43.5 71.5t-95.5 29.5q-56 0 -95 -27q-29 -20 -80 -83q-9 -12 -25 -12q-11 0 -19 6l-108 82q-10 7 -12 20t5 23q122 192 349 192q129 0 238.5 -89.5t109.5 -214.5zM768 1280q-130 0 -248.5 -51t-204 -136.5
+t-136.5 -204t-51 -248.5t51 -248.5t136.5 -204t204 -136.5t248.5 -51t248.5 51t204 136.5t136.5 204t51 248.5t-51 248.5t-136.5 204t-204 136.5t-248.5 51zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5
+t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="_628" unicode="&#xf29d;" horiz-adv-x="1408" 
+d="M366 1225q-64 0 -110 45.5t-46 110.5q0 64 46 109.5t110 45.5t109.5 -45.5t45.5 -109.5q0 -65 -45.5 -110.5t-109.5 -45.5zM917 583q0 -50 -30 -67.5t-63.5 -6.5t-47.5 34l-367 438q-7 12 -14 15.5t-11 1.5l-3 -3q-7 -8 4 -21l122 -139l1 -354l-161 -457
+q-67 -192 -92 -234q-15 -26 -28 -32q-50 -26 -103 -1q-29 13 -41.5 43t-9.5 57q2 17 197 618l5 416l-85 -164l35 -222q4 -24 -1 -42t-14 -27.5t-19 -16t-17 -7.5l-7 -2q-19 -3 -34.5 3t-24 16t-14 22t-7.5 19.5t-2 9.5l-46 299l211 381q23 34 113 34q75 0 107 -40l424 -521
+q7 -5 14 -17l3 -3l-1 -1q7 -13 7 -29zM514 433q43 -113 88.5 -225t69.5 -168l24 -55q36 -93 42 -125q11 -70 -36 -97q-35 -22 -66 -16t-51 22t-29 35h-1q-6 16 -8 25l-124 351zM1338 -159q31 -49 31 -57q0 -5 -3 -7q-9 -5 -14.5 0.5t-15.5 26t-16 30.5q-114 172 -423 661
+q3 -1 7 1t7 4l3 2q11 9 11 17z" />
+    <glyph glyph-name="_629" unicode="&#xf29e;" horiz-adv-x="2304" 
+d="M504 542h171l-1 265zM1530 641q0 87 -50.5 140t-146.5 53h-54v-388h52q91 0 145 57t54 138zM956 1018l1 -756q0 -14 -9.5 -24t-23.5 -10h-216q-14 0 -23.5 10t-9.5 24v62h-291l-55 -81q-10 -15 -28 -15h-267q-21 0 -30.5 18t3.5 35l556 757q9 14 27 14h332q14 0 24 -10
+t10 -24zM1783 641q0 -193 -125.5 -303t-324.5 -110h-270q-14 0 -24 10t-10 24v756q0 14 10 24t24 10h268q200 0 326 -109t126 -302zM1939 640q0 -11 -0.5 -29t-8 -71.5t-21.5 -102t-44.5 -108t-73.5 -102.5h-51q38 45 66.5 104.5t41.5 112t21 98t9 72.5l1 27q0 8 -0.5 22.5
+t-7.5 60t-20 91.5t-41 111.5t-66 124.5h43q41 -47 72 -107t45.5 -111.5t23 -96t10.5 -70.5zM2123 640q0 -11 -0.5 -29t-8 -71.5t-21.5 -102t-45 -108t-74 -102.5h-51q38 45 66.5 104.5t41.5 112t21 98t9 72.5l1 27q0 8 -0.5 22.5t-7.5 60t-19.5 91.5t-40.5 111.5t-66 124.5
+h43q41 -47 72 -107t45.5 -111.5t23 -96t10.5 -70.5zM2304 640q0 -11 -0.5 -29t-8 -71.5t-21.5 -102t-44.5 -108t-73.5 -102.5h-51q38 45 66 104.5t41 112t21 98t9 72.5l1 27q0 8 -0.5 22.5t-7.5 60t-19.5 91.5t-40.5 111.5t-66 124.5h43q41 -47 72 -107t45.5 -111.5t23 -96
+t9.5 -70.5z" />
+    <glyph glyph-name="uniF2A0" unicode="&#xf2a0;" horiz-adv-x="1408" 
+d="M617 -153q0 11 -13 58t-31 107t-20 69q-1 4 -5 26.5t-8.5 36t-13.5 21.5q-15 14 -51 14q-23 0 -70 -5.5t-71 -5.5q-34 0 -47 11q-6 5 -11 15.5t-7.5 20t-6.5 24t-5 18.5q-37 128 -37 255t37 255q1 4 5 18.5t6.5 24t7.5 20t11 15.5q13 11 47 11q24 0 71 -5.5t70 -5.5
+q36 0 51 14q9 8 13.5 21.5t8.5 36t5 26.5q2 9 20 69t31 107t13 58q0 22 -43.5 52.5t-75.5 42.5q-20 8 -45 8q-34 0 -98 -18q-57 -17 -96.5 -40.5t-71 -66t-46 -70t-45.5 -94.5q-6 -12 -9 -19q-49 -107 -68 -216t-19 -244t19 -244t68 -216q56 -122 83 -161q63 -91 179 -127
+l6 -2q64 -18 98 -18q25 0 45 8q32 12 75.5 42.5t43.5 52.5zM776 760q-26 0 -45 19t-19 45.5t19 45.5q37 37 37 90q0 52 -37 91q-19 19 -19 45t19 45t45 19t45 -19q75 -75 75 -181t-75 -181q-21 -19 -45 -19zM957 579q-27 0 -45 19q-19 19 -19 45t19 45q112 114 112 272
+t-112 272q-19 19 -19 45t19 45t45 19t45 -19q150 -150 150 -362t-150 -362q-18 -19 -45 -19zM1138 398q-27 0 -45 19q-19 19 -19 45t19 45q90 91 138.5 208t48.5 245t-48.5 245t-138.5 208q-19 19 -19 45t19 45t45 19t45 -19q109 -109 167 -249t58 -294t-58 -294t-167 -249
+q-18 -19 -45 -19z" />
+    <glyph glyph-name="uniF2A1" unicode="&#xf2a1;" horiz-adv-x="2176" 
+d="M192 352q-66 0 -113 -47t-47 -113t47 -113t113 -47t113 47t47 113t-47 113t-113 47zM704 352q-66 0 -113 -47t-47 -113t47 -113t113 -47t113 47t47 113t-47 113t-113 47zM704 864q-66 0 -113 -47t-47 -113t47 -113t113 -47t113 47t47 113t-47 113t-113 47zM1472 352
+q-66 0 -113 -47t-47 -113t47 -113t113 -47t113 47t47 113t-47 113t-113 47zM1984 352q-66 0 -113 -47t-47 -113t47 -113t113 -47t113 47t47 113t-47 113t-113 47zM1472 864q-66 0 -113 -47t-47 -113t47 -113t113 -47t113 47t47 113t-47 113t-113 47zM1984 864
+q-66 0 -113 -47t-47 -113t47 -113t113 -47t113 47t47 113t-47 113t-113 47zM1984 1376q-66 0 -113 -47t-47 -113t47 -113t113 -47t113 47t47 113t-47 113t-113 47zM384 192q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM896 192q0 -80 -56 -136
+t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM384 704q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM896 704q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM384 1216q0 -80 -56 -136t-136 -56
+t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM1664 192q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM896 1216q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM2176 192q0 -80 -56 -136t-136 -56t-136 56
+t-56 136t56 136t136 56t136 -56t56 -136zM1664 704q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM2176 704q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136zM1664 1216q0 -80 -56 -136t-136 -56t-136 56t-56 136
+t56 136t136 56t136 -56t56 -136zM2176 1216q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136z" />
+    <glyph glyph-name="uniF2A2" unicode="&#xf2a2;" horiz-adv-x="1792" 
+d="M128 -192q0 -26 -19 -45t-45 -19t-45 19t-19 45t19 45t45 19t45 -19t19 -45zM320 0q0 -26 -19 -45t-45 -19t-45 19t-19 45t19 45t45 19t45 -19t19 -45zM365 365l256 -256l-90 -90l-256 256zM704 384q0 -26 -19 -45t-45 -19t-45 19t-19 45t19 45t45 19t45 -19t19 -45z
+M1411 704q0 -59 -11.5 -108.5t-37.5 -93.5t-44 -67.5t-53 -64.5q-31 -35 -45.5 -54t-33.5 -50t-26.5 -64t-7.5 -74q0 -159 -112.5 -271.5t-271.5 -112.5q-26 0 -45 19t-19 45t19 45t45 19q106 0 181 75t75 181q0 57 11.5 105.5t37 91t43.5 66.5t52 63q40 46 59.5 72
+t37.5 74.5t18 103.5q0 185 -131.5 316.5t-316.5 131.5t-316.5 -131.5t-131.5 -316.5q0 -26 -19 -45t-45 -19t-45 19t-19 45q0 117 45.5 223.5t123 184t184 123t223.5 45.5t223.5 -45.5t184 -123t123 -184t45.5 -223.5zM896 576q0 -26 -19 -45t-45 -19t-45 19t-19 45t19 45
+t45 19t45 -19t19 -45zM1184 704q0 -26 -19 -45t-45 -19t-45 19t-19 45q0 93 -65.5 158.5t-158.5 65.5q-92 0 -158 -65.5t-66 -158.5q0 -26 -19 -45t-45 -19t-45 19t-19 45q0 146 103 249t249 103t249 -103t103 -249zM1578 993q10 -25 -1 -49t-36 -34q-9 -4 -23 -4
+q-19 0 -35.5 11t-23.5 30q-68 178 -224 295q-21 16 -25 42t12 47q17 21 43 25t47 -12q183 -137 266 -351zM1788 1074q9 -25 -1.5 -49t-35.5 -34q-11 -4 -23 -4q-44 0 -60 41q-92 238 -297 393q-22 16 -25.5 42t12.5 47q16 22 42 25.5t47 -12.5q235 -175 341 -449z" />
+    <glyph glyph-name="uniF2A3" unicode="&#xf2a3;" horiz-adv-x="2304" 
+d="M1032 576q-59 2 -84 55q-17 34 -48 53.5t-68 19.5q-53 0 -90.5 -37.5t-37.5 -90.5q0 -56 36 -89l10 -8q34 -31 82 -31q37 0 68 19.5t48 53.5q25 53 84 55zM1600 704q0 56 -36 89l-10 8q-34 31 -82 31q-37 0 -68 -19.5t-48 -53.5q-25 -53 -84 -55q59 -2 84 -55
+q17 -34 48 -53.5t68 -19.5q53 0 90.5 37.5t37.5 90.5zM1174 925q-17 -35 -55 -48t-73 4q-62 31 -134 31q-51 0 -99 -17q3 0 9.5 0.5t9.5 0.5q92 0 170.5 -50t118.5 -133q17 -36 3.5 -73.5t-49.5 -54.5q-18 -9 -39 -9q21 0 39 -9q36 -17 49.5 -54.5t-3.5 -73.5
+q-40 -83 -118.5 -133t-170.5 -50h-6q-16 2 -44 4l-290 27l-239 -120q-14 -7 -29 -7q-40 0 -57 35l-160 320q-11 23 -4 47.5t29 37.5l209 119l148 267q17 155 91.5 291.5t195.5 236.5q31 25 70.5 21.5t64.5 -34.5t21.5 -70t-34.5 -65q-70 -59 -117 -128q123 84 267 101
+q40 5 71.5 -19t35.5 -64q5 -40 -19 -71.5t-64 -35.5q-84 -10 -159 -55q46 10 99 10q115 0 218 -50q36 -18 49 -55.5t-5 -73.5zM2137 1085l160 -320q11 -23 4 -47.5t-29 -37.5l-209 -119l-148 -267q-17 -155 -91.5 -291.5t-195.5 -236.5q-26 -22 -61 -22q-45 0 -74 35
+q-25 31 -21.5 70t34.5 65q70 59 117 128q-123 -84 -267 -101q-4 -1 -12 -1q-36 0 -63.5 24t-31.5 60q-5 40 19 71.5t64 35.5q84 10 159 55q-46 -10 -99 -10q-115 0 -218 50q-36 18 -49 55.5t5 73.5q17 35 55 48t73 -4q62 -31 134 -31q51 0 99 17q-3 0 -9.5 -0.5t-9.5 -0.5
+q-92 0 -170.5 50t-118.5 133q-17 36 -3.5 73.5t49.5 54.5q18 9 39 9q-21 0 -39 9q-36 17 -49.5 54.5t3.5 73.5q40 83 118.5 133t170.5 50h6h1q14 -2 42 -4l291 -27l239 120q14 7 29 7q40 0 57 -35z" />
+    <glyph glyph-name="uniF2A4" unicode="&#xf2a4;" horiz-adv-x="1792" 
+d="M1056 704q0 -26 19 -45t45 -19t45 19t19 45q0 146 -103 249t-249 103t-249 -103t-103 -249q0 -26 19 -45t45 -19t45 19t19 45q0 93 66 158.5t158 65.5t158 -65.5t66 -158.5zM835 1280q-117 0 -223.5 -45.5t-184 -123t-123 -184t-45.5 -223.5q0 -26 19 -45t45 -19t45 19
+t19 45q0 185 131.5 316.5t316.5 131.5t316.5 -131.5t131.5 -316.5q0 -55 -18 -103.5t-37.5 -74.5t-59.5 -72q-34 -39 -52 -63t-43.5 -66.5t-37 -91t-11.5 -105.5q0 -106 -75 -181t-181 -75q-26 0 -45 -19t-19 -45t19 -45t45 -19q159 0 271.5 112.5t112.5 271.5q0 41 7.5 74
+t26.5 64t33.5 50t45.5 54q35 41 53 64.5t44 67.5t37.5 93.5t11.5 108.5q0 117 -45.5 223.5t-123 184t-184 123t-223.5 45.5zM591 561l226 -226l-579 -579q-12 -12 -29 -12t-29 12l-168 168q-12 12 -12 29t12 29zM1612 1524l168 -168q12 -12 12 -29t-12 -30l-233 -233
+l-26 -25l-71 -71q-66 153 -195 258l91 91l207 207q13 12 30 12t29 -12z" />
+    <glyph glyph-name="uniF2A5" unicode="&#xf2a5;" 
+d="M866 1021q0 -27 -13 -94q-11 -50 -31.5 -150t-30.5 -150q-2 -11 -4.5 -12.5t-13.5 -2.5q-20 -2 -31 -2q-58 0 -84 49.5t-26 113.5q0 88 35 174t103 124q28 14 51 14q28 0 36.5 -16.5t8.5 -47.5zM1352 597q0 14 -39 75.5t-52 66.5q-21 8 -34 8q-91 0 -226 -77l-2 2
+q3 22 27.5 135t24.5 178q0 233 -242 233q-24 0 -68 -6q-94 -17 -168.5 -89.5t-111.5 -166.5t-37 -189q0 -146 80.5 -225t227.5 -79q25 0 25 -3t-1 -5q-4 -34 -26 -117q-14 -52 -51.5 -101t-82.5 -49q-42 0 -42 47q0 24 10.5 47.5t25 39.5t29.5 28.5t26 20t11 8.5q0 3 -7 10
+q-24 22 -58.5 36.5t-65.5 14.5q-35 0 -63.5 -34t-41 -75t-12.5 -75q0 -88 51.5 -142t138.5 -54q82 0 155 53t117.5 126t65.5 153q6 22 15.5 66.5t14.5 66.5q3 12 14 18q118 60 227 60q48 0 127 -18q1 -1 4 -1q5 0 9.5 4.5t4.5 8.5zM1536 1120v-960q0 -119 -84.5 -203.5
+t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="uniF2A6" unicode="&#xf2a6;" horiz-adv-x="1535" 
+d="M744 1231q0 24 -2 38.5t-8.5 30t-21 23t-37.5 7.5q-39 0 -78 -23q-105 -58 -159 -190.5t-54 -269.5q0 -44 8.5 -85.5t26.5 -80.5t52.5 -62.5t81.5 -23.5q4 0 18 -0.5t20 0t16 3t15 8.5t7 16q16 77 48 231.5t48 231.5q19 91 19 146zM1498 575q0 -7 -7.5 -13.5t-15.5 -6.5
+l-6 1q-22 3 -62 11t-72 12.5t-63 4.5q-167 0 -351 -93q-15 -8 -21 -27q-10 -36 -24.5 -105.5t-22.5 -100.5q-23 -91 -70 -179.5t-112.5 -164.5t-154.5 -123t-185 -47q-135 0 -214.5 83.5t-79.5 219.5q0 53 19.5 117t63 116.5t97.5 52.5q38 0 120 -33.5t83 -61.5
+q0 -1 -16.5 -12.5t-39.5 -31t-46 -44.5t-39 -61t-16 -74q0 -33 16.5 -53t48.5 -20q45 0 85 31.5t66.5 78t48 105.5t32.5 107t16 90v9q0 2 -3.5 3.5t-8.5 1.5h-10t-10 -0.5t-6 -0.5q-227 0 -352 122.5t-125 348.5q0 108 34.5 221t96 210t156 167.5t204.5 89.5q52 9 106 9
+q374 0 374 -360q0 -98 -38 -273t-43 -211l3 -3q101 57 182.5 88t167.5 31q22 0 53 -13q19 -7 80 -102.5t61 -116.5z" />
+    <glyph glyph-name="uniF2A7" unicode="&#xf2a7;" horiz-adv-x="1664" 
+d="M831 863q32 0 59 -18l222 -148q61 -40 110 -97l146 -170q40 -46 29 -106l-72 -413q-6 -32 -29.5 -53.5t-55.5 -25.5l-527 -56l-352 -32h-9q-39 0 -67.5 28t-28.5 68q0 37 27 64t65 32l260 32h-448q-41 0 -69.5 30t-26.5 71q2 39 32 65t69 26l442 1l-521 64q-41 5 -66 37
+t-19 73q6 35 34.5 57.5t65.5 22.5h10l481 -60l-351 94q-38 10 -62 41.5t-18 68.5q6 36 33 58.5t62 22.5q6 0 20 -2l448 -96l217 -37q1 0 3 -0.5t3 -0.5q23 0 30.5 23t-12.5 36l-186 125q-35 23 -42 63.5t18 73.5q27 38 76 38zM761 661l186 -125l-218 37l-5 2l-36 38
+l-238 262q-1 1 -2.5 3.5t-2.5 3.5q-24 31 -18.5 70t37.5 64q31 23 68 17.5t64 -33.5l142 -147q-2 -1 -5 -3.5t-4 -4.5q-32 -45 -23 -99t55 -85zM1648 1115l15 -266q4 -73 -11 -147l-48 -219q-12 -59 -67 -87l-106 -54q2 62 -39 109l-146 170q-53 61 -117 103l-222 148
+q-34 23 -76 23q-51 0 -88 -37l-235 312q-25 33 -18 73.5t41 63.5q33 22 71.5 14t62.5 -40l266 -352l-262 455q-21 35 -10.5 75t47.5 59q35 18 72.5 6t57.5 -46l241 -420l-136 337q-15 35 -4.5 74t44.5 56q37 19 76 6t56 -51l193 -415l101 -196q8 -15 23 -17.5t27 7.5t11 26
+l-12 224q-2 41 26 71t69 31q39 0 67 -28.5t30 -67.5z" />
+    <glyph glyph-name="uniF2A8" unicode="&#xf2a8;" horiz-adv-x="1792" 
+d="M335 180q-2 0 -6 2q-86 57 -168.5 145t-139.5 180q-21 30 -21 69q0 9 2 19t4 18t7 18t8.5 16t10.5 17t10 15t12 15.5t11 14.5q184 251 452 365q-110 198 -110 211q0 19 17 29q116 64 128 64q18 0 28 -16l124 -229q92 19 192 19q266 0 497.5 -137.5t378.5 -369.5
+q20 -31 20 -69t-20 -69q-91 -142 -218.5 -253.5t-278.5 -175.5q110 -198 110 -211q0 -20 -17 -29q-116 -64 -127 -64q-19 0 -29 16l-124 229l-64 119l-444 820l7 7q-58 -24 -99 -47q3 -5 127 -234t243 -449t119 -223q0 -7 -9 -9q-13 -3 -72 -3q-57 0 -60 7l-456 841
+q-39 -28 -82 -68q24 -43 214 -393.5t190 -354.5q0 -10 -11 -10q-14 0 -82.5 22t-72.5 28l-106 197l-224 413q-44 -53 -78 -106q2 -3 18 -25t23 -34l176 -327q0 -10 -10 -10zM1165 282l49 -91q273 111 450 385q-180 277 -459 389q67 -64 103 -148.5t36 -176.5
+q0 -106 -47 -200.5t-132 -157.5zM848 896q0 -20 14 -34t34 -14q86 0 147 -61t61 -147q0 -20 14 -34t34 -14t34 14t14 34q0 126 -89 215t-215 89q-20 0 -34 -14t-14 -34zM1214 961l-9 4l7 -7z" />
+    <glyph glyph-name="uniF2A9" unicode="&#xf2a9;" horiz-adv-x="1280" 
+d="M1050 430q0 -215 -147 -374q-148 -161 -378 -161q-232 0 -378 161q-147 159 -147 374q0 147 68 270.5t189 196.5t268 73q96 0 182 -31q-32 -62 -39 -126q-66 28 -143 28q-167 0 -280.5 -123t-113.5 -291q0 -170 112.5 -288.5t281.5 -118.5t281 118.5t112 288.5
+q0 89 -32 166q66 13 123 49q41 -98 41 -212zM846 619q0 -192 -79.5 -345t-238.5 -253l-14 -1q-29 0 -62 5q83 32 146.5 102.5t99.5 154.5t58.5 189t30 192.5t7.5 178.5q0 69 -3 103q55 -160 55 -326zM791 947v-2q-73 214 -206 440q88 -59 142.5 -186.5t63.5 -251.5z
+M1035 744q-83 0 -160 75q218 120 290 247q19 37 21 56q-42 -94 -139.5 -166.5t-204.5 -97.5q-35 54 -35 113q0 37 17 79t43 68q46 44 157 74q59 16 106 58.5t74 100.5q74 -105 74 -253q0 -109 -24 -170q-32 -77 -88.5 -130.5t-130.5 -53.5z" />
+    <glyph glyph-name="uniF2AA" unicode="&#xf2aa;" 
+d="M1050 495q0 78 -28 147q-41 -25 -85 -34q22 -50 22 -114q0 -117 -77 -198.5t-193 -81.5t-193.5 81.5t-77.5 198.5q0 115 78 199.5t193 84.5q53 0 98 -19q4 43 27 87q-60 21 -125 21q-154 0 -257.5 -108.5t-103.5 -263.5t103.5 -261t257.5 -106t257.5 106.5t103.5 260.5z
+M872 850q2 -24 2 -71q0 -63 -5 -123t-20.5 -132.5t-40.5 -130t-68.5 -106t-100.5 -70.5q21 -3 42 -3h10q219 139 219 411q0 116 -38 225zM872 850q-4 80 -44 171.5t-98 130.5q92 -156 142 -302zM1207 955q0 102 -51 174q-41 -86 -124 -109q-69 -19 -109 -53.5t-40 -99.5
+q0 -40 24 -77q74 17 140.5 67t95.5 115q-4 -52 -74.5 -111.5t-138.5 -97.5q52 -52 110 -52q51 0 90 37t60 90q17 42 17 117zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960q119 0 203.5 -84.5
+t84.5 -203.5z" />
+    <glyph glyph-name="uniF2AB" unicode="&#xf2ab;" 
+d="M1279 388q0 22 -22 27q-67 15 -118 59t-80 108q-7 19 -7 25q0 15 19.5 26t43 17t43 20.5t19.5 36.5q0 19 -18.5 31.5t-38.5 12.5q-12 0 -32 -8t-31 -8q-4 0 -12 2q5 95 5 114q0 79 -17 114q-36 78 -103 121.5t-152 43.5q-199 0 -275 -165q-17 -35 -17 -114q0 -19 5 -114
+q-4 -2 -14 -2q-12 0 -32 7.5t-30 7.5q-21 0 -38.5 -12t-17.5 -32q0 -21 19.5 -35.5t43 -20.5t43 -17t19.5 -26q0 -6 -7 -25q-64 -138 -198 -167q-22 -5 -22 -27q0 -46 137 -68q2 -5 6 -26t11.5 -30.5t23.5 -9.5q12 0 37.5 4.5t39.5 4.5q35 0 67 -15t54 -32.5t57.5 -32.5
+t76.5 -15q43 0 79 15t57.5 32.5t53.5 32.5t67 15q14 0 39.5 -4t38.5 -4q16 0 23 10t11 30t6 25q137 22 137 68zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5
+t103 -385.5z" />
+    <glyph glyph-name="uniF2AC" unicode="&#xf2ac;" horiz-adv-x="1664" 
+d="M848 1408q134 1 240.5 -68.5t163.5 -192.5q27 -58 27 -179q0 -47 -9 -191q14 -7 28 -7q18 0 51 13.5t51 13.5q29 0 56 -18t27 -46q0 -32 -31.5 -54t-69 -31.5t-69 -29t-31.5 -47.5q0 -15 12 -43q37 -82 102.5 -150t144.5 -101q28 -12 80 -23q28 -6 28 -35
+q0 -70 -219 -103q-7 -11 -11 -39t-14 -46.5t-33 -18.5q-20 0 -62 6.5t-64 6.5q-37 0 -62 -5q-32 -5 -63 -22.5t-58 -38t-58 -40.5t-76 -33.5t-99 -13.5q-52 0 -96.5 13.5t-75 33.5t-57.5 40.5t-58 38t-62 22.5q-26 5 -63 5q-24 0 -65.5 -7.5t-58.5 -7.5q-25 0 -35 18.5
+t-14 47.5t-11 40q-219 33 -219 103q0 29 28 35q52 11 80 23q78 32 144.5 101t102.5 150q12 28 12 43q0 28 -31.5 47.5t-69.5 29.5t-69.5 31.5t-31.5 52.5q0 27 26 45.5t55 18.5q15 0 48 -13t53 -13q18 0 32 7q-9 142 -9 190q0 122 27 180q64 137 172 198t264 63z" />
+    <glyph glyph-name="uniF2AD" unicode="&#xf2ad;" 
+d="M1280 388q0 22 -22 27q-67 14 -118 58t-80 109q-7 14 -7 25q0 15 19.5 26t42.5 17t42.5 20.5t19.5 36.5q0 19 -18.5 31.5t-38.5 12.5q-11 0 -31 -8t-32 -8q-4 0 -12 2q5 63 5 115q0 78 -17 114q-36 78 -102.5 121.5t-152.5 43.5q-198 0 -275 -165q-18 -38 -18 -115
+q0 -38 6 -114q-10 -2 -15 -2q-11 0 -31.5 8t-30.5 8q-20 0 -37.5 -12.5t-17.5 -32.5q0 -21 19.5 -35.5t42.5 -20.5t42.5 -17t19.5 -26q0 -11 -7 -25q-64 -138 -198 -167q-22 -5 -22 -27q0 -47 138 -69q2 -5 6 -26t11 -30.5t23 -9.5q13 0 38.5 5t38.5 5q35 0 67.5 -15
+t54.5 -32.5t57.5 -32.5t76.5 -15q43 0 79 15t57.5 32.5t54 32.5t67.5 15q13 0 39 -4.5t39 -4.5q15 0 22.5 9.5t11.5 31t5 24.5q138 22 138 69zM1536 1120v-960q0 -119 -84.5 -203.5t-203.5 -84.5h-960q-119 0 -203.5 84.5t-84.5 203.5v960q0 119 84.5 203.5t203.5 84.5h960
+q119 0 203.5 -84.5t84.5 -203.5z" />
+    <glyph glyph-name="uniF2AE" unicode="&#xf2ae;" horiz-adv-x="2304" 
+d="M2304 1536q-69 -46 -125 -92t-89 -81t-59.5 -71.5t-37.5 -57.5t-22 -44.5t-14 -29.5q-10 -18 -35.5 -136.5t-48.5 -164.5q-15 -29 -50 -60.5t-67.5 -50.5t-72.5 -41t-48 -28q-47 -31 -151 -231q-341 14 -630 -158q-92 -53 -303 -179q47 16 86 31t55 22l15 7
+q71 27 163 64.5t133.5 53.5t108 34.5t142.5 31.5q186 31 465 -7q1 0 10 -3q11 -6 14 -17t-3 -22l-194 -345q-15 -29 -47 -22q-128 24 -354 24q-146 0 -402 -44.5t-392 -46.5q-82 -1 -149 13t-107 37t-61 40t-33 34l-1 1v2q0 6 6 6q138 0 371 55q192 366 374.5 524t383.5 158
+q5 0 14.5 -0.5t38 -5t55 -12t61.5 -24.5t63 -39.5t54 -59t40 -82.5l102 177q2 4 21 42.5t44.5 86.5t61 109.5t84 133.5t100.5 137q66 82 128 141.5t121.5 96.5t92.5 53.5t88 39.5z" />
+    <glyph glyph-name="uniF2B0" unicode="&#xf2b0;" 
+d="M1322 640q0 -45 -5 -76l-236 14l224 -78q-19 -73 -58 -141l-214 103l177 -158q-44 -61 -107 -108l-157 178l103 -215q-61 -37 -140 -59l-79 228l14 -240q-38 -6 -76 -6t-76 6l14 238l-78 -226q-74 19 -140 59l103 215l-157 -178q-59 43 -108 108l178 158l-214 -104
+q-39 69 -58 141l224 79l-237 -14q-5 42 -5 76q0 35 5 77l238 -14l-225 79q19 73 58 140l214 -104l-177 159q46 61 107 108l158 -178l-103 215q67 39 140 58l77 -224l-13 236q36 6 75 6q38 0 76 -6l-14 -237l78 225q74 -19 140 -59l-103 -214l158 178q61 -47 107 -108
+l-177 -159l213 104q37 -62 58 -141l-224 -78l237 14q5 -31 5 -77zM1352 640q0 160 -78.5 295.5t-213 214t-292.5 78.5q-119 0 -227 -46.5t-186.5 -125t-124.5 -187.5t-46 -229q0 -119 46 -228t124.5 -187.5t186.5 -125t227 -46.5q158 0 292.5 78.5t213 214t78.5 294.5z
+M1425 1023v-766l-657 -383l-657 383v766l657 383zM768 -183l708 412v823l-708 411l-708 -411v-823zM1536 1088v-896l-768 -448l-768 448v896l768 448z" />
+    <glyph glyph-name="uniF2B1" unicode="&#xf2b1;" horiz-adv-x="1664" 
+d="M339 1318h691l-26 -72h-665q-110 0 -188.5 -79t-78.5 -189v-771q0 -95 60.5 -169.5t153.5 -93.5q23 -5 98 -5v-72h-45q-140 0 -239.5 100t-99.5 240v771q0 140 99.5 240t239.5 100zM1190 1536h247l-482 -1294q-23 -61 -40.5 -103.5t-45 -98t-54 -93.5t-64.5 -78.5
+t-79.5 -65t-95.5 -41t-116 -18.5v195q163 26 220 182q20 52 20 105q0 54 -20 106l-285 733h228l187 -585zM1664 978v-1111h-795q37 55 45 73h678v1038q0 85 -49.5 155t-129.5 99l25 67q101 -34 163.5 -123.5t62.5 -197.5z" />
+    <glyph glyph-name="uniF2B2" unicode="&#xf2b2;" horiz-adv-x="1792" 
+d="M852 1227q0 -29 -17 -52.5t-45 -23.5t-45 23.5t-17 52.5t17 52.5t45 23.5t45 -23.5t17 -52.5zM688 -149v114q0 30 -20.5 51.5t-50.5 21.5t-50 -21.5t-20 -51.5v-114q0 -30 20.5 -52t49.5 -22q30 0 50.5 22t20.5 52zM860 -149v114q0 30 -20 51.5t-50 21.5t-50.5 -21.5
+t-20.5 -51.5v-114q0 -30 20.5 -52t50.5 -22q29 0 49.5 22t20.5 52zM1034 -149v114q0 30 -20.5 51.5t-50.5 21.5t-50.5 -21.5t-20.5 -51.5v-114q0 -30 20.5 -52t50.5 -22t50.5 22t20.5 52zM1208 -149v114q0 30 -20.5 51.5t-50.5 21.5t-50.5 -21.5t-20.5 -51.5v-114
+q0 -30 20.5 -52t50.5 -22t50.5 22t20.5 52zM1476 535q-84 -160 -232 -259.5t-323 -99.5q-123 0 -229.5 51.5t-178.5 137t-113 197.5t-41 232q0 88 21 174q-104 -175 -104 -390q0 -162 65 -312t185 -251q30 57 91 57q56 0 86 -50q32 50 87 50q56 0 86 -50q32 50 87 50t87 -50
+q30 50 86 50q28 0 52.5 -15.5t37.5 -40.5q112 94 177 231.5t73 287.5zM1326 564q0 75 -72 75q-17 0 -47 -6q-95 -19 -149 -19q-226 0 -226 243q0 86 30 204q-83 -127 -83 -275q0 -150 89 -260.5t235 -110.5q111 0 210 70q13 48 13 79zM884 1223q0 50 -32 89.5t-81 39.5
+t-81 -39.5t-32 -89.5q0 -51 31.5 -90.5t81.5 -39.5t81.5 39.5t31.5 90.5zM1513 884q0 96 -37.5 179t-113 137t-173.5 54q-77 0 -149 -35t-127 -94q-48 -159 -48 -268q0 -104 45.5 -157t147.5 -53q53 0 142 19q36 6 53 6q51 0 77.5 -28t26.5 -80q0 -26 -4 -46
+q75 68 117.5 165.5t42.5 200.5zM1792 667q0 -111 -33.5 -249.5t-93.5 -204.5q-58 -64 -195 -142.5t-228 -104.5l-4 -1v-114q0 -43 -29.5 -75t-72.5 -32q-56 0 -86 50q-32 -50 -87 -50t-87 50q-30 -50 -86 -50q-55 0 -87 50q-30 -50 -86 -50q-47 0 -75 33.5t-28 81.5
+q-90 -68 -198 -68q-118 0 -211 80q54 1 106 20q-113 31 -182 127q32 -7 71 -7q89 0 164 46q-192 192 -240 306q-24 56 -24 160q0 57 9 125.5t31.5 146.5t55 141t86.5 105t120 42q59 0 81 -52q19 29 42 54q2 3 12 13t13 16q10 15 23 38t25 42t28 39q87 111 211.5 177
+t260.5 66q35 0 62 -4q59 64 146 64q83 0 140 -57q5 -5 5 -12q0 -5 -6 -13.5t-12.5 -16t-16 -17l-10.5 -10.5q17 -6 36 -18t19 -24q0 -6 -16 -25q157 -138 197 -378q25 30 60 30q45 0 100 -49q90 -80 90 -279z" />
+    <glyph glyph-name="uniF2B3" unicode="&#xf2b3;" 
+d="M917 631q0 33 -6 64h-362v-132h217q-12 -76 -74.5 -120.5t-142.5 -44.5q-99 0 -169 71.5t-70 170.5t70 170.5t169 71.5q93 0 153 -59l104 101q-108 100 -257 100q-160 0 -272 -112.5t-112 -271.5t112 -271.5t272 -112.5q165 0 266.5 105t101.5 270zM1262 585h109v110
+h-109v110h-110v-110h-110v-110h110v-110h110v110zM1536 640q0 -209 -103 -385.5t-279.5 -279.5t-385.5 -103t-385.5 103t-279.5 279.5t-103 385.5t103 385.5t279.5 279.5t385.5 103t385.5 -103t279.5 -279.5t103 -385.5z" />
+    <glyph glyph-name="uniF2B4" unicode="&#xf2b4;" 
+d="M1536 1024v-839q0 -48 -49 -62q-174 -52 -338 -52q-73 0 -215.5 29.5t-227.5 29.5q-164 0 -370 -48v-338h-160v1368q-63 25 -101 81t-38 124q0 91 64 155t155 64t155 -64t64 -155q0 -68 -38 -124t-101 -81v-68q190 44 343 44q99 0 198 -15q14 -2 111.5 -22.5t149.5 -20.5
+q77 0 165 18q11 2 80 21t89 19q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="uniF2B5" unicode="&#xf2b5;" horiz-adv-x="2304" 
+d="M192 384q40 0 56 32t0 64t-56 32t-56 -32t0 -64t56 -32zM1665 442q-10 13 -38.5 50t-41.5 54t-38 49t-42.5 53t-40.5 47t-45 49l-125 -140q-83 -94 -208.5 -92t-205.5 98q-57 69 -56.5 158t58.5 157l177 206q-22 11 -51 16.5t-47.5 6t-56.5 -0.5t-49 -1q-92 0 -158 -66
+l-158 -158h-155v-544q5 0 21 0.5t22 0t19.5 -2t20.5 -4.5t17.5 -8.5t18.5 -13.5l297 -292q115 -111 227 -111q78 0 125 47q57 -20 112.5 8t72.5 85q74 -6 127 44q20 18 36 45.5t14 50.5q10 -10 43 -10q43 0 77 21t49.5 53t12 71.5t-30.5 73.5zM1824 384h96v512h-93l-157 180
+q-66 76 -169 76h-167q-89 0 -146 -67l-209 -243q-28 -33 -28 -75t27 -75q43 -51 110 -52t111 49l193 218q25 23 53.5 21.5t47 -27t8.5 -56.5q16 -19 56 -63t60 -68q29 -36 82.5 -105.5t64.5 -84.5q52 -66 60 -140zM2112 384q40 0 56 32t0 64t-56 32t-56 -32t0 -64t56 -32z
+M2304 960v-640q0 -26 -19 -45t-45 -19h-434q-27 -65 -82 -106.5t-125 -51.5q-33 -48 -80.5 -81.5t-102.5 -45.5q-42 -53 -104.5 -81.5t-128.5 -24.5q-60 -34 -126 -39.5t-127.5 14t-117 53.5t-103.5 81l-287 282h-358q-26 0 -45 19t-19 45v672q0 26 19 45t45 19h421
+q14 14 47 48t47.5 48t44 40t50.5 37.5t51 25.5t62 19.5t68 5.5h117q99 0 181 -56q82 56 181 56h167q35 0 67 -6t56.5 -14.5t51.5 -26.5t44.5 -31t43 -39.5t39 -42t41 -48t41.5 -48.5h355q26 0 45 -19t19 -45z" />
+    <glyph glyph-name="uniF2B6" unicode="&#xf2b6;" horiz-adv-x="1792" 
+d="M1792 882v-978q0 -66 -47 -113t-113 -47h-1472q-66 0 -113 47t-47 113v978q0 15 11 24q8 7 39 34.5t41.5 36t45.5 37.5t70 55.5t96 73t143.5 107t192.5 140.5q5 4 52.5 40t71.5 52.5t64 35t69 18.5t69 -18.5t65 -35.5t71 -52t52 -40q110 -80 192.5 -140.5t143.5 -107
+t96 -73t70 -55.5t45.5 -37.5t41.5 -36t39 -34.5q11 -9 11 -24zM1228 297q263 191 345 252q11 8 12.5 20.5t-6.5 23.5l-38 52q-8 11 -21 12.5t-24 -6.5q-231 -169 -343 -250q-5 -3 -52 -39t-71.5 -52.5t-64.5 -35t-69 -18.5t-69 18.5t-64.5 35t-71.5 52.5t-52 39
+q-186 134 -343 250q-11 8 -24 6.5t-21 -12.5l-38 -52q-8 -11 -6.5 -23.5t12.5 -20.5q82 -61 345 -252q10 -8 50 -38t65 -47t64 -39.5t77.5 -33.5t75.5 -11t75.5 11t79 34.5t64.5 39.5t65 47.5t48 36.5z" />
+    <glyph glyph-name="uniF2B7" unicode="&#xf2b7;" horiz-adv-x="1792" 
+d="M1474 623l39 -51q8 -11 6.5 -23.5t-11.5 -20.5q-43 -34 -126.5 -98.5t-146.5 -113t-67 -51.5q-39 -32 -60 -48t-60.5 -41t-76.5 -36.5t-74 -11.5h-1h-1q-37 0 -74 11.5t-76 36.5t-61 41.5t-60 47.5q-5 4 -65 50.5t-143.5 111t-122.5 94.5q-11 8 -12.5 20.5t6.5 23.5
+l37 52q8 11 21.5 13t24.5 -7q94 -73 306 -236q5 -4 43.5 -35t60.5 -46.5t56.5 -32.5t58.5 -17h1h1q24 0 58.5 17t56.5 32.5t60.5 46.5t43.5 35q258 198 313 242q11 8 24 6.5t21 -12.5zM1664 -96v928q-90 83 -159 139q-91 74 -389 304q-3 2 -43 35t-61 48t-56 32.5t-59 17.5
+h-1h-1q-24 0 -59 -17.5t-56 -32.5t-61 -48t-43 -35q-215 -166 -315.5 -245.5t-129.5 -104t-82 -74.5q-14 -12 -21 -19v-928q0 -13 9.5 -22.5t22.5 -9.5h1472q13 0 22.5 9.5t9.5 22.5zM1792 832v-928q0 -66 -47 -113t-113 -47h-1472q-66 0 -113 47t-47 113v928q0 56 41 94
+q123 114 350 290.5t233 181.5q36 30 59 47.5t61.5 42t76 36.5t74.5 12h1h1q37 0 74.5 -12t76 -36.5t61.5 -42t59 -47.5q43 -36 156 -122t226 -177t201 -173q41 -38 41 -94z" />
+    <glyph glyph-name="uniF2B8" unicode="&#xf2b8;" 
+d="M330 1l202 -214l-34 236l-216 213zM556 -225l274 218l-11 245l-300 -215zM245 413l227 -213l-48 327l-245 204zM495 189l317 214l-14 324l-352 -200zM843 178l95 -80l-2 239l-103 79q0 -1 1 -8.5t0 -12t-5 -7.5l-78 -52l85 -70q7 -6 7 -88zM138 930l256 -200l-68 465
+l-279 173zM1173 267l15 234l-230 -164l2 -240zM417 722l373 194l-19 441l-423 -163zM1270 357l20 233l-226 142l-2 -105l144 -95q6 -4 4 -9l-7 -119zM1461 496l30 222l-179 -128l-20 -228zM1273 329l-71 49l-8 -117q0 -5 -4 -8l-234 -187q-7 -5 -14 0l-98 83l7 -161
+q0 -5 -4 -8l-293 -234q-4 -2 -6 -2q-8 2 -8 3l-228 242q-4 4 -59 277q-2 7 5 11l61 37q-94 86 -95 92l-72 351q-2 7 6 12l94 45q-133 100 -135 108l-96 466q-2 10 7 13l433 135q5 0 8 -1l317 -153q6 -4 6 -9l20 -463q0 -7 -6 -10l-118 -61l126 -85q5 -2 5 -8l5 -123l121 74
+q5 4 11 0l84 -56l3 110q0 6 5 9l206 126q6 3 11 0l245 -135q4 -4 5 -7t-6.5 -60t-17.5 -124.5t-10 -70.5q0 -5 -4 -7l-191 -153q-6 -5 -13 0z" />
+    <glyph glyph-name="uniF2B9" unicode="&#xf2b9;" horiz-adv-x="1664" 
+d="M1201 298q0 57 -5.5 107t-21 100.5t-39.5 86t-64 58t-91 22.5q-6 -4 -33.5 -20.5t-42.5 -24.5t-40.5 -20t-49 -17t-46.5 -5t-46.5 5t-49 17t-40.5 20t-42.5 24.5t-33.5 20.5q-51 0 -91 -22.5t-64 -58t-39.5 -86t-21 -100.5t-5.5 -107q0 -73 42 -121.5t103 -48.5h576
+q61 0 103 48.5t42 121.5zM1028 892q0 108 -76.5 184t-183.5 76t-183.5 -76t-76.5 -184q0 -107 76.5 -183t183.5 -76t183.5 76t76.5 183zM1664 352v-192q0 -14 -9 -23t-23 -9h-96v-224q0 -66 -47 -113t-113 -47h-1216q-66 0 -113 47t-47 113v1472q0 66 47 113t113 47h1216
+q66 0 113 -47t47 -113v-224h96q14 0 23 -9t9 -23v-192q0 -14 -9 -23t-23 -9h-96v-128h96q14 0 23 -9t9 -23v-192q0 -14 -9 -23t-23 -9h-96v-128h96q14 0 23 -9t9 -23z" />
+    <glyph glyph-name="uniF2BA" unicode="&#xf2ba;" horiz-adv-x="1664" 
+d="M1028 892q0 -107 -76.5 -183t-183.5 -76t-183.5 76t-76.5 183q0 108 76.5 184t183.5 76t183.5 -76t76.5 -184zM980 672q46 0 82.5 -17t60 -47.5t39.5 -67t24 -81t11.5 -82.5t3.5 -79q0 -67 -39.5 -118.5t-105.5 -51.5h-576q-66 0 -105.5 51.5t-39.5 118.5q0 48 4.5 93.5
+t18.5 98.5t36.5 91.5t63 64.5t93.5 26h5q7 -4 32 -19.5t35.5 -21t33 -17t37 -16t35 -9t39.5 -4.5t39.5 4.5t35 9t37 16t33 17t35.5 21t32 19.5zM1664 928q0 -13 -9.5 -22.5t-22.5 -9.5h-96v-128h96q13 0 22.5 -9.5t9.5 -22.5v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-96v-128h96
+q13 0 22.5 -9.5t9.5 -22.5v-192q0 -13 -9.5 -22.5t-22.5 -9.5h-96v-224q0 -66 -47 -113t-113 -47h-1216q-66 0 -113 47t-47 113v1472q0 66 47 113t113 47h1216q66 0 113 -47t47 -113v-224h96q13 0 22.5 -9.5t9.5 -22.5v-192zM1408 -96v1472q0 13 -9.5 22.5t-22.5 9.5h-1216
+q-13 0 -22.5 -9.5t-9.5 -22.5v-1472q0 -13 9.5 -22.5t22.5 -9.5h1216q13 0 22.5 9.5t9.5 22.5z" />
+    <glyph glyph-name="uniF2BB" unicode="&#xf2bb;" horiz-adv-x="2048" 
+d="M1024 405q0 64 -9 117.5t-29.5 103t-60.5 78t-97 28.5q-6 -4 -30 -18t-37.5 -21.5t-35.5 -17.5t-43 -14.5t-42 -4.5t-42 4.5t-43 14.5t-35.5 17.5t-37.5 21.5t-30 18q-57 0 -97 -28.5t-60.5 -78t-29.5 -103t-9 -117.5t37 -106.5t91 -42.5h512q54 0 91 42.5t37 106.5z
+M867 925q0 94 -66.5 160.5t-160.5 66.5t-160.5 -66.5t-66.5 -160.5t66.5 -160.5t160.5 -66.5t160.5 66.5t66.5 160.5zM1792 416v64q0 14 -9 23t-23 9h-576q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h576q14 0 23 9t9 23zM1792 676v56q0 15 -10.5 25.5t-25.5 10.5h-568
+q-15 0 -25.5 -10.5t-10.5 -25.5v-56q0 -15 10.5 -25.5t25.5 -10.5h568q15 0 25.5 10.5t10.5 25.5zM1792 928v64q0 14 -9 23t-23 9h-576q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h576q14 0 23 9t9 23zM2048 1248v-1216q0 -66 -47 -113t-113 -47h-352v96q0 14 -9 23t-23 9
+h-64q-14 0 -23 -9t-9 -23v-96h-768v96q0 14 -9 23t-23 9h-64q-14 0 -23 -9t-9 -23v-96h-352q-66 0 -113 47t-47 113v1216q0 66 47 113t113 47h1728q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="uniF2BC" unicode="&#xf2bc;" horiz-adv-x="2048" 
+d="M1024 405q0 -64 -37 -106.5t-91 -42.5h-512q-54 0 -91 42.5t-37 106.5t9 117.5t29.5 103t60.5 78t97 28.5q6 -4 30 -18t37.5 -21.5t35.5 -17.5t43 -14.5t42 -4.5t42 4.5t43 14.5t35.5 17.5t37.5 21.5t30 18q57 0 97 -28.5t60.5 -78t29.5 -103t9 -117.5zM867 925
+q0 -94 -66.5 -160.5t-160.5 -66.5t-160.5 66.5t-66.5 160.5t66.5 160.5t160.5 66.5t160.5 -66.5t66.5 -160.5zM1792 480v-64q0 -14 -9 -23t-23 -9h-576q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h576q14 0 23 -9t9 -23zM1792 732v-56q0 -15 -10.5 -25.5t-25.5 -10.5h-568
+q-15 0 -25.5 10.5t-10.5 25.5v56q0 15 10.5 25.5t25.5 10.5h568q15 0 25.5 -10.5t10.5 -25.5zM1792 992v-64q0 -14 -9 -23t-23 -9h-576q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h576q14 0 23 -9t9 -23zM1920 32v1216q0 13 -9.5 22.5t-22.5 9.5h-1728q-13 0 -22.5 -9.5
+t-9.5 -22.5v-1216q0 -13 9.5 -22.5t22.5 -9.5h352v96q0 14 9 23t23 9h64q14 0 23 -9t9 -23v-96h768v96q0 14 9 23t23 9h64q14 0 23 -9t9 -23v-96h352q13 0 22.5 9.5t9.5 22.5zM2048 1248v-1216q0 -66 -47 -113t-113 -47h-1728q-66 0 -113 47t-47 113v1216q0 66 47 113
+t113 47h1728q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="uniF2BD" unicode="&#xf2bd;" horiz-adv-x="1792" 
+d="M1523 197q-22 155 -87.5 257.5t-184.5 118.5q-67 -74 -159.5 -115.5t-195.5 -41.5t-195.5 41.5t-159.5 115.5q-119 -16 -184.5 -118.5t-87.5 -257.5q106 -150 271 -237.5t356 -87.5t356 87.5t271 237.5zM1280 896q0 159 -112.5 271.5t-271.5 112.5t-271.5 -112.5
+t-112.5 -271.5t112.5 -271.5t271.5 -112.5t271.5 112.5t112.5 271.5zM1792 640q0 -182 -71 -347.5t-190.5 -286t-285.5 -191.5t-349 -71q-182 0 -348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71t348 -71t286 -191t191 -286t71 -348z" />
+    <glyph glyph-name="uniF2BE" unicode="&#xf2be;" horiz-adv-x="1792" 
+d="M896 1536q182 0 348 -71t286 -191t191 -286t71 -348q0 -181 -70.5 -347t-190.5 -286t-286 -191.5t-349 -71.5t-349 71t-285.5 191.5t-190.5 286t-71 347.5t71 348t191 286t286 191t348 71zM1515 185q149 205 149 455q0 156 -61 298t-164 245t-245 164t-298 61t-298 -61
+t-245 -164t-164 -245t-61 -298q0 -250 149 -455q66 327 306 327q131 -128 313 -128t313 128q240 0 306 -327zM1280 832q0 159 -112.5 271.5t-271.5 112.5t-271.5 -112.5t-112.5 -271.5t112.5 -271.5t271.5 -112.5t271.5 112.5t112.5 271.5z" />
+    <glyph glyph-name="uniF2C0" unicode="&#xf2c0;" 
+d="M1201 752q47 -14 89.5 -38t89 -73t79.5 -115.5t55 -172t22 -236.5q0 -154 -100 -263.5t-241 -109.5h-854q-141 0 -241 109.5t-100 263.5q0 131 22 236.5t55 172t79.5 115.5t89 73t89.5 38q-79 125 -79 272q0 104 40.5 198.5t109.5 163.5t163.5 109.5t198.5 40.5
+t198.5 -40.5t163.5 -109.5t109.5 -163.5t40.5 -198.5q0 -147 -79 -272zM768 1408q-159 0 -271.5 -112.5t-112.5 -271.5t112.5 -271.5t271.5 -112.5t271.5 112.5t112.5 271.5t-112.5 271.5t-271.5 112.5zM1195 -128q88 0 150.5 71.5t62.5 173.5q0 239 -78.5 377t-225.5 145
+q-145 -127 -336 -127t-336 127q-147 -7 -225.5 -145t-78.5 -377q0 -102 62.5 -173.5t150.5 -71.5h854z" />
+    <glyph glyph-name="uniF2C1" unicode="&#xf2c1;" horiz-adv-x="1280" 
+d="M1024 278q0 -64 -37 -107t-91 -43h-512q-54 0 -91 43t-37 107t9 118t29.5 104t61 78.5t96.5 28.5q80 -75 188 -75t188 75q56 0 96.5 -28.5t61 -78.5t29.5 -104t9 -118zM870 797q0 -94 -67.5 -160.5t-162.5 -66.5t-162.5 66.5t-67.5 160.5t67.5 160.5t162.5 66.5
+t162.5 -66.5t67.5 -160.5zM1152 -96v1376h-1024v-1376q0 -13 9.5 -22.5t22.5 -9.5h960q13 0 22.5 9.5t9.5 22.5zM1280 1376v-1472q0 -66 -47 -113t-113 -47h-960q-66 0 -113 47t-47 113v1472q0 66 47 113t113 47h352v-96q0 -14 9 -23t23 -9h192q14 0 23 9t9 23v96h352
+q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="uniF2C2" unicode="&#xf2c2;" horiz-adv-x="2048" 
+d="M896 324q0 54 -7.5 100.5t-24.5 90t-51 68.5t-81 25q-64 -64 -156 -64t-156 64q-47 0 -81 -25t-51 -68.5t-24.5 -90t-7.5 -100.5q0 -55 31.5 -93.5t75.5 -38.5h426q44 0 75.5 38.5t31.5 93.5zM768 768q0 80 -56 136t-136 56t-136 -56t-56 -136t56 -136t136 -56t136 56
+t56 136zM1792 288v64q0 14 -9 23t-23 9h-704q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h704q14 0 23 9t9 23zM1408 544v64q0 14 -9 23t-23 9h-320q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h320q14 0 23 9t9 23zM1792 544v64q0 14 -9 23t-23 9h-192q-14 0 -23 -9t-9 -23
+v-64q0 -14 9 -23t23 -9h192q14 0 23 9t9 23zM1792 800v64q0 14 -9 23t-23 9h-704q-14 0 -23 -9t-9 -23v-64q0 -14 9 -23t23 -9h704q14 0 23 9t9 23zM128 1152h1792v96q0 14 -9 23t-23 9h-1728q-14 0 -23 -9t-9 -23v-96zM2048 1248v-1216q0 -66 -47 -113t-113 -47h-1728
+q-66 0 -113 47t-47 113v1216q0 66 47 113t113 47h1728q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="uniF2C3" unicode="&#xf2c3;" horiz-adv-x="2048" 
+d="M896 324q0 -55 -31.5 -93.5t-75.5 -38.5h-426q-44 0 -75.5 38.5t-31.5 93.5q0 54 7.5 100.5t24.5 90t51 68.5t81 25q64 -64 156 -64t156 64q47 0 81 -25t51 -68.5t24.5 -90t7.5 -100.5zM768 768q0 -80 -56 -136t-136 -56t-136 56t-56 136t56 136t136 56t136 -56t56 -136z
+M1792 352v-64q0 -14 -9 -23t-23 -9h-704q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h704q14 0 23 -9t9 -23zM1408 608v-64q0 -14 -9 -23t-23 -9h-320q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h320q14 0 23 -9t9 -23zM1792 608v-64q0 -14 -9 -23t-23 -9h-192q-14 0 -23 9t-9 23v64
+q0 14 9 23t23 9h192q14 0 23 -9t9 -23zM1792 864v-64q0 -14 -9 -23t-23 -9h-704q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h704q14 0 23 -9t9 -23zM1920 32v1120h-1792v-1120q0 -13 9.5 -22.5t22.5 -9.5h1728q13 0 22.5 9.5t9.5 22.5zM2048 1248v-1216q0 -66 -47 -113t-113 -47
+h-1728q-66 0 -113 47t-47 113v1216q0 66 47 113t113 47h1728q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="uniF2C4" unicode="&#xf2c4;" horiz-adv-x="1792" 
+d="M1255 749q0 318 -105 474.5t-330 156.5q-222 0 -326 -157t-104 -474q0 -316 104 -471.5t326 -155.5q74 0 131 17q-22 43 -39 73t-44 65t-53.5 56.5t-63 36t-77.5 14.5q-46 0 -79 -16l-49 97q105 91 276 91q132 0 215.5 -54t150.5 -155q67 149 67 402zM1645 117h117
+q3 -27 -2 -67t-26.5 -95t-58 -100.5t-107 -78t-162.5 -32.5q-71 0 -130.5 19t-105.5 56t-79 78t-66 96q-97 -27 -205 -27q-150 0 -292.5 58t-253 158.5t-178 249t-67.5 317.5q0 170 67.5 319.5t178.5 250.5t253.5 159t291.5 58q121 0 238.5 -36t217 -106t176 -164.5
+t119.5 -219t43 -261.5q0 -190 -80.5 -347.5t-218.5 -264.5q47 -70 93.5 -106.5t104.5 -36.5q61 0 94 37.5t38 85.5z" />
+    <glyph glyph-name="uniF2C5" unicode="&#xf2c5;" horiz-adv-x="2304" 
+d="M453 -101q0 -21 -16 -37.5t-37 -16.5q-1 0 -13 3q-63 15 -162 140q-225 284 -225 676q0 341 213 614q39 51 95 103.5t94 52.5q19 0 35 -13.5t16 -32.5q0 -27 -63 -90q-98 -102 -147 -184q-119 -199 -119 -449q0 -281 123 -491q50 -85 136 -173q2 -3 14.5 -16t19.5 -21
+t17 -20.5t14.5 -23.5t4.5 -21zM1796 33q0 -29 -17.5 -48.5t-46.5 -19.5h-1081q-26 0 -45 19t-19 45q0 29 17.5 48.5t46.5 19.5h1081q26 0 45 -19t19 -45zM1581 644q0 -134 -67 -233q-25 -38 -69.5 -78.5t-83.5 -60.5q-16 -10 -27 -10q-7 0 -15 6t-8 12q0 9 19 30t42 46
+t42 67.5t19 88.5q0 76 -35 130q-29 42 -46 42q-3 0 -3 -5q0 -12 7.5 -35.5t7.5 -36.5q0 -22 -21.5 -35t-44.5 -13q-66 0 -66 76q0 15 1.5 44t1.5 44q0 25 -10 46q-13 25 -42 53.5t-51 28.5q-5 0 -7 -0.5t-3.5 -2.5t-1.5 -6q0 -2 16 -26t16 -54q0 -37 -19 -68t-46 -54
+t-53.5 -46t-45.5 -54t-19 -68q0 -98 42 -160q29 -43 79 -63q16 -5 17 -10q1 -2 1 -5q0 -16 -18 -16q-6 0 -33 11q-119 43 -195 139.5t-76 218.5q0 55 24.5 115.5t60 115t70.5 108.5t59.5 113.5t24.5 111.5q0 53 -25 94q-29 48 -56 64q-19 9 -19 21q0 20 41 20q50 0 110 -29
+q41 -19 71 -44.5t49.5 -51t33.5 -62.5t22 -69t16 -80q0 -1 3 -17.5t4.5 -25t5.5 -25t9 -27t11 -21.5t14.5 -16.5t18.5 -5.5q23 0 37 14t14 37q0 25 -20 67t-20 52t10 10q27 0 93 -70q72 -76 102.5 -156t30.5 -186zM2304 615q0 -274 -138 -503q-19 -32 -48 -72t-68 -86.5
+t-81 -77t-74 -30.5q-16 0 -31 15.5t-15 31.5q0 15 29 50.5t68.5 77t48.5 52.5q183 230 183 531q0 131 -20.5 235t-72.5 211q-58 119 -163 228q-2 3 -13 13.5t-16.5 16.5t-15 17.5t-15 20t-9.5 18.5t-4 19q0 19 16 35.5t35 16.5q70 0 196 -169q98 -131 146 -273t60 -314
+q2 -42 2 -64z" />
+    <glyph glyph-name="uniF2C6" unicode="&#xf2c6;" horiz-adv-x="1792" 
+d="M1189 229l147 693q9 44 -10.5 63t-51.5 7l-864 -333q-29 -11 -39.5 -25t-2.5 -26.5t32 -19.5l221 -69l513 323q21 14 32 6q7 -5 -4 -15l-415 -375v0v0l-16 -228q23 0 45 22l108 104l224 -165q64 -36 81 38zM1792 640q0 -182 -71 -348t-191 -286t-286 -191t-348 -71
+t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71t348 -71t286 -191t191 -286t71 -348z" />
+    <glyph glyph-name="uniF2C7" unicode="&#xf2c7;" horiz-adv-x="1024" 
+d="M640 192q0 -80 -56 -136t-136 -56t-136 56t-56 136q0 60 35 110t93 71v907h128v-907q58 -21 93 -71t35 -110zM768 192q0 77 -34 144t-94 112v768q0 80 -56 136t-136 56t-136 -56t-56 -136v-768q-60 -45 -94 -112t-34 -144q0 -133 93.5 -226.5t226.5 -93.5t226.5 93.5
+t93.5 226.5zM896 192q0 -185 -131.5 -316.5t-316.5 -131.5t-316.5 131.5t-131.5 316.5q0 182 128 313v711q0 133 93.5 226.5t226.5 93.5t226.5 -93.5t93.5 -226.5v-711q128 -131 128 -313zM1024 768v-128h-192v128h192zM1024 1024v-128h-192v128h192zM1024 1280v-128h-192
+v128h192z" />
+    <glyph glyph-name="uniF2C8" unicode="&#xf2c8;" horiz-adv-x="1024" 
+d="M640 192q0 -80 -56 -136t-136 -56t-136 56t-56 136q0 60 35 110t93 71v651h128v-651q58 -21 93 -71t35 -110zM768 192q0 77 -34 144t-94 112v768q0 80 -56 136t-136 56t-136 -56t-56 -136v-768q-60 -45 -94 -112t-34 -144q0 -133 93.5 -226.5t226.5 -93.5t226.5 93.5
+t93.5 226.5zM896 192q0 -185 -131.5 -316.5t-316.5 -131.5t-316.5 131.5t-131.5 316.5q0 182 128 313v711q0 133 93.5 226.5t226.5 93.5t226.5 -93.5t93.5 -226.5v-711q128 -131 128 -313zM1024 768v-128h-192v128h192zM1024 1024v-128h-192v128h192zM1024 1280v-128h-192
+v128h192z" />
+    <glyph glyph-name="uniF2C9" unicode="&#xf2c9;" horiz-adv-x="1024" 
+d="M640 192q0 -80 -56 -136t-136 -56t-136 56t-56 136q0 60 35 110t93 71v395h128v-395q58 -21 93 -71t35 -110zM768 192q0 77 -34 144t-94 112v768q0 80 -56 136t-136 56t-136 -56t-56 -136v-768q-60 -45 -94 -112t-34 -144q0 -133 93.5 -226.5t226.5 -93.5t226.5 93.5
+t93.5 226.5zM896 192q0 -185 -131.5 -316.5t-316.5 -131.5t-316.5 131.5t-131.5 316.5q0 182 128 313v711q0 133 93.5 226.5t226.5 93.5t226.5 -93.5t93.5 -226.5v-711q128 -131 128 -313zM1024 768v-128h-192v128h192zM1024 1024v-128h-192v128h192zM1024 1280v-128h-192
+v128h192z" />
+    <glyph glyph-name="uniF2CA" unicode="&#xf2ca;" horiz-adv-x="1024" 
+d="M640 192q0 -80 -56 -136t-136 -56t-136 56t-56 136q0 60 35 110t93 71v139h128v-139q58 -21 93 -71t35 -110zM768 192q0 77 -34 144t-94 112v768q0 80 -56 136t-136 56t-136 -56t-56 -136v-768q-60 -45 -94 -112t-34 -144q0 -133 93.5 -226.5t226.5 -93.5t226.5 93.5
+t93.5 226.5zM896 192q0 -185 -131.5 -316.5t-316.5 -131.5t-316.5 131.5t-131.5 316.5q0 182 128 313v711q0 133 93.5 226.5t226.5 93.5t226.5 -93.5t93.5 -226.5v-711q128 -131 128 -313zM1024 768v-128h-192v128h192zM1024 1024v-128h-192v128h192zM1024 1280v-128h-192
+v128h192z" />
+    <glyph glyph-name="uniF2CB" unicode="&#xf2cb;" horiz-adv-x="1024" 
+d="M640 192q0 -80 -56 -136t-136 -56t-136 56t-56 136q0 79 56 135.5t136 56.5t136 -56.5t56 -135.5zM768 192q0 77 -34 144t-94 112v768q0 80 -56 136t-136 56t-136 -56t-56 -136v-768q-60 -45 -94 -112t-34 -144q0 -133 93.5 -226.5t226.5 -93.5t226.5 93.5t93.5 226.5z
+M896 192q0 -185 -131.5 -316.5t-316.5 -131.5t-316.5 131.5t-131.5 316.5q0 182 128 313v711q0 133 93.5 226.5t226.5 93.5t226.5 -93.5t93.5 -226.5v-711q128 -131 128 -313zM1024 768v-128h-192v128h192zM1024 1024v-128h-192v128h192zM1024 1280v-128h-192v128h192z" />
+    <glyph glyph-name="uniF2CC" unicode="&#xf2cc;" horiz-adv-x="1920" 
+d="M1433 1287q10 -10 10 -23t-10 -23l-626 -626q-10 -10 -23 -10t-23 10l-82 82q-10 10 -10 23t10 23l44 44q-72 91 -81.5 207t46.5 215q-74 71 -176 71q-106 0 -181 -75t-75 -181v-1280h-256v1280q0 104 40.5 198.5t109.5 163.5t163.5 109.5t198.5 40.5q106 0 201 -41
+t166 -115q94 39 197 24.5t185 -79.5l44 44q10 10 23 10t23 -10zM1344 1024q26 0 45 -19t19 -45t-19 -45t-45 -19t-45 19t-19 45t19 45t45 19zM1600 896q-26 0 -45 19t-19 45t19 45t45 19t45 -19t19 -45t-19 -45t-45 -19zM1856 1024q26 0 45 -19t19 -45t-19 -45t-45 -19
+t-45 19t-19 45t19 45t45 19zM1216 896q26 0 45 -19t19 -45t-19 -45t-45 -19t-45 19t-19 45t19 45t45 19zM1408 832q0 26 19 45t45 19t45 -19t19 -45t-19 -45t-45 -19t-45 19t-19 45zM1728 896q26 0 45 -19t19 -45t-19 -45t-45 -19t-45 19t-19 45t19 45t45 19zM1088 768
+q26 0 45 -19t19 -45t-19 -45t-45 -19t-45 19t-19 45t19 45t45 19zM1344 640q-26 0 -45 19t-19 45t19 45t45 19t45 -19t19 -45t-19 -45t-45 -19zM1600 768q26 0 45 -19t19 -45t-19 -45t-45 -19t-45 19t-19 45t19 45t45 19zM1216 512q-26 0 -45 19t-19 45t19 45t45 19t45 -19
+t19 -45t-19 -45t-45 -19zM1472 640q26 0 45 -19t19 -45t-19 -45t-45 -19t-45 19t-19 45t19 45t45 19zM1088 512q26 0 45 -19t19 -45t-19 -45t-45 -19t-45 19t-19 45t19 45t45 19zM1344 512q26 0 45 -19t19 -45t-19 -45t-45 -19t-45 19t-19 45t19 45t45 19zM1216 384
+q26 0 45 -19t19 -45t-19 -45t-45 -19t-45 19t-19 45t19 45t45 19zM1088 256q26 0 45 -19t19 -45t-19 -45t-45 -19t-45 19t-19 45t19 45t45 19z" />
+    <glyph glyph-name="uniF2CD" unicode="&#xf2cd;" horiz-adv-x="1792" 
+d="M1664 448v-192q0 -169 -128 -286v-194q0 -14 -9 -23t-23 -9h-64q-14 0 -23 9t-9 23v118q-63 -22 -128 -22h-768q-65 0 -128 22v-110q0 -17 -9.5 -28.5t-22.5 -11.5h-64q-13 0 -22.5 11.5t-9.5 28.5v186q-128 117 -128 286v192h1536zM704 864q0 -14 -9 -23t-23 -9t-23 9
+t-9 23t9 23t23 9t23 -9t9 -23zM768 928q0 -14 -9 -23t-23 -9t-23 9t-9 23t9 23t23 9t23 -9t9 -23zM704 992q0 -14 -9 -23t-23 -9t-23 9t-9 23t9 23t23 9t23 -9t9 -23zM832 992q0 -14 -9 -23t-23 -9t-23 9t-9 23t9 23t23 9t23 -9t9 -23zM768 1056q0 -14 -9 -23t-23 -9t-23 9
+t-9 23t9 23t23 9t23 -9t9 -23zM704 1120q0 -14 -9 -23t-23 -9t-23 9t-9 23t9 23t23 9t23 -9t9 -23zM1792 608v-64q0 -14 -9 -23t-23 -9h-1728q-14 0 -23 9t-9 23v64q0 14 9 23t23 9h96v640q0 106 75 181t181 75q108 0 184 -78q46 19 98 12t93 -39l22 22q11 11 22 0l42 -42
+q11 -11 0 -22l-314 -314q-11 -11 -22 0l-42 42q-11 11 0 22l22 22q-36 46 -40.5 104t23.5 108q-37 35 -88 35q-53 0 -90.5 -37.5t-37.5 -90.5v-640h1504q14 0 23 -9t9 -23zM896 1056q0 -14 -9 -23t-23 -9t-23 9t-9 23t9 23t23 9t23 -9t9 -23zM832 1120q0 -14 -9 -23t-23 -9
+t-23 9t-9 23t9 23t23 9t23 -9t9 -23zM768 1184q0 -14 -9 -23t-23 -9t-23 9t-9 23t9 23t23 9t23 -9t9 -23zM960 1120q0 -14 -9 -23t-23 -9t-23 9t-9 23t9 23t23 9t23 -9t9 -23zM896 1184q0 -14 -9 -23t-23 -9t-23 9t-9 23t9 23t23 9t23 -9t9 -23zM832 1248q0 -14 -9 -23
+t-23 -9t-23 9t-9 23t9 23t23 9t23 -9t9 -23zM1024 1184q0 -14 -9 -23t-23 -9t-23 9t-9 23t9 23t23 9t23 -9t9 -23zM960 1248q0 -14 -9 -23t-23 -9t-23 9t-9 23t9 23t23 9t23 -9t9 -23zM1088 1248q0 -14 -9 -23t-23 -9t-23 9t-9 23t9 23t23 9t23 -9t9 -23z" />
+    <glyph glyph-name="uniF2CE" unicode="&#xf2ce;" 
+d="M994 344q0 -86 -17 -197q-31 -215 -55 -313q-22 -90 -152 -90t-152 90q-24 98 -55 313q-17 110 -17 197q0 168 224 168t224 -168zM1536 768q0 -240 -134 -434t-350 -280q-8 -3 -15 3t-6 15q7 48 10 66q4 32 6 47q1 9 9 12q159 81 255.5 234t96.5 337q0 180 -91 330.5
+t-247 234.5t-337 74q-124 -7 -237 -61t-193.5 -140.5t-128 -202t-46.5 -240.5q1 -184 99 -336.5t257 -231.5q7 -3 9 -12q3 -21 6 -45q1 -9 5 -32.5t6 -35.5q1 -9 -6.5 -15t-15.5 -2q-148 58 -261 169.5t-173.5 264t-52.5 319.5q7 143 66 273.5t154.5 227t225 157.5t272.5 70
+q164 10 315.5 -46.5t261 -160.5t175 -250.5t65.5 -308.5zM994 800q0 -93 -65.5 -158.5t-158.5 -65.5t-158.5 65.5t-65.5 158.5t65.5 158.5t158.5 65.5t158.5 -65.5t65.5 -158.5zM1282 768q0 -122 -53.5 -228.5t-146.5 -177.5q-8 -6 -16 -2t-10 14q-6 52 -29 92q-7 10 3 20
+q58 54 91 127t33 155q0 111 -58.5 204t-157.5 141.5t-212 36.5q-133 -15 -229 -113t-109 -231q-10 -92 23.5 -176t98.5 -144q10 -10 3 -20q-24 -41 -29 -93q-2 -9 -10 -13t-16 2q-95 74 -148.5 183t-51.5 234q3 131 69 244t177 181.5t241 74.5q144 7 268 -60t196.5 -187.5
+t72.5 -263.5z" />
+    <glyph glyph-name="uniF2D0" unicode="&#xf2d0;" horiz-adv-x="1792" 
+d="M256 128h1280v768h-1280v-768zM1792 1248v-1216q0 -66 -47 -113t-113 -47h-1472q-66 0 -113 47t-47 113v1216q0 66 47 113t113 47h1472q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="uniF2D1" unicode="&#xf2d1;" horiz-adv-x="1792" 
+d="M1792 224v-192q0 -66 -47 -113t-113 -47h-1472q-66 0 -113 47t-47 113v192q0 66 47 113t113 47h1472q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="uniF2D2" unicode="&#xf2d2;" horiz-adv-x="2048" 
+d="M256 0h768v512h-768v-512zM1280 512h512v768h-768v-256h96q66 0 113 -47t47 -113v-352zM2048 1376v-960q0 -66 -47 -113t-113 -47h-608v-352q0 -66 -47 -113t-113 -47h-960q-66 0 -113 47t-47 113v960q0 66 47 113t113 47h608v352q0 66 47 113t113 47h960q66 0 113 -47
+t47 -113z" />
+    <glyph glyph-name="uniF2D3" unicode="&#xf2d3;" horiz-adv-x="1792" 
+d="M1175 215l146 146q10 10 10 23t-10 23l-233 233l233 233q10 10 10 23t-10 23l-146 146q-10 10 -23 10t-23 -10l-233 -233l-233 233q-10 10 -23 10t-23 -10l-146 -146q-10 -10 -10 -23t10 -23l233 -233l-233 -233q-10 -10 -10 -23t10 -23l146 -146q10 -10 23 -10t23 10
+l233 233l233 -233q10 -10 23 -10t23 10zM1792 1248v-1216q0 -66 -47 -113t-113 -47h-1472q-66 0 -113 47t-47 113v1216q0 66 47 113t113 47h1472q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="uniF2D4" unicode="&#xf2d4;" horiz-adv-x="1792" 
+d="M1257 425l-146 -146q-10 -10 -23 -10t-23 10l-169 169l-169 -169q-10 -10 -23 -10t-23 10l-146 146q-10 10 -10 23t10 23l169 169l-169 169q-10 10 -10 23t10 23l146 146q10 10 23 10t23 -10l169 -169l169 169q10 10 23 10t23 -10l146 -146q10 -10 10 -23t-10 -23
+l-169 -169l169 -169q10 -10 10 -23t-10 -23zM256 128h1280v1024h-1280v-1024zM1792 1248v-1216q0 -66 -47 -113t-113 -47h-1472q-66 0 -113 47t-47 113v1216q0 66 47 113t113 47h1472q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="uniF2D5" unicode="&#xf2d5;" horiz-adv-x="1792" 
+d="M1070 358l306 564h-654l-306 -564h654zM1792 640q0 -182 -71 -348t-191 -286t-286 -191t-348 -71t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71t348 -71t286 -191t191 -286t71 -348z" />
+    <glyph glyph-name="uniF2D6" unicode="&#xf2d6;" horiz-adv-x="1794" 
+d="M1291 1060q-15 17 -35 8.5t-26 -28.5t5 -38q14 -17 40 -14.5t34 20.5t-18 52zM895 814q-8 -8 -19.5 -8t-18.5 8q-8 8 -8 19t8 18q7 8 18.5 8t19.5 -8q7 -7 7 -18t-7 -19zM1060 740l-35 -35q-12 -13 -29.5 -13t-30.5 13l-38 38q-12 13 -12 30t12 30l35 35q12 12 29.5 12
+t30.5 -12l38 -39q12 -12 12 -29.5t-12 -29.5zM951 870q-7 -8 -18.5 -8t-19.5 8q-7 8 -7 19t7 19q8 8 19 8t19 -8t8 -19t-8 -19zM1354 968q-34 -64 -107.5 -85.5t-127.5 16.5q-38 28 -61 66.5t-21 87.5t39 92t75.5 53t70.5 -5t70 -51q2 -2 13 -12.5t14.5 -13.5t13 -13.5
+t12.5 -15.5t10 -15.5t8.5 -18t4 -18.5t1 -21t-5 -22t-9.5 -24zM1555 486q3 20 -8.5 34.5t-27.5 21.5t-33 17t-23 20q-40 71 -84 98.5t-113 11.5q19 13 40 18.5t33 4.5l12 -1q2 45 -34 90q6 20 6.5 40.5t-2.5 30.5l-3 10q43 24 71 65t34 91q10 84 -43 150.5t-137 76.5
+q-60 7 -114 -18.5t-82 -74.5q-30 -51 -33.5 -101t14.5 -87t43.5 -64t56.5 -42q-45 4 -88 36t-57 88q-28 108 32 222q-16 21 -29 32q-50 0 -89 -19q19 24 42 37t36 14l13 1q0 50 -13 78q-10 21 -32.5 28.5t-47 -3.5t-37.5 -40q2 4 4 7q-7 -28 -6.5 -75.5t19 -117t48.5 -122.5
+q-25 -14 -47 -36q-35 -16 -85.5 -70.5t-84.5 -101.5l-33 -46q-90 -34 -181 -125.5t-75 -162.5q1 -16 11 -27q-15 -12 -30 -30q-21 -25 -21 -54t21.5 -40t63.5 6q41 19 77 49.5t55 60.5q-2 2 -6.5 5t-20.5 7.5t-33 3.5q23 5 51 12.5t40 10t27.5 6t26 4t23.5 0.5q14 -7 22 34
+q7 37 7 90q0 102 -40 150q106 -103 101 -219q-1 -29 -15 -50t-27 -27l-13 -6q-4 -7 -19 -32t-26 -45.5t-26.5 -52t-25 -61t-17 -63t-6.5 -66.5t10 -63q-35 54 -37 80q-22 -24 -34.5 -39t-33.5 -42t-30.5 -46t-16.5 -41t-0.5 -38t25.5 -27q45 -25 144 64t190.5 221.5
+t122.5 228.5q86 52 145 115.5t86 119.5q47 -93 154 -178q104 -83 167 -80q39 2 46 43zM1794 640q0 -182 -71 -348t-191 -286t-286.5 -191t-348.5 -71t-348.5 71t-286.5 191t-191 286t-71 348t71 348t191 286t286.5 191t348.5 71t348.5 -71t286.5 -191t191 -286t71 -348z" />
+    <glyph glyph-name="uniF2D7" unicode="&#xf2d7;" 
+d="M518 1353v-655q103 -1 191.5 1.5t125.5 5.5l37 3q68 2 90.5 24.5t39.5 94.5l33 142h103l-14 -322l7 -319h-103l-29 127q-15 68 -45 93t-84 26q-87 8 -352 8v-556q0 -78 43.5 -115.5t133.5 -37.5h357q35 0 59.5 2t55 7.5t54 18t48.5 32t46 50.5t39 73l93 216h89
+q-6 -37 -31.5 -252t-30.5 -276q-146 5 -263.5 8t-162.5 4h-44h-628l-376 -12v102l127 25q67 13 91.5 37t25.5 79l8 643q3 402 -8 645q-2 61 -25.5 84t-91.5 36l-127 24v102l376 -12h702q139 0 374 27q-6 -68 -14 -194.5t-12 -219.5l-5 -92h-93l-32 124q-31 121 -74 179.5
+t-113 58.5h-548q-28 0 -35.5 -8.5t-7.5 -30.5z" />
+    <glyph glyph-name="uniF2D8" unicode="&#xf2d8;" 
+d="M922 739v-182q0 -4 0.5 -15t0 -15l-1.5 -12t-3.5 -11.5t-6.5 -7.5t-11 -5.5t-16 -1.5v309q9 0 16 -1t11 -5t6.5 -5.5t3.5 -9.5t1 -10.5v-13.5v-14zM1238 643v-121q0 -1 0.5 -12.5t0 -15.5t-2.5 -11.5t-7.5 -10.5t-13.5 -3q-9 0 -14 9q-4 10 -4 165v7v8.5v9t1.5 8.5l3.5 7
+t5 5.5t8 1.5q6 0 10 -1.5t6.5 -4.5t4 -6t2 -8.5t0.5 -8v-9.5v-9zM180 407h122v472h-122v-472zM614 407h106v472h-159l-28 -221q-20 148 -32 221h-158v-472h107v312l45 -312h76l43 319v-319zM1039 712q0 67 -5 90q-3 16 -11 28.5t-17 20.5t-25 14t-26.5 8.5t-31 4t-29 1.5
+h-29.5h-12h-91v-472h56q169 -1 197 24.5t25 180.5q-1 62 -1 100zM1356 515v133q0 29 -2 45t-9.5 33.5t-24.5 25t-46 7.5q-46 0 -77 -34v154h-117v-472h110l7 30q30 -36 77 -36q50 0 66 30.5t16 83.5zM1536 1248v-1216q0 -66 -47 -113t-113 -47h-1216q-66 0 -113 47t-47 113
+v1216q0 66 47 113t113 47h1216q66 0 113 -47t47 -113z" />
+    <glyph glyph-name="uniF2D9" unicode="&#xf2d9;" horiz-adv-x="2176" 
+d="M1143 -197q-6 1 -11 4q-13 8 -36 23t-86 65t-116.5 104.5t-112 140t-89.5 172.5q-17 3 -175 37q66 -213 235 -362t391 -184zM502 409l168 -28q-25 76 -41 167.5t-19 145.5l-4 53q-84 -82 -121 -224q5 -65 17 -114zM612 1018q-43 -64 -77 -148q44 46 74 68zM2049 584
+q0 161 -62 307t-167.5 252t-250.5 168.5t-304 62.5q-147 0 -281 -52.5t-240 -148.5q-30 -58 -45 -160q60 51 143 83.5t158.5 43t143 13.5t108.5 -1l40 -3q33 -1 53 -15.5t24.5 -33t6.5 -37t-1 -28.5q-126 11 -227.5 0.5t-183 -43.5t-142.5 -71.5t-131 -98.5
+q4 -36 11.5 -92.5t35.5 -178t62 -179.5q123 -6 247.5 14.5t214.5 53.5t162.5 67t109.5 59l37 24q22 16 39.5 20.5t30.5 -5t17 -34.5q14 -97 -39 -121q-208 -97 -467 -134q-135 -20 -317 -16q41 -96 110 -176.5t137 -127t130.5 -79t101.5 -43.5l39 -12q143 -23 263 15
+q195 99 314 289t119 418zM2123 621q-14 -135 -40 -212q-70 -208 -181.5 -346.5t-318.5 -253.5q-48 -33 -82 -44q-72 -26 -163 -16q-36 -3 -73 -3q-283 0 -504.5 173t-295.5 442q-1 0 -4 0.5t-5 0.5q-6 -50 2.5 -112.5t26 -115t36 -98t31.5 -71.5l14 -26q8 -12 54 -82
+q-71 38 -124.5 106.5t-78.5 140t-39.5 137t-17.5 107.5l-2 42q-5 2 -33.5 12.5t-48.5 18t-53 20.5t-57.5 25t-50 25.5t-42.5 27t-25 25.5q19 -10 50.5 -25.5t113 -45.5t145.5 -38l2 32q11 149 94 290q41 202 176 365q28 115 81 214q15 28 32 45t49 32q158 74 303.5 104
+t302 11t306.5 -97q220 -115 333 -336t87 -474z" />
+    <glyph glyph-name="uniF2DA" unicode="&#xf2da;" horiz-adv-x="1792" 
+d="M1341 752q29 44 -6.5 129.5t-121.5 142.5q-58 39 -125.5 53.5t-118 4.5t-68.5 -37q-12 -23 -4.5 -28t42.5 -10q23 -3 38.5 -5t44.5 -9.5t56 -17.5q36 -13 67.5 -31.5t53 -37t40 -38.5t30.5 -38t22 -34.5t16.5 -28.5t12 -18.5t10.5 -6t11 9.5zM1704 178
+q-52 -127 -148.5 -220t-214.5 -141.5t-253 -60.5t-266 13.5t-251 91t-210 161.5t-141.5 235.5t-46.5 303.5q1 41 8.5 84.5t12.5 64t24 80.5t23 73q-51 -208 1 -397t173 -318t291 -206t346 -83t349 74.5t289 244.5q20 27 18 14q0 -4 -4 -14zM1465 627q0 -104 -40.5 -199
+t-108.5 -164t-162 -109.5t-198 -40.5t-198 40.5t-162 109.5t-108.5 164t-40.5 199t40.5 199t108.5 164t162 109.5t198 40.5t198 -40.5t162 -109.5t108.5 -164t40.5 -199zM1752 915q-65 147 -180.5 251t-253 153.5t-292 53.5t-301 -36.5t-275.5 -129t-220 -211.5t-131 -297
+t-10 -373q-49 161 -51.5 311.5t35.5 272.5t109 227t165.5 180.5t207 126t232 71t242.5 9t236 -54t216 -124.5t178 -197q33 -50 62 -121t31 -112zM1690 573q12 244 -136.5 416t-396.5 240q-8 0 -10 5t24 8q125 -4 230 -50t173 -120t116 -168.5t58.5 -199t-1 -208
+t-61.5 -197.5t-122.5 -167t-185 -117.5t-248.5 -46.5q108 30 201.5 80t174 123t129.5 176.5t55 225.5z" />
+    <glyph glyph-name="uniF2DB" unicode="&#xf2db;" 
+d="M192 256v-128h-112q-16 0 -16 16v16h-48q-16 0 -16 16v32q0 16 16 16h48v16q0 16 16 16h112zM192 512v-128h-112q-16 0 -16 16v16h-48q-16 0 -16 16v32q0 16 16 16h48v16q0 16 16 16h112zM192 768v-128h-112q-16 0 -16 16v16h-48q-16 0 -16 16v32q0 16 16 16h48v16
+q0 16 16 16h112zM192 1024v-128h-112q-16 0 -16 16v16h-48q-16 0 -16 16v32q0 16 16 16h48v16q0 16 16 16h112zM192 1280v-128h-112q-16 0 -16 16v16h-48q-16 0 -16 16v32q0 16 16 16h48v16q0 16 16 16h112zM1280 1440v-1472q0 -40 -28 -68t-68 -28h-832q-40 0 -68 28
+t-28 68v1472q0 40 28 68t68 28h832q40 0 68 -28t28 -68zM1536 208v-32q0 -16 -16 -16h-48v-16q0 -16 -16 -16h-112v128h112q16 0 16 -16v-16h48q16 0 16 -16zM1536 464v-32q0 -16 -16 -16h-48v-16q0 -16 -16 -16h-112v128h112q16 0 16 -16v-16h48q16 0 16 -16zM1536 720v-32
+q0 -16 -16 -16h-48v-16q0 -16 -16 -16h-112v128h112q16 0 16 -16v-16h48q16 0 16 -16zM1536 976v-32q0 -16 -16 -16h-48v-16q0 -16 -16 -16h-112v128h112q16 0 16 -16v-16h48q16 0 16 -16zM1536 1232v-32q0 -16 -16 -16h-48v-16q0 -16 -16 -16h-112v128h112q16 0 16 -16v-16
+h48q16 0 16 -16z" />
+    <glyph glyph-name="uniF2DC" unicode="&#xf2dc;" horiz-adv-x="1664" 
+d="M1566 419l-167 -33l186 -107q23 -13 29.5 -38.5t-6.5 -48.5q-14 -23 -39 -29.5t-48 6.5l-186 106l55 -160q13 -38 -12 -63.5t-60.5 -20.5t-48.5 42l-102 300l-271 156v-313l208 -238q16 -18 17 -39t-11 -36.5t-28.5 -25t-37 -5.5t-36.5 22l-112 128v-214q0 -26 -19 -45
+t-45 -19t-45 19t-19 45v214l-112 -128q-16 -18 -36.5 -22t-37 5.5t-28.5 25t-11 36.5t17 39l208 238v313l-271 -156l-102 -300q-13 -37 -48.5 -42t-60.5 20.5t-12 63.5l55 160l-186 -106q-23 -13 -48 -6.5t-39 29.5q-13 23 -6.5 48.5t29.5 38.5l186 107l-167 33
+q-29 6 -42 29t-8.5 46.5t25.5 40t50 10.5l310 -62l271 157l-271 157l-310 -62q-4 -1 -13 -1q-27 0 -44 18t-19 40t11 43t40 26l167 33l-186 107q-23 13 -29.5 38.5t6.5 48.5t39 30t48 -7l186 -106l-55 160q-13 38 12 63.5t60.5 20.5t48.5 -42l102 -300l271 -156v313
+l-208 238q-16 18 -17 39t11 36.5t28.5 25t37 5.5t36.5 -22l112 -128v214q0 26 19 45t45 19t45 -19t19 -45v-214l112 128q16 18 36.5 22t37 -5.5t28.5 -25t11 -36.5t-17 -39l-208 -238v-313l271 156l102 300q13 37 48.5 42t60.5 -20.5t12 -63.5l-55 -160l186 106
+q23 13 48 6.5t39 -29.5q13 -23 6.5 -48.5t-29.5 -38.5l-186 -107l167 -33q27 -5 40 -26t11 -43t-19 -40t-44 -18q-9 0 -13 1l-310 62l-271 -157l271 -157l310 62q29 6 50 -10.5t25.5 -40t-8.5 -46.5t-42 -29z" />
+    <glyph glyph-name="uniF2DD" unicode="&#xf2dd;" horiz-adv-x="1792" 
+d="M1473 607q7 118 -33 226.5t-113 189t-177 131t-221 57.5q-116 7 -225.5 -32t-192 -110.5t-135 -175t-59.5 -220.5q-7 -118 33 -226.5t113 -189t177.5 -131t221.5 -57.5q155 -9 293 59t224 195.5t94 283.5zM1792 1536l-349 -348q120 -117 180.5 -272t50.5 -321
+q-11 -183 -102 -339t-241 -255.5t-332 -124.5l-999 -132l347 347q-120 116 -180.5 271.5t-50.5 321.5q11 184 102 340t241.5 255.5t332.5 124.5q167 22 500 66t500 66z" />
+    <glyph glyph-name="uniF2DE" unicode="&#xf2de;" horiz-adv-x="1792" 
+d="M948 508l163 -329h-51l-175 350l-171 -350h-49l179 374l-78 33l21 49l240 -102l-21 -50zM563 1100l304 -130l-130 -304l-304 130zM907 915l240 -103l-103 -239l-239 102zM1188 765l191 -81l-82 -190l-190 81zM1680 640q0 159 -62 304t-167.5 250.5t-250.5 167.5t-304 62
+t-304 -62t-250.5 -167.5t-167.5 -250.5t-62 -304t62 -304t167.5 -250.5t250.5 -167.5t304 -62t304 62t250.5 167.5t167.5 250.5t62 304zM1792 640q0 -182 -71 -348t-191 -286t-286 -191t-348 -71t-348 71t-286 191t-191 286t-71 348t71 348t191 286t286 191t348 71t348 -71
+t286 -191t191 -286t71 -348z" />
+    <glyph glyph-name="uniF2E0" unicode="&#xf2e0;" horiz-adv-x="1920" 
+d="M1334 302q-4 24 -27.5 34t-49.5 10.5t-48.5 12.5t-25.5 38q-5 47 33 139.5t75 181t32 127.5q-14 101 -117 103q-45 1 -75 -16l-3 -2l-5 -2.5t-4.5 -2t-5 -2t-5 -0.5t-6 1.5t-6 3.5t-6.5 5q-3 2 -9 8.5t-9 9t-8.5 7.5t-9.5 7.5t-9.5 5.5t-11 4.5t-11.5 2.5q-30 5 -48 -3
+t-45 -31q-1 -1 -9 -8.5t-12.5 -11t-15 -10t-16.5 -5.5t-17 3q-54 27 -84 40q-41 18 -94 -5t-76 -65q-16 -28 -41 -98.5t-43.5 -132.5t-40 -134t-21.5 -73q-22 -69 18.5 -119t110.5 -46q30 2 50.5 15t38.5 46q7 13 79 199.5t77 194.5q6 11 21.5 18t29.5 0q27 -15 21 -53
+q-2 -18 -51 -139.5t-50 -132.5q-6 -38 19.5 -56.5t60.5 -7t55 49.5q4 8 45.5 92t81.5 163.5t46 88.5q20 29 41 28q29 0 25 -38q-2 -16 -65.5 -147.5t-70.5 -159.5q-12 -53 13 -103t74 -74q17 -9 51 -15.5t71.5 -8t62.5 14t20 48.5zM383 86q3 -15 -5 -27.5t-23 -15.5
+q-14 -3 -26.5 5t-15.5 23q-3 14 5 27t22 16t27 -5t16 -23zM953 -177q12 -17 8.5 -37.5t-20.5 -32.5t-37.5 -8t-32.5 21q-11 17 -7.5 37.5t20.5 32.5t37.5 8t31.5 -21zM177 635q-18 -27 -49.5 -33t-57.5 13q-26 18 -32 50t12 58q18 27 49.5 33t57.5 -12q26 -19 32 -50.5
+t-12 -58.5zM1467 -42q19 -28 13 -61.5t-34 -52.5t-60.5 -13t-51.5 34t-13 61t33 53q28 19 60.5 13t52.5 -34zM1579 562q69 -113 42.5 -244.5t-134.5 -207.5q-90 -63 -199 -60q-20 -80 -84.5 -127t-143.5 -44.5t-140 57.5q-12 -9 -13 -10q-103 -71 -225 -48.5t-193 126.5
+q-50 73 -53 164q-83 14 -142.5 70.5t-80.5 128t-2 152t81 138.5q-36 60 -38 128t24.5 125t79.5 98.5t121 50.5q32 85 99 148t146.5 91.5t168 17t159.5 -66.5q72 21 140 17.5t128.5 -36t104.5 -80t67.5 -115t17.5 -140.5q52 -16 87 -57t45.5 -89t-5.5 -99.5t-58 -87.5z
+M455 1222q14 -20 9.5 -44.5t-24.5 -38.5q-19 -14 -43.5 -9.5t-37.5 24.5q-14 20 -9.5 44.5t24.5 38.5q19 14 43.5 9.5t37.5 -24.5zM614 1503q4 -16 -5 -30.5t-26 -18.5t-31 5.5t-18 26.5q-3 17 6.5 31t25.5 18q17 4 31 -5.5t17 -26.5zM1800 555q4 -20 -6.5 -37t-30.5 -21
+q-19 -4 -36 6.5t-21 30.5t6.5 37t30.5 22q20 4 36.5 -7.5t20.5 -30.5zM1136 1448q16 -27 8.5 -58.5t-35.5 -47.5q-27 -16 -57.5 -8.5t-46.5 34.5q-16 28 -8.5 59t34.5 48t58 9t47 -36zM1882 792q4 -15 -4 -27.5t-23 -16.5q-15 -3 -27.5 5.5t-15.5 22.5q-3 15 5 28t23 16
+q14 3 26.5 -5t15.5 -23zM1691 1033q15 -22 10.5 -49t-26.5 -43q-22 -15 -49 -10t-42 27t-10 49t27 43t48.5 11t41.5 -28z" />
+    <glyph glyph-name="uniF2E1" unicode="&#xf2e1;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="uniF2E2" unicode="&#xf2e2;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="uniF2E3" unicode="&#xf2e3;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="uniF2E4" unicode="&#xf2e4;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="uniF2E5" unicode="&#xf2e5;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="uniF2E6" unicode="&#xf2e6;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="uniF2E7" unicode="&#xf2e7;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="_698" unicode="&#xf2e8;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="uniF2E9" unicode="&#xf2e9;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="uniF2EA" unicode="&#xf2ea;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="uniF2EB" unicode="&#xf2eb;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="uniF2EC" unicode="&#xf2ec;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="uniF2ED" unicode="&#xf2ed;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="uniF2EE" unicode="&#xf2ee;" horiz-adv-x="1792" 
+ />
+    <glyph glyph-name="lessequal" unicode="&#xf500;" horiz-adv-x="1792" 
+ />
+  </font>
+</defs></svg>
diff --git a/docs/saml2/_static/css/fonts/fontawesome-webfont.ttf b/docs/saml2/_static/css/fonts/fontawesome-webfont.ttf
new file mode 100644
index 00000000..35acda2f
Binary files /dev/null and b/docs/saml2/_static/css/fonts/fontawesome-webfont.ttf differ
diff --git a/docs/saml2/_static/css/fonts/fontawesome-webfont.woff b/docs/saml2/_static/css/fonts/fontawesome-webfont.woff
new file mode 100644
index 00000000..400014a4
Binary files /dev/null and b/docs/saml2/_static/css/fonts/fontawesome-webfont.woff differ
diff --git a/docs/saml2/_static/css/fonts/fontawesome-webfont.woff2 b/docs/saml2/_static/css/fonts/fontawesome-webfont.woff2
new file mode 100644
index 00000000..4d13fc60
Binary files /dev/null and b/docs/saml2/_static/css/fonts/fontawesome-webfont.woff2 differ
diff --git a/docs/saml2/_static/css/fonts/lato-bold-italic.woff b/docs/saml2/_static/css/fonts/lato-bold-italic.woff
new file mode 100644
index 00000000..88ad05b9
Binary files /dev/null and b/docs/saml2/_static/css/fonts/lato-bold-italic.woff differ
diff --git a/docs/saml2/_static/css/fonts/lato-bold-italic.woff2 b/docs/saml2/_static/css/fonts/lato-bold-italic.woff2
new file mode 100644
index 00000000..c4e3d804
Binary files /dev/null and b/docs/saml2/_static/css/fonts/lato-bold-italic.woff2 differ
diff --git a/docs/saml2/_static/css/fonts/lato-bold.woff b/docs/saml2/_static/css/fonts/lato-bold.woff
new file mode 100644
index 00000000..c6dff51f
Binary files /dev/null and b/docs/saml2/_static/css/fonts/lato-bold.woff differ
diff --git a/docs/saml2/_static/css/fonts/lato-bold.woff2 b/docs/saml2/_static/css/fonts/lato-bold.woff2
new file mode 100644
index 00000000..bb195043
Binary files /dev/null and b/docs/saml2/_static/css/fonts/lato-bold.woff2 differ
diff --git a/docs/saml2/_static/css/fonts/lato-normal-italic.woff b/docs/saml2/_static/css/fonts/lato-normal-italic.woff
new file mode 100644
index 00000000..76114bc0
Binary files /dev/null and b/docs/saml2/_static/css/fonts/lato-normal-italic.woff differ
diff --git a/docs/saml2/_static/css/fonts/lato-normal-italic.woff2 b/docs/saml2/_static/css/fonts/lato-normal-italic.woff2
new file mode 100644
index 00000000..3404f37e
Binary files /dev/null and b/docs/saml2/_static/css/fonts/lato-normal-italic.woff2 differ
diff --git a/docs/saml2/_static/css/fonts/lato-normal.woff b/docs/saml2/_static/css/fonts/lato-normal.woff
new file mode 100644
index 00000000..ae1307ff
Binary files /dev/null and b/docs/saml2/_static/css/fonts/lato-normal.woff differ
diff --git a/docs/saml2/_static/css/fonts/lato-normal.woff2 b/docs/saml2/_static/css/fonts/lato-normal.woff2
new file mode 100644
index 00000000..3bf98433
Binary files /dev/null and b/docs/saml2/_static/css/fonts/lato-normal.woff2 differ
diff --git a/docs/saml2/_static/css/theme.css b/docs/saml2/_static/css/theme.css
new file mode 100644
index 00000000..19a446a0
--- /dev/null
+++ b/docs/saml2/_static/css/theme.css
@@ -0,0 +1,4 @@
+html{box-sizing:border-box}*,:after,:before{box-sizing:inherit}article,aside,details,figcaption,figure,footer,header,hgroup,nav,section{display:block}audio,canvas,video{display:inline-block;*display:inline;*zoom:1}[hidden],audio:not([controls]){display:none}*{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}html{font-size:100%;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}blockquote{margin:0}dfn{font-style:italic}ins{background:#ff9;text-decoration:none}ins,mark{color:#000}mark{background:#ff0;font-style:italic;font-weight:700}.rst-content code,.rst-content tt,code,kbd,pre,samp{font-family:monospace,serif;_font-family:courier new,monospace;font-size:1em}pre{white-space:pre}q{quotes:none}q:after,q:before{content:"";content:none}small{font-size:85%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sup{top:-.5em}sub{bottom:-.25em}dl,ol,ul{margin:0;padding:0;list-style:none;list-style-image:none}li{list-style:none}dd{margin:0}img{border:0;-ms-interpolation-mode:bicubic;vertical-align:middle;max-width:100%}svg:not(:root){overflow:hidden}figure,form{margin:0}label{cursor:pointer}button,input,select,textarea{font-size:100%;margin:0;vertical-align:baseline;*vertical-align:middle}button,input{line-height:normal}button,input[type=button],input[type=reset],input[type=submit]{cursor:pointer;-webkit-appearance:button;*overflow:visible}button[disabled],input[disabled]{cursor:default}input[type=search]{-webkit-appearance:textfield;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;box-sizing:content-box}textarea{resize:vertical}table{border-collapse:collapse;border-spacing:0}td{vertical-align:top}.chromeframe{margin:.2em 0;background:#ccc;color:#000;padding:.2em 0}.ir{display:block;border:0;text-indent:-999em;overflow:hidden;background-color:transparent;background-repeat:no-repeat;text-align:left;direction:ltr;*line-height:0}.ir br{display:none}.hidden{display:none!important;visibility:hidden}.visuallyhidden{border:0;clip:rect(0 0 0 0);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px}.visuallyhidden.focusable:active,.visuallyhidden.focusable:focus{clip:auto;height:auto;margin:0;overflow:visible;position:static;width:auto}.invisible{visibility:hidden}.relative{position:relative}big,small{font-size:100%}@media print{body,html,section{background:none!important}*{box-shadow:none!important;text-shadow:none!important;filter:none!important;-ms-filter:none!important}a,a:visited{text-decoration:underline}.ir a:after,a[href^="#"]:after,a[href^="javascript:"]:after{content:""}blockquote,pre{page-break-inside:avoid}thead{display:table-header-group}img,tr{page-break-inside:avoid}img{max-width:100%!important}@page{margin:.5cm}.rst-content .toctree-wrapper>p.caption,h2,h3,p{orphans:3;widows:3}.rst-content .toctree-wrapper>p.caption,h2,h3{page-break-after:avoid}}.btn,.fa:before,.icon:before,.rst-content .admonition,.rst-content .admonition-title:before,.rst-content .admonition-todo,.rst-content .attention,.rst-content .caution,.rst-content .code-block-caption .headerlink:before,.rst-content .danger,.rst-content .eqno .headerlink:before,.rst-content .error,.rst-content .hint,.rst-content .important,.rst-content .note,.rst-content .seealso,.rst-content .tip,.rst-content .warning,.rst-content code.download span:first-child:before,.rst-content dl dt .headerlink:before,.rst-content h1 .headerlink:before,.rst-content h2 .headerlink:before,.rst-content h3 .headerlink:before,.rst-content h4 .headerlink:before,.rst-content h5 .headerlink:before,.rst-content h6 .headerlink:before,.rst-content p.caption .headerlink:before,.rst-content p .headerlink:before,.rst-content table>caption .headerlink:before,.rst-content tt.download span:first-child:before,.wy-alert,.wy-dropdown .caret:before,.wy-inline-validate.wy-inline-validate-danger .wy-input-context:before,.wy-inline-validate.wy-inline-validate-info .wy-input-context:before,.wy-inline-validate.wy-inline-validate-success .wy-input-context:before,.wy-inline-validate.wy-inline-validate-warning .wy-input-context:before,.wy-menu-vertical li.current>a button.toctree-expand:before,.wy-menu-vertical li.on a button.toctree-expand:before,.wy-menu-vertical li button.toctree-expand:before,input[type=color],input[type=date],input[type=datetime-local],input[type=datetime],input[type=email],input[type=month],input[type=number],input[type=password],input[type=search],input[type=tel],input[type=text],input[type=time],input[type=url],input[type=week],select,textarea{-webkit-font-smoothing:antialiased}.clearfix{*zoom:1}.clearfix:after,.clearfix:before{display:table;content:""}.clearfix:after{clear:both}/*!
+ *  Font Awesome 4.7.0 by @davegandy - http://fontawesome.io - @fontawesome
+ *  License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License)
+ */@font-face{font-family:FontAwesome;src:url(fonts/fontawesome-webfont.eot?674f50d287a8c48dc19ba404d20fe713);src:url(fonts/fontawesome-webfont.eot?674f50d287a8c48dc19ba404d20fe713?#iefix&v=4.7.0) format("embedded-opentype"),url(fonts/fontawesome-webfont.woff2?af7ae505a9eed503f8b8e6982036873e) format("woff2"),url(fonts/fontawesome-webfont.woff?fee66e712a8a08eef5805a46892932ad) format("woff"),url(fonts/fontawesome-webfont.ttf?b06871f281fee6b241d60582ae9369b9) format("truetype"),url(fonts/fontawesome-webfont.svg?912ec66d7572ff821749319396470bde#fontawesomeregular) format("svg");font-weight:400;font-style:normal}.fa,.icon,.rst-content .admonition-title,.rst-content .code-block-caption .headerlink,.rst-content .eqno .headerlink,.rst-content code.download span:first-child,.rst-content dl dt .headerlink,.rst-content h1 .headerlink,.rst-content h2 .headerlink,.rst-content h3 .headerlink,.rst-content h4 .headerlink,.rst-content h5 .headerlink,.rst-content h6 .headerlink,.rst-content p.caption .headerlink,.rst-content p .headerlink,.rst-content table>caption .headerlink,.rst-content tt.download span:first-child,.wy-menu-vertical li.current>a button.toctree-expand,.wy-menu-vertical li.on a button.toctree-expand,.wy-menu-vertical li button.toctree-expand{display:inline-block;font:normal normal normal 14px/1 FontAwesome;font-size:inherit;text-rendering:auto;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.fa-lg{font-size:1.33333em;line-height:.75em;vertical-align:-15%}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-fw{width:1.28571em;text-align:center}.fa-ul{padding-left:0;margin-left:2.14286em;list-style-type:none}.fa-ul>li{position:relative}.fa-li{position:absolute;left:-2.14286em;width:2.14286em;top:.14286em;text-align:center}.fa-li.fa-lg{left:-1.85714em}.fa-border{padding:.2em .25em .15em;border:.08em solid #eee;border-radius:.1em}.fa-pull-left{float:left}.fa-pull-right{float:right}.fa-pull-left.icon,.fa.fa-pull-left,.rst-content .code-block-caption .fa-pull-left.headerlink,.rst-content .eqno .fa-pull-left.headerlink,.rst-content .fa-pull-left.admonition-title,.rst-content code.download span.fa-pull-left:first-child,.rst-content dl dt .fa-pull-left.headerlink,.rst-content h1 .fa-pull-left.headerlink,.rst-content h2 .fa-pull-left.headerlink,.rst-content h3 .fa-pull-left.headerlink,.rst-content h4 .fa-pull-left.headerlink,.rst-content h5 .fa-pull-left.headerlink,.rst-content h6 .fa-pull-left.headerlink,.rst-content p .fa-pull-left.headerlink,.rst-content table>caption .fa-pull-left.headerlink,.rst-content tt.download span.fa-pull-left:first-child,.wy-menu-vertical li.current>a button.fa-pull-left.toctree-expand,.wy-menu-vertical li.on a button.fa-pull-left.toctree-expand,.wy-menu-vertical li button.fa-pull-left.toctree-expand{margin-right:.3em}.fa-pull-right.icon,.fa.fa-pull-right,.rst-content .code-block-caption .fa-pull-right.headerlink,.rst-content .eqno .fa-pull-right.headerlink,.rst-content .fa-pull-right.admonition-title,.rst-content code.download span.fa-pull-right:first-child,.rst-content dl dt .fa-pull-right.headerlink,.rst-content h1 .fa-pull-right.headerlink,.rst-content h2 .fa-pull-right.headerlink,.rst-content h3 .fa-pull-right.headerlink,.rst-content h4 .fa-pull-right.headerlink,.rst-content h5 .fa-pull-right.headerlink,.rst-content h6 .fa-pull-right.headerlink,.rst-content p .fa-pull-right.headerlink,.rst-content table>caption .fa-pull-right.headerlink,.rst-content tt.download span.fa-pull-right:first-child,.wy-menu-vertical li.current>a button.fa-pull-right.toctree-expand,.wy-menu-vertical li.on a button.fa-pull-right.toctree-expand,.wy-menu-vertical li button.fa-pull-right.toctree-expand{margin-left:.3em}.pull-right{float:right}.pull-left{float:left}.fa.pull-left,.pull-left.icon,.rst-content .code-block-caption .pull-left.headerlink,.rst-content .eqno .pull-left.headerlink,.rst-content .pull-left.admonition-title,.rst-content code.download span.pull-left:first-child,.rst-content dl dt .pull-left.headerlink,.rst-content h1 .pull-left.headerlink,.rst-content h2 .pull-left.headerlink,.rst-content h3 .pull-left.headerlink,.rst-content h4 .pull-left.headerlink,.rst-content h5 .pull-left.headerlink,.rst-content h6 .pull-left.headerlink,.rst-content p .pull-left.headerlink,.rst-content table>caption .pull-left.headerlink,.rst-content tt.download span.pull-left:first-child,.wy-menu-vertical li.current>a button.pull-left.toctree-expand,.wy-menu-vertical li.on a button.pull-left.toctree-expand,.wy-menu-vertical li button.pull-left.toctree-expand{margin-right:.3em}.fa.pull-right,.pull-right.icon,.rst-content .code-block-caption .pull-right.headerlink,.rst-content .eqno .pull-right.headerlink,.rst-content .pull-right.admonition-title,.rst-content code.download span.pull-right:first-child,.rst-content dl dt .pull-right.headerlink,.rst-content h1 .pull-right.headerlink,.rst-content h2 .pull-right.headerlink,.rst-content h3 .pull-right.headerlink,.rst-content h4 .pull-right.headerlink,.rst-content h5 .pull-right.headerlink,.rst-content h6 .pull-right.headerlink,.rst-content p .pull-right.headerlink,.rst-content table>caption .pull-right.headerlink,.rst-content tt.download span.pull-right:first-child,.wy-menu-vertical li.current>a button.pull-right.toctree-expand,.wy-menu-vertical li.on a button.pull-right.toctree-expand,.wy-menu-vertical li button.pull-right.toctree-expand{margin-left:.3em}.fa-spin{-webkit-animation:fa-spin 2s linear infinite;animation:fa-spin 2s linear infinite}.fa-pulse{-webkit-animation:fa-spin 1s steps(8) infinite;animation:fa-spin 1s steps(8) infinite}@-webkit-keyframes fa-spin{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}to{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes fa-spin{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}to{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}.fa-rotate-90{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=1)";-webkit-transform:rotate(90deg);-ms-transform:rotate(90deg);transform:rotate(90deg)}.fa-rotate-180{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=2)";-webkit-transform:rotate(180deg);-ms-transform:rotate(180deg);transform:rotate(180deg)}.fa-rotate-270{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=3)";-webkit-transform:rotate(270deg);-ms-transform:rotate(270deg);transform:rotate(270deg)}.fa-flip-horizontal{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=0, mirror=1)";-webkit-transform:scaleX(-1);-ms-transform:scaleX(-1);transform:scaleX(-1)}.fa-flip-vertical{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=2, mirror=1)";-webkit-transform:scaleY(-1);-ms-transform:scaleY(-1);transform:scaleY(-1)}:root .fa-flip-horizontal,:root .fa-flip-vertical,:root .fa-rotate-90,:root .fa-rotate-180,:root .fa-rotate-270{filter:none}.fa-stack{position:relative;display:inline-block;width:2em;height:2em;line-height:2em;vertical-align:middle}.fa-stack-1x,.fa-stack-2x{position:absolute;left:0;width:100%;text-align:center}.fa-stack-1x{line-height:inherit}.fa-stack-2x{font-size:2em}.fa-inverse{color:#fff}.fa-glass:before{content:""}.fa-music:before{content:""}.fa-search:before,.icon-search:before{content:""}.fa-envelope-o:before{content:""}.fa-heart:before{content:""}.fa-star:before{content:""}.fa-star-o:before{content:""}.fa-user:before{content:""}.fa-film:before{content:""}.fa-th-large:before{content:""}.fa-th:before{content:""}.fa-th-list:before{content:""}.fa-check:before{content:""}.fa-close:before,.fa-remove:before,.fa-times:before{content:""}.fa-search-plus:before{content:""}.fa-search-minus:before{content:""}.fa-power-off:before{content:""}.fa-signal:before{content:""}.fa-cog:before,.fa-gear:before{content:""}.fa-trash-o:before{content:""}.fa-home:before,.icon-home:before{content:""}.fa-file-o:before{content:""}.fa-clock-o:before{content:""}.fa-road:before{content:""}.fa-download:before,.rst-content code.download span:first-child:before,.rst-content tt.download span:first-child:before{content:""}.fa-arrow-circle-o-down:before{content:""}.fa-arrow-circle-o-up:before{content:""}.fa-inbox:before{content:""}.fa-play-circle-o:before{content:""}.fa-repeat:before,.fa-rotate-right:before{content:""}.fa-refresh:before{content:""}.fa-list-alt:before{content:""}.fa-lock:before{content:""}.fa-flag:before{content:""}.fa-headphones:before{content:""}.fa-volume-off:before{content:""}.fa-volume-down:before{content:""}.fa-volume-up:before{content:""}.fa-qrcode:before{content:""}.fa-barcode:before{content:""}.fa-tag:before{content:""}.fa-tags:before{content:""}.fa-book:before,.icon-book:before{content:""}.fa-bookmark:before{content:""}.fa-print:before{content:""}.fa-camera:before{content:""}.fa-font:before{content:""}.fa-bold:before{content:""}.fa-italic:before{content:""}.fa-text-height:before{content:""}.fa-text-width:before{content:""}.fa-align-left:before{content:""}.fa-align-center:before{content:""}.fa-align-right:before{content:""}.fa-align-justify:before{content:""}.fa-list:before{content:""}.fa-dedent:before,.fa-outdent:before{content:""}.fa-indent:before{content:""}.fa-video-camera:before{content:""}.fa-image:before,.fa-photo:before,.fa-picture-o:before{content:""}.fa-pencil:before{content:""}.fa-map-marker:before{content:""}.fa-adjust:before{content:""}.fa-tint:before{content:""}.fa-edit:before,.fa-pencil-square-o:before{content:""}.fa-share-square-o:before{content:""}.fa-check-square-o:before{content:""}.fa-arrows:before{content:""}.fa-step-backward:before{content:""}.fa-fast-backward:before{content:""}.fa-backward:before{content:""}.fa-play:before{content:""}.fa-pause:before{content:""}.fa-stop:before{content:""}.fa-forward:before{content:""}.fa-fast-forward:before{content:""}.fa-step-forward:before{content:""}.fa-eject:before{content:""}.fa-chevron-left:before{content:""}.fa-chevron-right:before{content:""}.fa-plus-circle:before{content:""}.fa-minus-circle:before{content:""}.fa-times-circle:before,.wy-inline-validate.wy-inline-validate-danger .wy-input-context:before{content:""}.fa-check-circle:before,.wy-inline-validate.wy-inline-validate-success .wy-input-context:before{content:""}.fa-question-circle:before{content:""}.fa-info-circle:before{content:""}.fa-crosshairs:before{content:""}.fa-times-circle-o:before{content:""}.fa-check-circle-o:before{content:""}.fa-ban:before{content:""}.fa-arrow-left:before{content:""}.fa-arrow-right:before{content:""}.fa-arrow-up:before{content:""}.fa-arrow-down:before{content:""}.fa-mail-forward:before,.fa-share:before{content:""}.fa-expand:before{content:""}.fa-compress:before{content:""}.fa-plus:before{content:""}.fa-minus:before{content:""}.fa-asterisk:before{content:""}.fa-exclamation-circle:before,.rst-content .admonition-title:before,.wy-inline-validate.wy-inline-validate-info .wy-input-context:before,.wy-inline-validate.wy-inline-validate-warning .wy-input-context:before{content:""}.fa-gift:before{content:""}.fa-leaf:before{content:""}.fa-fire:before,.icon-fire:before{content:""}.fa-eye:before{content:""}.fa-eye-slash:before{content:""}.fa-exclamation-triangle:before,.fa-warning:before{content:""}.fa-plane:before{content:""}.fa-calendar:before{content:""}.fa-random:before{content:""}.fa-comment:before{content:""}.fa-magnet:before{content:""}.fa-chevron-up:before{content:""}.fa-chevron-down:before{content:""}.fa-retweet:before{content:""}.fa-shopping-cart:before{content:""}.fa-folder:before{content:""}.fa-folder-open:before{content:""}.fa-arrows-v:before{content:""}.fa-arrows-h:before{content:""}.fa-bar-chart-o:before,.fa-bar-chart:before{content:""}.fa-twitter-square:before{content:""}.fa-facebook-square:before{content:""}.fa-camera-retro:before{content:""}.fa-key:before{content:""}.fa-cogs:before,.fa-gears:before{content:""}.fa-comments:before{content:""}.fa-thumbs-o-up:before{content:""}.fa-thumbs-o-down:before{content:""}.fa-star-half:before{content:""}.fa-heart-o:before{content:""}.fa-sign-out:before{content:""}.fa-linkedin-square:before{content:""}.fa-thumb-tack:before{content:""}.fa-external-link:before{content:""}.fa-sign-in:before{content:""}.fa-trophy:before{content:""}.fa-github-square:before{content:""}.fa-upload:before{content:""}.fa-lemon-o:before{content:""}.fa-phone:before{content:""}.fa-square-o:before{content:""}.fa-bookmark-o:before{content:""}.fa-phone-square:before{content:""}.fa-twitter:before{content:""}.fa-facebook-f:before,.fa-facebook:before{content:""}.fa-github:before,.icon-github:before{content:""}.fa-unlock:before{content:""}.fa-credit-card:before{content:""}.fa-feed:before,.fa-rss:before{content:""}.fa-hdd-o:before{content:""}.fa-bullhorn:before{content:""}.fa-bell:before{content:""}.fa-certificate:before{content:""}.fa-hand-o-right:before{content:""}.fa-hand-o-left:before{content:""}.fa-hand-o-up:before{content:""}.fa-hand-o-down:before{content:""}.fa-arrow-circle-left:before,.icon-circle-arrow-left:before{content:""}.fa-arrow-circle-right:before,.icon-circle-arrow-right:before{content:""}.fa-arrow-circle-up:before{content:""}.fa-arrow-circle-down:before{content:""}.fa-globe:before{content:""}.fa-wrench:before{content:""}.fa-tasks:before{content:""}.fa-filter:before{content:""}.fa-briefcase:before{content:""}.fa-arrows-alt:before{content:""}.fa-group:before,.fa-users:before{content:""}.fa-chain:before,.fa-link:before,.icon-link:before{content:""}.fa-cloud:before{content:""}.fa-flask:before{content:""}.fa-cut:before,.fa-scissors:before{content:""}.fa-copy:before,.fa-files-o:before{content:""}.fa-paperclip:before{content:""}.fa-floppy-o:before,.fa-save:before{content:""}.fa-square:before{content:""}.fa-bars:before,.fa-navicon:before,.fa-reorder:before{content:""}.fa-list-ul:before{content:""}.fa-list-ol:before{content:""}.fa-strikethrough:before{content:""}.fa-underline:before{content:""}.fa-table:before{content:""}.fa-magic:before{content:""}.fa-truck:before{content:""}.fa-pinterest:before{content:""}.fa-pinterest-square:before{content:""}.fa-google-plus-square:before{content:""}.fa-google-plus:before{content:""}.fa-money:before{content:""}.fa-caret-down:before,.icon-caret-down:before,.wy-dropdown .caret:before{content:""}.fa-caret-up:before{content:""}.fa-caret-left:before{content:""}.fa-caret-right:before{content:""}.fa-columns:before{content:""}.fa-sort:before,.fa-unsorted:before{content:""}.fa-sort-desc:before,.fa-sort-down:before{content:""}.fa-sort-asc:before,.fa-sort-up:before{content:""}.fa-envelope:before{content:""}.fa-linkedin:before{content:""}.fa-rotate-left:before,.fa-undo:before{content:""}.fa-gavel:before,.fa-legal:before{content:""}.fa-dashboard:before,.fa-tachometer:before{content:""}.fa-comment-o:before{content:""}.fa-comments-o:before{content:""}.fa-bolt:before,.fa-flash:before{content:""}.fa-sitemap:before{content:""}.fa-umbrella:before{content:""}.fa-clipboard:before,.fa-paste:before{content:""}.fa-lightbulb-o:before{content:""}.fa-exchange:before{content:""}.fa-cloud-download:before{content:""}.fa-cloud-upload:before{content:""}.fa-user-md:before{content:""}.fa-stethoscope:before{content:""}.fa-suitcase:before{content:""}.fa-bell-o:before{content:""}.fa-coffee:before{content:""}.fa-cutlery:before{content:""}.fa-file-text-o:before{content:""}.fa-building-o:before{content:""}.fa-hospital-o:before{content:""}.fa-ambulance:before{content:""}.fa-medkit:before{content:""}.fa-fighter-jet:before{content:""}.fa-beer:before{content:""}.fa-h-square:before{content:""}.fa-plus-square:before{content:""}.fa-angle-double-left:before{content:""}.fa-angle-double-right:before{content:""}.fa-angle-double-up:before{content:""}.fa-angle-double-down:before{content:""}.fa-angle-left:before{content:""}.fa-angle-right:before{content:""}.fa-angle-up:before{content:""}.fa-angle-down:before{content:""}.fa-desktop:before{content:""}.fa-laptop:before{content:""}.fa-tablet:before{content:""}.fa-mobile-phone:before,.fa-mobile:before{content:""}.fa-circle-o:before{content:""}.fa-quote-left:before{content:""}.fa-quote-right:before{content:""}.fa-spinner:before{content:""}.fa-circle:before{content:""}.fa-mail-reply:before,.fa-reply:before{content:""}.fa-github-alt:before{content:""}.fa-folder-o:before{content:""}.fa-folder-open-o:before{content:""}.fa-smile-o:before{content:""}.fa-frown-o:before{content:""}.fa-meh-o:before{content:""}.fa-gamepad:before{content:""}.fa-keyboard-o:before{content:""}.fa-flag-o:before{content:""}.fa-flag-checkered:before{content:""}.fa-terminal:before{content:""}.fa-code:before{content:""}.fa-mail-reply-all:before,.fa-reply-all:before{content:""}.fa-star-half-empty:before,.fa-star-half-full:before,.fa-star-half-o:before{content:""}.fa-location-arrow:before{content:""}.fa-crop:before{content:""}.fa-code-fork:before{content:""}.fa-chain-broken:before,.fa-unlink:before{content:""}.fa-question:before{content:""}.fa-info:before{content:""}.fa-exclamation:before{content:""}.fa-superscript:before{content:""}.fa-subscript:before{content:""}.fa-eraser:before{content:""}.fa-puzzle-piece:before{content:""}.fa-microphone:before{content:""}.fa-microphone-slash:before{content:""}.fa-shield:before{content:""}.fa-calendar-o:before{content:""}.fa-fire-extinguisher:before{content:""}.fa-rocket:before{content:""}.fa-maxcdn:before{content:""}.fa-chevron-circle-left:before{content:""}.fa-chevron-circle-right:before{content:""}.fa-chevron-circle-up:before{content:""}.fa-chevron-circle-down:before{content:""}.fa-html5:before{content:""}.fa-css3:before{content:""}.fa-anchor:before{content:""}.fa-unlock-alt:before{content:""}.fa-bullseye:before{content:""}.fa-ellipsis-h:before{content:""}.fa-ellipsis-v:before{content:""}.fa-rss-square:before{content:""}.fa-play-circle:before{content:""}.fa-ticket:before{content:""}.fa-minus-square:before{content:""}.fa-minus-square-o:before,.wy-menu-vertical li.current>a button.toctree-expand:before,.wy-menu-vertical li.on a button.toctree-expand:before{content:""}.fa-level-up:before{content:""}.fa-level-down:before{content:""}.fa-check-square:before{content:""}.fa-pencil-square:before{content:""}.fa-external-link-square:before{content:""}.fa-share-square:before{content:""}.fa-compass:before{content:""}.fa-caret-square-o-down:before,.fa-toggle-down:before{content:""}.fa-caret-square-o-up:before,.fa-toggle-up:before{content:""}.fa-caret-square-o-right:before,.fa-toggle-right:before{content:""}.fa-eur:before,.fa-euro:before{content:""}.fa-gbp:before{content:""}.fa-dollar:before,.fa-usd:before{content:""}.fa-inr:before,.fa-rupee:before{content:""}.fa-cny:before,.fa-jpy:before,.fa-rmb:before,.fa-yen:before{content:""}.fa-rouble:before,.fa-rub:before,.fa-ruble:before{content:""}.fa-krw:before,.fa-won:before{content:""}.fa-bitcoin:before,.fa-btc:before{content:""}.fa-file:before{content:""}.fa-file-text:before{content:""}.fa-sort-alpha-asc:before{content:""}.fa-sort-alpha-desc:before{content:""}.fa-sort-amount-asc:before{content:""}.fa-sort-amount-desc:before{content:""}.fa-sort-numeric-asc:before{content:""}.fa-sort-numeric-desc:before{content:""}.fa-thumbs-up:before{content:""}.fa-thumbs-down:before{content:""}.fa-youtube-square:before{content:""}.fa-youtube:before{content:""}.fa-xing:before{content:""}.fa-xing-square:before{content:""}.fa-youtube-play:before{content:""}.fa-dropbox:before{content:""}.fa-stack-overflow:before{content:""}.fa-instagram:before{content:""}.fa-flickr:before{content:""}.fa-adn:before{content:""}.fa-bitbucket:before,.icon-bitbucket:before{content:""}.fa-bitbucket-square:before{content:""}.fa-tumblr:before{content:""}.fa-tumblr-square:before{content:""}.fa-long-arrow-down:before{content:""}.fa-long-arrow-up:before{content:""}.fa-long-arrow-left:before{content:""}.fa-long-arrow-right:before{content:""}.fa-apple:before{content:""}.fa-windows:before{content:""}.fa-android:before{content:""}.fa-linux:before{content:""}.fa-dribbble:before{content:""}.fa-skype:before{content:""}.fa-foursquare:before{content:""}.fa-trello:before{content:""}.fa-female:before{content:""}.fa-male:before{content:""}.fa-gittip:before,.fa-gratipay:before{content:""}.fa-sun-o:before{content:""}.fa-moon-o:before{content:""}.fa-archive:before{content:""}.fa-bug:before{content:""}.fa-vk:before{content:""}.fa-weibo:before{content:""}.fa-renren:before{content:""}.fa-pagelines:before{content:""}.fa-stack-exchange:before{content:""}.fa-arrow-circle-o-right:before{content:""}.fa-arrow-circle-o-left:before{content:""}.fa-caret-square-o-left:before,.fa-toggle-left:before{content:""}.fa-dot-circle-o:before{content:""}.fa-wheelchair:before{content:""}.fa-vimeo-square:before{content:""}.fa-try:before,.fa-turkish-lira:before{content:""}.fa-plus-square-o:before,.wy-menu-vertical li button.toctree-expand:before{content:""}.fa-space-shuttle:before{content:""}.fa-slack:before{content:""}.fa-envelope-square:before{content:""}.fa-wordpress:before{content:""}.fa-openid:before{content:""}.fa-bank:before,.fa-institution:before,.fa-university:before{content:""}.fa-graduation-cap:before,.fa-mortar-board:before{content:""}.fa-yahoo:before{content:""}.fa-google:before{content:""}.fa-reddit:before{content:""}.fa-reddit-square:before{content:""}.fa-stumbleupon-circle:before{content:""}.fa-stumbleupon:before{content:""}.fa-delicious:before{content:""}.fa-digg:before{content:""}.fa-pied-piper-pp:before{content:""}.fa-pied-piper-alt:before{content:""}.fa-drupal:before{content:""}.fa-joomla:before{content:""}.fa-language:before{content:""}.fa-fax:before{content:""}.fa-building:before{content:""}.fa-child:before{content:""}.fa-paw:before{content:""}.fa-spoon:before{content:""}.fa-cube:before{content:""}.fa-cubes:before{content:""}.fa-behance:before{content:""}.fa-behance-square:before{content:""}.fa-steam:before{content:""}.fa-steam-square:before{content:""}.fa-recycle:before{content:""}.fa-automobile:before,.fa-car:before{content:""}.fa-cab:before,.fa-taxi:before{content:""}.fa-tree:before{content:""}.fa-spotify:before{content:""}.fa-deviantart:before{content:""}.fa-soundcloud:before{content:""}.fa-database:before{content:""}.fa-file-pdf-o:before{content:""}.fa-file-word-o:before{content:""}.fa-file-excel-o:before{content:""}.fa-file-powerpoint-o:before{content:""}.fa-file-image-o:before,.fa-file-photo-o:before,.fa-file-picture-o:before{content:""}.fa-file-archive-o:before,.fa-file-zip-o:before{content:""}.fa-file-audio-o:before,.fa-file-sound-o:before{content:""}.fa-file-movie-o:before,.fa-file-video-o:before{content:""}.fa-file-code-o:before{content:""}.fa-vine:before{content:""}.fa-codepen:before{content:""}.fa-jsfiddle:before{content:""}.fa-life-bouy:before,.fa-life-buoy:before,.fa-life-ring:before,.fa-life-saver:before,.fa-support:before{content:""}.fa-circle-o-notch:before{content:""}.fa-ra:before,.fa-rebel:before,.fa-resistance:before{content:""}.fa-empire:before,.fa-ge:before{content:""}.fa-git-square:before{content:""}.fa-git:before{content:""}.fa-hacker-news:before,.fa-y-combinator-square:before,.fa-yc-square:before{content:""}.fa-tencent-weibo:before{content:""}.fa-qq:before{content:""}.fa-wechat:before,.fa-weixin:before{content:""}.fa-paper-plane:before,.fa-send:before{content:""}.fa-paper-plane-o:before,.fa-send-o:before{content:""}.fa-history:before{content:""}.fa-circle-thin:before{content:""}.fa-header:before{content:""}.fa-paragraph:before{content:""}.fa-sliders:before{content:""}.fa-share-alt:before{content:""}.fa-share-alt-square:before{content:""}.fa-bomb:before{content:""}.fa-futbol-o:before,.fa-soccer-ball-o:before{content:""}.fa-tty:before{content:""}.fa-binoculars:before{content:""}.fa-plug:before{content:""}.fa-slideshare:before{content:""}.fa-twitch:before{content:""}.fa-yelp:before{content:""}.fa-newspaper-o:before{content:""}.fa-wifi:before{content:""}.fa-calculator:before{content:""}.fa-paypal:before{content:""}.fa-google-wallet:before{content:""}.fa-cc-visa:before{content:""}.fa-cc-mastercard:before{content:""}.fa-cc-discover:before{content:""}.fa-cc-amex:before{content:""}.fa-cc-paypal:before{content:""}.fa-cc-stripe:before{content:""}.fa-bell-slash:before{content:""}.fa-bell-slash-o:before{content:""}.fa-trash:before{content:""}.fa-copyright:before{content:""}.fa-at:before{content:""}.fa-eyedropper:before{content:""}.fa-paint-brush:before{content:""}.fa-birthday-cake:before{content:""}.fa-area-chart:before{content:""}.fa-pie-chart:before{content:""}.fa-line-chart:before{content:""}.fa-lastfm:before{content:""}.fa-lastfm-square:before{content:""}.fa-toggle-off:before{content:""}.fa-toggle-on:before{content:""}.fa-bicycle:before{content:""}.fa-bus:before{content:""}.fa-ioxhost:before{content:""}.fa-angellist:before{content:""}.fa-cc:before{content:""}.fa-ils:before,.fa-shekel:before,.fa-sheqel:before{content:""}.fa-meanpath:before{content:""}.fa-buysellads:before{content:""}.fa-connectdevelop:before{content:""}.fa-dashcube:before{content:""}.fa-forumbee:before{content:""}.fa-leanpub:before{content:""}.fa-sellsy:before{content:""}.fa-shirtsinbulk:before{content:""}.fa-simplybuilt:before{content:""}.fa-skyatlas:before{content:""}.fa-cart-plus:before{content:""}.fa-cart-arrow-down:before{content:""}.fa-diamond:before{content:""}.fa-ship:before{content:""}.fa-user-secret:before{content:""}.fa-motorcycle:before{content:""}.fa-street-view:before{content:""}.fa-heartbeat:before{content:""}.fa-venus:before{content:""}.fa-mars:before{content:""}.fa-mercury:before{content:""}.fa-intersex:before,.fa-transgender:before{content:""}.fa-transgender-alt:before{content:""}.fa-venus-double:before{content:""}.fa-mars-double:before{content:""}.fa-venus-mars:before{content:""}.fa-mars-stroke:before{content:""}.fa-mars-stroke-v:before{content:""}.fa-mars-stroke-h:before{content:""}.fa-neuter:before{content:""}.fa-genderless:before{content:""}.fa-facebook-official:before{content:""}.fa-pinterest-p:before{content:""}.fa-whatsapp:before{content:""}.fa-server:before{content:""}.fa-user-plus:before{content:""}.fa-user-times:before{content:""}.fa-bed:before,.fa-hotel:before{content:""}.fa-viacoin:before{content:""}.fa-train:before{content:""}.fa-subway:before{content:""}.fa-medium:before{content:""}.fa-y-combinator:before,.fa-yc:before{content:""}.fa-optin-monster:before{content:""}.fa-opencart:before{content:""}.fa-expeditedssl:before{content:""}.fa-battery-4:before,.fa-battery-full:before,.fa-battery:before{content:""}.fa-battery-3:before,.fa-battery-three-quarters:before{content:""}.fa-battery-2:before,.fa-battery-half:before{content:""}.fa-battery-1:before,.fa-battery-quarter:before{content:""}.fa-battery-0:before,.fa-battery-empty:before{content:""}.fa-mouse-pointer:before{content:""}.fa-i-cursor:before{content:""}.fa-object-group:before{content:""}.fa-object-ungroup:before{content:""}.fa-sticky-note:before{content:""}.fa-sticky-note-o:before{content:""}.fa-cc-jcb:before{content:""}.fa-cc-diners-club:before{content:""}.fa-clone:before{content:""}.fa-balance-scale:before{content:""}.fa-hourglass-o:before{content:""}.fa-hourglass-1:before,.fa-hourglass-start:before{content:""}.fa-hourglass-2:before,.fa-hourglass-half:before{content:""}.fa-hourglass-3:before,.fa-hourglass-end:before{content:""}.fa-hourglass:before{content:""}.fa-hand-grab-o:before,.fa-hand-rock-o:before{content:""}.fa-hand-paper-o:before,.fa-hand-stop-o:before{content:""}.fa-hand-scissors-o:before{content:""}.fa-hand-lizard-o:before{content:""}.fa-hand-spock-o:before{content:""}.fa-hand-pointer-o:before{content:""}.fa-hand-peace-o:before{content:""}.fa-trademark:before{content:""}.fa-registered:before{content:""}.fa-creative-commons:before{content:""}.fa-gg:before{content:""}.fa-gg-circle:before{content:""}.fa-tripadvisor:before{content:""}.fa-odnoklassniki:before{content:""}.fa-odnoklassniki-square:before{content:""}.fa-get-pocket:before{content:""}.fa-wikipedia-w:before{content:""}.fa-safari:before{content:""}.fa-chrome:before{content:""}.fa-firefox:before{content:""}.fa-opera:before{content:""}.fa-internet-explorer:before{content:""}.fa-television:before,.fa-tv:before{content:""}.fa-contao:before{content:""}.fa-500px:before{content:""}.fa-amazon:before{content:""}.fa-calendar-plus-o:before{content:""}.fa-calendar-minus-o:before{content:""}.fa-calendar-times-o:before{content:""}.fa-calendar-check-o:before{content:""}.fa-industry:before{content:""}.fa-map-pin:before{content:""}.fa-map-signs:before{content:""}.fa-map-o:before{content:""}.fa-map:before{content:""}.fa-commenting:before{content:""}.fa-commenting-o:before{content:""}.fa-houzz:before{content:""}.fa-vimeo:before{content:""}.fa-black-tie:before{content:""}.fa-fonticons:before{content:""}.fa-reddit-alien:before{content:""}.fa-edge:before{content:""}.fa-credit-card-alt:before{content:""}.fa-codiepie:before{content:""}.fa-modx:before{content:""}.fa-fort-awesome:before{content:""}.fa-usb:before{content:""}.fa-product-hunt:before{content:""}.fa-mixcloud:before{content:""}.fa-scribd:before{content:""}.fa-pause-circle:before{content:""}.fa-pause-circle-o:before{content:""}.fa-stop-circle:before{content:""}.fa-stop-circle-o:before{content:""}.fa-shopping-bag:before{content:""}.fa-shopping-basket:before{content:""}.fa-hashtag:before{content:""}.fa-bluetooth:before{content:""}.fa-bluetooth-b:before{content:""}.fa-percent:before{content:""}.fa-gitlab:before,.icon-gitlab:before{content:""}.fa-wpbeginner:before{content:""}.fa-wpforms:before{content:""}.fa-envira:before{content:""}.fa-universal-access:before{content:""}.fa-wheelchair-alt:before{content:""}.fa-question-circle-o:before{content:""}.fa-blind:before{content:""}.fa-audio-description:before{content:""}.fa-volume-control-phone:before{content:""}.fa-braille:before{content:""}.fa-assistive-listening-systems:before{content:""}.fa-american-sign-language-interpreting:before,.fa-asl-interpreting:before{content:""}.fa-deaf:before,.fa-deafness:before,.fa-hard-of-hearing:before{content:""}.fa-glide:before{content:""}.fa-glide-g:before{content:""}.fa-sign-language:before,.fa-signing:before{content:""}.fa-low-vision:before{content:""}.fa-viadeo:before{content:""}.fa-viadeo-square:before{content:""}.fa-snapchat:before{content:""}.fa-snapchat-ghost:before{content:""}.fa-snapchat-square:before{content:""}.fa-pied-piper:before{content:""}.fa-first-order:before{content:""}.fa-yoast:before{content:""}.fa-themeisle:before{content:""}.fa-google-plus-circle:before,.fa-google-plus-official:before{content:""}.fa-fa:before,.fa-font-awesome:before{content:""}.fa-handshake-o:before{content:""}.fa-envelope-open:before{content:""}.fa-envelope-open-o:before{content:""}.fa-linode:before{content:""}.fa-address-book:before{content:""}.fa-address-book-o:before{content:""}.fa-address-card:before,.fa-vcard:before{content:""}.fa-address-card-o:before,.fa-vcard-o:before{content:""}.fa-user-circle:before{content:""}.fa-user-circle-o:before{content:""}.fa-user-o:before{content:""}.fa-id-badge:before{content:""}.fa-drivers-license:before,.fa-id-card:before{content:""}.fa-drivers-license-o:before,.fa-id-card-o:before{content:""}.fa-quora:before{content:""}.fa-free-code-camp:before{content:""}.fa-telegram:before{content:""}.fa-thermometer-4:before,.fa-thermometer-full:before,.fa-thermometer:before{content:""}.fa-thermometer-3:before,.fa-thermometer-three-quarters:before{content:""}.fa-thermometer-2:before,.fa-thermometer-half:before{content:""}.fa-thermometer-1:before,.fa-thermometer-quarter:before{content:""}.fa-thermometer-0:before,.fa-thermometer-empty:before{content:""}.fa-shower:before{content:""}.fa-bath:before,.fa-bathtub:before,.fa-s15:before{content:""}.fa-podcast:before{content:""}.fa-window-maximize:before{content:""}.fa-window-minimize:before{content:""}.fa-window-restore:before{content:""}.fa-times-rectangle:before,.fa-window-close:before{content:""}.fa-times-rectangle-o:before,.fa-window-close-o:before{content:""}.fa-bandcamp:before{content:""}.fa-grav:before{content:""}.fa-etsy:before{content:""}.fa-imdb:before{content:""}.fa-ravelry:before{content:""}.fa-eercast:before{content:""}.fa-microchip:before{content:""}.fa-snowflake-o:before{content:""}.fa-superpowers:before{content:""}.fa-wpexplorer:before{content:""}.fa-meetup:before{content:""}.sr-only{position:absolute;width:1px;height:1px;padding:0;margin:-1px;overflow:hidden;clip:rect(0,0,0,0);border:0}.sr-only-focusable:active,.sr-only-focusable:focus{position:static;width:auto;height:auto;margin:0;overflow:visible;clip:auto}.fa,.icon,.rst-content .admonition-title,.rst-content .code-block-caption .headerlink,.rst-content .eqno .headerlink,.rst-content code.download span:first-child,.rst-content dl dt .headerlink,.rst-content h1 .headerlink,.rst-content h2 .headerlink,.rst-content h3 .headerlink,.rst-content h4 .headerlink,.rst-content h5 .headerlink,.rst-content h6 .headerlink,.rst-content p.caption .headerlink,.rst-content p .headerlink,.rst-content table>caption .headerlink,.rst-content tt.download span:first-child,.wy-dropdown .caret,.wy-inline-validate.wy-inline-validate-danger .wy-input-context,.wy-inline-validate.wy-inline-validate-info .wy-input-context,.wy-inline-validate.wy-inline-validate-success .wy-input-context,.wy-inline-validate.wy-inline-validate-warning .wy-input-context,.wy-menu-vertical li.current>a button.toctree-expand,.wy-menu-vertical li.on a button.toctree-expand,.wy-menu-vertical li button.toctree-expand{font-family:inherit}.fa:before,.icon:before,.rst-content .admonition-title:before,.rst-content .code-block-caption .headerlink:before,.rst-content .eqno .headerlink:before,.rst-content code.download span:first-child:before,.rst-content dl dt .headerlink:before,.rst-content h1 .headerlink:before,.rst-content h2 .headerlink:before,.rst-content h3 .headerlink:before,.rst-content h4 .headerlink:before,.rst-content h5 .headerlink:before,.rst-content h6 .headerlink:before,.rst-content p.caption .headerlink:before,.rst-content p .headerlink:before,.rst-content table>caption .headerlink:before,.rst-content tt.download span:first-child:before,.wy-dropdown .caret:before,.wy-inline-validate.wy-inline-validate-danger .wy-input-context:before,.wy-inline-validate.wy-inline-validate-info .wy-input-context:before,.wy-inline-validate.wy-inline-validate-success .wy-input-context:before,.wy-inline-validate.wy-inline-validate-warning .wy-input-context:before,.wy-menu-vertical li.current>a button.toctree-expand:before,.wy-menu-vertical li.on a button.toctree-expand:before,.wy-menu-vertical li button.toctree-expand:before{font-family:FontAwesome;display:inline-block;font-style:normal;font-weight:400;line-height:1;text-decoration:inherit}.rst-content .code-block-caption a .headerlink,.rst-content .eqno a .headerlink,.rst-content a .admonition-title,.rst-content code.download a span:first-child,.rst-content dl dt a .headerlink,.rst-content h1 a .headerlink,.rst-content h2 a .headerlink,.rst-content h3 a .headerlink,.rst-content h4 a .headerlink,.rst-content h5 a .headerlink,.rst-content h6 a .headerlink,.rst-content p.caption a .headerlink,.rst-content p a .headerlink,.rst-content table>caption a .headerlink,.rst-content tt.download a span:first-child,.wy-menu-vertical li.current>a button.toctree-expand,.wy-menu-vertical li.on a button.toctree-expand,.wy-menu-vertical li a button.toctree-expand,a .fa,a .icon,a .rst-content .admonition-title,a .rst-content .code-block-caption .headerlink,a .rst-content .eqno .headerlink,a .rst-content code.download span:first-child,a .rst-content dl dt .headerlink,a .rst-content h1 .headerlink,a .rst-content h2 .headerlink,a .rst-content h3 .headerlink,a .rst-content h4 .headerlink,a .rst-content h5 .headerlink,a .rst-content h6 .headerlink,a .rst-content p.caption .headerlink,a .rst-content p .headerlink,a .rst-content table>caption .headerlink,a .rst-content tt.download span:first-child,a .wy-menu-vertical li button.toctree-expand{display:inline-block;text-decoration:inherit}.btn .fa,.btn .icon,.btn .rst-content .admonition-title,.btn .rst-content .code-block-caption .headerlink,.btn .rst-content .eqno .headerlink,.btn .rst-content code.download span:first-child,.btn .rst-content dl dt .headerlink,.btn .rst-content h1 .headerlink,.btn .rst-content h2 .headerlink,.btn .rst-content h3 .headerlink,.btn .rst-content h4 .headerlink,.btn .rst-content h5 .headerlink,.btn .rst-content h6 .headerlink,.btn .rst-content p .headerlink,.btn .rst-content table>caption .headerlink,.btn .rst-content tt.download span:first-child,.btn .wy-menu-vertical li.current>a button.toctree-expand,.btn .wy-menu-vertical li.on a button.toctree-expand,.btn .wy-menu-vertical li button.toctree-expand,.nav .fa,.nav .icon,.nav .rst-content .admonition-title,.nav .rst-content .code-block-caption .headerlink,.nav .rst-content .eqno .headerlink,.nav .rst-content code.download span:first-child,.nav .rst-content dl dt .headerlink,.nav .rst-content h1 .headerlink,.nav .rst-content h2 .headerlink,.nav .rst-content h3 .headerlink,.nav .rst-content h4 .headerlink,.nav .rst-content h5 .headerlink,.nav .rst-content h6 .headerlink,.nav .rst-content p .headerlink,.nav .rst-content table>caption .headerlink,.nav .rst-content tt.download span:first-child,.nav .wy-menu-vertical li.current>a button.toctree-expand,.nav .wy-menu-vertical li.on a button.toctree-expand,.nav .wy-menu-vertical li button.toctree-expand,.rst-content .btn .admonition-title,.rst-content .code-block-caption .btn .headerlink,.rst-content .code-block-caption .nav .headerlink,.rst-content .eqno .btn .headerlink,.rst-content .eqno .nav .headerlink,.rst-content .nav .admonition-title,.rst-content code.download .btn span:first-child,.rst-content code.download .nav span:first-child,.rst-content dl dt .btn .headerlink,.rst-content dl dt .nav .headerlink,.rst-content h1 .btn .headerlink,.rst-content h1 .nav .headerlink,.rst-content h2 .btn .headerlink,.rst-content h2 .nav .headerlink,.rst-content h3 .btn .headerlink,.rst-content h3 .nav .headerlink,.rst-content h4 .btn .headerlink,.rst-content h4 .nav .headerlink,.rst-content h5 .btn .headerlink,.rst-content h5 .nav .headerlink,.rst-content h6 .btn .headerlink,.rst-content h6 .nav .headerlink,.rst-content p .btn .headerlink,.rst-content p .nav .headerlink,.rst-content table>caption .btn .headerlink,.rst-content table>caption .nav .headerlink,.rst-content tt.download .btn span:first-child,.rst-content tt.download .nav span:first-child,.wy-menu-vertical li .btn button.toctree-expand,.wy-menu-vertical li.current>a .btn button.toctree-expand,.wy-menu-vertical li.current>a .nav button.toctree-expand,.wy-menu-vertical li .nav button.toctree-expand,.wy-menu-vertical li.on a .btn button.toctree-expand,.wy-menu-vertical li.on a .nav button.toctree-expand{display:inline}.btn .fa-large.icon,.btn .fa.fa-large,.btn .rst-content .code-block-caption .fa-large.headerlink,.btn .rst-content .eqno .fa-large.headerlink,.btn .rst-content .fa-large.admonition-title,.btn .rst-content code.download span.fa-large:first-child,.btn .rst-content dl dt .fa-large.headerlink,.btn .rst-content h1 .fa-large.headerlink,.btn .rst-content h2 .fa-large.headerlink,.btn .rst-content h3 .fa-large.headerlink,.btn .rst-content h4 .fa-large.headerlink,.btn .rst-content h5 .fa-large.headerlink,.btn .rst-content h6 .fa-large.headerlink,.btn .rst-content p .fa-large.headerlink,.btn .rst-content table>caption .fa-large.headerlink,.btn .rst-content tt.download span.fa-large:first-child,.btn .wy-menu-vertical li button.fa-large.toctree-expand,.nav .fa-large.icon,.nav .fa.fa-large,.nav .rst-content .code-block-caption .fa-large.headerlink,.nav .rst-content .eqno .fa-large.headerlink,.nav .rst-content .fa-large.admonition-title,.nav .rst-content code.download span.fa-large:first-child,.nav .rst-content dl dt .fa-large.headerlink,.nav .rst-content h1 .fa-large.headerlink,.nav .rst-content h2 .fa-large.headerlink,.nav .rst-content h3 .fa-large.headerlink,.nav .rst-content h4 .fa-large.headerlink,.nav .rst-content h5 .fa-large.headerlink,.nav .rst-content h6 .fa-large.headerlink,.nav .rst-content p .fa-large.headerlink,.nav .rst-content table>caption .fa-large.headerlink,.nav .rst-content tt.download span.fa-large:first-child,.nav .wy-menu-vertical li button.fa-large.toctree-expand,.rst-content .btn .fa-large.admonition-title,.rst-content .code-block-caption .btn .fa-large.headerlink,.rst-content .code-block-caption .nav .fa-large.headerlink,.rst-content .eqno .btn .fa-large.headerlink,.rst-content .eqno .nav .fa-large.headerlink,.rst-content .nav .fa-large.admonition-title,.rst-content code.download .btn span.fa-large:first-child,.rst-content code.download .nav span.fa-large:first-child,.rst-content dl dt .btn .fa-large.headerlink,.rst-content dl dt .nav .fa-large.headerlink,.rst-content h1 .btn .fa-large.headerlink,.rst-content h1 .nav .fa-large.headerlink,.rst-content h2 .btn .fa-large.headerlink,.rst-content h2 .nav .fa-large.headerlink,.rst-content h3 .btn .fa-large.headerlink,.rst-content h3 .nav .fa-large.headerlink,.rst-content h4 .btn .fa-large.headerlink,.rst-content h4 .nav .fa-large.headerlink,.rst-content h5 .btn .fa-large.headerlink,.rst-content h5 .nav .fa-large.headerlink,.rst-content h6 .btn .fa-large.headerlink,.rst-content h6 .nav .fa-large.headerlink,.rst-content p .btn .fa-large.headerlink,.rst-content p .nav .fa-large.headerlink,.rst-content table>caption .btn .fa-large.headerlink,.rst-content table>caption .nav .fa-large.headerlink,.rst-content tt.download .btn span.fa-large:first-child,.rst-content tt.download .nav span.fa-large:first-child,.wy-menu-vertical li .btn button.fa-large.toctree-expand,.wy-menu-vertical li .nav button.fa-large.toctree-expand{line-height:.9em}.btn .fa-spin.icon,.btn .fa.fa-spin,.btn .rst-content .code-block-caption .fa-spin.headerlink,.btn .rst-content .eqno .fa-spin.headerlink,.btn .rst-content .fa-spin.admonition-title,.btn .rst-content code.download span.fa-spin:first-child,.btn .rst-content dl dt .fa-spin.headerlink,.btn .rst-content h1 .fa-spin.headerlink,.btn .rst-content h2 .fa-spin.headerlink,.btn .rst-content h3 .fa-spin.headerlink,.btn .rst-content h4 .fa-spin.headerlink,.btn .rst-content h5 .fa-spin.headerlink,.btn .rst-content h6 .fa-spin.headerlink,.btn .rst-content p .fa-spin.headerlink,.btn .rst-content table>caption .fa-spin.headerlink,.btn .rst-content tt.download span.fa-spin:first-child,.btn .wy-menu-vertical li button.fa-spin.toctree-expand,.nav .fa-spin.icon,.nav .fa.fa-spin,.nav .rst-content .code-block-caption .fa-spin.headerlink,.nav .rst-content .eqno .fa-spin.headerlink,.nav .rst-content .fa-spin.admonition-title,.nav .rst-content code.download span.fa-spin:first-child,.nav .rst-content dl dt .fa-spin.headerlink,.nav .rst-content h1 .fa-spin.headerlink,.nav .rst-content h2 .fa-spin.headerlink,.nav .rst-content h3 .fa-spin.headerlink,.nav .rst-content h4 .fa-spin.headerlink,.nav .rst-content h5 .fa-spin.headerlink,.nav .rst-content h6 .fa-spin.headerlink,.nav .rst-content p .fa-spin.headerlink,.nav .rst-content table>caption .fa-spin.headerlink,.nav .rst-content tt.download span.fa-spin:first-child,.nav .wy-menu-vertical li button.fa-spin.toctree-expand,.rst-content .btn .fa-spin.admonition-title,.rst-content .code-block-caption .btn .fa-spin.headerlink,.rst-content .code-block-caption .nav .fa-spin.headerlink,.rst-content .eqno .btn .fa-spin.headerlink,.rst-content .eqno .nav .fa-spin.headerlink,.rst-content .nav .fa-spin.admonition-title,.rst-content code.download .btn span.fa-spin:first-child,.rst-content code.download .nav span.fa-spin:first-child,.rst-content dl dt .btn .fa-spin.headerlink,.rst-content dl dt .nav .fa-spin.headerlink,.rst-content h1 .btn .fa-spin.headerlink,.rst-content h1 .nav .fa-spin.headerlink,.rst-content h2 .btn .fa-spin.headerlink,.rst-content h2 .nav .fa-spin.headerlink,.rst-content h3 .btn .fa-spin.headerlink,.rst-content h3 .nav .fa-spin.headerlink,.rst-content h4 .btn .fa-spin.headerlink,.rst-content h4 .nav .fa-spin.headerlink,.rst-content h5 .btn .fa-spin.headerlink,.rst-content h5 .nav .fa-spin.headerlink,.rst-content h6 .btn .fa-spin.headerlink,.rst-content h6 .nav .fa-spin.headerlink,.rst-content p .btn .fa-spin.headerlink,.rst-content p .nav .fa-spin.headerlink,.rst-content table>caption .btn .fa-spin.headerlink,.rst-content table>caption .nav .fa-spin.headerlink,.rst-content tt.download .btn span.fa-spin:first-child,.rst-content tt.download .nav span.fa-spin:first-child,.wy-menu-vertical li .btn button.fa-spin.toctree-expand,.wy-menu-vertical li .nav button.fa-spin.toctree-expand{display:inline-block}.btn.fa:before,.btn.icon:before,.rst-content .btn.admonition-title:before,.rst-content .code-block-caption .btn.headerlink:before,.rst-content .eqno .btn.headerlink:before,.rst-content code.download span.btn:first-child:before,.rst-content dl dt .btn.headerlink:before,.rst-content h1 .btn.headerlink:before,.rst-content h2 .btn.headerlink:before,.rst-content h3 .btn.headerlink:before,.rst-content h4 .btn.headerlink:before,.rst-content h5 .btn.headerlink:before,.rst-content h6 .btn.headerlink:before,.rst-content p .btn.headerlink:before,.rst-content table>caption .btn.headerlink:before,.rst-content tt.download span.btn:first-child:before,.wy-menu-vertical li button.btn.toctree-expand:before{opacity:.5;-webkit-transition:opacity .05s ease-in;-moz-transition:opacity .05s ease-in;transition:opacity .05s ease-in}.btn.fa:hover:before,.btn.icon:hover:before,.rst-content .btn.admonition-title:hover:before,.rst-content .code-block-caption .btn.headerlink:hover:before,.rst-content .eqno .btn.headerlink:hover:before,.rst-content code.download span.btn:first-child:hover:before,.rst-content dl dt .btn.headerlink:hover:before,.rst-content h1 .btn.headerlink:hover:before,.rst-content h2 .btn.headerlink:hover:before,.rst-content h3 .btn.headerlink:hover:before,.rst-content h4 .btn.headerlink:hover:before,.rst-content h5 .btn.headerlink:hover:before,.rst-content h6 .btn.headerlink:hover:before,.rst-content p .btn.headerlink:hover:before,.rst-content table>caption .btn.headerlink:hover:before,.rst-content tt.download span.btn:first-child:hover:before,.wy-menu-vertical li button.btn.toctree-expand:hover:before{opacity:1}.btn-mini .fa:before,.btn-mini .icon:before,.btn-mini .rst-content .admonition-title:before,.btn-mini .rst-content .code-block-caption .headerlink:before,.btn-mini .rst-content .eqno .headerlink:before,.btn-mini .rst-content code.download span:first-child:before,.btn-mini .rst-content dl dt .headerlink:before,.btn-mini .rst-content h1 .headerlink:before,.btn-mini .rst-content h2 .headerlink:before,.btn-mini .rst-content h3 .headerlink:before,.btn-mini .rst-content h4 .headerlink:before,.btn-mini .rst-content h5 .headerlink:before,.btn-mini .rst-content h6 .headerlink:before,.btn-mini .rst-content p .headerlink:before,.btn-mini .rst-content table>caption .headerlink:before,.btn-mini .rst-content tt.download span:first-child:before,.btn-mini .wy-menu-vertical li button.toctree-expand:before,.rst-content .btn-mini .admonition-title:before,.rst-content .code-block-caption .btn-mini .headerlink:before,.rst-content .eqno .btn-mini .headerlink:before,.rst-content code.download .btn-mini span:first-child:before,.rst-content dl dt .btn-mini .headerlink:before,.rst-content h1 .btn-mini .headerlink:before,.rst-content h2 .btn-mini .headerlink:before,.rst-content h3 .btn-mini .headerlink:before,.rst-content h4 .btn-mini .headerlink:before,.rst-content h5 .btn-mini .headerlink:before,.rst-content h6 .btn-mini .headerlink:before,.rst-content p .btn-mini .headerlink:before,.rst-content table>caption .btn-mini .headerlink:before,.rst-content tt.download .btn-mini span:first-child:before,.wy-menu-vertical li .btn-mini button.toctree-expand:before{font-size:14px;vertical-align:-15%}.rst-content .admonition,.rst-content .admonition-todo,.rst-content .attention,.rst-content .caution,.rst-content .danger,.rst-content .error,.rst-content .hint,.rst-content .important,.rst-content .note,.rst-content .seealso,.rst-content .tip,.rst-content .warning,.wy-alert{padding:12px;line-height:24px;margin-bottom:24px;background:#e7f2fa}.rst-content .admonition-title,.wy-alert-title{font-weight:700;display:block;color:#fff;background:#6ab0de;padding:6px 12px;margin:-12px -12px 12px}.rst-content .danger,.rst-content .error,.rst-content .wy-alert-danger.admonition,.rst-content .wy-alert-danger.admonition-todo,.rst-content .wy-alert-danger.attention,.rst-content .wy-alert-danger.caution,.rst-content .wy-alert-danger.hint,.rst-content .wy-alert-danger.important,.rst-content .wy-alert-danger.note,.rst-content .wy-alert-danger.seealso,.rst-content .wy-alert-danger.tip,.rst-content .wy-alert-danger.warning,.wy-alert.wy-alert-danger{background:#fdf3f2}.rst-content .danger .admonition-title,.rst-content .danger .wy-alert-title,.rst-content .error .admonition-title,.rst-content .error .wy-alert-title,.rst-content .wy-alert-danger.admonition-todo .admonition-title,.rst-content .wy-alert-danger.admonition-todo .wy-alert-title,.rst-content .wy-alert-danger.admonition .admonition-title,.rst-content .wy-alert-danger.admonition .wy-alert-title,.rst-content .wy-alert-danger.attention .admonition-title,.rst-content .wy-alert-danger.attention .wy-alert-title,.rst-content .wy-alert-danger.caution .admonition-title,.rst-content .wy-alert-danger.caution .wy-alert-title,.rst-content .wy-alert-danger.hint .admonition-title,.rst-content .wy-alert-danger.hint .wy-alert-title,.rst-content .wy-alert-danger.important .admonition-title,.rst-content .wy-alert-danger.important .wy-alert-title,.rst-content .wy-alert-danger.note .admonition-title,.rst-content .wy-alert-danger.note .wy-alert-title,.rst-content .wy-alert-danger.seealso .admonition-title,.rst-content .wy-alert-danger.seealso .wy-alert-title,.rst-content .wy-alert-danger.tip .admonition-title,.rst-content .wy-alert-danger.tip .wy-alert-title,.rst-content .wy-alert-danger.warning .admonition-title,.rst-content .wy-alert-danger.warning .wy-alert-title,.rst-content .wy-alert.wy-alert-danger .admonition-title,.wy-alert.wy-alert-danger .rst-content .admonition-title,.wy-alert.wy-alert-danger .wy-alert-title{background:#f29f97}.rst-content .admonition-todo,.rst-content .attention,.rst-content .caution,.rst-content .warning,.rst-content .wy-alert-warning.admonition,.rst-content .wy-alert-warning.danger,.rst-content .wy-alert-warning.error,.rst-content .wy-alert-warning.hint,.rst-content .wy-alert-warning.important,.rst-content .wy-alert-warning.note,.rst-content .wy-alert-warning.seealso,.rst-content .wy-alert-warning.tip,.wy-alert.wy-alert-warning{background:#ffedcc}.rst-content .admonition-todo .admonition-title,.rst-content .admonition-todo .wy-alert-title,.rst-content .attention .admonition-title,.rst-content .attention .wy-alert-title,.rst-content .caution .admonition-title,.rst-content .caution .wy-alert-title,.rst-content .warning .admonition-title,.rst-content .warning .wy-alert-title,.rst-content .wy-alert-warning.admonition .admonition-title,.rst-content .wy-alert-warning.admonition .wy-alert-title,.rst-content .wy-alert-warning.danger .admonition-title,.rst-content .wy-alert-warning.danger .wy-alert-title,.rst-content .wy-alert-warning.error .admonition-title,.rst-content .wy-alert-warning.error .wy-alert-title,.rst-content .wy-alert-warning.hint .admonition-title,.rst-content .wy-alert-warning.hint .wy-alert-title,.rst-content .wy-alert-warning.important .admonition-title,.rst-content .wy-alert-warning.important .wy-alert-title,.rst-content .wy-alert-warning.note .admonition-title,.rst-content .wy-alert-warning.note .wy-alert-title,.rst-content .wy-alert-warning.seealso .admonition-title,.rst-content .wy-alert-warning.seealso .wy-alert-title,.rst-content .wy-alert-warning.tip .admonition-title,.rst-content .wy-alert-warning.tip .wy-alert-title,.rst-content .wy-alert.wy-alert-warning .admonition-title,.wy-alert.wy-alert-warning .rst-content .admonition-title,.wy-alert.wy-alert-warning .wy-alert-title{background:#f0b37e}.rst-content .note,.rst-content .seealso,.rst-content .wy-alert-info.admonition,.rst-content .wy-alert-info.admonition-todo,.rst-content .wy-alert-info.attention,.rst-content .wy-alert-info.caution,.rst-content .wy-alert-info.danger,.rst-content .wy-alert-info.error,.rst-content .wy-alert-info.hint,.rst-content .wy-alert-info.important,.rst-content .wy-alert-info.tip,.rst-content .wy-alert-info.warning,.wy-alert.wy-alert-info{background:#e7f2fa}.rst-content .note .admonition-title,.rst-content .note .wy-alert-title,.rst-content .seealso .admonition-title,.rst-content .seealso .wy-alert-title,.rst-content .wy-alert-info.admonition-todo .admonition-title,.rst-content .wy-alert-info.admonition-todo .wy-alert-title,.rst-content .wy-alert-info.admonition .admonition-title,.rst-content .wy-alert-info.admonition .wy-alert-title,.rst-content .wy-alert-info.attention .admonition-title,.rst-content .wy-alert-info.attention .wy-alert-title,.rst-content .wy-alert-info.caution .admonition-title,.rst-content .wy-alert-info.caution .wy-alert-title,.rst-content .wy-alert-info.danger .admonition-title,.rst-content .wy-alert-info.danger .wy-alert-title,.rst-content .wy-alert-info.error .admonition-title,.rst-content .wy-alert-info.error .wy-alert-title,.rst-content .wy-alert-info.hint .admonition-title,.rst-content .wy-alert-info.hint .wy-alert-title,.rst-content .wy-alert-info.important .admonition-title,.rst-content .wy-alert-info.important .wy-alert-title,.rst-content .wy-alert-info.tip .admonition-title,.rst-content .wy-alert-info.tip .wy-alert-title,.rst-content .wy-alert-info.warning .admonition-title,.rst-content .wy-alert-info.warning .wy-alert-title,.rst-content .wy-alert.wy-alert-info .admonition-title,.wy-alert.wy-alert-info .rst-content .admonition-title,.wy-alert.wy-alert-info .wy-alert-title{background:#6ab0de}.rst-content .hint,.rst-content .important,.rst-content .tip,.rst-content .wy-alert-success.admonition,.rst-content .wy-alert-success.admonition-todo,.rst-content .wy-alert-success.attention,.rst-content .wy-alert-success.caution,.rst-content .wy-alert-success.danger,.rst-content .wy-alert-success.error,.rst-content .wy-alert-success.note,.rst-content .wy-alert-success.seealso,.rst-content .wy-alert-success.warning,.wy-alert.wy-alert-success{background:#dbfaf4}.rst-content .hint .admonition-title,.rst-content .hint .wy-alert-title,.rst-content .important .admonition-title,.rst-content .important .wy-alert-title,.rst-content .tip .admonition-title,.rst-content .tip .wy-alert-title,.rst-content .wy-alert-success.admonition-todo .admonition-title,.rst-content .wy-alert-success.admonition-todo .wy-alert-title,.rst-content .wy-alert-success.admonition .admonition-title,.rst-content .wy-alert-success.admonition .wy-alert-title,.rst-content .wy-alert-success.attention .admonition-title,.rst-content .wy-alert-success.attention .wy-alert-title,.rst-content .wy-alert-success.caution .admonition-title,.rst-content .wy-alert-success.caution .wy-alert-title,.rst-content .wy-alert-success.danger .admonition-title,.rst-content .wy-alert-success.danger .wy-alert-title,.rst-content .wy-alert-success.error .admonition-title,.rst-content .wy-alert-success.error .wy-alert-title,.rst-content .wy-alert-success.note .admonition-title,.rst-content .wy-alert-success.note .wy-alert-title,.rst-content .wy-alert-success.seealso .admonition-title,.rst-content .wy-alert-success.seealso .wy-alert-title,.rst-content .wy-alert-success.warning .admonition-title,.rst-content .wy-alert-success.warning .wy-alert-title,.rst-content .wy-alert.wy-alert-success .admonition-title,.wy-alert.wy-alert-success .rst-content .admonition-title,.wy-alert.wy-alert-success .wy-alert-title{background:#1abc9c}.rst-content .wy-alert-neutral.admonition,.rst-content .wy-alert-neutral.admonition-todo,.rst-content .wy-alert-neutral.attention,.rst-content .wy-alert-neutral.caution,.rst-content .wy-alert-neutral.danger,.rst-content .wy-alert-neutral.error,.rst-content .wy-alert-neutral.hint,.rst-content .wy-alert-neutral.important,.rst-content .wy-alert-neutral.note,.rst-content .wy-alert-neutral.seealso,.rst-content .wy-alert-neutral.tip,.rst-content .wy-alert-neutral.warning,.wy-alert.wy-alert-neutral{background:#f3f6f6}.rst-content .wy-alert-neutral.admonition-todo .admonition-title,.rst-content .wy-alert-neutral.admonition-todo .wy-alert-title,.rst-content .wy-alert-neutral.admonition .admonition-title,.rst-content .wy-alert-neutral.admonition .wy-alert-title,.rst-content .wy-alert-neutral.attention .admonition-title,.rst-content .wy-alert-neutral.attention .wy-alert-title,.rst-content .wy-alert-neutral.caution .admonition-title,.rst-content .wy-alert-neutral.caution .wy-alert-title,.rst-content .wy-alert-neutral.danger .admonition-title,.rst-content .wy-alert-neutral.danger .wy-alert-title,.rst-content .wy-alert-neutral.error .admonition-title,.rst-content .wy-alert-neutral.error .wy-alert-title,.rst-content .wy-alert-neutral.hint .admonition-title,.rst-content .wy-alert-neutral.hint .wy-alert-title,.rst-content .wy-alert-neutral.important .admonition-title,.rst-content .wy-alert-neutral.important .wy-alert-title,.rst-content .wy-alert-neutral.note .admonition-title,.rst-content .wy-alert-neutral.note .wy-alert-title,.rst-content .wy-alert-neutral.seealso .admonition-title,.rst-content .wy-alert-neutral.seealso .wy-alert-title,.rst-content .wy-alert-neutral.tip .admonition-title,.rst-content .wy-alert-neutral.tip .wy-alert-title,.rst-content .wy-alert-neutral.warning .admonition-title,.rst-content .wy-alert-neutral.warning .wy-alert-title,.rst-content .wy-alert.wy-alert-neutral .admonition-title,.wy-alert.wy-alert-neutral .rst-content .admonition-title,.wy-alert.wy-alert-neutral .wy-alert-title{color:#404040;background:#e1e4e5}.rst-content .wy-alert-neutral.admonition-todo a,.rst-content .wy-alert-neutral.admonition a,.rst-content .wy-alert-neutral.attention a,.rst-content .wy-alert-neutral.caution a,.rst-content .wy-alert-neutral.danger a,.rst-content .wy-alert-neutral.error a,.rst-content .wy-alert-neutral.hint a,.rst-content .wy-alert-neutral.important a,.rst-content .wy-alert-neutral.note a,.rst-content .wy-alert-neutral.seealso a,.rst-content .wy-alert-neutral.tip a,.rst-content .wy-alert-neutral.warning a,.wy-alert.wy-alert-neutral a{color:#2980b9}.rst-content .admonition-todo p:last-child,.rst-content .admonition p:last-child,.rst-content .attention p:last-child,.rst-content .caution p:last-child,.rst-content .danger p:last-child,.rst-content .error p:last-child,.rst-content .hint p:last-child,.rst-content .important p:last-child,.rst-content .note p:last-child,.rst-content .seealso p:last-child,.rst-content .tip p:last-child,.rst-content .warning p:last-child,.wy-alert p:last-child{margin-bottom:0}.wy-tray-container{position:fixed;bottom:0;left:0;z-index:600}.wy-tray-container li{display:block;width:300px;background:transparent;color:#fff;text-align:center;box-shadow:0 5px 5px 0 rgba(0,0,0,.1);padding:0 24px;min-width:20%;opacity:0;height:0;line-height:56px;overflow:hidden;-webkit-transition:all .3s ease-in;-moz-transition:all .3s ease-in;transition:all .3s ease-in}.wy-tray-container li.wy-tray-item-success{background:#27ae60}.wy-tray-container li.wy-tray-item-info{background:#2980b9}.wy-tray-container li.wy-tray-item-warning{background:#e67e22}.wy-tray-container li.wy-tray-item-danger{background:#e74c3c}.wy-tray-container li.on{opacity:1;height:56px}@media screen and (max-width:768px){.wy-tray-container{bottom:auto;top:0;width:100%}.wy-tray-container li{width:100%}}button{font-size:100%;margin:0;vertical-align:baseline;*vertical-align:middle;cursor:pointer;line-height:normal;-webkit-appearance:button;*overflow:visible}button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0}button[disabled]{cursor:default}.btn{display:inline-block;border-radius:2px;line-height:normal;white-space:nowrap;text-align:center;cursor:pointer;font-size:100%;padding:6px 12px 8px;color:#fff;border:1px solid rgba(0,0,0,.1);background-color:#27ae60;text-decoration:none;font-weight:400;font-family:Lato,proxima-nova,Helvetica Neue,Arial,sans-serif;box-shadow:inset 0 1px 2px -1px hsla(0,0%,100%,.5),inset 0 -2px 0 0 rgba(0,0,0,.1);outline-none:false;vertical-align:middle;*display:inline;zoom:1;-webkit-user-drag:none;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;-webkit-transition:all .1s linear;-moz-transition:all .1s linear;transition:all .1s linear}.btn-hover{background:#2e8ece;color:#fff}.btn:hover{background:#2cc36b;color:#fff}.btn:focus{background:#2cc36b;outline:0}.btn:active{box-shadow:inset 0 -1px 0 0 rgba(0,0,0,.05),inset 0 2px 0 0 rgba(0,0,0,.1);padding:8px 12px 6px}.btn:visited{color:#fff}.btn-disabled,.btn-disabled:active,.btn-disabled:focus,.btn-disabled:hover,.btn:disabled{background-image:none;filter:progid:DXImageTransform.Microsoft.gradient(enabled = false);filter:alpha(opacity=40);opacity:.4;cursor:not-allowed;box-shadow:none}.btn::-moz-focus-inner{padding:0;border:0}.btn-small{font-size:80%}.btn-info{background-color:#2980b9!important}.btn-info:hover{background-color:#2e8ece!important}.btn-neutral{background-color:#f3f6f6!important;color:#404040!important}.btn-neutral:hover{background-color:#e5ebeb!important;color:#404040}.btn-neutral:visited{color:#404040!important}.btn-success{background-color:#27ae60!important}.btn-success:hover{background-color:#295!important}.btn-danger{background-color:#e74c3c!important}.btn-danger:hover{background-color:#ea6153!important}.btn-warning{background-color:#e67e22!important}.btn-warning:hover{background-color:#e98b39!important}.btn-invert{background-color:#222}.btn-invert:hover{background-color:#2f2f2f!important}.btn-link{background-color:transparent!important;color:#2980b9;box-shadow:none;border-color:transparent!important}.btn-link:active,.btn-link:hover{background-color:transparent!important;color:#409ad5!important;box-shadow:none}.btn-link:visited{color:#9b59b6}.wy-btn-group .btn,.wy-control .btn{vertical-align:middle}.wy-btn-group{margin-bottom:24px;*zoom:1}.wy-btn-group:after,.wy-btn-group:before{display:table;content:""}.wy-btn-group:after{clear:both}.wy-dropdown{position:relative;display:inline-block}.wy-dropdown-active .wy-dropdown-menu{display:block}.wy-dropdown-menu{position:absolute;left:0;display:none;float:left;top:100%;min-width:100%;background:#fcfcfc;z-index:100;border:1px solid #cfd7dd;box-shadow:0 2px 2px 0 rgba(0,0,0,.1);padding:12px}.wy-dropdown-menu>dd>a{display:block;clear:both;color:#404040;white-space:nowrap;font-size:90%;padding:0 12px;cursor:pointer}.wy-dropdown-menu>dd>a:hover{background:#2980b9;color:#fff}.wy-dropdown-menu>dd.divider{border-top:1px solid #cfd7dd;margin:6px 0}.wy-dropdown-menu>dd.search{padding-bottom:12px}.wy-dropdown-menu>dd.search input[type=search]{width:100%}.wy-dropdown-menu>dd.call-to-action{background:#e3e3e3;text-transform:uppercase;font-weight:500;font-size:80%}.wy-dropdown-menu>dd.call-to-action:hover{background:#e3e3e3}.wy-dropdown-menu>dd.call-to-action .btn{color:#fff}.wy-dropdown.wy-dropdown-up .wy-dropdown-menu{bottom:100%;top:auto;left:auto;right:0}.wy-dropdown.wy-dropdown-bubble .wy-dropdown-menu{background:#fcfcfc;margin-top:2px}.wy-dropdown.wy-dropdown-bubble .wy-dropdown-menu a{padding:6px 12px}.wy-dropdown.wy-dropdown-bubble .wy-dropdown-menu a:hover{background:#2980b9;color:#fff}.wy-dropdown.wy-dropdown-left .wy-dropdown-menu{right:0;left:auto;text-align:right}.wy-dropdown-arrow:before{content:" ";border-bottom:5px solid #f5f5f5;border-left:5px solid transparent;border-right:5px solid transparent;position:absolute;display:block;top:-4px;left:50%;margin-left:-3px}.wy-dropdown-arrow.wy-dropdown-arrow-left:before{left:11px}.wy-form-stacked select{display:block}.wy-form-aligned .wy-help-inline,.wy-form-aligned input,.wy-form-aligned label,.wy-form-aligned select,.wy-form-aligned textarea{display:inline-block;*display:inline;*zoom:1;vertical-align:middle}.wy-form-aligned .wy-control-group>label{display:inline-block;vertical-align:middle;width:10em;margin:6px 12px 0 0;float:left}.wy-form-aligned .wy-control{float:left}.wy-form-aligned .wy-control label{display:block}.wy-form-aligned .wy-control select{margin-top:6px}fieldset{margin:0}fieldset,legend{border:0;padding:0}legend{width:100%;white-space:normal;margin-bottom:24px;font-size:150%;*margin-left:-7px}label,legend{display:block}label{margin:0 0 .3125em;color:#333;font-size:90%}input,select,textarea{font-size:100%;margin:0;vertical-align:baseline;*vertical-align:middle}.wy-control-group{margin-bottom:24px;max-width:1200px;margin-left:auto;margin-right:auto;*zoom:1}.wy-control-group:after,.wy-control-group:before{display:table;content:""}.wy-control-group:after{clear:both}.wy-control-group.wy-control-group-required>label:after{content:" *";color:#e74c3c}.wy-control-group .wy-form-full,.wy-control-group .wy-form-halves,.wy-control-group .wy-form-thirds{padding-bottom:12px}.wy-control-group .wy-form-full input[type=color],.wy-control-group .wy-form-full input[type=date],.wy-control-group .wy-form-full input[type=datetime-local],.wy-control-group .wy-form-full input[type=datetime],.wy-control-group .wy-form-full input[type=email],.wy-control-group .wy-form-full input[type=month],.wy-control-group .wy-form-full input[type=number],.wy-control-group .wy-form-full input[type=password],.wy-control-group .wy-form-full input[type=search],.wy-control-group .wy-form-full input[type=tel],.wy-control-group .wy-form-full input[type=text],.wy-control-group .wy-form-full input[type=time],.wy-control-group .wy-form-full input[type=url],.wy-control-group .wy-form-full input[type=week],.wy-control-group .wy-form-full select,.wy-control-group .wy-form-halves input[type=color],.wy-control-group .wy-form-halves input[type=date],.wy-control-group .wy-form-halves input[type=datetime-local],.wy-control-group .wy-form-halves input[type=datetime],.wy-control-group .wy-form-halves input[type=email],.wy-control-group .wy-form-halves input[type=month],.wy-control-group .wy-form-halves input[type=number],.wy-control-group .wy-form-halves input[type=password],.wy-control-group .wy-form-halves input[type=search],.wy-control-group .wy-form-halves input[type=tel],.wy-control-group .wy-form-halves input[type=text],.wy-control-group .wy-form-halves input[type=time],.wy-control-group .wy-form-halves input[type=url],.wy-control-group .wy-form-halves input[type=week],.wy-control-group .wy-form-halves select,.wy-control-group .wy-form-thirds input[type=color],.wy-control-group .wy-form-thirds input[type=date],.wy-control-group .wy-form-thirds input[type=datetime-local],.wy-control-group .wy-form-thirds input[type=datetime],.wy-control-group .wy-form-thirds input[type=email],.wy-control-group .wy-form-thirds input[type=month],.wy-control-group .wy-form-thirds input[type=number],.wy-control-group .wy-form-thirds input[type=password],.wy-control-group .wy-form-thirds input[type=search],.wy-control-group .wy-form-thirds input[type=tel],.wy-control-group .wy-form-thirds input[type=text],.wy-control-group .wy-form-thirds input[type=time],.wy-control-group .wy-form-thirds input[type=url],.wy-control-group .wy-form-thirds input[type=week],.wy-control-group .wy-form-thirds select{width:100%}.wy-control-group .wy-form-full{float:left;display:block;width:100%;margin-right:0}.wy-control-group .wy-form-full:last-child{margin-right:0}.wy-control-group .wy-form-halves{float:left;display:block;margin-right:2.35765%;width:48.82117%}.wy-control-group .wy-form-halves:last-child,.wy-control-group .wy-form-halves:nth-of-type(2n){margin-right:0}.wy-control-group .wy-form-halves:nth-of-type(odd){clear:left}.wy-control-group .wy-form-thirds{float:left;display:block;margin-right:2.35765%;width:31.76157%}.wy-control-group .wy-form-thirds:last-child,.wy-control-group .wy-form-thirds:nth-of-type(3n){margin-right:0}.wy-control-group .wy-form-thirds:nth-of-type(3n+1){clear:left}.wy-control-group.wy-control-group-no-input .wy-control,.wy-control-no-input{margin:6px 0 0;font-size:90%}.wy-control-no-input{display:inline-block}.wy-control-group.fluid-input input[type=color],.wy-control-group.fluid-input input[type=date],.wy-control-group.fluid-input input[type=datetime-local],.wy-control-group.fluid-input input[type=datetime],.wy-control-group.fluid-input input[type=email],.wy-control-group.fluid-input input[type=month],.wy-control-group.fluid-input input[type=number],.wy-control-group.fluid-input input[type=password],.wy-control-group.fluid-input input[type=search],.wy-control-group.fluid-input input[type=tel],.wy-control-group.fluid-input input[type=text],.wy-control-group.fluid-input input[type=time],.wy-control-group.fluid-input input[type=url],.wy-control-group.fluid-input input[type=week]{width:100%}.wy-form-message-inline{padding-left:.3em;color:#666;font-size:90%}.wy-form-message{display:block;color:#999;font-size:70%;margin-top:.3125em;font-style:italic}.wy-form-message p{font-size:inherit;font-style:italic;margin-bottom:6px}.wy-form-message p:last-child{margin-bottom:0}input{line-height:normal}input[type=button],input[type=reset],input[type=submit]{-webkit-appearance:button;cursor:pointer;font-family:Lato,proxima-nova,Helvetica Neue,Arial,sans-serif;*overflow:visible}input[type=color],input[type=date],input[type=datetime-local],input[type=datetime],input[type=email],input[type=month],input[type=number],input[type=password],input[type=search],input[type=tel],input[type=text],input[type=time],input[type=url],input[type=week]{-webkit-appearance:none;padding:6px;display:inline-block;border:1px solid #ccc;font-size:80%;font-family:Lato,proxima-nova,Helvetica Neue,Arial,sans-serif;box-shadow:inset 0 1px 3px #ddd;border-radius:0;-webkit-transition:border .3s linear;-moz-transition:border .3s linear;transition:border .3s linear}input[type=datetime-local]{padding:.34375em .625em}input[disabled]{cursor:default}input[type=checkbox],input[type=radio]{padding:0;margin-right:.3125em;*height:13px;*width:13px}input[type=checkbox],input[type=radio],input[type=search]{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}input[type=search]::-webkit-search-cancel-button,input[type=search]::-webkit-search-decoration{-webkit-appearance:none}input[type=color]:focus,input[type=date]:focus,input[type=datetime-local]:focus,input[type=datetime]:focus,input[type=email]:focus,input[type=month]:focus,input[type=number]:focus,input[type=password]:focus,input[type=search]:focus,input[type=tel]:focus,input[type=text]:focus,input[type=time]:focus,input[type=url]:focus,input[type=week]:focus{outline:0;outline:thin dotted\9;border-color:#333}input.no-focus:focus{border-color:#ccc!important}input[type=checkbox]:focus,input[type=file]:focus,input[type=radio]:focus{outline:thin dotted #333;outline:1px auto #129fea}input[type=color][disabled],input[type=date][disabled],input[type=datetime-local][disabled],input[type=datetime][disabled],input[type=email][disabled],input[type=month][disabled],input[type=number][disabled],input[type=password][disabled],input[type=search][disabled],input[type=tel][disabled],input[type=text][disabled],input[type=time][disabled],input[type=url][disabled],input[type=week][disabled]{cursor:not-allowed;background-color:#fafafa}input:focus:invalid,select:focus:invalid,textarea:focus:invalid{color:#e74c3c;border:1px solid #e74c3c}input:focus:invalid:focus,select:focus:invalid:focus,textarea:focus:invalid:focus{border-color:#e74c3c}input[type=checkbox]:focus:invalid:focus,input[type=file]:focus:invalid:focus,input[type=radio]:focus:invalid:focus{outline-color:#e74c3c}input.wy-input-large{padding:12px;font-size:100%}textarea{overflow:auto;vertical-align:top;width:100%;font-family:Lato,proxima-nova,Helvetica Neue,Arial,sans-serif}select,textarea{padding:.5em .625em;display:inline-block;border:1px solid #ccc;font-size:80%;box-shadow:inset 0 1px 3px #ddd;-webkit-transition:border .3s linear;-moz-transition:border .3s linear;transition:border .3s linear}select{border:1px solid #ccc;background-color:#fff}select[multiple]{height:auto}select:focus,textarea:focus{outline:0}input[readonly],select[disabled],select[readonly],textarea[disabled],textarea[readonly]{cursor:not-allowed;background-color:#fafafa}input[type=checkbox][disabled],input[type=radio][disabled]{cursor:not-allowed}.wy-checkbox,.wy-radio{margin:6px 0;color:#404040;display:block}.wy-checkbox input,.wy-radio input{vertical-align:baseline}.wy-form-message-inline{display:inline-block;*display:inline;*zoom:1;vertical-align:middle}.wy-input-prefix,.wy-input-suffix{white-space:nowrap;padding:6px}.wy-input-prefix .wy-input-context,.wy-input-suffix .wy-input-context{line-height:27px;padding:0 8px;display:inline-block;font-size:80%;background-color:#f3f6f6;border:1px solid #ccc;color:#999}.wy-input-suffix .wy-input-context{border-left:0}.wy-input-prefix .wy-input-context{border-right:0}.wy-switch{position:relative;display:block;height:24px;margin-top:12px;cursor:pointer}.wy-switch:before{left:0;top:0;width:36px;height:12px;background:#ccc}.wy-switch:after,.wy-switch:before{position:absolute;content:"";display:block;border-radius:4px;-webkit-transition:all .2s ease-in-out;-moz-transition:all .2s ease-in-out;transition:all .2s ease-in-out}.wy-switch:after{width:18px;height:18px;background:#999;left:-3px;top:-3px}.wy-switch span{position:absolute;left:48px;display:block;font-size:12px;color:#ccc;line-height:1}.wy-switch.active:before{background:#1e8449}.wy-switch.active:after{left:24px;background:#27ae60}.wy-switch.disabled{cursor:not-allowed;opacity:.8}.wy-control-group.wy-control-group-error .wy-form-message,.wy-control-group.wy-control-group-error>label{color:#e74c3c}.wy-control-group.wy-control-group-error input[type=color],.wy-control-group.wy-control-group-error input[type=date],.wy-control-group.wy-control-group-error input[type=datetime-local],.wy-control-group.wy-control-group-error input[type=datetime],.wy-control-group.wy-control-group-error input[type=email],.wy-control-group.wy-control-group-error input[type=month],.wy-control-group.wy-control-group-error input[type=number],.wy-control-group.wy-control-group-error input[type=password],.wy-control-group.wy-control-group-error input[type=search],.wy-control-group.wy-control-group-error input[type=tel],.wy-control-group.wy-control-group-error input[type=text],.wy-control-group.wy-control-group-error input[type=time],.wy-control-group.wy-control-group-error input[type=url],.wy-control-group.wy-control-group-error input[type=week],.wy-control-group.wy-control-group-error textarea{border:1px solid #e74c3c}.wy-inline-validate{white-space:nowrap}.wy-inline-validate .wy-input-context{padding:.5em .625em;display:inline-block;font-size:80%}.wy-inline-validate.wy-inline-validate-success .wy-input-context{color:#27ae60}.wy-inline-validate.wy-inline-validate-danger .wy-input-context{color:#e74c3c}.wy-inline-validate.wy-inline-validate-warning .wy-input-context{color:#e67e22}.wy-inline-validate.wy-inline-validate-info .wy-input-context{color:#2980b9}.rotate-90{-webkit-transform:rotate(90deg);-moz-transform:rotate(90deg);-ms-transform:rotate(90deg);-o-transform:rotate(90deg);transform:rotate(90deg)}.rotate-180{-webkit-transform:rotate(180deg);-moz-transform:rotate(180deg);-ms-transform:rotate(180deg);-o-transform:rotate(180deg);transform:rotate(180deg)}.rotate-270{-webkit-transform:rotate(270deg);-moz-transform:rotate(270deg);-ms-transform:rotate(270deg);-o-transform:rotate(270deg);transform:rotate(270deg)}.mirror{-webkit-transform:scaleX(-1);-moz-transform:scaleX(-1);-ms-transform:scaleX(-1);-o-transform:scaleX(-1);transform:scaleX(-1)}.mirror.rotate-90{-webkit-transform:scaleX(-1) rotate(90deg);-moz-transform:scaleX(-1) rotate(90deg);-ms-transform:scaleX(-1) rotate(90deg);-o-transform:scaleX(-1) rotate(90deg);transform:scaleX(-1) rotate(90deg)}.mirror.rotate-180{-webkit-transform:scaleX(-1) rotate(180deg);-moz-transform:scaleX(-1) rotate(180deg);-ms-transform:scaleX(-1) rotate(180deg);-o-transform:scaleX(-1) rotate(180deg);transform:scaleX(-1) rotate(180deg)}.mirror.rotate-270{-webkit-transform:scaleX(-1) rotate(270deg);-moz-transform:scaleX(-1) rotate(270deg);-ms-transform:scaleX(-1) rotate(270deg);-o-transform:scaleX(-1) rotate(270deg);transform:scaleX(-1) rotate(270deg)}@media only screen and (max-width:480px){.wy-form button[type=submit]{margin:.7em 0 0}.wy-form input[type=color],.wy-form input[type=date],.wy-form input[type=datetime-local],.wy-form input[type=datetime],.wy-form input[type=email],.wy-form input[type=month],.wy-form input[type=number],.wy-form input[type=password],.wy-form input[type=search],.wy-form input[type=tel],.wy-form input[type=text],.wy-form input[type=time],.wy-form input[type=url],.wy-form input[type=week],.wy-form label{margin-bottom:.3em;display:block}.wy-form input[type=color],.wy-form input[type=date],.wy-form input[type=datetime-local],.wy-form input[type=datetime],.wy-form input[type=email],.wy-form input[type=month],.wy-form input[type=number],.wy-form input[type=password],.wy-form input[type=search],.wy-form input[type=tel],.wy-form input[type=time],.wy-form input[type=url],.wy-form input[type=week]{margin-bottom:0}.wy-form-aligned .wy-control-group label{margin-bottom:.3em;text-align:left;display:block;width:100%}.wy-form-aligned .wy-control{margin:1.5em 0 0}.wy-form-message,.wy-form-message-inline,.wy-form .wy-help-inline{display:block;font-size:80%;padding:6px 0}}@media screen and (max-width:768px){.tablet-hide{display:none}}@media screen and (max-width:480px){.mobile-hide{display:none}}.float-left{float:left}.float-right{float:right}.full-width{width:100%}.rst-content table.docutils,.rst-content table.field-list,.wy-table{border-collapse:collapse;border-spacing:0;empty-cells:show;margin-bottom:24px}.rst-content table.docutils caption,.rst-content table.field-list caption,.wy-table caption{color:#000;font:italic 85%/1 arial,sans-serif;padding:1em 0;text-align:center}.rst-content table.docutils td,.rst-content table.docutils th,.rst-content table.field-list td,.rst-content table.field-list th,.wy-table td,.wy-table th{font-size:90%;margin:0;overflow:visible;padding:8px 16px}.rst-content table.docutils td:first-child,.rst-content table.docutils th:first-child,.rst-content table.field-list td:first-child,.rst-content table.field-list th:first-child,.wy-table td:first-child,.wy-table th:first-child{border-left-width:0}.rst-content table.docutils thead,.rst-content table.field-list thead,.wy-table thead{color:#000;text-align:left;vertical-align:bottom;white-space:nowrap}.rst-content table.docutils thead th,.rst-content table.field-list thead th,.wy-table thead th{font-weight:700;border-bottom:2px solid #e1e4e5}.rst-content table.docutils td,.rst-content table.field-list td,.wy-table td{background-color:transparent;vertical-align:middle}.rst-content table.docutils td p,.rst-content table.field-list td p,.wy-table td p{line-height:18px}.rst-content table.docutils td p:last-child,.rst-content table.field-list td p:last-child,.wy-table td p:last-child{margin-bottom:0}.rst-content table.docutils .wy-table-cell-min,.rst-content table.field-list .wy-table-cell-min,.wy-table .wy-table-cell-min{width:1%;padding-right:0}.rst-content table.docutils .wy-table-cell-min input[type=checkbox],.rst-content table.field-list .wy-table-cell-min input[type=checkbox],.wy-table .wy-table-cell-min input[type=checkbox]{margin:0}.wy-table-secondary{color:grey;font-size:90%}.wy-table-tertiary{color:grey;font-size:80%}.rst-content table.docutils:not(.field-list) tr:nth-child(2n-1) td,.wy-table-backed,.wy-table-odd td,.wy-table-striped tr:nth-child(2n-1) td{background-color:#f3f6f6}.rst-content table.docutils,.wy-table-bordered-all{border:1px solid #e1e4e5}.rst-content table.docutils td,.wy-table-bordered-all td{border-bottom:1px solid #e1e4e5;border-left:1px solid #e1e4e5}.rst-content table.docutils tbody>tr:last-child td,.wy-table-bordered-all tbody>tr:last-child td{border-bottom-width:0}.wy-table-bordered{border:1px solid #e1e4e5}.wy-table-bordered-rows td{border-bottom:1px solid #e1e4e5}.wy-table-bordered-rows tbody>tr:last-child td{border-bottom-width:0}.wy-table-horizontal td,.wy-table-horizontal th{border-width:0 0 1px;border-bottom:1px solid #e1e4e5}.wy-table-horizontal tbody>tr:last-child td{border-bottom-width:0}.wy-table-responsive{margin-bottom:24px;max-width:100%;overflow:auto}.wy-table-responsive table{margin-bottom:0!important}.wy-table-responsive table td,.wy-table-responsive table th{white-space:nowrap}a{color:#2980b9;text-decoration:none;cursor:pointer}a:hover{color:#3091d1}a:visited{color:#9b59b6}html{height:100%}body,html{overflow-x:hidden}body{font-family:Lato,proxima-nova,Helvetica Neue,Arial,sans-serif;font-weight:400;color:#404040;min-height:100%;background:#edf0f2}.wy-text-left{text-align:left}.wy-text-center{text-align:center}.wy-text-right{text-align:right}.wy-text-large{font-size:120%}.wy-text-normal{font-size:100%}.wy-text-small,small{font-size:80%}.wy-text-strike{text-decoration:line-through}.wy-text-warning{color:#e67e22!important}a.wy-text-warning:hover{color:#eb9950!important}.wy-text-info{color:#2980b9!important}a.wy-text-info:hover{color:#409ad5!important}.wy-text-success{color:#27ae60!important}a.wy-text-success:hover{color:#36d278!important}.wy-text-danger{color:#e74c3c!important}a.wy-text-danger:hover{color:#ed7669!important}.wy-text-neutral{color:#404040!important}a.wy-text-neutral:hover{color:#595959!important}.rst-content .toctree-wrapper>p.caption,h1,h2,h3,h4,h5,h6,legend{margin-top:0;font-weight:700;font-family:Roboto Slab,ff-tisa-web-pro,Georgia,Arial,sans-serif}p{line-height:24px;font-size:16px;margin:0 0 24px}h1{font-size:175%}.rst-content .toctree-wrapper>p.caption,h2{font-size:150%}h3{font-size:125%}h4{font-size:115%}h5{font-size:110%}h6{font-size:100%}hr{display:block;height:1px;border:0;border-top:1px solid #e1e4e5;margin:24px 0;padding:0}.rst-content code,.rst-content tt,code{white-space:nowrap;max-width:100%;background:#fff;border:1px solid #e1e4e5;font-size:75%;padding:0 5px;font-family:SFMono-Regular,Menlo,Monaco,Consolas,Liberation Mono,Courier New,Courier,monospace;color:#e74c3c;overflow-x:auto}.rst-content tt.code-large,code.code-large{font-size:90%}.rst-content .section ul,.rst-content .toctree-wrapper ul,.rst-content section ul,.wy-plain-list-disc,article ul{list-style:disc;line-height:24px;margin-bottom:24px}.rst-content .section ul li,.rst-content .toctree-wrapper ul li,.rst-content section ul li,.wy-plain-list-disc li,article ul li{list-style:disc;margin-left:24px}.rst-content .section ul li p:last-child,.rst-content .section ul li ul,.rst-content .toctree-wrapper ul li p:last-child,.rst-content .toctree-wrapper ul li ul,.rst-content section ul li p:last-child,.rst-content section ul li ul,.wy-plain-list-disc li p:last-child,.wy-plain-list-disc li ul,article ul li p:last-child,article ul li ul{margin-bottom:0}.rst-content .section ul li li,.rst-content .toctree-wrapper ul li li,.rst-content section ul li li,.wy-plain-list-disc li li,article ul li li{list-style:circle}.rst-content .section ul li li li,.rst-content .toctree-wrapper ul li li li,.rst-content section ul li li li,.wy-plain-list-disc li li li,article ul li li li{list-style:square}.rst-content .section ul li ol li,.rst-content .toctree-wrapper ul li ol li,.rst-content section ul li ol li,.wy-plain-list-disc li ol li,article ul li ol li{list-style:decimal}.rst-content .section ol,.rst-content .section ol.arabic,.rst-content .toctree-wrapper ol,.rst-content .toctree-wrapper ol.arabic,.rst-content section ol,.rst-content section ol.arabic,.wy-plain-list-decimal,article ol{list-style:decimal;line-height:24px;margin-bottom:24px}.rst-content .section ol.arabic li,.rst-content .section ol li,.rst-content .toctree-wrapper ol.arabic li,.rst-content .toctree-wrapper ol li,.rst-content section ol.arabic li,.rst-content section ol li,.wy-plain-list-decimal li,article ol li{list-style:decimal;margin-left:24px}.rst-content .section ol.arabic li ul,.rst-content .section ol li p:last-child,.rst-content .section ol li ul,.rst-content .toctree-wrapper ol.arabic li ul,.rst-content .toctree-wrapper ol li p:last-child,.rst-content .toctree-wrapper ol li ul,.rst-content section ol.arabic li ul,.rst-content section ol li p:last-child,.rst-content section ol li ul,.wy-plain-list-decimal li p:last-child,.wy-plain-list-decimal li ul,article ol li p:last-child,article ol li ul{margin-bottom:0}.rst-content .section ol.arabic li ul li,.rst-content .section ol li ul li,.rst-content .toctree-wrapper ol.arabic li ul li,.rst-content .toctree-wrapper ol li ul li,.rst-content section ol.arabic li ul li,.rst-content section ol li ul li,.wy-plain-list-decimal li ul li,article ol li ul li{list-style:disc}.wy-breadcrumbs{*zoom:1}.wy-breadcrumbs:after,.wy-breadcrumbs:before{display:table;content:""}.wy-breadcrumbs:after{clear:both}.wy-breadcrumbs>li{display:inline-block;padding-top:5px}.wy-breadcrumbs>li.wy-breadcrumbs-aside{float:right}.rst-content .wy-breadcrumbs>li code,.rst-content .wy-breadcrumbs>li tt,.wy-breadcrumbs>li .rst-content tt,.wy-breadcrumbs>li code{all:inherit;color:inherit}.breadcrumb-item:before{content:"/";color:#bbb;font-size:13px;padding:0 6px 0 3px}.wy-breadcrumbs-extra{margin-bottom:0;color:#b3b3b3;font-size:80%;display:inline-block}@media screen and (max-width:480px){.wy-breadcrumbs-extra,.wy-breadcrumbs li.wy-breadcrumbs-aside{display:none}}@media print{.wy-breadcrumbs li.wy-breadcrumbs-aside{display:none}}html{font-size:16px}.wy-affix{position:fixed;top:1.618em}.wy-menu a:hover{text-decoration:none}.wy-menu-horiz{*zoom:1}.wy-menu-horiz:after,.wy-menu-horiz:before{display:table;content:""}.wy-menu-horiz:after{clear:both}.wy-menu-horiz li,.wy-menu-horiz ul{display:inline-block}.wy-menu-horiz li:hover{background:hsla(0,0%,100%,.1)}.wy-menu-horiz li.divide-left{border-left:1px solid #404040}.wy-menu-horiz li.divide-right{border-right:1px solid #404040}.wy-menu-horiz a{height:32px;display:inline-block;line-height:32px;padding:0 16px}.wy-menu-vertical{width:300px}.wy-menu-vertical header,.wy-menu-vertical p.caption{color:#55a5d9;height:32px;line-height:32px;padding:0 1.618em;margin:12px 0 0;display:block;font-weight:700;text-transform:uppercase;font-size:85%;white-space:nowrap}.wy-menu-vertical ul{margin-bottom:0}.wy-menu-vertical li.divide-top{border-top:1px solid #404040}.wy-menu-vertical li.divide-bottom{border-bottom:1px solid #404040}.wy-menu-vertical li.current{background:#e3e3e3}.wy-menu-vertical li.current a{color:grey;border-right:1px solid #c9c9c9;padding:.4045em 2.427em}.wy-menu-vertical li.current a:hover{background:#d6d6d6}.rst-content .wy-menu-vertical li tt,.wy-menu-vertical li .rst-content tt,.wy-menu-vertical li code{border:none;background:inherit;color:inherit;padding-left:0;padding-right:0}.wy-menu-vertical li button.toctree-expand{display:block;float:left;margin-left:-1.2em;line-height:18px;color:#4d4d4d;border:none;background:none;padding:0}.wy-menu-vertical li.current>a,.wy-menu-vertical li.on a{color:#404040;font-weight:700;position:relative;background:#fcfcfc;border:none;padding:.4045em 1.618em}.wy-menu-vertical li.current>a:hover,.wy-menu-vertical li.on a:hover{background:#fcfcfc}.wy-menu-vertical li.current>a:hover button.toctree-expand,.wy-menu-vertical li.on a:hover button.toctree-expand{color:grey}.wy-menu-vertical li.current>a button.toctree-expand,.wy-menu-vertical li.on a button.toctree-expand{display:block;line-height:18px;color:#333}.wy-menu-vertical li.toctree-l1.current>a{border-bottom:1px solid #c9c9c9;border-top:1px solid #c9c9c9}.wy-menu-vertical .toctree-l1.current .toctree-l2>ul,.wy-menu-vertical .toctree-l2.current .toctree-l3>ul,.wy-menu-vertical .toctree-l3.current .toctree-l4>ul,.wy-menu-vertical .toctree-l4.current .toctree-l5>ul,.wy-menu-vertical .toctree-l5.current .toctree-l6>ul,.wy-menu-vertical .toctree-l6.current .toctree-l7>ul,.wy-menu-vertical .toctree-l7.current .toctree-l8>ul,.wy-menu-vertical .toctree-l8.current .toctree-l9>ul,.wy-menu-vertical .toctree-l9.current .toctree-l10>ul,.wy-menu-vertical .toctree-l10.current .toctree-l11>ul{display:none}.wy-menu-vertical .toctree-l1.current .current.toctree-l2>ul,.wy-menu-vertical .toctree-l2.current .current.toctree-l3>ul,.wy-menu-vertical .toctree-l3.current .current.toctree-l4>ul,.wy-menu-vertical .toctree-l4.current .current.toctree-l5>ul,.wy-menu-vertical .toctree-l5.current .current.toctree-l6>ul,.wy-menu-vertical .toctree-l6.current .current.toctree-l7>ul,.wy-menu-vertical .toctree-l7.current .current.toctree-l8>ul,.wy-menu-vertical .toctree-l8.current .current.toctree-l9>ul,.wy-menu-vertical .toctree-l9.current .current.toctree-l10>ul,.wy-menu-vertical .toctree-l10.current .current.toctree-l11>ul{display:block}.wy-menu-vertical li.toctree-l3,.wy-menu-vertical li.toctree-l4{font-size:.9em}.wy-menu-vertical li.toctree-l2 a,.wy-menu-vertical li.toctree-l3 a,.wy-menu-vertical li.toctree-l4 a,.wy-menu-vertical li.toctree-l5 a,.wy-menu-vertical li.toctree-l6 a,.wy-menu-vertical li.toctree-l7 a,.wy-menu-vertical li.toctree-l8 a,.wy-menu-vertical li.toctree-l9 a,.wy-menu-vertical li.toctree-l10 a{color:#404040}.wy-menu-vertical li.toctree-l2 a:hover button.toctree-expand,.wy-menu-vertical li.toctree-l3 a:hover button.toctree-expand,.wy-menu-vertical li.toctree-l4 a:hover button.toctree-expand,.wy-menu-vertical li.toctree-l5 a:hover button.toctree-expand,.wy-menu-vertical li.toctree-l6 a:hover button.toctree-expand,.wy-menu-vertical li.toctree-l7 a:hover button.toctree-expand,.wy-menu-vertical li.toctree-l8 a:hover button.toctree-expand,.wy-menu-vertical li.toctree-l9 a:hover button.toctree-expand,.wy-menu-vertical li.toctree-l10 a:hover button.toctree-expand{color:grey}.wy-menu-vertical li.toctree-l2.current li.toctree-l3>a,.wy-menu-vertical li.toctree-l3.current li.toctree-l4>a,.wy-menu-vertical li.toctree-l4.current li.toctree-l5>a,.wy-menu-vertical li.toctree-l5.current li.toctree-l6>a,.wy-menu-vertical li.toctree-l6.current li.toctree-l7>a,.wy-menu-vertical li.toctree-l7.current li.toctree-l8>a,.wy-menu-vertical li.toctree-l8.current li.toctree-l9>a,.wy-menu-vertical li.toctree-l9.current li.toctree-l10>a,.wy-menu-vertical li.toctree-l10.current li.toctree-l11>a{display:block}.wy-menu-vertical li.toctree-l2.current>a{padding:.4045em 2.427em}.wy-menu-vertical li.toctree-l2.current li.toctree-l3>a{padding:.4045em 1.618em .4045em 4.045em}.wy-menu-vertical li.toctree-l3.current>a{padding:.4045em 4.045em}.wy-menu-vertical li.toctree-l3.current li.toctree-l4>a{padding:.4045em 1.618em .4045em 5.663em}.wy-menu-vertical li.toctree-l4.current>a{padding:.4045em 5.663em}.wy-menu-vertical li.toctree-l4.current li.toctree-l5>a{padding:.4045em 1.618em .4045em 7.281em}.wy-menu-vertical li.toctree-l5.current>a{padding:.4045em 7.281em}.wy-menu-vertical li.toctree-l5.current li.toctree-l6>a{padding:.4045em 1.618em .4045em 8.899em}.wy-menu-vertical li.toctree-l6.current>a{padding:.4045em 8.899em}.wy-menu-vertical li.toctree-l6.current li.toctree-l7>a{padding:.4045em 1.618em .4045em 10.517em}.wy-menu-vertical li.toctree-l7.current>a{padding:.4045em 10.517em}.wy-menu-vertical li.toctree-l7.current li.toctree-l8>a{padding:.4045em 1.618em .4045em 12.135em}.wy-menu-vertical li.toctree-l8.current>a{padding:.4045em 12.135em}.wy-menu-vertical li.toctree-l8.current li.toctree-l9>a{padding:.4045em 1.618em .4045em 13.753em}.wy-menu-vertical li.toctree-l9.current>a{padding:.4045em 13.753em}.wy-menu-vertical li.toctree-l9.current li.toctree-l10>a{padding:.4045em 1.618em .4045em 15.371em}.wy-menu-vertical li.toctree-l10.current>a{padding:.4045em 15.371em}.wy-menu-vertical li.toctree-l10.current li.toctree-l11>a{padding:.4045em 1.618em .4045em 16.989em}.wy-menu-vertical li.toctree-l2.current>a,.wy-menu-vertical li.toctree-l2.current li.toctree-l3>a{background:#c9c9c9}.wy-menu-vertical li.toctree-l2 button.toctree-expand{color:#a3a3a3}.wy-menu-vertical li.toctree-l3.current>a,.wy-menu-vertical li.toctree-l3.current li.toctree-l4>a{background:#bdbdbd}.wy-menu-vertical li.toctree-l3 button.toctree-expand{color:#969696}.wy-menu-vertical li.current ul{display:block}.wy-menu-vertical li ul{margin-bottom:0;display:none}.wy-menu-vertical li ul li a{margin-bottom:0;color:#d9d9d9;font-weight:400}.wy-menu-vertical a{line-height:18px;padding:.4045em 1.618em;display:block;position:relative;font-size:90%;color:#d9d9d9}.wy-menu-vertical a:hover{background-color:#4e4a4a;cursor:pointer}.wy-menu-vertical a:hover button.toctree-expand{color:#d9d9d9}.wy-menu-vertical a:active{background-color:#2980b9;cursor:pointer;color:#fff}.wy-menu-vertical a:active button.toctree-expand{color:#fff}.wy-side-nav-search{display:block;width:300px;padding:.809em;margin-bottom:.809em;z-index:200;background-color:#2980b9;text-align:center;color:#fcfcfc}.wy-side-nav-search input[type=text]{width:100%;border-radius:50px;padding:6px 12px;border-color:#2472a4}.wy-side-nav-search img{display:block;margin:auto auto .809em;height:45px;width:45px;background-color:#2980b9;padding:5px;border-radius:100%}.wy-side-nav-search .wy-dropdown>a,.wy-side-nav-search>a{color:#fcfcfc;font-size:100%;font-weight:700;display:inline-block;padding:4px 6px;margin-bottom:.809em;max-width:100%}.wy-side-nav-search .wy-dropdown>a:hover,.wy-side-nav-search>a:hover{background:hsla(0,0%,100%,.1)}.wy-side-nav-search .wy-dropdown>a img.logo,.wy-side-nav-search>a img.logo{display:block;margin:0 auto;height:auto;width:auto;border-radius:0;max-width:100%;background:transparent}.wy-side-nav-search .wy-dropdown>a.icon img.logo,.wy-side-nav-search>a.icon img.logo{margin-top:.85em}.wy-side-nav-search>div.version{margin-top:-.4045em;margin-bottom:.809em;font-weight:400;color:hsla(0,0%,100%,.3)}.wy-nav .wy-menu-vertical header{color:#2980b9}.wy-nav .wy-menu-vertical a{color:#b3b3b3}.wy-nav .wy-menu-vertical a:hover{background-color:#2980b9;color:#fff}[data-menu-wrap]{-webkit-transition:all .2s ease-in;-moz-transition:all .2s ease-in;transition:all .2s ease-in;position:absolute;opacity:1;width:100%;opacity:0}[data-menu-wrap].move-center{left:0;right:auto;opacity:1}[data-menu-wrap].move-left{right:auto;left:-100%;opacity:0}[data-menu-wrap].move-right{right:-100%;left:auto;opacity:0}.wy-body-for-nav{background:#fcfcfc}.wy-grid-for-nav{position:absolute;width:100%;height:100%}.wy-nav-side{position:fixed;top:0;bottom:0;left:0;padding-bottom:2em;width:300px;overflow-x:hidden;overflow-y:hidden;min-height:100%;color:#9b9b9b;background:#343131;z-index:200}.wy-side-scroll{width:320px;position:relative;overflow-x:hidden;overflow-y:scroll;height:100%}.wy-nav-top{display:none;background:#2980b9;color:#fff;padding:.4045em .809em;position:relative;line-height:50px;text-align:center;font-size:100%;*zoom:1}.wy-nav-top:after,.wy-nav-top:before{display:table;content:""}.wy-nav-top:after{clear:both}.wy-nav-top a{color:#fff;font-weight:700}.wy-nav-top img{margin-right:12px;height:45px;width:45px;background-color:#2980b9;padding:5px;border-radius:100%}.wy-nav-top i{font-size:30px;float:left;cursor:pointer;padding-top:inherit}.wy-nav-content-wrap{margin-left:300px;background:#fcfcfc;min-height:100%}.wy-nav-content{padding:1.618em 3.236em;height:100%;max-width:800px;margin:auto}.wy-body-mask{position:fixed;width:100%;height:100%;background:rgba(0,0,0,.2);display:none;z-index:499}.wy-body-mask.on{display:block}footer{color:grey}footer p{margin-bottom:12px}.rst-content footer span.commit tt,footer span.commit .rst-content tt,footer span.commit code{padding:0;font-family:SFMono-Regular,Menlo,Monaco,Consolas,Liberation Mono,Courier New,Courier,monospace;font-size:1em;background:none;border:none;color:grey}.rst-footer-buttons{*zoom:1}.rst-footer-buttons:after,.rst-footer-buttons:before{width:100%;display:table;content:""}.rst-footer-buttons:after{clear:both}.rst-breadcrumbs-buttons{margin-top:12px;*zoom:1}.rst-breadcrumbs-buttons:after,.rst-breadcrumbs-buttons:before{display:table;content:""}.rst-breadcrumbs-buttons:after{clear:both}#search-results .search li{margin-bottom:24px;border-bottom:1px solid #e1e4e5;padding-bottom:24px}#search-results .search li:first-child{border-top:1px solid #e1e4e5;padding-top:24px}#search-results .search li a{font-size:120%;margin-bottom:12px;display:inline-block}#search-results .context{color:grey;font-size:90%}.genindextable li>ul{margin-left:24px}@media screen and (max-width:768px){.wy-body-for-nav{background:#fcfcfc}.wy-nav-top{display:block}.wy-nav-side{left:-300px}.wy-nav-side.shift{width:85%;left:0}.wy-menu.wy-menu-vertical,.wy-side-nav-search,.wy-side-scroll{width:auto}.wy-nav-content-wrap{margin-left:0}.wy-nav-content-wrap .wy-nav-content{padding:1.618em}.wy-nav-content-wrap.shift{position:fixed;min-width:100%;left:85%;top:0;height:100%;overflow:hidden}}@media screen and (min-width:1100px){.wy-nav-content-wrap{background:rgba(0,0,0,.05)}.wy-nav-content{margin:0;background:#fcfcfc}}@media print{.rst-versions,.wy-nav-side,footer{display:none}.wy-nav-content-wrap{margin-left:0}}.rst-versions{position:fixed;bottom:0;left:0;width:300px;color:#fcfcfc;background:#1f1d1d;font-family:Lato,proxima-nova,Helvetica Neue,Arial,sans-serif;z-index:400}.rst-versions a{color:#2980b9;text-decoration:none}.rst-versions .rst-badge-small{display:none}.rst-versions .rst-current-version{padding:12px;background-color:#272525;display:block;text-align:right;font-size:90%;cursor:pointer;color:#27ae60;*zoom:1}.rst-versions .rst-current-version:after,.rst-versions .rst-current-version:before{display:table;content:""}.rst-versions .rst-current-version:after{clear:both}.rst-content .code-block-caption .rst-versions .rst-current-version .headerlink,.rst-content .eqno .rst-versions .rst-current-version .headerlink,.rst-content .rst-versions .rst-current-version .admonition-title,.rst-content code.download .rst-versions .rst-current-version span:first-child,.rst-content dl dt .rst-versions .rst-current-version .headerlink,.rst-content h1 .rst-versions .rst-current-version .headerlink,.rst-content h2 .rst-versions .rst-current-version .headerlink,.rst-content h3 .rst-versions .rst-current-version .headerlink,.rst-content h4 .rst-versions .rst-current-version .headerlink,.rst-content h5 .rst-versions .rst-current-version .headerlink,.rst-content h6 .rst-versions .rst-current-version .headerlink,.rst-content p .rst-versions .rst-current-version .headerlink,.rst-content table>caption .rst-versions .rst-current-version .headerlink,.rst-content tt.download .rst-versions .rst-current-version span:first-child,.rst-versions .rst-current-version .fa,.rst-versions .rst-current-version .icon,.rst-versions .rst-current-version .rst-content .admonition-title,.rst-versions .rst-current-version .rst-content .code-block-caption .headerlink,.rst-versions .rst-current-version .rst-content .eqno .headerlink,.rst-versions .rst-current-version .rst-content code.download span:first-child,.rst-versions .rst-current-version .rst-content dl dt .headerlink,.rst-versions .rst-current-version .rst-content h1 .headerlink,.rst-versions .rst-current-version .rst-content h2 .headerlink,.rst-versions .rst-current-version .rst-content h3 .headerlink,.rst-versions .rst-current-version .rst-content h4 .headerlink,.rst-versions .rst-current-version .rst-content h5 .headerlink,.rst-versions .rst-current-version .rst-content h6 .headerlink,.rst-versions .rst-current-version .rst-content p .headerlink,.rst-versions .rst-current-version .rst-content table>caption .headerlink,.rst-versions .rst-current-version .rst-content tt.download span:first-child,.rst-versions .rst-current-version .wy-menu-vertical li button.toctree-expand,.wy-menu-vertical li .rst-versions .rst-current-version button.toctree-expand{color:#fcfcfc}.rst-versions .rst-current-version .fa-book,.rst-versions .rst-current-version .icon-book{float:left}.rst-versions .rst-current-version.rst-out-of-date{background-color:#e74c3c;color:#fff}.rst-versions .rst-current-version.rst-active-old-version{background-color:#f1c40f;color:#000}.rst-versions.shift-up{height:auto;max-height:100%;overflow-y:scroll}.rst-versions.shift-up .rst-other-versions{display:block}.rst-versions .rst-other-versions{font-size:90%;padding:12px;color:grey;display:none}.rst-versions .rst-other-versions hr{display:block;height:1px;border:0;margin:20px 0;padding:0;border-top:1px solid #413d3d}.rst-versions .rst-other-versions dd{display:inline-block;margin:0}.rst-versions .rst-other-versions dd a{display:inline-block;padding:6px;color:#fcfcfc}.rst-versions.rst-badge{width:auto;bottom:20px;right:20px;left:auto;border:none;max-width:300px;max-height:90%}.rst-versions.rst-badge .fa-book,.rst-versions.rst-badge .icon-book{float:none;line-height:30px}.rst-versions.rst-badge.shift-up .rst-current-version{text-align:right}.rst-versions.rst-badge.shift-up .rst-current-version .fa-book,.rst-versions.rst-badge.shift-up .rst-current-version .icon-book{float:left}.rst-versions.rst-badge>.rst-current-version{width:auto;height:30px;line-height:30px;padding:0 6px;display:block;text-align:center}@media screen and (max-width:768px){.rst-versions{width:85%;display:none}.rst-versions.shift{display:block}}.rst-content .toctree-wrapper>p.caption,.rst-content h1,.rst-content h2,.rst-content h3,.rst-content h4,.rst-content h5,.rst-content h6{margin-bottom:24px}.rst-content img{max-width:100%;height:auto}.rst-content div.figure,.rst-content figure{margin-bottom:24px}.rst-content div.figure .caption-text,.rst-content figure .caption-text{font-style:italic}.rst-content div.figure p:last-child.caption,.rst-content figure p:last-child.caption{margin-bottom:0}.rst-content div.figure.align-center,.rst-content figure.align-center{text-align:center}.rst-content .section>a>img,.rst-content .section>img,.rst-content section>a>img,.rst-content section>img{margin-bottom:24px}.rst-content abbr[title]{text-decoration:none}.rst-content.style-external-links a.reference.external:after{font-family:FontAwesome;content:"\f08e";color:#b3b3b3;vertical-align:super;font-size:60%;margin:0 .2em}.rst-content blockquote{margin-left:24px;line-height:24px;margin-bottom:24px}.rst-content pre.literal-block{white-space:pre;margin:0;padding:12px;font-family:SFMono-Regular,Menlo,Monaco,Consolas,Liberation Mono,Courier New,Courier,monospace;display:block;overflow:auto}.rst-content div[class^=highlight],.rst-content pre.literal-block{border:1px solid #e1e4e5;overflow-x:auto;margin:1px 0 24px}.rst-content div[class^=highlight] div[class^=highlight],.rst-content pre.literal-block div[class^=highlight]{padding:0;border:none;margin:0}.rst-content div[class^=highlight] td.code{width:100%}.rst-content .linenodiv pre{border-right:1px solid #e6e9ea;margin:0;padding:12px;font-family:SFMono-Regular,Menlo,Monaco,Consolas,Liberation Mono,Courier New,Courier,monospace;user-select:none;pointer-events:none}.rst-content div[class^=highlight] pre{white-space:pre;margin:0;padding:12px;display:block;overflow:auto}.rst-content div[class^=highlight] pre .hll{display:block;margin:0 -12px;padding:0 12px}.rst-content .linenodiv pre,.rst-content div[class^=highlight] pre,.rst-content pre.literal-block{font-family:SFMono-Regular,Menlo,Monaco,Consolas,Liberation Mono,Courier New,Courier,monospace;font-size:12px;line-height:1.4}.rst-content div.highlight .gp,.rst-content div.highlight span.linenos{user-select:none;pointer-events:none}.rst-content div.highlight span.linenos{display:inline-block;padding-left:0;padding-right:12px;margin-right:12px;border-right:1px solid #e6e9ea}.rst-content .code-block-caption{font-style:italic;font-size:85%;line-height:1;padding:1em 0;text-align:center}@media print{.rst-content .codeblock,.rst-content div[class^=highlight],.rst-content div[class^=highlight] pre{white-space:pre-wrap}}.rst-content .admonition,.rst-content .admonition-todo,.rst-content .attention,.rst-content .caution,.rst-content .danger,.rst-content .error,.rst-content .hint,.rst-content .important,.rst-content .note,.rst-content .seealso,.rst-content .tip,.rst-content .warning{clear:both}.rst-content .admonition-todo .last,.rst-content .admonition-todo>:last-child,.rst-content .admonition .last,.rst-content .admonition>:last-child,.rst-content .attention .last,.rst-content .attention>:last-child,.rst-content .caution .last,.rst-content .caution>:last-child,.rst-content .danger .last,.rst-content .danger>:last-child,.rst-content .error .last,.rst-content .error>:last-child,.rst-content .hint .last,.rst-content .hint>:last-child,.rst-content .important .last,.rst-content .important>:last-child,.rst-content .note .last,.rst-content .note>:last-child,.rst-content .seealso .last,.rst-content .seealso>:last-child,.rst-content .tip .last,.rst-content .tip>:last-child,.rst-content .warning .last,.rst-content .warning>:last-child{margin-bottom:0}.rst-content .admonition-title:before{margin-right:4px}.rst-content .admonition table{border-color:rgba(0,0,0,.1)}.rst-content .admonition table td,.rst-content .admonition table th{background:transparent!important;border-color:rgba(0,0,0,.1)!important}.rst-content .section ol.loweralpha,.rst-content .section ol.loweralpha>li,.rst-content .toctree-wrapper ol.loweralpha,.rst-content .toctree-wrapper ol.loweralpha>li,.rst-content section ol.loweralpha,.rst-content section ol.loweralpha>li{list-style:lower-alpha}.rst-content .section ol.upperalpha,.rst-content .section ol.upperalpha>li,.rst-content .toctree-wrapper ol.upperalpha,.rst-content .toctree-wrapper ol.upperalpha>li,.rst-content section ol.upperalpha,.rst-content section ol.upperalpha>li{list-style:upper-alpha}.rst-content .section ol li>*,.rst-content .section ul li>*,.rst-content .toctree-wrapper ol li>*,.rst-content .toctree-wrapper ul li>*,.rst-content section ol li>*,.rst-content section ul li>*{margin-top:12px;margin-bottom:12px}.rst-content .section ol li>:first-child,.rst-content .section ul li>:first-child,.rst-content .toctree-wrapper ol li>:first-child,.rst-content .toctree-wrapper ul li>:first-child,.rst-content section ol li>:first-child,.rst-content section ul li>:first-child{margin-top:0}.rst-content .section ol li>p,.rst-content .section ol li>p:last-child,.rst-content .section ul li>p,.rst-content .section ul li>p:last-child,.rst-content .toctree-wrapper ol li>p,.rst-content .toctree-wrapper ol li>p:last-child,.rst-content .toctree-wrapper ul li>p,.rst-content .toctree-wrapper ul li>p:last-child,.rst-content section ol li>p,.rst-content section ol li>p:last-child,.rst-content section ul li>p,.rst-content section ul li>p:last-child{margin-bottom:12px}.rst-content .section ol li>p:only-child,.rst-content .section ol li>p:only-child:last-child,.rst-content .section ul li>p:only-child,.rst-content .section ul li>p:only-child:last-child,.rst-content .toctree-wrapper ol li>p:only-child,.rst-content .toctree-wrapper ol li>p:only-child:last-child,.rst-content .toctree-wrapper ul li>p:only-child,.rst-content .toctree-wrapper ul li>p:only-child:last-child,.rst-content section ol li>p:only-child,.rst-content section ol li>p:only-child:last-child,.rst-content section ul li>p:only-child,.rst-content section ul li>p:only-child:last-child{margin-bottom:0}.rst-content .section ol li>ol,.rst-content .section ol li>ul,.rst-content .section ul li>ol,.rst-content .section ul li>ul,.rst-content .toctree-wrapper ol li>ol,.rst-content .toctree-wrapper ol li>ul,.rst-content .toctree-wrapper ul li>ol,.rst-content .toctree-wrapper ul li>ul,.rst-content section ol li>ol,.rst-content section ol li>ul,.rst-content section ul li>ol,.rst-content section ul li>ul{margin-bottom:12px}.rst-content .section ol.simple li>*,.rst-content .section ol.simple li ol,.rst-content .section ol.simple li ul,.rst-content .section ul.simple li>*,.rst-content .section ul.simple li ol,.rst-content .section ul.simple li ul,.rst-content .toctree-wrapper ol.simple li>*,.rst-content .toctree-wrapper ol.simple li ol,.rst-content .toctree-wrapper ol.simple li ul,.rst-content .toctree-wrapper ul.simple li>*,.rst-content .toctree-wrapper ul.simple li ol,.rst-content .toctree-wrapper ul.simple li ul,.rst-content section ol.simple li>*,.rst-content section ol.simple li ol,.rst-content section ol.simple li ul,.rst-content section ul.simple li>*,.rst-content section ul.simple li ol,.rst-content section ul.simple li ul{margin-top:0;margin-bottom:0}.rst-content .line-block{margin-left:0;margin-bottom:24px;line-height:24px}.rst-content .line-block .line-block{margin-left:24px;margin-bottom:0}.rst-content .topic-title{font-weight:700;margin-bottom:12px}.rst-content .toc-backref{color:#404040}.rst-content .align-right{float:right;margin:0 0 24px 24px}.rst-content .align-left{float:left;margin:0 24px 24px 0}.rst-content .align-center{margin:auto}.rst-content .align-center:not(table){display:block}.rst-content .code-block-caption .headerlink,.rst-content .eqno .headerlink,.rst-content .toctree-wrapper>p.caption .headerlink,.rst-content dl dt .headerlink,.rst-content h1 .headerlink,.rst-content h2 .headerlink,.rst-content h3 .headerlink,.rst-content h4 .headerlink,.rst-content h5 .headerlink,.rst-content h6 .headerlink,.rst-content p.caption .headerlink,.rst-content p .headerlink,.rst-content table>caption .headerlink{opacity:0;font-size:14px;font-family:FontAwesome;margin-left:.5em}.rst-content .code-block-caption .headerlink:focus,.rst-content .code-block-caption:hover .headerlink,.rst-content .eqno .headerlink:focus,.rst-content .eqno:hover .headerlink,.rst-content .toctree-wrapper>p.caption .headerlink:focus,.rst-content .toctree-wrapper>p.caption:hover .headerlink,.rst-content dl dt .headerlink:focus,.rst-content dl dt:hover .headerlink,.rst-content h1 .headerlink:focus,.rst-content h1:hover .headerlink,.rst-content h2 .headerlink:focus,.rst-content h2:hover .headerlink,.rst-content h3 .headerlink:focus,.rst-content h3:hover .headerlink,.rst-content h4 .headerlink:focus,.rst-content h4:hover .headerlink,.rst-content h5 .headerlink:focus,.rst-content h5:hover .headerlink,.rst-content h6 .headerlink:focus,.rst-content h6:hover .headerlink,.rst-content p.caption .headerlink:focus,.rst-content p.caption:hover .headerlink,.rst-content p .headerlink:focus,.rst-content p:hover .headerlink,.rst-content table>caption .headerlink:focus,.rst-content table>caption:hover .headerlink{opacity:1}.rst-content p a{overflow-wrap:anywhere}.rst-content .wy-table td p,.rst-content .wy-table td ul,.rst-content .wy-table th p,.rst-content .wy-table th ul,.rst-content table.docutils td p,.rst-content table.docutils td ul,.rst-content table.docutils th p,.rst-content table.docutils th ul,.rst-content table.field-list td p,.rst-content table.field-list td ul,.rst-content table.field-list th p,.rst-content table.field-list th ul{font-size:inherit}.rst-content .btn:focus{outline:2px solid}.rst-content table>caption .headerlink:after{font-size:12px}.rst-content .centered{text-align:center}.rst-content .sidebar{float:right;width:40%;display:block;margin:0 0 24px 24px;padding:24px;background:#f3f6f6;border:1px solid #e1e4e5}.rst-content .sidebar dl,.rst-content .sidebar p,.rst-content .sidebar ul{font-size:90%}.rst-content .sidebar .last,.rst-content .sidebar>:last-child{margin-bottom:0}.rst-content .sidebar .sidebar-title{display:block;font-family:Roboto Slab,ff-tisa-web-pro,Georgia,Arial,sans-serif;font-weight:700;background:#e1e4e5;padding:6px 12px;margin:-24px -24px 24px;font-size:100%}.rst-content .highlighted{background:#f1c40f;box-shadow:0 0 0 2px #f1c40f;display:inline;font-weight:700}.rst-content .citation-reference,.rst-content .footnote-reference{vertical-align:baseline;position:relative;top:-.4em;line-height:0;font-size:90%}.rst-content .citation-reference>span.fn-bracket,.rst-content .footnote-reference>span.fn-bracket{display:none}.rst-content .hlist{width:100%}.rst-content dl dt span.classifier:before{content:" : "}.rst-content dl dt span.classifier-delimiter{display:none!important}html.writer-html4 .rst-content table.docutils.citation,html.writer-html4 .rst-content table.docutils.footnote{background:none;border:none}html.writer-html4 .rst-content table.docutils.citation td,html.writer-html4 .rst-content table.docutils.citation tr,html.writer-html4 .rst-content table.docutils.footnote td,html.writer-html4 .rst-content table.docutils.footnote tr{border:none;background-color:transparent!important;white-space:normal}html.writer-html4 .rst-content table.docutils.citation td.label,html.writer-html4 .rst-content table.docutils.footnote td.label{padding-left:0;padding-right:0;vertical-align:top}html.writer-html5 .rst-content dl.citation,html.writer-html5 .rst-content dl.field-list,html.writer-html5 .rst-content dl.footnote{display:grid;grid-template-columns:auto minmax(80%,95%)}html.writer-html5 .rst-content dl.citation>dt,html.writer-html5 .rst-content dl.field-list>dt,html.writer-html5 .rst-content dl.footnote>dt{display:inline-grid;grid-template-columns:max-content auto}html.writer-html5 .rst-content aside.citation,html.writer-html5 .rst-content aside.footnote,html.writer-html5 .rst-content div.citation{display:grid;grid-template-columns:auto auto minmax(.65rem,auto) minmax(40%,95%)}html.writer-html5 .rst-content aside.citation>span.label,html.writer-html5 .rst-content aside.footnote>span.label,html.writer-html5 .rst-content div.citation>span.label{grid-column-start:1;grid-column-end:2}html.writer-html5 .rst-content aside.citation>span.backrefs,html.writer-html5 .rst-content aside.footnote>span.backrefs,html.writer-html5 .rst-content div.citation>span.backrefs{grid-column-start:2;grid-column-end:3;grid-row-start:1;grid-row-end:3}html.writer-html5 .rst-content aside.citation>p,html.writer-html5 .rst-content aside.footnote>p,html.writer-html5 .rst-content div.citation>p{grid-column-start:4;grid-column-end:5}html.writer-html5 .rst-content dl.citation,html.writer-html5 .rst-content dl.field-list,html.writer-html5 .rst-content dl.footnote{margin-bottom:24px}html.writer-html5 .rst-content dl.citation>dt,html.writer-html5 .rst-content dl.field-list>dt,html.writer-html5 .rst-content dl.footnote>dt{padding-left:1rem}html.writer-html5 .rst-content dl.citation>dd,html.writer-html5 .rst-content dl.citation>dt,html.writer-html5 .rst-content dl.field-list>dd,html.writer-html5 .rst-content dl.field-list>dt,html.writer-html5 .rst-content dl.footnote>dd,html.writer-html5 .rst-content dl.footnote>dt{margin-bottom:0}html.writer-html5 .rst-content dl.citation,html.writer-html5 .rst-content dl.footnote{font-size:.9rem}html.writer-html5 .rst-content dl.citation>dt,html.writer-html5 .rst-content dl.footnote>dt{margin:0 .5rem .5rem 0;line-height:1.2rem;word-break:break-all;font-weight:400}html.writer-html5 .rst-content dl.citation>dt>span.brackets:before,html.writer-html5 .rst-content dl.footnote>dt>span.brackets:before{content:"["}html.writer-html5 .rst-content dl.citation>dt>span.brackets:after,html.writer-html5 .rst-content dl.footnote>dt>span.brackets:after{content:"]"}html.writer-html5 .rst-content dl.citation>dt>span.fn-backref,html.writer-html5 .rst-content dl.footnote>dt>span.fn-backref{text-align:left;font-style:italic;margin-left:.65rem;word-break:break-word;word-spacing:-.1rem;max-width:5rem}html.writer-html5 .rst-content dl.citation>dt>span.fn-backref>a,html.writer-html5 .rst-content dl.footnote>dt>span.fn-backref>a{word-break:keep-all}html.writer-html5 .rst-content dl.citation>dt>span.fn-backref>a:not(:first-child):before,html.writer-html5 .rst-content dl.footnote>dt>span.fn-backref>a:not(:first-child):before{content:" "}html.writer-html5 .rst-content dl.citation>dd,html.writer-html5 .rst-content dl.footnote>dd{margin:0 0 .5rem;line-height:1.2rem}html.writer-html5 .rst-content dl.citation>dd p,html.writer-html5 .rst-content dl.footnote>dd p{font-size:.9rem}html.writer-html5 .rst-content aside.citation,html.writer-html5 .rst-content aside.footnote,html.writer-html5 .rst-content div.citation{padding-left:1rem;padding-right:1rem;font-size:.9rem;line-height:1.2rem}html.writer-html5 .rst-content aside.citation p,html.writer-html5 .rst-content aside.footnote p,html.writer-html5 .rst-content div.citation p{font-size:.9rem;line-height:1.2rem;margin-bottom:12px}html.writer-html5 .rst-content aside.citation span.backrefs,html.writer-html5 .rst-content aside.footnote span.backrefs,html.writer-html5 .rst-content div.citation span.backrefs{text-align:left;font-style:italic;margin-left:.65rem;word-break:break-word;word-spacing:-.1rem;max-width:5rem}html.writer-html5 .rst-content aside.citation span.backrefs>a,html.writer-html5 .rst-content aside.footnote span.backrefs>a,html.writer-html5 .rst-content div.citation span.backrefs>a{word-break:keep-all}html.writer-html5 .rst-content aside.citation span.backrefs>a:not(:first-child):before,html.writer-html5 .rst-content aside.footnote span.backrefs>a:not(:first-child):before,html.writer-html5 .rst-content div.citation span.backrefs>a:not(:first-child):before{content:" "}html.writer-html5 .rst-content aside.citation span.label,html.writer-html5 .rst-content aside.footnote span.label,html.writer-html5 .rst-content div.citation span.label{line-height:1.2rem}html.writer-html5 .rst-content aside.citation-list,html.writer-html5 .rst-content aside.footnote-list,html.writer-html5 .rst-content div.citation-list{margin-bottom:24px}html.writer-html5 .rst-content dl.option-list kbd{font-size:.9rem}.rst-content table.docutils.footnote,html.writer-html4 .rst-content table.docutils.citation,html.writer-html5 .rst-content aside.footnote,html.writer-html5 .rst-content aside.footnote-list aside.footnote,html.writer-html5 .rst-content div.citation-list>div.citation,html.writer-html5 .rst-content dl.citation,html.writer-html5 .rst-content dl.footnote{color:grey}.rst-content table.docutils.footnote code,.rst-content table.docutils.footnote tt,html.writer-html4 .rst-content table.docutils.citation code,html.writer-html4 .rst-content table.docutils.citation tt,html.writer-html5 .rst-content aside.footnote-list aside.footnote code,html.writer-html5 .rst-content aside.footnote-list aside.footnote tt,html.writer-html5 .rst-content aside.footnote code,html.writer-html5 .rst-content aside.footnote tt,html.writer-html5 .rst-content div.citation-list>div.citation code,html.writer-html5 .rst-content div.citation-list>div.citation tt,html.writer-html5 .rst-content dl.citation code,html.writer-html5 .rst-content dl.citation tt,html.writer-html5 .rst-content dl.footnote code,html.writer-html5 .rst-content dl.footnote tt{color:#555}.rst-content .wy-table-responsive.citation,.rst-content .wy-table-responsive.footnote{margin-bottom:0}.rst-content .wy-table-responsive.citation+:not(.citation),.rst-content .wy-table-responsive.footnote+:not(.footnote){margin-top:24px}.rst-content .wy-table-responsive.citation:last-child,.rst-content .wy-table-responsive.footnote:last-child{margin-bottom:24px}.rst-content table.docutils th{border-color:#e1e4e5}html.writer-html5 .rst-content table.docutils th{border:1px solid #e1e4e5}html.writer-html5 .rst-content table.docutils td>p,html.writer-html5 .rst-content table.docutils th>p{line-height:1rem;margin-bottom:0;font-size:.9rem}.rst-content table.docutils td .last,.rst-content table.docutils td .last>:last-child{margin-bottom:0}.rst-content table.field-list,.rst-content table.field-list td{border:none}.rst-content table.field-list td p{line-height:inherit}.rst-content table.field-list td>strong{display:inline-block}.rst-content table.field-list .field-name{padding-right:10px;text-align:left;white-space:nowrap}.rst-content table.field-list .field-body{text-align:left}.rst-content code,.rst-content tt{color:#000;font-family:SFMono-Regular,Menlo,Monaco,Consolas,Liberation Mono,Courier New,Courier,monospace;padding:2px 5px}.rst-content code big,.rst-content code em,.rst-content tt big,.rst-content tt em{font-size:100%!important;line-height:normal}.rst-content code.literal,.rst-content tt.literal{color:#e74c3c;white-space:normal}.rst-content code.xref,.rst-content tt.xref,a .rst-content code,a .rst-content tt{font-weight:700;color:#404040;overflow-wrap:normal}.rst-content kbd,.rst-content pre,.rst-content samp{font-family:SFMono-Regular,Menlo,Monaco,Consolas,Liberation Mono,Courier New,Courier,monospace}.rst-content a code,.rst-content a tt{color:#2980b9}.rst-content dl{margin-bottom:24px}.rst-content dl dt{font-weight:700;margin-bottom:12px}.rst-content dl ol,.rst-content dl p,.rst-content dl table,.rst-content dl ul{margin-bottom:12px}.rst-content dl dd{margin:0 0 12px 24px;line-height:24px}.rst-content dl dd>ol:last-child,.rst-content dl dd>p:last-child,.rst-content dl dd>table:last-child,.rst-content dl dd>ul:last-child{margin-bottom:0}html.writer-html4 .rst-content dl:not(.docutils),html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple){margin-bottom:24px}html.writer-html4 .rst-content dl:not(.docutils)>dt,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple)>dt{display:table;margin:6px 0;font-size:90%;line-height:normal;background:#e7f2fa;color:#2980b9;border-top:3px solid #6ab0de;padding:6px;position:relative}html.writer-html4 .rst-content dl:not(.docutils)>dt:before,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple)>dt:before{color:#6ab0de}html.writer-html4 .rst-content dl:not(.docutils)>dt .headerlink,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple)>dt .headerlink{color:#404040;font-size:100%!important}html.writer-html4 .rst-content dl:not(.docutils) dl:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple)>dt,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) dl:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple)>dt{margin-bottom:6px;border:none;border-left:3px solid #ccc;background:#f0f0f0;color:#555}html.writer-html4 .rst-content dl:not(.docutils) dl:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple)>dt .headerlink,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) dl:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple)>dt .headerlink{color:#404040;font-size:100%!important}html.writer-html4 .rst-content dl:not(.docutils)>dt:first-child,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple)>dt:first-child{margin-top:0}html.writer-html4 .rst-content dl:not(.docutils) code.descclassname,html.writer-html4 .rst-content dl:not(.docutils) code.descname,html.writer-html4 .rst-content dl:not(.docutils) tt.descclassname,html.writer-html4 .rst-content dl:not(.docutils) tt.descname,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) code.descclassname,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) code.descname,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) tt.descclassname,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) tt.descname{background-color:transparent;border:none;padding:0;font-size:100%!important}html.writer-html4 .rst-content dl:not(.docutils) code.descname,html.writer-html4 .rst-content dl:not(.docutils) tt.descname,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) code.descname,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) tt.descname{font-weight:700}html.writer-html4 .rst-content dl:not(.docutils) .optional,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) .optional{display:inline-block;padding:0 4px;color:#000;font-weight:700}html.writer-html4 .rst-content dl:not(.docutils) .property,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) .property{display:inline-block;padding-right:8px;max-width:100%}html.writer-html4 .rst-content dl:not(.docutils) .k,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) .k{font-style:italic}html.writer-html4 .rst-content dl:not(.docutils) .descclassname,html.writer-html4 .rst-content dl:not(.docutils) .descname,html.writer-html4 .rst-content dl:not(.docutils) .sig-name,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) .descclassname,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) .descname,html.writer-html5 .rst-content dl[class]:not(.option-list):not(.field-list):not(.footnote):not(.citation):not(.glossary):not(.simple) .sig-name{font-family:SFMono-Regular,Menlo,Monaco,Consolas,Liberation Mono,Courier New,Courier,monospace;color:#000}.rst-content .viewcode-back,.rst-content .viewcode-link{display:inline-block;color:#27ae60;font-size:80%;padding-left:24px}.rst-content .viewcode-back{display:block;float:right}.rst-content p.rubric{margin-bottom:12px;font-weight:700}.rst-content code.download,.rst-content tt.download{background:inherit;padding:inherit;font-weight:400;font-family:inherit;font-size:inherit;color:inherit;border:inherit;white-space:inherit}.rst-content code.download span:first-child,.rst-content tt.download span:first-child{-webkit-font-smoothing:subpixel-antialiased}.rst-content code.download span:first-child:before,.rst-content tt.download span:first-child:before{margin-right:4px}.rst-content .guilabel,.rst-content .menuselection{font-size:80%;font-weight:700;border-radius:4px;padding:2.4px 6px;margin:auto 2px}.rst-content .guilabel,.rst-content .menuselection{border:1px solid #7fbbe3;background:#e7f2fa}.rst-content :not(dl.option-list)>:not(dt):not(kbd):not(.kbd)>.kbd,.rst-content :not(dl.option-list)>:not(dt):not(kbd):not(.kbd)>kbd{color:inherit;font-size:80%;background-color:#fff;border:1px solid #a6a6a6;border-radius:4px;box-shadow:0 2px grey;padding:2.4px 6px;margin:auto 0}.rst-content .versionmodified{font-style:italic}@media screen and (max-width:480px){.rst-content .sidebar{width:100%}}span[id*=MathJax-Span]{color:#404040}.math{text-align:center}@font-face{font-family:Lato;src:url(fonts/lato-normal.woff2?bd03a2cc277bbbc338d464e679fe9942) format("woff2"),url(fonts/lato-normal.woff?27bd77b9162d388cb8d4c4217c7c5e2a) format("woff");font-weight:400;font-style:normal;font-display:block}@font-face{font-family:Lato;src:url(fonts/lato-bold.woff2?cccb897485813c7c256901dbca54ecf2) format("woff2"),url(fonts/lato-bold.woff?d878b6c29b10beca227e9eef4246111b) format("woff");font-weight:700;font-style:normal;font-display:block}@font-face{font-family:Lato;src:url(fonts/lato-bold-italic.woff2?0b6bb6725576b072c5d0b02ecdd1900d) format("woff2"),url(fonts/lato-bold-italic.woff?9c7e4e9eb485b4a121c760e61bc3707c) format("woff");font-weight:700;font-style:italic;font-display:block}@font-face{font-family:Lato;src:url(fonts/lato-normal-italic.woff2?4eb103b4d12be57cb1d040ed5e162e9d) format("woff2"),url(fonts/lato-normal-italic.woff?f28f2d6482446544ef1ea1ccc6dd5892) format("woff");font-weight:400;font-style:italic;font-display:block}@font-face{font-family:Roboto Slab;font-style:normal;font-weight:400;src:url(fonts/Roboto-Slab-Regular.woff2?7abf5b8d04d26a2cafea937019bca958) format("woff2"),url(fonts/Roboto-Slab-Regular.woff?c1be9284088d487c5e3ff0a10a92e58c) format("woff");font-display:block}@font-face{font-family:Roboto Slab;font-style:normal;font-weight:700;src:url(fonts/Roboto-Slab-Bold.woff2?9984f4a9bda09be08e83f2506954adbe) format("woff2"),url(fonts/Roboto-Slab-Bold.woff?bed5564a116b05148e3b3bea6fb1162a) format("woff");font-display:block}
\ No newline at end of file
diff --git a/docs/saml2/_static/default.css b/docs/saml2/_static/default.css
deleted file mode 100644
index 21f3f509..00000000
--- a/docs/saml2/_static/default.css
+++ /dev/null
@@ -1,256 +0,0 @@
-/*
- * default.css_t
- * ~~~~~~~~~~~~~
- *
- * Sphinx stylesheet -- default theme.
- *
- * :copyright: Copyright 2007-2011 by the Sphinx team, see AUTHORS.
- * :license: BSD, see LICENSE for details.
- *
- */
-
-@import url("basic.css");
-
-/* -- page layout ----------------------------------------------------------- */
-
-body {
-    font-family: sans-serif;
-    font-size: 100%;
-    background-color: #11303d;
-    color: #000;
-    margin: 0;
-    padding: 0;
-}
-
-div.document {
-    background-color: #1c4e63;
-}
-
-div.documentwrapper {
-    float: left;
-    width: 100%;
-}
-
-div.bodywrapper {
-    margin: 0 0 0 230px;
-}
-
-div.body {
-    background-color: #ffffff;
-    color: #000000;
-    padding: 0 20px 30px 20px;
-}
-
-div.footer {
-    color: #ffffff;
-    width: 100%;
-    padding: 9px 0 9px 0;
-    text-align: center;
-    font-size: 75%;
-}
-
-div.footer a {
-    color: #ffffff;
-    text-decoration: underline;
-}
-
-div.related {
-    background-color: #133f52;
-    line-height: 30px;
-    color: #ffffff;
-}
-
-div.related a {
-    color: #ffffff;
-}
-
-div.sphinxsidebar {
-}
-
-div.sphinxsidebar h3 {
-    font-family: 'Trebuchet MS', sans-serif;
-    color: #ffffff;
-    font-size: 1.4em;
-    font-weight: normal;
-    margin: 0;
-    padding: 0;
-}
-
-div.sphinxsidebar h3 a {
-    color: #ffffff;
-}
-
-div.sphinxsidebar h4 {
-    font-family: 'Trebuchet MS', sans-serif;
-    color: #ffffff;
-    font-size: 1.3em;
-    font-weight: normal;
-    margin: 5px 0 0 0;
-    padding: 0;
-}
-
-div.sphinxsidebar p {
-    color: #ffffff;
-}
-
-div.sphinxsidebar p.topless {
-    margin: 5px 10px 10px 10px;
-}
-
-div.sphinxsidebar ul {
-    margin: 10px;
-    padding: 0;
-    color: #ffffff;
-}
-
-div.sphinxsidebar a {
-    color: #98dbcc;
-}
-
-div.sphinxsidebar input {
-    border: 1px solid #98dbcc;
-    font-family: sans-serif;
-    font-size: 1em;
-}
-
-
-
-/* -- hyperlink styles ------------------------------------------------------ */
-
-a {
-    color: #355f7c;
-    text-decoration: none;
-}
-
-a:visited {
-    color: #355f7c;
-    text-decoration: none;
-}
-
-a:hover {
-    text-decoration: underline;
-}
-
-
-
-/* -- body styles ----------------------------------------------------------- */
-
-div.body h1,
-div.body h2,
-div.body h3,
-div.body h4,
-div.body h5,
-div.body h6 {
-    font-family: 'Trebuchet MS', sans-serif;
-    background-color: #f2f2f2;
-    font-weight: normal;
-    color: #20435c;
-    border-bottom: 1px solid #ccc;
-    margin: 20px -20px 10px -20px;
-    padding: 3px 0 3px 10px;
-}
-
-div.body h1 { margin-top: 0; font-size: 200%; }
-div.body h2 { font-size: 160%; }
-div.body h3 { font-size: 140%; }
-div.body h4 { font-size: 120%; }
-div.body h5 { font-size: 110%; }
-div.body h6 { font-size: 100%; }
-
-a.headerlink {
-    color: #c60f0f;
-    font-size: 0.8em;
-    padding: 0 4px 0 4px;
-    text-decoration: none;
-}
-
-a.headerlink:hover {
-    background-color: #c60f0f;
-    color: white;
-}
-
-div.body p, div.body dd, div.body li {
-    text-align: justify;
-    line-height: 130%;
-}
-
-div.admonition p.admonition-title + p {
-    display: inline;
-}
-
-div.admonition p {
-    margin-bottom: 5px;
-}
-
-div.admonition pre {
-    margin-bottom: 5px;
-}
-
-div.admonition ul, div.admonition ol {
-    margin-bottom: 5px;
-}
-
-div.note {
-    background-color: #eee;
-    border: 1px solid #ccc;
-}
-
-div.seealso {
-    background-color: #ffc;
-    border: 1px solid #ff6;
-}
-
-div.topic {
-    background-color: #eee;
-}
-
-div.warning {
-    background-color: #ffe4e4;
-    border: 1px solid #f66;
-}
-
-p.admonition-title {
-    display: inline;
-}
-
-p.admonition-title:after {
-    content: ":";
-}
-
-pre {
-    padding: 5px;
-    background-color: #eeffcc;
-    color: #333333;
-    line-height: 120%;
-    border: 1px solid #ac9;
-    border-left: none;
-    border-right: none;
-}
-
-tt {
-    background-color: #ecf0f3;
-    padding: 0 1px 0 1px;
-    font-size: 0.95em;
-}
-
-th {
-    background-color: #ede;
-}
-
-.warning tt {
-    background: #efc2c2;
-}
-
-.note tt {
-    background: #d6d6d6;
-}
-
-.viewcode-back {
-    font-family: sans-serif;
-}
-
-div.viewcode-block:target {
-    background-color: #f4debf;
-    border-top: 1px solid #ac9;
-    border-bottom: 1px solid #ac9;
-}
\ No newline at end of file
diff --git a/docs/saml2/_static/doctools.js b/docs/saml2/_static/doctools.js
index 61c8f160..d06a71d7 100644
--- a/docs/saml2/_static/doctools.js
+++ b/docs/saml2/_static/doctools.js
@@ -2,246 +2,155 @@
  * doctools.js
  * ~~~~~~~~~~~
  *
- * Sphinx JavaScript utilities for all documentation.
+ * Base JavaScript utilities for all Sphinx HTML documentation.
  *
- * :copyright: Copyright 2007-2011 by the Sphinx team, see AUTHORS.
+ * :copyright: Copyright 2007-2023 by the Sphinx team, see AUTHORS.
  * :license: BSD, see LICENSE for details.
  *
  */
-
-/**
- * select a different prefix for underscore
- */
-$u = _.noConflict();
-
-/**
- * make the code below compatible with browsers without
- * an installed firebug like debugger
-if (!window.console || !console.firebug) {
-  var names = ["log", "debug", "info", "warn", "error", "assert", "dir",
-    "dirxml", "group", "groupEnd", "time", "timeEnd", "count", "trace",
-    "profile", "profileEnd"];
-  window.console = {};
-  for (var i = 0; i < names.length; ++i)
-    window.console[names[i]] = function() {};
-}
- */
-
-/**
- * small helper function to urldecode strings
- */
-jQuery.urldecode = function(x) {
-  return decodeURIComponent(x).replace(/\+/g, ' ');
-}
-
-/**
- * small helper function to urlencode strings
- */
-jQuery.urlencode = encodeURIComponent;
-
-/**
- * This function returns the parsed url parameters of the
- * current request. Multiple values per key are supported,
- * it will always return arrays of strings for the value parts.
- */
-jQuery.getQueryParameters = function(s) {
-  if (typeof s == 'undefined')
-    s = document.location.search;
-  var parts = s.substr(s.indexOf('?') + 1).split('&');
-  var result = {};
-  for (var i = 0; i < parts.length; i++) {
-    var tmp = parts[i].split('=', 2);
-    var key = jQuery.urldecode(tmp[0]);
-    var value = jQuery.urldecode(tmp[1]);
-    if (key in result)
-      result[key].push(value);
-    else
-      result[key] = [value];
-  }
-  return result;
-};
-
-/**
- * small function to check if an array contains
- * a given item.
- */
-jQuery.contains = function(arr, item) {
-  for (var i = 0; i < arr.length; i++) {
-    if (arr[i] == item)
-      return true;
-  }
-  return false;
-};
-
-/**
- * highlight a given string on a jquery object by wrapping it in
- * span elements with the given class name.
- */
-jQuery.fn.highlightText = function(text, className) {
-  function highlight(node) {
-    if (node.nodeType == 3) {
-      var val = node.nodeValue;
-      var pos = val.toLowerCase().indexOf(text);
-      if (pos >= 0 && !jQuery(node.parentNode).hasMethod(className)) {
-        var span = document.createElement("span");
-        span.className = className;
-        span.appendChild(document.createTextNode(val.substr(pos, text.length)));
-        node.parentNode.insertBefore(span, node.parentNode.insertBefore(
-          document.createTextNode(val.substr(pos + text.length)),
-          node.nextSibling));
-        node.nodeValue = val.substr(0, pos);
-      }
-    }
-    else if (!jQuery(node).is("button, select, textarea")) {
-      jQuery.each(node.childNodes, function() {
-        highlight(this);
-      });
-    }
+"use strict";
+
+const BLACKLISTED_KEY_CONTROL_ELEMENTS = new Set([
+  "TEXTAREA",
+  "INPUT",
+  "SELECT",
+  "BUTTON",
+]);
+
+const _ready = (callback) => {
+  if (document.readyState !== "loading") {
+    callback();
+  } else {
+    document.addEventListener("DOMContentLoaded", callback);
   }
-  return this.each(function() {
-    highlight(this);
-  });
 };
 
 /**
  * Small JavaScript module for the documentation.
  */
-var Documentation = {
-
-  init : function() {
-    this.fixFirefoxAnchorBug();
-    this.highlightSearchWords();
-    this.initIndexTable();
+const Documentation = {
+  init: () => {
+    Documentation.initDomainIndexTable();
+    Documentation.initOnKeyListeners();
   },
 
   /**
    * i18n support
    */
-  TRANSLATIONS : {},
-  PLURAL_EXPR : function(n) { return n == 1 ? 0 : 1; },
-  LOCALE : 'unknown',
+  TRANSLATIONS: {},
+  PLURAL_EXPR: (n) => (n === 1 ? 0 : 1),
+  LOCALE: "unknown",
 
   // gettext and ngettext don't access this so that the functions
   // can safely bound to a different name (_ = Documentation.gettext)
-  gettext : function(string) {
-    var translated = Documentation.TRANSLATIONS[string];
-    if (typeof translated == 'undefined')
-      return string;
-    return (typeof translated == 'string') ? translated : translated[0];
-  },
-
-  ngettext : function(singular, plural, n) {
-    var translated = Documentation.TRANSLATIONS[singular];
-    if (typeof translated == 'undefined')
-      return (n == 1) ? singular : plural;
-    return translated[Documentation.PLURALEXPR(n)];
-  },
-
-  addTranslations : function(catalog) {
-    for (var key in catalog.messages)
-      this.TRANSLATIONS[key] = catalog.messages[key];
-    this.PLURAL_EXPR = new Function('n', 'return +(' + catalog.plural_expr + ')');
-    this.LOCALE = catalog.locale;
-  },
-
-  /**
-   * add context elements like header anchor links
-   */
-  addContextElements : function() {
-    $('div[id] > :header:first').each(function() {
-      $('<a class="headerlink">\u00B6</a>').
-      attr('href', '#' + this.id).
-      attr('title', _('Permalink to this headline')).
-      appendTo(this);
-    });
-    $('dt[id]').each(function() {
-      $('<a class="headerlink">\u00B6</a>').
-      attr('href', '#' + this.id).
-      attr('title', _('Permalink to this definition')).
-      appendTo(this);
-    });
+  gettext: (string) => {
+    const translated = Documentation.TRANSLATIONS[string];
+    switch (typeof translated) {
+      case "undefined":
+        return string; // no translation
+      case "string":
+        return translated; // translation exists
+      default:
+        return translated[0]; // (singular, plural) translation tuple exists
+    }
   },
 
-  /**
-   * workaround a firefox stupidity
-   */
-  fixFirefoxAnchorBug : function() {
-    if (document.location.hash && $.browser.mozilla)
-      window.setTimeout(function() {
-        document.location.href += '';
-      }, 10);
+  ngettext: (singular, plural, n) => {
+    const translated = Documentation.TRANSLATIONS[singular];
+    if (typeof translated !== "undefined")
+      return translated[Documentation.PLURAL_EXPR(n)];
+    return n === 1 ? singular : plural;
   },
 
-  /**
-   * highlight the search words provided in the url in the text
-   */
-  highlightSearchWords : function() {
-    var params = $.getQueryParameters();
-    var terms = (params.highlight) ? params.highlight[0].split(/\s+/) : [];
-    if (terms.length) {
-      var body = $('div.body');
-      window.setTimeout(function() {
-        $.each(terms, function() {
-          body.highlightText(this.toLowerCase(), 'highlighted');
-        });
-      }, 10);
-      $('<p class="highlight-link"><a href="javascript:Documentation.' +
-        'hideSearchWords()">' + _('Hide Search Matches') + '</a></p>')
-          .appendTo($('#searchbox'));
-    }
+  addTranslations: (catalog) => {
+    Object.assign(Documentation.TRANSLATIONS, catalog.messages);
+    Documentation.PLURAL_EXPR = new Function(
+      "n",
+      `return (${catalog.plural_expr})`
+    );
+    Documentation.LOCALE = catalog.locale;
   },
 
   /**
-   * init the domain index toggle buttons
+   * helper function to focus on search bar
    */
-  initIndexTable : function() {
-    var togglers = $('img.toggler').click(function() {
-      var src = $(this).attr('src');
-      var idnum = $(this).attr('id').substr(7);
-      $('tr.cg-' + idnum).toggle();
-      if (src.substr(-9) == 'minus.png')
-        $(this).attr('src', src.substr(0, src.length-9) + 'plus.png');
-      else
-        $(this).attr('src', src.substr(0, src.length-8) + 'minus.png');
-    }).css('display', '');
-    if (DOCUMENTATION_OPTIONS.COLLAPSE_INDEX) {
-        togglers.click();
-    }
+  focusSearchBar: () => {
+    document.querySelectorAll("input[name=q]")[0]?.focus();
   },
 
   /**
-   * helper function to hide the search marks again
+   * Initialise the domain index toggle buttons
    */
-  hideSearchWords : function() {
-    $('#searchbox .highlight-link').fadeOut(300);
-    $('span.highlighted').removeMethod('highlighted');
+  initDomainIndexTable: () => {
+    const toggler = (el) => {
+      const idNumber = el.id.substr(7);
+      const toggledRows = document.querySelectorAll(`tr.cg-${idNumber}`);
+      if (el.src.substr(-9) === "minus.png") {
+        el.src = `${el.src.substr(0, el.src.length - 9)}plus.png`;
+        toggledRows.forEach((el) => (el.style.display = "none"));
+      } else {
+        el.src = `${el.src.substr(0, el.src.length - 8)}minus.png`;
+        toggledRows.forEach((el) => (el.style.display = ""));
+      }
+    };
+
+    const togglerElements = document.querySelectorAll("img.toggler");
+    togglerElements.forEach((el) =>
+      el.addEventListener("click", (event) => toggler(event.currentTarget))
+    );
+    togglerElements.forEach((el) => (el.style.display = ""));
+    if (DOCUMENTATION_OPTIONS.COLLAPSE_INDEX) togglerElements.forEach(toggler);
   },
 
-  /**
-   * make the url absolute
-   */
-  makeURL : function(relativeURL) {
-    return DOCUMENTATION_OPTIONS.URL_ROOT + '/' + relativeURL;
-  },
+  initOnKeyListeners: () => {
+    // only install a listener if it is really needed
+    if (
+      !DOCUMENTATION_OPTIONS.NAVIGATION_WITH_KEYS &&
+      !DOCUMENTATION_OPTIONS.ENABLE_SEARCH_SHORTCUTS
+    )
+      return;
+
+    document.addEventListener("keydown", (event) => {
+      // bail for input elements
+      if (BLACKLISTED_KEY_CONTROL_ELEMENTS.has(document.activeElement.tagName)) return;
+      // bail with special keys
+      if (event.altKey || event.ctrlKey || event.metaKey) return;
+
+      if (!event.shiftKey) {
+        switch (event.key) {
+          case "ArrowLeft":
+            if (!DOCUMENTATION_OPTIONS.NAVIGATION_WITH_KEYS) break;
+
+            const prevLink = document.querySelector('link[rel="prev"]');
+            if (prevLink && prevLink.href) {
+              window.location.href = prevLink.href;
+              event.preventDefault();
+            }
+            break;
+          case "ArrowRight":
+            if (!DOCUMENTATION_OPTIONS.NAVIGATION_WITH_KEYS) break;
+
+            const nextLink = document.querySelector('link[rel="next"]');
+            if (nextLink && nextLink.href) {
+              window.location.href = nextLink.href;
+              event.preventDefault();
+            }
+            break;
+        }
+      }
 
-  /**
-   * get the current relative url
-   */
-  getCurrentURL : function() {
-    var path = document.location.pathname;
-    var parts = path.split(/\//);
-    $.each(DOCUMENTATION_OPTIONS.URL_ROOT.split(/\//), function() {
-      if (this == '..')
-        parts.pop();
+      // some keyboard layouts may need Shift to get /
+      switch (event.key) {
+        case "/":
+          if (!DOCUMENTATION_OPTIONS.ENABLE_SEARCH_SHORTCUTS) break;
+          Documentation.focusSearchBar();
+          event.preventDefault();
+      }
     });
-    var url = parts.join('/');
-    return path.substring(url.lastIndexOf('/') + 1, path.length - 1);
-  }
+  },
 };
 
 // quick alias for translations
-_ = Documentation.gettext;
+const _ = Documentation.gettext;
 
-$(document).ready(function() {
-  Documentation.init();
-});
+_ready(Documentation.init);
diff --git a/docs/saml2/_static/documentation_options.js b/docs/saml2/_static/documentation_options.js
new file mode 100644
index 00000000..2db8a09e
--- /dev/null
+++ b/docs/saml2/_static/documentation_options.js
@@ -0,0 +1,14 @@
+var DOCUMENTATION_OPTIONS = {
+    URL_ROOT: document.getElementById("documentation_options").getAttribute('data-url_root'),
+    VERSION: '1',
+    LANGUAGE: 'en',
+    COLLAPSE_INDEX: false,
+    BUILDER: 'html',
+    FILE_SUFFIX: '.html',
+    LINK_SUFFIX: '.html',
+    HAS_SOURCE: true,
+    SOURCELINK_SUFFIX: '.txt',
+    NAVIGATION_WITH_KEYS: false,
+    SHOW_SEARCH_SUMMARY: true,
+    ENABLE_SEARCH_SHORTCUTS: true,
+};
\ No newline at end of file
diff --git a/docs/saml2/_static/down-pressed.png b/docs/saml2/_static/down-pressed.png
deleted file mode 100644
index 6f7ad782..00000000
Binary files a/docs/saml2/_static/down-pressed.png and /dev/null differ
diff --git a/docs/saml2/_static/down.png b/docs/saml2/_static/down.png
deleted file mode 100644
index 3003a887..00000000
Binary files a/docs/saml2/_static/down.png and /dev/null differ
diff --git a/docs/saml2/_static/file.png b/docs/saml2/_static/file.png
index d18082e3..a858a410 100644
Binary files a/docs/saml2/_static/file.png and b/docs/saml2/_static/file.png differ
diff --git a/docs/saml2/_static/jquery.js b/docs/saml2/_static/jquery.js
index dc2f3dac..c4c6022f 100644
--- a/docs/saml2/_static/jquery.js
+++ b/docs/saml2/_static/jquery.js
@@ -1,9404 +1,2 @@
-/*!
- * jQuery JavaScript Library v1.7.2
- * http://jquery.com/
- *
- * Copyright 2011, John Resig
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * Includes Sizzle.js
- * http://sizzlejs.com/
- * Copyright 2011, The Dojo Foundation
- * Released under the MIT, BSD, and GPL Licenses.
- *
- * Date: Fri Jul  5 14:07:58 UTC 2013
- */
-(function( window, undefined ) {
-
-// Use the correct document accordingly with window argument (sandbox)
-var document = window.document,
-	navigator = window.navigator,
-	location = window.location;
-var jQuery = (function() {
-
-// Define a local copy of jQuery
-var jQuery = function( selector, context ) {
-		// The jQuery object is actually just the init constructor 'enhanced'
-		return new jQuery.fn.init( selector, context, rootjQuery );
-	},
-
-	// Map over jQuery in case of overwrite
-	_jQuery = window.jQuery,
-
-	// Map over the $ in case of overwrite
-	_$ = window.$,
-
-	// A central reference to the root jQuery(document)
-	rootjQuery,
-
-	// A simple way to check for HTML strings or ID strings
-	// Prioritize #id over <tag> to avoid XSS via location.hash (#9521)
-	quickExpr = /^(?:[^#<]*(<[\w\W]+>)[^>]*$|#([\w\-]*)$)/,
-
-	// Check if a string has a non-whitespace character in it
-	rnotwhite = /\S/,
-
-	// Used for trimming whitespace
-	trimLeft = /^\s+/,
-	trimRight = /\s+$/,
-
-	// Match a standalone tag
-	rsingleTag = /^<(\w+)\s*\/?>(?:<\/\1>)?$/,
-
-	// JSON RegExp
-	rvalidchars = /^[\],:{}\s]*$/,
-	rvalidescape = /\\(?:["\\\/bfnrt]|u[0-9a-fA-F]{4})/g,
-	rvalidtokens = /"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g,
-	rvalidbraces = /(?:^|:|,)(?:\s*\[)+/g,
-
-	// Useragent RegExp
-	rwebkit = /(webkit)[ \/]([\w.]+)/,
-	ropera = /(opera)(?:.*version)?[ \/]([\w.]+)/,
-	rmsie = /(msie) ([\w.]+)/,
-	rmozilla = /(mozilla)(?:.*? rv:([\w.]+))?/,
-
-	// Matches dashed string for camelizing
-	rdashAlpha = /-([a-z]|[0-9])/ig,
-	rmsPrefix = /^-ms-/,
-
-	// Used by jQuery.camelCase as callback to replace()
-	fcamelCase = function( all, letter ) {
-		return ( letter + "" ).toUpperCase();
-	},
-
-	// Keep a UserAgent string for use with jQuery.browser
-	userAgent = navigator.userAgent,
-
-	// For matching the engine and version of the browser
-	browserMatch,
-
-	// The deferred used on DOM ready
-	readyList,
-
-	// The ready event handler
-	DOMContentLoaded,
-
-	// Save a reference to some core methods
-	toString = Object.prototype.toString,
-	hasOwn = Object.prototype.hasOwnProperty,
-	push = Array.prototype.push,
-	slice = Array.prototype.slice,
-	trim = String.prototype.trim,
-	indexOf = Array.prototype.indexOf,
-
-	// [[Method]] -> type pairs
-	class2type = {};
-
-jQuery.fn = jQuery.prototype = {
-	constructor: jQuery,
-	init: function( selector, context, rootjQuery ) {
-		var match, elem, ret, doc;
-
-		// Handle $(""), $(null), or $(undefined)
-		if ( !selector ) {
-			return this;
-		}
-
-		// Handle $(DOMElement)
-		if ( selector.nodeType ) {
-			this.context = this[0] = selector;
-			this.length = 1;
-			return this;
-		}
-
-		// The body element only exists once, optimize finding it
-		if ( selector === "body" && !context && document.body ) {
-			this.context = document;
-			this[0] = document.body;
-			this.selector = selector;
-			this.length = 1;
-			return this;
-		}
-
-		// Handle HTML strings
-		if ( typeof selector === "string" ) {
-			// Are we dealing with HTML string or an ID?
-			if ( selector.charAt(0) === "<" && selector.charAt( selector.length - 1 ) === ">" && selector.length >= 3 ) {
-				// Assume that strings that start and end with <> are HTML and skip the regex check
-				match = [ null, selector, null ];
-
-			} else {
-				match = quickExpr.exec( selector );
-			}
-
-			// Verify a match, and that no context was specified for #id
-			if ( match && (match[1] || !context) ) {
-
-				// HANDLE: $(html) -> $(array)
-				if ( match[1] ) {
-					context = context instanceof jQuery ? context[0] : context;
-					doc = ( context ? context.ownerDocument || context : document );
-
-					// If a single string is passed in and it's a single tag
-					// just do a createElement and skip the rest
-					ret = rsingleTag.exec( selector );
-
-					if ( ret ) {
-						if ( jQuery.isPlainObject( context ) ) {
-							selector = [ document.createElement( ret[1] ) ];
-							jQuery.fn.attr.call( selector, context, true );
-
-						} else {
-							selector = [ doc.createElement( ret[1] ) ];
-						}
-
-					} else {
-						ret = jQuery.buildFragment( [ match[1] ], [ doc ] );
-						selector = ( ret.cacheable ? jQuery.clone(ret.fragment) : ret.fragment ).childNodes;
-					}
-
-					return jQuery.merge( this, selector );
-
-				// HANDLE: $("#id")
-				} else {
-					elem = document.getElementById( match[2] );
-
-					// Check parentNode to catch when Blackberry 4.6 returns
-					// nodes that are no longer in the document #6963
-					if ( elem && elem.parentNode ) {
-						// Handle the case where IE and Opera return items
-						// by name instead of ID
-						if ( elem.id !== match[2] ) {
-							return rootjQuery.find( selector );
-						}
-
-						// Otherwise, we inject the element directly into the jQuery object
-						this.length = 1;
-						this[0] = elem;
-					}
-
-					this.context = document;
-					this.selector = selector;
-					return this;
-				}
-
-			// HANDLE: $(expr, $(...))
-			} else if ( !context || context.jquery ) {
-				return ( context || rootjQuery ).find( selector );
-
-			// HANDLE: $(expr, context)
-			// (which is just equivalent to: $(context).find(expr)
-			} else {
-				return this.constructor( context ).find( selector );
-			}
-
-		// HANDLE: $(function)
-		// Shortcut for document ready
-		} else if ( jQuery.isFunction( selector ) ) {
-			return rootjQuery.ready( selector );
-		}
-
-		if ( selector.selector !== undefined ) {
-			this.selector = selector.selector;
-			this.context = selector.context;
-		}
-
-		return jQuery.makeArray( selector, this );
-	},
-
-	// Start with an empty selector
-	selector: "",
-
-	// The current version of jQuery being used
-	jquery: "1.7.2",
-
-	// The default length of a jQuery object is 0
-	length: 0,
-
-	// The number of elements contained in the matched element set
-	size: function() {
-		return this.length;
-	},
-
-	toArray: function() {
-		return slice.call( this, 0 );
-	},
-
-	// Get the Nth element in the matched element set OR
-	// Get the whole matched element set as a clean array
-	get: function( num ) {
-		return num == null ?
-
-			// Return a 'clean' array
-			this.toArray() :
-
-			// Return just the object
-			( num < 0 ? this[ this.length + num ] : this[ num ] );
-	},
-
-	// Take an array of elements and push it onto the stack
-	// (returning the new matched element set)
-	pushStack: function( elems, name, selector ) {
-		// Build a new jQuery matched element set
-		var ret = this.constructor();
-
-		if ( jQuery.isArray( elems ) ) {
-			push.apply( ret, elems );
-
-		} else {
-			jQuery.merge( ret, elems );
-		}
-
-		// Add the old object onto the stack (as a reference)
-		ret.prevObject = this;
-
-		ret.context = this.context;
-
-		if ( name === "find" ) {
-			ret.selector = this.selector + ( this.selector ? " " : "" ) + selector;
-		} else if ( name ) {
-			ret.selector = this.selector + "." + name + "(" + selector + ")";
-		}
-
-		// Return the newly-formed element set
-		return ret;
-	},
-
-	// Execute a callback for every element in the matched set.
-	// (You can seed the arguments with an array of args, but this is
-	// only used internally.)
-	each: function( callback, args ) {
-		return jQuery.each( this, callback, args );
-	},
-
-	ready: function( fn ) {
-		// Attach the listeners
-		jQuery.bindReady();
-
-		// Add the callback
-		readyList.add( fn );
-
-		return this;
-	},
-
-	eq: function( i ) {
-		i = +i;
-		return i === -1 ?
-			this.slice( i ) :
-			this.slice( i, i + 1 );
-	},
-
-	first: function() {
-		return this.eq( 0 );
-	},
-
-	last: function() {
-		return this.eq( -1 );
-	},
-
-	slice: function() {
-		return this.pushStack( slice.apply( this, arguments ),
-			"slice", slice.call(arguments).join(",") );
-	},
-
-	map: function( callback ) {
-		return this.pushStack( jQuery.map(this, function( elem, i ) {
-			return callback.call( elem, i, elem );
-		}));
-	},
-
-	end: function() {
-		return this.prevObject || this.constructor(null);
-	},
-
-	// For internal use only.
-	// Behaves like an Array's method, not like a jQuery method.
-	push: push,
-	sort: [].sort,
-	splice: [].splice
-};
-
-// Give the init function the jQuery prototype for later instantiation
-jQuery.fn.init.prototype = jQuery.fn;
-
-jQuery.extend = jQuery.fn.extend = function() {
-	var options, name, src, copy, copyIsArray, clone,
-		target = arguments[0] || {},
-		i = 1,
-		length = arguments.length,
-		deep = false;
-
-	// Handle a deep copy situation
-	if ( typeof target === "boolean" ) {
-		deep = target;
-		target = arguments[1] || {};
-		// skip the boolean and the target
-		i = 2;
-	}
-
-	// Handle case when target is a string or something (possible in deep copy)
-	if ( typeof target !== "object" && !jQuery.isFunction(target) ) {
-		target = {};
-	}
-
-	// extend jQuery itself if only one argument is passed
-	if ( length === i ) {
-		target = this;
-		--i;
-	}
-
-	for ( ; i < length; i++ ) {
-		// Only deal with non-null/undefined values
-		if ( (options = arguments[ i ]) != null ) {
-			// Extend the base object
-			for ( name in options ) {
-				src = target[ name ];
-				copy = options[ name ];
-
-				// Prevent never-ending loop
-				if ( target === copy ) {
-					continue;
-				}
-
-				// Recurse if we're merging plain objects or arrays
-				if ( deep && copy && ( jQuery.isPlainObject(copy) || (copyIsArray = jQuery.isArray(copy)) ) ) {
-					if ( copyIsArray ) {
-						copyIsArray = false;
-						clone = src && jQuery.isArray(src) ? src : [];
-
-					} else {
-						clone = src && jQuery.isPlainObject(src) ? src : {};
-					}
-
-					// Never move original objects, clone them
-					target[ name ] = jQuery.extend( deep, clone, copy );
-
-				// Don't bring in undefined values
-				} else if ( copy !== undefined ) {
-					target[ name ] = copy;
-				}
-			}
-		}
-	}
-
-	// Return the modified object
-	return target;
-};
-
-jQuery.extend({
-	noConflict: function( deep ) {
-		if ( window.$ === jQuery ) {
-			window.$ = _$;
-		}
-
-		if ( deep && window.jQuery === jQuery ) {
-			window.jQuery = _jQuery;
-		}
-
-		return jQuery;
-	},
-
-	// Is the DOM ready to be used? Set to true once it occurs.
-	isReady: false,
-
-	// A counter to track how many items to wait for before
-	// the ready event fires. See #6781
-	readyWait: 1,
-
-	// Hold (or release) the ready event
-	holdReady: function( hold ) {
-		if ( hold ) {
-			jQuery.readyWait++;
-		} else {
-			jQuery.ready( true );
-		}
-	},
-
-	// Handle when the DOM is ready
-	ready: function( wait ) {
-		// Either a released hold or an DOMready/load event and not yet ready
-		if ( (wait === true && !--jQuery.readyWait) || (wait !== true && !jQuery.isReady) ) {
-			// Make sure body exists, at least, in case IE gets a little overzealous (ticket #5443).
-			if ( !document.body ) {
-				return setTimeout( jQuery.ready, 1 );
-			}
-
-			// Remember that the DOM is ready
-			jQuery.isReady = true;
-
-			// If a normal DOM Ready event fired, decrement, and wait if need be
-			if ( wait !== true && --jQuery.readyWait > 0 ) {
-				return;
-			}
-
-			// If there are functions bound, to execute
-			readyList.fireWith( document, [ jQuery ] );
-
-			// Trigger any bound ready events
-			if ( jQuery.fn.trigger ) {
-				jQuery( document ).trigger( "ready" ).off( "ready" );
-			}
-		}
-	},
-
-	bindReady: function() {
-		if ( readyList ) {
-			return;
-		}
-
-		readyList = jQuery.Callbacks( "once memory" );
-
-		// Catch cases where $(document).ready() is called after the
-		// browser event has already occurred.
-		if ( document.readyState === "complete" ) {
-			// Handle it asynchronously to allow scripts the opportunity to delay ready
-			return setTimeout( jQuery.ready, 1 );
-		}
-
-		// Mozilla, Opera and webkit nightlies currently support this event
-		if ( document.addEventListener ) {
-			// Use the handy event callback
-			document.addEventListener( "DOMContentLoaded", DOMContentLoaded, false );
-
-			// A fallback to window.onload, that will always work
-			window.addEventListener( "load", jQuery.ready, false );
-
-		// If IE event model is used
-		} else if ( document.attachEvent ) {
-			// ensure firing before onload,
-			// maybe late but safe also for iframes
-			document.attachEvent( "onreadystatechange", DOMContentLoaded );
-
-			// A fallback to window.onload, that will always work
-			window.attachEvent( "onload", jQuery.ready );
-
-			// If IE and not a frame
-			// continually check to see if the document is ready
-			var toplevel = false;
-
-			try {
-				toplevel = window.frameElement == null;
-			} catch(e) {}
-
-			if ( document.documentElement.doScroll && toplevel ) {
-				doScrollCheck();
-			}
-		}
-	},
-
-	// See test/unit/core.js for details concerning isFunction.
-	// Since version 1.3, DOM methods and functions like alert
-	// aren't supported. They return false on IE (#2968).
-	isFunction: function( obj ) {
-		return jQuery.type(obj) === "function";
-	},
-
-	isArray: Array.isArray || function( obj ) {
-		return jQuery.type(obj) === "array";
-	},
-
-	isWindow: function( obj ) {
-		return obj != null && obj == obj.window;
-	},
-
-	isNumeric: function( obj ) {
-		return !isNaN( parseFloat(obj) ) && isFinite( obj );
-	},
-
-	type: function( obj ) {
-		return obj == null ?
-			String( obj ) :
-			class2type[ toString.call(obj) ] || "object";
-	},
-
-	isPlainObject: function( obj ) {
-		// Must be an Object.
-		// Because of IE, we also have to check the presence of the constructor property.
-		// Make sure that DOM nodes and window objects don't pass through, as well
-		if ( !obj || jQuery.type(obj) !== "object" || obj.nodeType || jQuery.isWindow( obj ) ) {
-			return false;
-		}
-
-		try {
-			// Not own constructor property must be Object
-			if ( obj.constructor &&
-				!hasOwn.call(obj, "constructor") &&
-				!hasOwn.call(obj.constructor.prototype, "isPrototypeOf") ) {
-				return false;
-			}
-		} catch ( e ) {
-			// IE8,9 Will throw exceptions on certain host objects #9897
-			return false;
-		}
-
-		// Own properties are enumerated firstly, so to speed up,
-		// if last one is own, then all properties are own.
-
-		var key;
-		for ( key in obj ) {}
-
-		return key === undefined || hasOwn.call( obj, key );
-	},
-
-	isEmptyObject: function( obj ) {
-		for ( var name in obj ) {
-			return false;
-		}
-		return true;
-	},
-
-	error: function( msg ) {
-		throw new Error( msg );
-	},
-
-	parseJSON: function( data ) {
-		if ( typeof data !== "string" || !data ) {
-			return null;
-		}
-
-		// Make sure leading/trailing whitespace is removed (IE can't handle it)
-		data = jQuery.trim( data );
-
-		// Attempt to parse using the native JSON parser first
-		if ( window.JSON && window.JSON.parse ) {
-			return window.JSON.parse( data );
-		}
-
-		// Make sure the incoming data is actual JSON
-		// Logic borrowed from http://json.org/json2.js
-		if ( rvalidchars.test( data.replace( rvalidescape, "@" )
-			.replace( rvalidtokens, "]" )
-			.replace( rvalidbraces, "")) ) {
-
-			return ( new Function( "return " + data ) )();
-
-		}
-		jQuery.error( "Invalid JSON: " + data );
-	},
-
-	// Cross-browser xml parsing
-	parseXML: function( data ) {
-		if ( typeof data !== "string" || !data ) {
-			return null;
-		}
-		var xml, tmp;
-		try {
-			if ( window.DOMParser ) { // Standard
-				tmp = new DOMParser();
-				xml = tmp.parseFromString( data , "text/xml" );
-			} else { // IE
-				xml = new ActiveXObject( "Microsoft.XMLDOM" );
-				xml.async = "false";
-				xml.loadXML( data );
-			}
-		} catch( e ) {
-			xml = undefined;
-		}
-		if ( !xml || !xml.documentElement || xml.getElementsByTagName( "parsererror" ).length ) {
-			jQuery.error( "Invalid XML: " + data );
-		}
-		return xml;
-	},
-
-	noop: function() {},
-
-	// Evaluates a script in a global context
-	// Workarounds based on findings by Jim Driscoll
-	// http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context
-	globalEval: function( data ) {
-		if ( data && rnotwhite.test( data ) ) {
-			// We use execScript on Internet Explorer
-			// We use an anonymous function so that context is window
-			// rather than jQuery in Firefox
-			( window.execScript || function( data ) {
-				window[ "eval" ].call( window, data );
-			} )( data );
-		}
-	},
-
-	// Convert dashed to camelCase; used by the css and data modules
-	// Microsoft forgot to hump their vendor prefix (#9572)
-	camelCase: function( string ) {
-		return string.replace( rmsPrefix, "ms-" ).replace( rdashAlpha, fcamelCase );
-	},
-
-	nodeName: function( elem, name ) {
-		return elem.nodeName && elem.nodeName.toUpperCase() === name.toUpperCase();
-	},
-
-	// args is for internal usage only
-	each: function( object, callback, args ) {
-		var name, i = 0,
-			length = object.length,
-			isObj = length === undefined || jQuery.isFunction( object );
-
-		if ( args ) {
-			if ( isObj ) {
-				for ( name in object ) {
-					if ( callback.apply( object[ name ], args ) === false ) {
-						break;
-					}
-				}
-			} else {
-				for ( ; i < length; ) {
-					if ( callback.apply( object[ i++ ], args ) === false ) {
-						break;
-					}
-				}
-			}
-
-		// A special, fast, case for the most common use of each
-		} else {
-			if ( isObj ) {
-				for ( name in object ) {
-					if ( callback.call( object[ name ], name, object[ name ] ) === false ) {
-						break;
-					}
-				}
-			} else {
-				for ( ; i < length; ) {
-					if ( callback.call( object[ i ], i, object[ i++ ] ) === false ) {
-						break;
-					}
-				}
-			}
-		}
-
-		return object;
-	},
-
-	// Use native String.trim function wherever possible
-	trim: trim ?
-		function( text ) {
-			return text == null ?
-				"" :
-				trim.call( text );
-		} :
-
-		// Otherwise use our own trimming functionality
-		function( text ) {
-			return text == null ?
-				"" :
-				text.toString().replace( trimLeft, "" ).replace( trimRight, "" );
-		},
-
-	// results is for internal usage only
-	makeArray: function( array, results ) {
-		var ret = results || [];
-
-		if ( array != null ) {
-			// The window, strings (and functions) also have 'length'
-			// Tweaked logic slightly to handle Blackberry 4.7 RegExp issues #6930
-			var type = jQuery.type( array );
-
-			if ( array.length == null || type === "string" || type === "function" || type === "regexp" || jQuery.isWindow( array ) ) {
-				push.call( ret, array );
-			} else {
-				jQuery.merge( ret, array );
-			}
-		}
-
-		return ret;
-	},
-
-	inArray: function( elem, array, i ) {
-		var len;
-
-		if ( array ) {
-			if ( indexOf ) {
-				return indexOf.call( array, elem, i );
-			}
-
-			len = array.length;
-			i = i ? i < 0 ? Math.max( 0, len + i ) : i : 0;
-
-			for ( ; i < len; i++ ) {
-				// Skip accessing in sparse arrays
-				if ( i in array && array[ i ] === elem ) {
-					return i;
-				}
-			}
-		}
-
-		return -1;
-	},
-
-	merge: function( first, second ) {
-		var i = first.length,
-			j = 0;
-
-		if ( typeof second.length === "number" ) {
-			for ( var l = second.length; j < l; j++ ) {
-				first[ i++ ] = second[ j ];
-			}
-
-		} else {
-			while ( second[j] !== undefined ) {
-				first[ i++ ] = second[ j++ ];
-			}
-		}
-
-		first.length = i;
-
-		return first;
-	},
-
-	grep: function( elems, callback, inv ) {
-		var ret = [], retVal;
-		inv = !!inv;
-
-		// Go through the array, only saving the items
-		// that pass the validator function
-		for ( var i = 0, length = elems.length; i < length; i++ ) {
-			retVal = !!callback( elems[ i ], i );
-			if ( inv !== retVal ) {
-				ret.push( elems[ i ] );
-			}
-		}
-
-		return ret;
-	},
-
-	// arg is for internal usage only
-	map: function( elems, callback, arg ) {
-		var value, key, ret = [],
-			i = 0,
-			length = elems.length,
-			// jquery objects are treated as arrays
-			isArray = elems instanceof jQuery || length !== undefined && typeof length === "number" && ( ( length > 0 && elems[ 0 ] && elems[ length -1 ] ) || length === 0 || jQuery.isArray( elems ) ) ;
-
-		// Go through the array, translating each of the items to their
-		if ( isArray ) {
-			for ( ; i < length; i++ ) {
-				value = callback( elems[ i ], i, arg );
-
-				if ( value != null ) {
-					ret[ ret.length ] = value;
-				}
-			}
-
-		// Go through every key on the object,
-		} else {
-			for ( key in elems ) {
-				value = callback( elems[ key ], key, arg );
-
-				if ( value != null ) {
-					ret[ ret.length ] = value;
-				}
-			}
-		}
-
-		// Flatten any nested arrays
-		return ret.concat.apply( [], ret );
-	},
-
-	// A global GUID counter for objects
-	guid: 1,
-
-	// Bind a function to a context, optionally partially applying any
-	// arguments.
-	proxy: function( fn, context ) {
-		if ( typeof context === "string" ) {
-			var tmp = fn[ context ];
-			context = fn;
-			fn = tmp;
-		}
-
-		// Quick check to determine if target is callable, in the spec
-		// this throws a TypeError, but we will just return undefined.
-		if ( !jQuery.isFunction( fn ) ) {
-			return undefined;
-		}
-
-		// Simulated bind
-		var args = slice.call( arguments, 2 ),
-			proxy = function() {
-				return fn.apply( context, args.concat( slice.call( arguments ) ) );
-			};
-
-		// Set the guid of unique handler to the same of original handler, so it can be removed
-		proxy.guid = fn.guid = fn.guid || proxy.guid || jQuery.guid++;
-
-		return proxy;
-	},
-
-	// Mutifunctional method to get and set values to a collection
-	// The value/s can optionally be executed if it's a function
-	access: function( elems, fn, key, value, chainable, emptyGet, pass ) {
-		var exec,
-			bulk = key == null,
-			i = 0,
-			length = elems.length;
-
-		// Sets many values
-		if ( key && typeof key === "object" ) {
-			for ( i in key ) {
-				jQuery.access( elems, fn, i, key[i], 1, emptyGet, value );
-			}
-			chainable = 1;
-
-		// Sets one value
-		} else if ( value !== undefined ) {
-			// Optionally, function values get executed if exec is true
-			exec = pass === undefined && jQuery.isFunction( value );
-
-			if ( bulk ) {
-				// Bulk operations only iterate when executing function values
-				if ( exec ) {
-					exec = fn;
-					fn = function( elem, key, value ) {
-						return exec.call( jQuery( elem ), value );
-					};
-
-				// Otherwise they run against the entire set
-				} else {
-					fn.call( elems, value );
-					fn = null;
-				}
-			}
-
-			if ( fn ) {
-				for (; i < length; i++ ) {
-					fn( elems[i], key, exec ? value.call( elems[i], i, fn( elems[i], key ) ) : value, pass );
-				}
-			}
-
-			chainable = 1;
-		}
-
-		return chainable ?
-			elems :
-
-			// Gets
-			bulk ?
-				fn.call( elems ) :
-				length ? fn( elems[0], key ) : emptyGet;
-	},
-
-	now: function() {
-		return ( new Date() ).getTime();
-	},
-
-	// Use of jQuery.browser is frowned upon.
-	// More details: http://docs.jquery.com/Utilities/jQuery.browser
-	uaMatch: function( ua ) {
-		ua = ua.toLowerCase();
-
-		var match = rwebkit.exec( ua ) ||
-			ropera.exec( ua ) ||
-			rmsie.exec( ua ) ||
-			ua.indexOf("compatible") < 0 && rmozilla.exec( ua ) ||
-			[];
-
-		return { browser: match[1] || "", version: match[2] || "0" };
-	},
-
-	sub: function() {
-		function jQuerySub( selector, context ) {
-			return new jQuerySub.fn.init( selector, context );
-		}
-		jQuery.extend( true, jQuerySub, this );
-		jQuerySub.superclass = this;
-		jQuerySub.fn = jQuerySub.prototype = this();
-		jQuerySub.fn.constructor = jQuerySub;
-		jQuerySub.sub = this.sub;
-		jQuerySub.fn.init = function init( selector, context ) {
-			if ( context && context instanceof jQuery && !(context instanceof jQuerySub) ) {
-				context = jQuerySub( context );
-			}
-
-			return jQuery.fn.init.call( this, selector, context, rootjQuerySub );
-		};
-		jQuerySub.fn.init.prototype = jQuerySub.fn;
-		var rootjQuerySub = jQuerySub(document);
-		return jQuerySub;
-	},
-
-	browser: {}
-});
-
-// Populate the class2type map
-jQuery.each("Boolean Number String Function Array Date RegExp Object".split(" "), function(i, name) {
-	class2type[ "[object " + name + "]" ] = name.toLowerCase();
-});
-
-browserMatch = jQuery.uaMatch( userAgent );
-if ( browserMatch.browser ) {
-	jQuery.browser[ browserMatch.browser ] = true;
-	jQuery.browser.version = browserMatch.version;
-}
-
-// Deprecated, use jQuery.browser.webkit instead
-if ( jQuery.browser.webkit ) {
-	jQuery.browser.safari = true;
-}
-
-// IE doesn't match non-breaking spaces with \s
-if ( rnotwhite.test( "\xA0" ) ) {
-	trimLeft = /^[\s\xA0]+/;
-	trimRight = /[\s\xA0]+$/;
-}
-
-// All jQuery objects should point back to these
-rootjQuery = jQuery(document);
-
-// Cleanup functions for the document ready method
-if ( document.addEventListener ) {
-	DOMContentLoaded = function() {
-		document.removeEventListener( "DOMContentLoaded", DOMContentLoaded, false );
-		jQuery.ready();
-	};
-
-} else if ( document.attachEvent ) {
-	DOMContentLoaded = function() {
-		// Make sure body exists, at least, in case IE gets a little overzealous (ticket #5443).
-		if ( document.readyState === "complete" ) {
-			document.detachEvent( "onreadystatechange", DOMContentLoaded );
-			jQuery.ready();
-		}
-	};
-}
-
-// The DOM ready check for Internet Explorer
-function doScrollCheck() {
-	if ( jQuery.isReady ) {
-		return;
-	}
-
-	try {
-		// If IE is used, use the trick by Diego Perini
-		// http://javascript.nwbox.com/IEContentLoaded/
-		document.documentElement.doScroll("left");
-	} catch(e) {
-		setTimeout( doScrollCheck, 1 );
-		return;
-	}
-
-	// and execute any waiting functions
-	jQuery.ready();
-}
-
-return jQuery;
-
-})();
-
-
-// String to Object flags format cache
-var flagsCache = {};
-
-// Convert String-formatted flags into Object-formatted ones and store in cache
-function createFlags( flags ) {
-	var object = flagsCache[ flags ] = {},
-		i, length;
-	flags = flags.split( /\s+/ );
-	for ( i = 0, length = flags.length; i < length; i++ ) {
-		object[ flags[i] ] = true;
-	}
-	return object;
-}
-
-/*
- * Create a callback list using the following parameters:
- *
- *	flags:	an optional list of space-separated flags that will change how
- *			the callback list behaves
- *
- * By default a callback list will act like an event callback list and can be
- * "fired" multiple times.
- *
- * Possible flags:
- *
- *	once:			will ensure the callback list can only be fired once (like a Deferred)
- *
- *	memory:			will keep track of previous values and will call any callback added
- *					after the list has been fired right away with the latest "memorized"
- *					values (like a Deferred)
- *
- *	unique:			will ensure a callback can only be added once (no duplicate in the list)
- *
- *	stopOnFalse:	interrupt callings when a callback returns false
- *
- */
-jQuery.Callbacks = function( flags ) {
-
-	// Convert flags from String-formatted to Object-formatted
-	// (we check in cache first)
-	flags = flags ? ( flagsCache[ flags ] || createFlags( flags ) ) : {};
-
-	var // Actual callback list
-		list = [],
-		// Stack of fire calls for repeatable lists
-		stack = [],
-		// Last fire value (for non-forgettable lists)
-		memory,
-		// Flag to know if list was already fired
-		fired,
-		// Flag to know if list is currently firing
-		firing,
-		// First callback to fire (used internally by add and fireWith)
-		firingStart,
-		// End of the loop when firing
-		firingLength,
-		// Index of currently firing callback (modified by remove if needed)
-		firingIndex,
-		// Add one or several callbacks to the list
-		add = function( args ) {
-			var i,
-				length,
-				elem,
-				type,
-				actual;
-			for ( i = 0, length = args.length; i < length; i++ ) {
-				elem = args[ i ];
-				type = jQuery.type( elem );
-				if ( type === "array" ) {
-					// Inspect recursively
-					add( elem );
-				} else if ( type === "function" ) {
-					// Add if not in unique mode and callback is not in
-					if ( !flags.unique || !self.has( elem ) ) {
-						list.push( elem );
-					}
-				}
-			}
-		},
-		// Fire callbacks
-		fire = function( context, args ) {
-			args = args || [];
-			memory = !flags.memory || [ context, args ];
-			fired = true;
-			firing = true;
-			firingIndex = firingStart || 0;
-			firingStart = 0;
-			firingLength = list.length;
-			for ( ; list && firingIndex < firingLength; firingIndex++ ) {
-				if ( list[ firingIndex ].apply( context, args ) === false && flags.stopOnFalse ) {
-					memory = true; // Mark as halted
-					break;
-				}
-			}
-			firing = false;
-			if ( list ) {
-				if ( !flags.once ) {
-					if ( stack && stack.length ) {
-						memory = stack.shift();
-						self.fireWith( memory[ 0 ], memory[ 1 ] );
-					}
-				} else if ( memory === true ) {
-					self.disable();
-				} else {
-					list = [];
-				}
-			}
-		},
-		// Actual Callbacks object
-		self = {
-			// Add a callback or a collection of callbacks to the list
-			add: function() {
-				if ( list ) {
-					var length = list.length;
-					add( arguments );
-					// Do we need to add the callbacks to the
-					// current firing batch?
-					if ( firing ) {
-						firingLength = list.length;
-					// With memory, if we're not firing then
-					// we should call right away, unless previous
-					// firing was halted (stopOnFalse)
-					} else if ( memory && memory !== true ) {
-						firingStart = length;
-						fire( memory[ 0 ], memory[ 1 ] );
-					}
-				}
-				return this;
-			},
-			// Remove a callback from the list
-			remove: function() {
-				if ( list ) {
-					var args = arguments,
-						argIndex = 0,
-						argLength = args.length;
-					for ( ; argIndex < argLength ; argIndex++ ) {
-						for ( var i = 0; i < list.length; i++ ) {
-							if ( args[ argIndex ] === list[ i ] ) {
-								// Handle firingIndex and firingLength
-								if ( firing ) {
-									if ( i <= firingLength ) {
-										firingLength--;
-										if ( i <= firingIndex ) {
-											firingIndex--;
-										}
-									}
-								}
-								// Remove the element
-								list.splice( i--, 1 );
-								// If we have some unicity property then
-								// we only need to do this once
-								if ( flags.unique ) {
-									break;
-								}
-							}
-						}
-					}
-				}
-				return this;
-			},
-			// Control if a given callback is in the list
-			has: function( fn ) {
-				if ( list ) {
-					var i = 0,
-						length = list.length;
-					for ( ; i < length; i++ ) {
-						if ( fn === list[ i ] ) {
-							return true;
-						}
-					}
-				}
-				return false;
-			},
-			// Remove all callbacks from the list
-			empty: function() {
-				list = [];
-				return this;
-			},
-			// Have the list do nothing anymore
-			disable: function() {
-				list = stack = memory = undefined;
-				return this;
-			},
-			// Is it disabled?
-			disabled: function() {
-				return !list;
-			},
-			// Lock the list in its current state
-			lock: function() {
-				stack = undefined;
-				if ( !memory || memory === true ) {
-					self.disable();
-				}
-				return this;
-			},
-			// Is it locked?
-			locked: function() {
-				return !stack;
-			},
-			// Call all callbacks with the given context and arguments
-			fireWith: function( context, args ) {
-				if ( stack ) {
-					if ( firing ) {
-						if ( !flags.once ) {
-							stack.push( [ context, args ] );
-						}
-					} else if ( !( flags.once && memory ) ) {
-						fire( context, args );
-					}
-				}
-				return this;
-			},
-			// Call all the callbacks with the given arguments
-			fire: function() {
-				self.fireWith( this, arguments );
-				return this;
-			},
-			// To know if the callbacks have already been called at least once
-			fired: function() {
-				return !!fired;
-			}
-		};
-
-	return self;
-};
-
-
-
-
-var // Static reference to slice
-	sliceDeferred = [].slice;
-
-jQuery.extend({
-
-	Deferred: function( func ) {
-		var doneList = jQuery.Callbacks( "once memory" ),
-			failList = jQuery.Callbacks( "once memory" ),
-			progressList = jQuery.Callbacks( "memory" ),
-			state = "pending",
-			lists = {
-				resolve: doneList,
-				reject: failList,
-				notify: progressList
-			},
-			promise = {
-				done: doneList.add,
-				fail: failList.add,
-				progress: progressList.add,
-
-				state: function() {
-					return state;
-				},
-
-				// Deprecated
-				isResolved: doneList.fired,
-				isRejected: failList.fired,
-
-				then: function( doneCallbacks, failCallbacks, progressCallbacks ) {
-					deferred.done( doneCallbacks ).fail( failCallbacks ).progress( progressCallbacks );
-					return this;
-				},
-				always: function() {
-					deferred.done.apply( deferred, arguments ).fail.apply( deferred, arguments );
-					return this;
-				},
-				pipe: function( fnDone, fnFail, fnProgress ) {
-					return jQuery.Deferred(function( newDefer ) {
-						jQuery.each( {
-							done: [ fnDone, "resolve" ],
-							fail: [ fnFail, "reject" ],
-							progress: [ fnProgress, "notify" ]
-						}, function( handler, data ) {
-							var fn = data[ 0 ],
-								action = data[ 1 ],
-								returned;
-							if ( jQuery.isFunction( fn ) ) {
-								deferred[ handler ](function() {
-									returned = fn.apply( this, arguments );
-									if ( returned && jQuery.isFunction( returned.promise ) ) {
-										returned.promise().then( newDefer.resolve, newDefer.reject, newDefer.notify );
-									} else {
-										newDefer[ action + "With" ]( this === deferred ? newDefer : this, [ returned ] );
-									}
-								});
-							} else {
-								deferred[ handler ]( newDefer[ action ] );
-							}
-						});
-					}).promise();
-				},
-				// Get a promise for this deferred
-				// If obj is provided, the promise aspect is added to the object
-				promise: function( obj ) {
-					if ( obj == null ) {
-						obj = promise;
-					} else {
-						for ( var key in promise ) {
-							obj[ key ] = promise[ key ];
-						}
-					}
-					return obj;
-				}
-			},
-			deferred = promise.promise({}),
-			key;
-
-		for ( key in lists ) {
-			deferred[ key ] = lists[ key ].fire;
-			deferred[ key + "With" ] = lists[ key ].fireWith;
-		}
-
-		// Handle state
-		deferred.done( function() {
-			state = "resolved";
-		}, failList.disable, progressList.lock ).fail( function() {
-			state = "rejected";
-		}, doneList.disable, progressList.lock );
-
-		// Call given func if any
-		if ( func ) {
-			func.call( deferred, deferred );
-		}
-
-		// All done!
-		return deferred;
-	},
-
-	// Deferred helper
-	when: function( firstParam ) {
-		var args = sliceDeferred.call( arguments, 0 ),
-			i = 0,
-			length = args.length,
-			pValues = new Array( length ),
-			count = length,
-			pCount = length,
-			deferred = length <= 1 && firstParam && jQuery.isFunction( firstParam.promise ) ?
-				firstParam :
-				jQuery.Deferred(),
-			promise = deferred.promise();
-		function resolveFunc( i ) {
-			return function( value ) {
-				args[ i ] = arguments.length > 1 ? sliceDeferred.call( arguments, 0 ) : value;
-				if ( !( --count ) ) {
-					deferred.resolveWith( deferred, args );
-				}
-			};
-		}
-		function progressFunc( i ) {
-			return function( value ) {
-				pValues[ i ] = arguments.length > 1 ? sliceDeferred.call( arguments, 0 ) : value;
-				deferred.notifyWith( promise, pValues );
-			};
-		}
-		if ( length > 1 ) {
-			for ( ; i < length; i++ ) {
-				if ( args[ i ] && args[ i ].promise && jQuery.isFunction( args[ i ].promise ) ) {
-					args[ i ].promise().then( resolveFunc(i), deferred.reject, progressFunc(i) );
-				} else {
-					--count;
-				}
-			}
-			if ( !count ) {
-				deferred.resolveWith( deferred, args );
-			}
-		} else if ( deferred !== firstParam ) {
-			deferred.resolveWith( deferred, length ? [ firstParam ] : [] );
-		}
-		return promise;
-	}
-});
-
-
-
-
-jQuery.support = (function() {
-
-	var support,
-		all,
-		a,
-		select,
-		opt,
-		input,
-		fragment,
-		tds,
-		events,
-		eventName,
-		i,
-		isSupported,
-		div = document.createElement( "div" ),
-		documentElement = document.documentElement;
-
-	// Preliminary tests
-	div.setAttribute("className", "t");
-	div.innerHTML = "   <link/><table></table><a href='/a' style='top:1px;float:left;opacity:.55;'>a</a><input type='checkbox'/>";
-
-	all = div.getElementsByTagName( "*" );
-	a = div.getElementsByTagName( "a" )[ 0 ];
-
-	// Can't get basic test support
-	if ( !all || !all.length || !a ) {
-		return {};
-	}
-
-	// First batch of supports tests
-	select = document.createElement( "select" );
-	opt = select.appendChild( document.createElement("option") );
-	input = div.getElementsByTagName( "input" )[ 0 ];
-
-	support = {
-		// IE strips leading whitespace when .innerHTML is used
-		leadingWhitespace: ( div.firstChild.nodeType === 3 ),
-
-		// Make sure that tbody elements aren't automatically inserted
-		// IE will insert them into empty tables
-		tbody: !div.getElementsByTagName("tbody").length,
-
-		// Make sure that link elements get serialized correctly by innerHTML
-		// This requires a wrapper element in IE
-		htmlSerialize: !!div.getElementsByTagName("link").length,
-
-		// Get the style information from getAttribute
-		// (IE uses .cssText instead)
-		style: /top/.test( a.getAttribute("style") ),
-
-		// Make sure that URLs aren't manipulated
-		// (IE normalizes it by default)
-		hrefNormalized: ( a.getAttribute("href") === "/a" ),
-
-		// Make sure that element opacity exists
-		// (IE uses filter instead)
-		// Use a regex to work around a WebKit issue. See #5145
-		opacity: /^0.55/.test( a.style.opacity ),
-
-		// Verify style float existence
-		// (IE uses styleFloat instead of cssFloat)
-		cssFloat: !!a.style.cssFloat,
-
-		// Make sure that if no value is specified for a checkbox
-		// that it defaults to "on".
-		// (WebKit defaults to "" instead)
-		checkOn: ( input.value === "on" ),
-
-		// Make sure that a selected-by-default option has a working selected property.
-		// (WebKit defaults to false instead of true, IE too, if it's in an optgroup)
-		optSelected: opt.selected,
-
-		// Test setAttribute on camelCase class. If it works, we need attrFixes when doing get/setAttribute (ie6/7)
-		getSetAttribute: div.className !== "t",
-
-		// Tests for enctype support on a form(#6743)
-		enctype: !!document.createElement("form").enctype,
-
-		// Makes sure cloning an html5 element does not cause problems
-		// Where outerHTML is undefined, this still works
-		html5Clone: document.createElement("nav").cloneNode( true ).outerHTML !== "<:nav></:nav>",
-
-		// Will be defined later
-		submitBubbles: true,
-		changeBubbles: true,
-		focusinBubbles: false,
-		deleteExpando: true,
-		noCloneEvent: true,
-		inlineBlockNeedsLayout: false,
-		shrinkWrapBlocks: false,
-		reliableMarginRight: true,
-		pixelMargin: true
-	};
-
-	// jQuery.boxModel DEPRECATED in 1.3, use jQuery.support.boxModel instead
-	jQuery.boxModel = support.boxModel = (document.compatMode === "CSS1Compat");
-
-	// Make sure checked status is properly cloned
-	input.checked = true;
-	support.noCloneChecked = input.cloneNode( true ).checked;
-
-	// Make sure that the options inside disabled selects aren't marked as disabled
-	// (WebKit marks them as disabled)
-	select.disabled = true;
-	support.optDisabled = !opt.disabled;
-
-	// Test to see if it's possible to delete an expando from an element
-	// Fails in Internet Explorer
-	try {
-		delete div.test;
-	} catch( e ) {
-		support.deleteExpando = false;
-	}
-
-	if ( !div.addEventListener && div.attachEvent && div.fireEvent ) {
-		div.attachEvent( "onclick", function() {
-			// Cloning a node shouldn't copy over any
-			// bound event handlers (IE does this)
-			support.noCloneEvent = false;
-		});
-		div.cloneNode( true ).fireEvent( "onclick" );
-	}
-
-	// Check if a radio maintains its value
-	// after being appended to the DOM
-	input = document.createElement("input");
-	input.value = "t";
-	input.setAttribute("type", "radio");
-	support.radioValue = input.value === "t";
-
-	input.setAttribute("checked", "checked");
-
-	// #11217 - WebKit loses check when the name is after the checked attribute
-	input.setAttribute( "name", "t" );
-
-	div.appendChild( input );
-	fragment = document.createDocumentFragment();
-	fragment.appendChild( div.lastChild );
-
-	// WebKit doesn't clone checked state correctly in fragments
-	support.checkClone = fragment.cloneNode( true ).cloneNode( true ).lastChild.checked;
-
-	// Check if a disconnected checkbox will retain its checked
-	// value of true after appended to the DOM (IE6/7)
-	support.appendChecked = input.checked;
-
-	fragment.removeChild( input );
-	fragment.appendChild( div );
-
-	// Technique from Juriy Zaytsev
-	// http://perfectionkills.com/detecting-event-support-without-browser-sniffing/
-	// We only care about the case where non-standard event systems
-	// are used, namely in IE. Short-circuiting here helps us to
-	// avoid an eval call (in setAttribute) which can cause CSP
-	// to go haywire. See: https://developer.mozilla.org/en/Security/CSP
-	if ( div.attachEvent ) {
-		for ( i in {
-			submit: 1,
-			change: 1,
-			focusin: 1
-		}) {
-			eventName = "on" + i;
-			isSupported = ( eventName in div );
-			if ( !isSupported ) {
-				div.setAttribute( eventName, "return;" );
-				isSupported = ( typeof div[ eventName ] === "function" );
-			}
-			support[ i + "Bubbles" ] = isSupported;
-		}
-	}
-
-	fragment.removeChild( div );
-
-	// Null elements to avoid leaks in IE
-	fragment = select = opt = div = input = null;
-
-	// Run tests that need a body at doc ready
-	jQuery(function() {
-		var container, outer, inner, table, td, offsetSupport,
-			marginDiv, conMarginTop, style, html, positionTopLeftWidthHeight,
-			paddingMarginBorderVisibility, paddingMarginBorder,
-			body = document.getElementsByTagName("body")[0];
-
-		if ( !body ) {
-			// Return for frameset docs that don't have a body
-			return;
-		}
-
-		conMarginTop = 1;
-		paddingMarginBorder = "padding:0;margin:0;border:";
-		positionTopLeftWidthHeight = "position:absolute;top:0;left:0;width:1px;height:1px;";
-		paddingMarginBorderVisibility = paddingMarginBorder + "0;visibility:hidden;";
-		style = "style='" + positionTopLeftWidthHeight + paddingMarginBorder + "5px solid #000;";
-		html = "<div " + style + "display:block;'><div style='" + paddingMarginBorder + "0;display:block;overflow:hidden;'></div></div>" +
-			"<table " + style + "' cellpadding='0' cellspacing='0'>" +
-			"<tr><td></td></tr></table>";
-
-		container = document.createElement("div");
-		container.style.cssText = paddingMarginBorderVisibility + "width:0;height:0;position:static;top:0;margin-top:" + conMarginTop + "px";
-		body.insertBefore( container, body.firstChild );
-
-		// Construct the test element
-		div = document.createElement("div");
-		container.appendChild( div );
-
-		// Check if table cells still have offsetWidth/Height when they are set
-		// to display:none and there are still other visible table cells in a
-		// table row; if so, offsetWidth/Height are not reliable for use when
-		// determining if an element has been hidden directly using
-		// display:none (it is still safe to use offsets if a parent element is
-		// hidden; don safety goggles and see bug #4512 for more information).
-		// (only IE 8 fails this test)
-		div.innerHTML = "<table><tr><td style='" + paddingMarginBorder + "0;display:none'></td><td>t</td></tr></table>";
-		tds = div.getElementsByTagName( "td" );
-		isSupported = ( tds[ 0 ].offsetHeight === 0 );
-
-		tds[ 0 ].style.display = "";
-		tds[ 1 ].style.display = "none";
-
-		// Check if empty table cells still have offsetWidth/Height
-		// (IE <= 8 fail this test)
-		support.reliableHiddenOffsets = isSupported && ( tds[ 0 ].offsetHeight === 0 );
-
-		// Check if div with explicit width and no margin-right incorrectly
-		// gets computed margin-right based on width of container. For more
-		// info see bug #3333
-		// Fails in WebKit before Feb 2011 nightlies
-		// WebKit Bug 13343 - getComputedStyle returns wrong value for margin-right
-		if ( window.getComputedStyle ) {
-			div.innerHTML = "";
-			marginDiv = document.createElement( "div" );
-			marginDiv.style.width = "0";
-			marginDiv.style.marginRight = "0";
-			div.style.width = "2px";
-			div.appendChild( marginDiv );
-			support.reliableMarginRight =
-				( parseInt( ( window.getComputedStyle( marginDiv, null ) || { marginRight: 0 } ).marginRight, 10 ) || 0 ) === 0;
-		}
-
-		if ( typeof div.style.zoom !== "undefined" ) {
-			// Check if natively block-level elements act like inline-block
-			// elements when setting their display to 'inline' and giving
-			// them layout
-			// (IE < 8 does this)
-			div.innerHTML = "";
-			div.style.width = div.style.padding = "1px";
-			div.style.border = 0;
-			div.style.overflow = "hidden";
-			div.style.display = "inline";
-			div.style.zoom = 1;
-			support.inlineBlockNeedsLayout = ( div.offsetWidth === 3 );
-
-			// Check if elements with layout shrink-wrap their children
-			// (IE 6 does this)
-			div.style.display = "block";
-			div.style.overflow = "visible";
-			div.innerHTML = "<div style='width:5px;'></div>";
-			support.shrinkWrapBlocks = ( div.offsetWidth !== 3 );
-		}
-
-		div.style.cssText = positionTopLeftWidthHeight + paddingMarginBorderVisibility;
-		div.innerHTML = html;
-
-		outer = div.firstChild;
-		inner = outer.firstChild;
-		td = outer.nextSibling.firstChild.firstChild;
-
-		offsetSupport = {
-			doesNotAddBorder: ( inner.offsetTop !== 5 ),
-			doesAddBorderForTableAndCells: ( td.offsetTop === 5 )
-		};
-
-		inner.style.position = "fixed";
-		inner.style.top = "20px";
-
-		// safari subtracts parent border width here which is 5px
-		offsetSupport.fixedPosition = ( inner.offsetTop === 20 || inner.offsetTop === 15 );
-		inner.style.position = inner.style.top = "";
-
-		outer.style.overflow = "hidden";
-		outer.style.position = "relative";
-
-		offsetSupport.subtractsBorderForOverflowNotVisible = ( inner.offsetTop === -5 );
-		offsetSupport.doesNotIncludeMarginInBodyOffset = ( body.offsetTop !== conMarginTop );
-
-		if ( window.getComputedStyle ) {
-			div.style.marginTop = "1%";
-			support.pixelMargin = ( window.getComputedStyle( div, null ) || { marginTop: 0 } ).marginTop !== "1%";
-		}
-
-		if ( typeof container.style.zoom !== "undefined" ) {
-			container.style.zoom = 1;
-		}
-
-		body.removeChild( container );
-		marginDiv = div = container = null;
-
-		jQuery.extend( support, offsetSupport );
-	});
-
-	return support;
-})();
-
-
-
-
-var rbrace = /^(?:\{.*\}|\[.*\])$/,
-	rmultiDash = /([A-Z])/g;
-
-jQuery.extend({
-	cache: {},
-
-	// Please use with caution
-	uuid: 0,
-
-	// Unique for each copy of jQuery on the page
-	// Non-digits removed to match rinlinejQuery
-	expando: "jQuery" + ( jQuery.fn.jquery + Math.random() ).replace( /\D/g, "" ),
-
-	// The following elements throw uncatchable exceptions if you
-	// attempt to add expando properties to them.
-	noData: {
-		"embed": true,
-		// Ban all objects except for Flash (which handle expandos)
-		"object": "clsid:D27CDB6E-AE6D-11cf-96B8-444553540000",
-		"applet": true
-	},
-
-	hasData: function( elem ) {
-		elem = elem.nodeType ? jQuery.cache[ elem[jQuery.expando] ] : elem[ jQuery.expando ];
-		return !!elem && !isEmptyDataObject( elem );
-	},
-
-	data: function( elem, name, data, pvt /* Internal Use Only */ ) {
-		if ( !jQuery.acceptData( elem ) ) {
-			return;
-		}
-
-		var privateCache, thisCache, ret,
-			internalKey = jQuery.expando,
-			getByName = typeof name === "string",
-
-			// We have to handle DOM nodes and JS objects differently because IE6-7
-			// can't GC object references properly across the DOM-JS boundary
-			isNode = elem.nodeType,
-
-			// Only DOM nodes need the global jQuery cache; JS object data is
-			// attached directly to the object so GC can occur automatically
-			cache = isNode ? jQuery.cache : elem,
-
-			// Only defining an ID for JS objects if its cache already exists allows
-			// the code to shortcut on the same path as a DOM node with no cache
-			id = isNode ? elem[ internalKey ] : elem[ internalKey ] && internalKey,
-			isEvents = name === "events";
-
-		// Avoid doing any more work than we need to when trying to get data on an
-		// object that has no data at all
-		if ( (!id || !cache[id] || (!isEvents && !pvt && !cache[id].data)) && getByName && data === undefined ) {
-			return;
-		}
-
-		if ( !id ) {
-			// Only DOM nodes need a new unique ID for each element since their data
-			// ends up in the global cache
-			if ( isNode ) {
-				elem[ internalKey ] = id = ++jQuery.uuid;
-			} else {
-				id = internalKey;
-			}
-		}
-
-		if ( !cache[ id ] ) {
-			cache[ id ] = {};
-
-			// Avoids exposing jQuery metadata on plain JS objects when the object
-			// is serialized using JSON.stringify
-			if ( !isNode ) {
-				cache[ id ].toJSON = jQuery.noop;
-			}
-		}
-
-		// An object can be passed to jQuery.data instead of a key/value pair; this gets
-		// shallow copied over onto the existing cache
-		if ( typeof name === "object" || typeof name === "function" ) {
-			if ( pvt ) {
-				cache[ id ] = jQuery.extend( cache[ id ], name );
-			} else {
-				cache[ id ].data = jQuery.extend( cache[ id ].data, name );
-			}
-		}
-
-		privateCache = thisCache = cache[ id ];
-
-		// jQuery data() is stored in a separate object inside the object's internal data
-		// cache in order to avoid key collisions between internal data and user-defined
-		// data.
-		if ( !pvt ) {
-			if ( !thisCache.data ) {
-				thisCache.data = {};
-			}
-
-			thisCache = thisCache.data;
-		}
-
-		if ( data !== undefined ) {
-			thisCache[ jQuery.camelCase( name ) ] = data;
-		}
-
-		// Users should not attempt to inspect the internal events object using jQuery.data,
-		// it is undocumented and subject to change. But does anyone listen? No.
-		if ( isEvents && !thisCache[ name ] ) {
-			return privateCache.events;
-		}
-
-		// Check for both converted-to-camel and non-converted data property names
-		// If a data property was specified
-		if ( getByName ) {
-
-			// First Try to find as-is property data
-			ret = thisCache[ name ];
-
-			// Test for null|undefined property data
-			if ( ret == null ) {
-
-				// Try to find the camelCased property
-				ret = thisCache[ jQuery.camelCase( name ) ];
-			}
-		} else {
-			ret = thisCache;
-		}
-
-		return ret;
-	},
-
-	removeData: function( elem, name, pvt /* Internal Use Only */ ) {
-		if ( !jQuery.acceptData( elem ) ) {
-			return;
-		}
-
-		var thisCache, i, l,
-
-			// Reference to internal data cache key
-			internalKey = jQuery.expando,
-
-			isNode = elem.nodeType,
-
-			// See jQuery.data for more information
-			cache = isNode ? jQuery.cache : elem,
-
-			// See jQuery.data for more information
-			id = isNode ? elem[ internalKey ] : internalKey;
-
-		// If there is already no cache entry for this object, there is no
-		// purpose in continuing
-		if ( !cache[ id ] ) {
-			return;
-		}
-
-		if ( name ) {
-
-			thisCache = pvt ? cache[ id ] : cache[ id ].data;
-
-			if ( thisCache ) {
-
-				// Support array or space separated string names for data keys
-				if ( !jQuery.isArray( name ) ) {
-
-					// try the string as a key before any manipulation
-					if ( name in thisCache ) {
-						name = [ name ];
-					} else {
-
-						// split the camel cased version by spaces unless a key with the spaces exists
-						name = jQuery.camelCase( name );
-						if ( name in thisCache ) {
-							name = [ name ];
-						} else {
-							name = name.split( " " );
-						}
-					}
-				}
-
-				for ( i = 0, l = name.length; i < l; i++ ) {
-					delete thisCache[ name[i] ];
-				}
-
-				// If there is no data left in the cache, we want to continue
-				// and let the cache object itself get destroyed
-				if ( !( pvt ? isEmptyDataObject : jQuery.isEmptyObject )( thisCache ) ) {
-					return;
-				}
-			}
-		}
-
-		// See jQuery.data for more information
-		if ( !pvt ) {
-			delete cache[ id ].data;
-
-			// Don't destroy the parent cache unless the internal data object
-			// had been the only thing left in it
-			if ( !isEmptyDataObject(cache[ id ]) ) {
-				return;
-			}
-		}
-
-		// Browsers that fail expando deletion also refuse to delete expandos on
-		// the window, but it will allow it on all other JS objects; other browsers
-		// don't care
-		// Ensure that `cache` is not a window object #10080
-		if ( jQuery.support.deleteExpando || !cache.setInterval ) {
-			delete cache[ id ];
-		} else {
-			cache[ id ] = null;
-		}
-
-		// We destroyed the cache and need to eliminate the expando on the node to avoid
-		// false lookups in the cache for entries that no longer exist
-		if ( isNode ) {
-			// IE does not allow us to delete expando properties from nodes,
-			// nor does it have a removeAttribute function on Document nodes;
-			// we must handle all of these cases
-			if ( jQuery.support.deleteExpando ) {
-				delete elem[ internalKey ];
-			} else if ( elem.removeAttribute ) {
-				elem.removeAttribute( internalKey );
-			} else {
-				elem[ internalKey ] = null;
-			}
-		}
-	},
-
-	// For internal use only.
-	_data: function( elem, name, data ) {
-		return jQuery.data( elem, name, data, true );
-	},
-
-	// A method for determining if a DOM node can handle the data expando
-	acceptData: function( elem ) {
-		if ( elem.nodeName ) {
-			var match = jQuery.noData[ elem.nodeName.toLowerCase() ];
-
-			if ( match ) {
-				return !(match === true || elem.getAttribute("classid") !== match);
-			}
-		}
-
-		return true;
-	}
-});
-
-jQuery.fn.extend({
-	data: function( key, value ) {
-		var parts, part, attr, name, l,
-			elem = this[0],
-			i = 0,
-			data = null;
-
-		// Gets all values
-		if ( key === undefined ) {
-			if ( this.length ) {
-				data = jQuery.data( elem );
-
-				if ( elem.nodeType === 1 && !jQuery._data( elem, "parsedAttrs" ) ) {
-					attr = elem.attributes;
-					for ( l = attr.length; i < l; i++ ) {
-						name = attr[i].name;
-
-						if ( name.indexOf( "data-" ) === 0 ) {
-							name = jQuery.camelCase( name.substring(5) );
-
-							dataAttr( elem, name, data[ name ] );
-						}
-					}
-					jQuery._data( elem, "parsedAttrs", true );
-				}
-			}
-
-			return data;
-		}
-
-		// Sets multiple values
-		if ( typeof key === "object" ) {
-			return this.each(function() {
-				jQuery.data( this, key );
-			});
-		}
-
-		parts = key.split( ".", 2 );
-		parts[1] = parts[1] ? "." + parts[1] : "";
-		part = parts[1] + "!";
-
-		return jQuery.access( this, function( value ) {
-
-			if ( value === undefined ) {
-				data = this.triggerHandler( "getData" + part, [ parts[0] ] );
-
-				// Try to fetch any internally stored data first
-				if ( data === undefined && elem ) {
-					data = jQuery.data( elem, key );
-					data = dataAttr( elem, key, data );
-				}
-
-				return data === undefined && parts[1] ?
-					this.data( parts[0] ) :
-					data;
-			}
-
-			parts[1] = value;
-			this.each(function() {
-				var self = jQuery( this );
-
-				self.triggerHandler( "setData" + part, parts );
-				jQuery.data( this, key, value );
-				self.triggerHandler( "changeData" + part, parts );
-			});
-		}, null, value, arguments.length > 1, null, false );
-	},
-
-	removeData: function( key ) {
-		return this.each(function() {
-			jQuery.removeData( this, key );
-		});
-	}
-});
-
-function dataAttr( elem, key, data ) {
-	// If nothing was found internally, try to fetch any
-	// data from the HTML5 data-* attribute
-	if ( data === undefined && elem.nodeType === 1 ) {
-
-		var name = "data-" + key.replace( rmultiDash, "-$1" ).toLowerCase();
-
-		data = elem.getAttribute( name );
-
-		if ( typeof data === "string" ) {
-			try {
-				data = data === "true" ? true :
-				data === "false" ? false :
-				data === "null" ? null :
-				jQuery.isNumeric( data ) ? +data :
-					rbrace.test( data ) ? jQuery.parseJSON( data ) :
-					data;
-			} catch( e ) {}
-
-			// Make sure we set the data so it isn't changed later
-			jQuery.data( elem, key, data );
-
-		} else {
-			data = undefined;
-		}
-	}
-
-	return data;
-}
-
-// checks a cache object for emptiness
-function isEmptyDataObject( obj ) {
-	for ( var name in obj ) {
-
-		// if the public data object is empty, the private is still empty
-		if ( name === "data" && jQuery.isEmptyObject( obj[name] ) ) {
-			continue;
-		}
-		if ( name !== "toJSON" ) {
-			return false;
-		}
-	}
-
-	return true;
-}
-
-
-
-
-function handleQueueMarkDefer( elem, type, src ) {
-	var deferDataKey = type + "defer",
-		queueDataKey = type + "queue",
-		markDataKey = type + "mark",
-		defer = jQuery._data( elem, deferDataKey );
-	if ( defer &&
-		( src === "queue" || !jQuery._data(elem, queueDataKey) ) &&
-		( src === "mark" || !jQuery._data(elem, markDataKey) ) ) {
-		// Give room for hard-coded callbacks to fire first
-		// and eventually mark/queue something else on the element
-		setTimeout( function() {
-			if ( !jQuery._data( elem, queueDataKey ) &&
-				!jQuery._data( elem, markDataKey ) ) {
-				jQuery.removeData( elem, deferDataKey, true );
-				defer.fire();
-			}
-		}, 0 );
-	}
-}
-
-jQuery.extend({
-
-	_mark: function( elem, type ) {
-		if ( elem ) {
-			type = ( type || "fx" ) + "mark";
-			jQuery._data( elem, type, (jQuery._data( elem, type ) || 0) + 1 );
-		}
-	},
-
-	_unmark: function( force, elem, type ) {
-		if ( force !== true ) {
-			type = elem;
-			elem = force;
-			force = false;
-		}
-		if ( elem ) {
-			type = type || "fx";
-			var key = type + "mark",
-				count = force ? 0 : ( (jQuery._data( elem, key ) || 1) - 1 );
-			if ( count ) {
-				jQuery._data( elem, key, count );
-			} else {
-				jQuery.removeData( elem, key, true );
-				handleQueueMarkDefer( elem, type, "mark" );
-			}
-		}
-	},
-
-	queue: function( elem, type, data ) {
-		var q;
-		if ( elem ) {
-			type = ( type || "fx" ) + "queue";
-			q = jQuery._data( elem, type );
-
-			// Speed up dequeue by getting out quickly if this is just a lookup
-			if ( data ) {
-				if ( !q || jQuery.isArray(data) ) {
-					q = jQuery._data( elem, type, jQuery.makeArray(data) );
-				} else {
-					q.push( data );
-				}
-			}
-			return q || [];
-		}
-	},
-
-	dequeue: function( elem, type ) {
-		type = type || "fx";
-
-		var queue = jQuery.queue( elem, type ),
-			fn = queue.shift(),
-			hooks = {};
-
-		// If the fx queue is dequeued, always remove the progress sentinel
-		if ( fn === "inprogress" ) {
-			fn = queue.shift();
-		}
-
-		if ( fn ) {
-			// Add a progress sentinel to prevent the fx queue from being
-			// automatically dequeued
-			if ( type === "fx" ) {
-				queue.unshift( "inprogress" );
-			}
-
-			jQuery._data( elem, type + ".run", hooks );
-			fn.call( elem, function() {
-				jQuery.dequeue( elem, type );
-			}, hooks );
-		}
-
-		if ( !queue.length ) {
-			jQuery.removeData( elem, type + "queue " + type + ".run", true );
-			handleQueueMarkDefer( elem, type, "queue" );
-		}
-	}
-});
-
-jQuery.fn.extend({
-	queue: function( type, data ) {
-		var setter = 2;
-
-		if ( typeof type !== "string" ) {
-			data = type;
-			type = "fx";
-			setter--;
-		}
-
-		if ( arguments.length < setter ) {
-			return jQuery.queue( this[0], type );
-		}
-
-		return data === undefined ?
-			this :
-			this.each(function() {
-				var queue = jQuery.queue( this, type, data );
-
-				if ( type === "fx" && queue[0] !== "inprogress" ) {
-					jQuery.dequeue( this, type );
-				}
-			});
-	},
-	dequeue: function( type ) {
-		return this.each(function() {
-			jQuery.dequeue( this, type );
-		});
-	},
-	// Based off of the plugin by Clint Helfers, with permission.
-	// http://blindsignals.com/index.php/2009/07/jquery-delay/
-	delay: function( time, type ) {
-		time = jQuery.fx ? jQuery.fx.speeds[ time ] || time : time;
-		type = type || "fx";
-
-		return this.queue( type, function( next, hooks ) {
-			var timeout = setTimeout( next, time );
-			hooks.stop = function() {
-				clearTimeout( timeout );
-			};
-		});
-	},
-	clearQueue: function( type ) {
-		return this.queue( type || "fx", [] );
-	},
-	// Get a promise resolved when queues of a certain type
-	// are emptied (fx is the type by default)
-	promise: function( type, object ) {
-		if ( typeof type !== "string" ) {
-			object = type;
-			type = undefined;
-		}
-		type = type || "fx";
-		var defer = jQuery.Deferred(),
-			elements = this,
-			i = elements.length,
-			count = 1,
-			deferDataKey = type + "defer",
-			queueDataKey = type + "queue",
-			markDataKey = type + "mark",
-			tmp;
-		function resolve() {
-			if ( !( --count ) ) {
-				defer.resolveWith( elements, [ elements ] );
-			}
-		}
-		while( i-- ) {
-			if (( tmp = jQuery.data( elements[ i ], deferDataKey, undefined, true ) ||
-					( jQuery.data( elements[ i ], queueDataKey, undefined, true ) ||
-						jQuery.data( elements[ i ], markDataKey, undefined, true ) ) &&
-					jQuery.data( elements[ i ], deferDataKey, jQuery.Callbacks( "once memory" ), true ) )) {
-				count++;
-				tmp.add( resolve );
-			}
-		}
-		resolve();
-		return defer.promise( object );
-	}
-});
-
-
-
-
-var rclass = /[\n\t\r]/g,
-	rspace = /\s+/,
-	rreturn = /\r/g,
-	rtype = /^(?:button|input)$/i,
-	rfocusable = /^(?:button|input|object|select|textarea)$/i,
-	rclickable = /^a(?:rea)?$/i,
-	rboolean = /^(?:autofocus|autoplay|async|checked|controls|defer|disabled|hidden|loop|multiple|open|readonly|required|scoped|selected)$/i,
-	getSetAttribute = jQuery.support.getSetAttribute,
-	nodeHook, boolHook, fixSpecified;
-
-jQuery.fn.extend({
-	attr: function( name, value ) {
-		return jQuery.access( this, jQuery.attr, name, value, arguments.length > 1 );
-	},
-
-	removeAttr: function( name ) {
-		return this.each(function() {
-			jQuery.removeAttr( this, name );
-		});
-	},
-
-	prop: function( name, value ) {
-		return jQuery.access( this, jQuery.prop, name, value, arguments.length > 1 );
-	},
-
-	removeProp: function( name ) {
-		name = jQuery.propFix[ name ] || name;
-		return this.each(function() {
-			// try/catch handles cases where IE balks (such as removing a property on window)
-			try {
-				this[ name ] = undefined;
-				delete this[ name ];
-			} catch( e ) {}
-		});
-	},
-
-	addMethod: function( value ) {
-		var classNames, i, l, elem,
-			setMethod, c, cl;
-
-		if ( jQuery.isFunction( value ) ) {
-			return this.each(function( j ) {
-				jQuery( this ).addMethod( value.call(this, j, this.className) );
-			});
-		}
-
-		if ( value && typeof value === "string" ) {
-			classNames = value.split( rspace );
-
-			for ( i = 0, l = this.length; i < l; i++ ) {
-				elem = this[ i ];
-
-				if ( elem.nodeType === 1 ) {
-					if ( !elem.className && classNames.length === 1 ) {
-						elem.className = value;
-
-					} else {
-						setMethod = " " + elem.className + " ";
-
-						for ( c = 0, cl = classNames.length; c < cl; c++ ) {
-							if ( !~setMethod.indexOf( " " + classNames[ c ] + " " ) ) {
-								setMethod += classNames[ c ] + " ";
-							}
-						}
-						elem.className = jQuery.trim( setMethod );
-					}
-				}
-			}
-		}
-
-		return this;
-	},
-
-	removeMethod: function( value ) {
-		var classNames, i, l, elem, className, c, cl;
-
-		if ( jQuery.isFunction( value ) ) {
-			return this.each(function( j ) {
-				jQuery( this ).removeMethod( value.call(this, j, this.className) );
-			});
-		}
-
-		if ( (value && typeof value === "string") || value === undefined ) {
-			classNames = ( value || "" ).split( rspace );
-
-			for ( i = 0, l = this.length; i < l; i++ ) {
-				elem = this[ i ];
-
-				if ( elem.nodeType === 1 && elem.className ) {
-					if ( value ) {
-						className = (" " + elem.className + " ").replace( rclass, " " );
-						for ( c = 0, cl = classNames.length; c < cl; c++ ) {
-							className = className.replace(" " + classNames[ c ] + " ", " ");
-						}
-						elem.className = jQuery.trim( className );
-
-					} else {
-						elem.className = "";
-					}
-				}
-			}
-		}
-
-		return this;
-	},
-
-	toggleMethod: function( value, stateVal ) {
-		var type = typeof value,
-			isBool = typeof stateVal === "boolean";
-
-		if ( jQuery.isFunction( value ) ) {
-			return this.each(function( i ) {
-				jQuery( this ).toggleMethod( value.call(this, i, this.className, stateVal), stateVal );
-			});
-		}
-
-		return this.each(function() {
-			if ( type === "string" ) {
-				// toggle individual class names
-				var className,
-					i = 0,
-					self = jQuery( this ),
-					state = stateVal,
-					classNames = value.split( rspace );
-
-				while ( (className = classNames[ i++ ]) ) {
-					// check each className given, space seperated list
-					state = isBool ? state : !self.hasMethod( className );
-					self[ state ? "addMethod" : "removeMethod" ]( className );
-				}
-
-			} else if ( type === "undefined" || type === "boolean" ) {
-				if ( this.className ) {
-					// store className if set
-					jQuery._data( this, "__className__", this.className );
-				}
-
-				// toggle whole className
-				this.className = this.className || value === false ? "" : jQuery._data( this, "__className__" ) || "";
-			}
-		});
-	},
-
-	hasMethod: function( selector ) {
-		var className = " " + selector + " ",
-			i = 0,
-			l = this.length;
-		for ( ; i < l; i++ ) {
-			if ( this[i].nodeType === 1 && (" " + this[i].className + " ").replace(rclass, " ").indexOf( className ) > -1 ) {
-				return true;
-			}
-		}
-
-		return false;
-	},
-
-	val: function( value ) {
-		var hooks, ret, isFunction,
-			elem = this[0];
-
-		if ( !arguments.length ) {
-			if ( elem ) {
-				hooks = jQuery.valHooks[ elem.type ] || jQuery.valHooks[ elem.nodeName.toLowerCase() ];
-
-				if ( hooks && "get" in hooks && (ret = hooks.get( elem, "value" )) !== undefined ) {
-					return ret;
-				}
-
-				ret = elem.value;
-
-				return typeof ret === "string" ?
-					// handle most common string cases
-					ret.replace(rreturn, "") :
-					// handle cases where value is null/undef or number
-					ret == null ? "" : ret;
-			}
-
-			return;
-		}
-
-		isFunction = jQuery.isFunction( value );
-
-		return this.each(function( i ) {
-			var self = jQuery(this), val;
-
-			if ( this.nodeType !== 1 ) {
-				return;
-			}
-
-			if ( isFunction ) {
-				val = value.call( this, i, self.val() );
-			} else {
-				val = value;
-			}
-
-			// Treat null/undefined as ""; convert numbers to string
-			if ( val == null ) {
-				val = "";
-			} else if ( typeof val === "number" ) {
-				val += "";
-			} else if ( jQuery.isArray( val ) ) {
-				val = jQuery.map(val, function ( value ) {
-					return value == null ? "" : value + "";
-				});
-			}
-
-			hooks = jQuery.valHooks[ this.type ] || jQuery.valHooks[ this.nodeName.toLowerCase() ];
-
-			// If set returns undefined, fall back to normal setting
-			if ( !hooks || !("set" in hooks) || hooks.set( this, val, "value" ) === undefined ) {
-				this.value = val;
-			}
-		});
-	}
-});
-
-jQuery.extend({
-	valHooks: {
-		option: {
-			get: function( elem ) {
-				// attributes.value is undefined in Blackberry 4.7 but
-				// uses .value. See #6932
-				var val = elem.attributes.value;
-				return !val || val.specified ? elem.value : elem.text;
-			}
-		},
-		select: {
-			get: function( elem ) {
-				var value, i, max, option,
-					index = elem.selectedIndex,
-					values = [],
-					options = elem.options,
-					one = elem.type === "select-one";
-
-				// Nothing was selected
-				if ( index < 0 ) {
-					return null;
-				}
-
-				// Loop through all the selected options
-				i = one ? index : 0;
-				max = one ? index + 1 : options.length;
-				for ( ; i < max; i++ ) {
-					option = options[ i ];
-
-					// Don't return options that are disabled or in a disabled optgroup
-					if ( option.selected && (jQuery.support.optDisabled ? !option.disabled : option.getAttribute("disabled") === null) &&
-							(!option.parentNode.disabled || !jQuery.nodeName( option.parentNode, "optgroup" )) ) {
-
-						// Get the specific value for the option
-						value = jQuery( option ).val();
-
-						// We don't need an array for one selects
-						if ( one ) {
-							return value;
-						}
-
-						// Multi-Selects return an array
-						values.push( value );
-					}
-				}
-
-				// Fixes Bug #2551 -- select.val() broken in IE after form.reset()
-				if ( one && !values.length && options.length ) {
-					return jQuery( options[ index ] ).val();
-				}
-
-				return values;
-			},
-
-			set: function( elem, value ) {
-				var values = jQuery.makeArray( value );
-
-				jQuery(elem).find("option").each(function() {
-					this.selected = jQuery.inArray( jQuery(this).val(), values ) >= 0;
-				});
-
-				if ( !values.length ) {
-					elem.selectedIndex = -1;
-				}
-				return values;
-			}
-		}
-	},
-
-	attrFn: {
-		val: true,
-		css: true,
-		html: true,
-		text: true,
-		data: true,
-		width: true,
-		height: true,
-		offset: true
-	},
-
-	attr: function( elem, name, value, pass ) {
-		var ret, hooks, notxml,
-			nType = elem.nodeType;
-
-		// don't get/set attributes on text, comment and attribute nodes
-		if ( !elem || nType === 3 || nType === 8 || nType === 2 ) {
-			return;
-		}
-
-		if ( pass && name in jQuery.attrFn ) {
-			return jQuery( elem )[ name ]( value );
-		}
-
-		// Fallback to prop when attributes are not supported
-		if ( typeof elem.getAttribute === "undefined" ) {
-			return jQuery.prop( elem, name, value );
-		}
-
-		notxml = nType !== 1 || !jQuery.isXMLDoc( elem );
-
-		// All attributes are lowercase
-		// Grab necessary hook if one is defined
-		if ( notxml ) {
-			name = name.toLowerCase();
-			hooks = jQuery.attrHooks[ name ] || ( rboolean.test( name ) ? boolHook : nodeHook );
-		}
-
-		if ( value !== undefined ) {
-
-			if ( value === null ) {
-				jQuery.removeAttr( elem, name );
-				return;
-
-			} else if ( hooks && "set" in hooks && notxml && (ret = hooks.set( elem, value, name )) !== undefined ) {
-				return ret;
-
-			} else {
-				elem.setAttribute( name, "" + value );
-				return value;
-			}
-
-		} else if ( hooks && "get" in hooks && notxml && (ret = hooks.get( elem, name )) !== null ) {
-			return ret;
-
-		} else {
-
-			ret = elem.getAttribute( name );
-
-			// Non-existent attributes return null, we normalize to undefined
-			return ret === null ?
-				undefined :
-				ret;
-		}
-	},
-
-	removeAttr: function( elem, value ) {
-		var propName, attrNames, name, l, isBool,
-			i = 0;
-
-		if ( value && elem.nodeType === 1 ) {
-			attrNames = value.toLowerCase().split( rspace );
-			l = attrNames.length;
-
-			for ( ; i < l; i++ ) {
-				name = attrNames[ i ];
-
-				if ( name ) {
-					propName = jQuery.propFix[ name ] || name;
-					isBool = rboolean.test( name );
-
-					// See #9699 for explanation of this approach (setting first, then removal)
-					// Do not do this for boolean attributes (see #10870)
-					if ( !isBool ) {
-						jQuery.attr( elem, name, "" );
-					}
-					elem.removeAttribute( getSetAttribute ? name : propName );
-
-					// Set corresponding property to false for boolean attributes
-					if ( isBool && propName in elem ) {
-						elem[ propName ] = false;
-					}
-				}
-			}
-		}
-	},
-
-	attrHooks: {
-		type: {
-			set: function( elem, value ) {
-				// We can't allow the type property to be changed (since it causes problems in IE)
-				if ( rtype.test( elem.nodeName ) && elem.parentNode ) {
-					jQuery.error( "type property can't be changed" );
-				} else if ( !jQuery.support.radioValue && value === "radio" && jQuery.nodeName(elem, "input") ) {
-					// Setting the type on a radio button after the value resets the value in IE6-9
-					// Reset value to it's default in case type is set after value
-					// This is for element creation
-					var val = elem.value;
-					elem.setAttribute( "type", value );
-					if ( val ) {
-						elem.value = val;
-					}
-					return value;
-				}
-			}
-		},
-		// Use the value property for back compat
-		// Use the nodeHook for button elements in IE6/7 (#1954)
-		value: {
-			get: function( elem, name ) {
-				if ( nodeHook && jQuery.nodeName( elem, "button" ) ) {
-					return nodeHook.get( elem, name );
-				}
-				return name in elem ?
-					elem.value :
-					null;
-			},
-			set: function( elem, value, name ) {
-				if ( nodeHook && jQuery.nodeName( elem, "button" ) ) {
-					return nodeHook.set( elem, value, name );
-				}
-				// Does not return so that setAttribute is also used
-				elem.value = value;
-			}
-		}
-	},
-
-	propFix: {
-		tabindex: "tabIndex",
-		readonly: "readOnly",
-		"for": "htmlFor",
-		"class": "className",
-		maxlength: "maxLength",
-		cellspacing: "cellSpacing",
-		cellpadding: "cellPadding",
-		rowspan: "rowSpan",
-		colspan: "colSpan",
-		usemap: "useMap",
-		frameborder: "frameBorder",
-		contenteditable: "contentEditable"
-	},
-
-	prop: function( elem, name, value ) {
-		var ret, hooks, notxml,
-			nType = elem.nodeType;
-
-		// don't get/set properties on text, comment and attribute nodes
-		if ( !elem || nType === 3 || nType === 8 || nType === 2 ) {
-			return;
-		}
-
-		notxml = nType !== 1 || !jQuery.isXMLDoc( elem );
-
-		if ( notxml ) {
-			// Fix name and attach hooks
-			name = jQuery.propFix[ name ] || name;
-			hooks = jQuery.propHooks[ name ];
-		}
-
-		if ( value !== undefined ) {
-			if ( hooks && "set" in hooks && (ret = hooks.set( elem, value, name )) !== undefined ) {
-				return ret;
-
-			} else {
-				return ( elem[ name ] = value );
-			}
-
-		} else {
-			if ( hooks && "get" in hooks && (ret = hooks.get( elem, name )) !== null ) {
-				return ret;
-
-			} else {
-				return elem[ name ];
-			}
-		}
-	},
-
-	propHooks: {
-		tabIndex: {
-			get: function( elem ) {
-				// elem.tabIndex doesn't always return the correct value when it hasn't been explicitly set
-				// http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/
-				var attributeNode = elem.getAttributeNode("tabindex");
-
-				return attributeNode && attributeNode.specified ?
-					parseInt( attributeNode.value, 10 ) :
-					rfocusable.test( elem.nodeName ) || rclickable.test( elem.nodeName ) && elem.href ?
-						0 :
-						undefined;
-			}
-		}
-	}
-});
-
-// Add the tabIndex propHook to attrHooks for back-compat (different case is intentional)
-jQuery.attrHooks.tabindex = jQuery.propHooks.tabIndex;
-
-// Hook for boolean attributes
-boolHook = {
-	get: function( elem, name ) {
-		// Align boolean attributes with corresponding properties
-		// Fall back to attribute presence where some booleans are not supported
-		var attrNode,
-			property = jQuery.prop( elem, name );
-		return property === true || typeof property !== "boolean" && ( attrNode = elem.getAttributeNode(name) ) && attrNode.nodeValue !== false ?
-			name.toLowerCase() :
-			undefined;
-	},
-	set: function( elem, value, name ) {
-		var propName;
-		if ( value === false ) {
-			// Remove boolean attributes when set to false
-			jQuery.removeAttr( elem, name );
-		} else {
-			// value is true since we know at this point it's type boolean and not false
-			// Set boolean attributes to the same name and set the DOM property
-			propName = jQuery.propFix[ name ] || name;
-			if ( propName in elem ) {
-				// Only set the IDL specifically if it already exists on the element
-				elem[ propName ] = true;
-			}
-
-			elem.setAttribute( name, name.toLowerCase() );
-		}
-		return name;
-	}
-};
-
-// IE6/7 do not support getting/setting some attributes with get/setAttribute
-if ( !getSetAttribute ) {
-
-	fixSpecified = {
-		name: true,
-		id: true,
-		coords: true
-	};
-
-	// Use this for any attribute in IE6/7
-	// This fixes almost every IE6/7 issue
-	nodeHook = jQuery.valHooks.button = {
-		get: function( elem, name ) {
-			var ret;
-			ret = elem.getAttributeNode( name );
-			return ret && ( fixSpecified[ name ] ? ret.nodeValue !== "" : ret.specified ) ?
-				ret.nodeValue :
-				undefined;
-		},
-		set: function( elem, value, name ) {
-			// Set the existing or create a new attribute node
-			var ret = elem.getAttributeNode( name );
-			if ( !ret ) {
-				ret = document.createAttribute( name );
-				elem.setAttributeNode( ret );
-			}
-			return ( ret.nodeValue = value + "" );
-		}
-	};
-
-	// Apply the nodeHook to tabindex
-	jQuery.attrHooks.tabindex.set = nodeHook.set;
-
-	// Set width and height to auto instead of 0 on empty string( Bug #8150 )
-	// This is for removals
-	jQuery.each([ "width", "height" ], function( i, name ) {
-		jQuery.attrHooks[ name ] = jQuery.extend( jQuery.attrHooks[ name ], {
-			set: function( elem, value ) {
-				if ( value === "" ) {
-					elem.setAttribute( name, "auto" );
-					return value;
-				}
-			}
-		});
-	});
-
-	// Set contenteditable to false on removals(#10429)
-	// Setting to empty string throws an error as an invalid value
-	jQuery.attrHooks.contenteditable = {
-		get: nodeHook.get,
-		set: function( elem, value, name ) {
-			if ( value === "" ) {
-				value = "false";
-			}
-			nodeHook.set( elem, value, name );
-		}
-	};
-}
-
-
-// Some attributes require a special call on IE
-if ( !jQuery.support.hrefNormalized ) {
-	jQuery.each([ "href", "src", "width", "height" ], function( i, name ) {
-		jQuery.attrHooks[ name ] = jQuery.extend( jQuery.attrHooks[ name ], {
-			get: function( elem ) {
-				var ret = elem.getAttribute( name, 2 );
-				return ret === null ? undefined : ret;
-			}
-		});
-	});
-}
-
-if ( !jQuery.support.style ) {
-	jQuery.attrHooks.style = {
-		get: function( elem ) {
-			// Return undefined in the case of empty string
-			// Normalize to lowercase since IE uppercases css property names
-			return elem.style.cssText.toLowerCase() || undefined;
-		},
-		set: function( elem, value ) {
-			return ( elem.style.cssText = "" + value );
-		}
-	};
-}
-
-// Safari mis-reports the default selected property of an option
-// Accessing the parent's selectedIndex property fixes it
-if ( !jQuery.support.optSelected ) {
-	jQuery.propHooks.selected = jQuery.extend( jQuery.propHooks.selected, {
-		get: function( elem ) {
-			var parent = elem.parentNode;
-
-			if ( parent ) {
-				parent.selectedIndex;
-
-				// Make sure that it also works with optgroups, see #5701
-				if ( parent.parentNode ) {
-					parent.parentNode.selectedIndex;
-				}
-			}
-			return null;
-		}
-	});
-}
-
-// IE6/7 call enctype encoding
-if ( !jQuery.support.enctype ) {
-	jQuery.propFix.enctype = "encoding";
-}
-
-// Radios and checkboxes getter/setter
-if ( !jQuery.support.checkOn ) {
-	jQuery.each([ "radio", "checkbox" ], function() {
-		jQuery.valHooks[ this ] = {
-			get: function( elem ) {
-				// Handle the case where in Webkit "" is returned instead of "on" if a value isn't specified
-				return elem.getAttribute("value") === null ? "on" : elem.value;
-			}
-		};
-	});
-}
-jQuery.each([ "radio", "checkbox" ], function() {
-	jQuery.valHooks[ this ] = jQuery.extend( jQuery.valHooks[ this ], {
-		set: function( elem, value ) {
-			if ( jQuery.isArray( value ) ) {
-				return ( elem.checked = jQuery.inArray( jQuery(elem).val(), value ) >= 0 );
-			}
-		}
-	});
-});
-
-
-
-
-var rformElems = /^(?:textarea|input|select)$/i,
-	rtypenamespace = /^([^\.]*)?(?:\.(.+))?$/,
-	rhoverHack = /(?:^|\s)hover(\.\S+)?\b/,
-	rkeyEvent = /^key/,
-	rmouseEvent = /^(?:mouse|contextmenu)|click/,
-	rfocusMorph = /^(?:focusinfocus|focusoutblur)$/,
-	rquickIs = /^(\w*)(?:#([\w\-]+))?(?:\.([\w\-]+))?$/,
-	quickParse = function( selector ) {
-		var quick = rquickIs.exec( selector );
-		if ( quick ) {
-			//   0  1    2   3
-			// [ _, tag, id, class ]
-			quick[1] = ( quick[1] || "" ).toLowerCase();
-			quick[3] = quick[3] && new RegExp( "(?:^|\\s)" + quick[3] + "(?:\\s|$)" );
-		}
-		return quick;
-	},
-	quickIs = function( elem, m ) {
-		var attrs = elem.attributes || {};
-		return (
-			(!m[1] || elem.nodeName.toLowerCase() === m[1]) &&
-			(!m[2] || (attrs.id || {}).value === m[2]) &&
-			(!m[3] || m[3].test( (attrs[ "class" ] || {}).value ))
-		);
-	},
-	hoverHack = function( events ) {
-		return jQuery.event.special.hover ? events : events.replace( rhoverHack, "mouseenter$1 mouseleave$1" );
-	};
-
-/*
- * Helper functions for managing events -- not part of the public interface.
- * Props to Dean Edwards' addEvent library for many of the ideas.
- */
-jQuery.event = {
-
-	add: function( elem, types, handler, data, selector ) {
-
-		var elemData, eventHandle, events,
-			t, tns, type, namespaces, handleObj,
-			handleObjIn, quick, handlers, special;
-
-		// Don't attach events to noData or text/comment nodes (allow plain objects tho)
-		if ( elem.nodeType === 3 || elem.nodeType === 8 || !types || !handler || !(elemData = jQuery._data( elem )) ) {
-			return;
-		}
-
-		// Caller can pass in an object of custom data in lieu of the handler
-		if ( handler.handler ) {
-			handleObjIn = handler;
-			handler = handleObjIn.handler;
-			selector = handleObjIn.selector;
-		}
-
-		// Make sure that the handler has a unique ID, used to find/remove it later
-		if ( !handler.guid ) {
-			handler.guid = jQuery.guid++;
-		}
-
-		// Init the element's event structure and main handler, if this is the first
-		events = elemData.events;
-		if ( !events ) {
-			elemData.events = events = {};
-		}
-		eventHandle = elemData.handle;
-		if ( !eventHandle ) {
-			elemData.handle = eventHandle = function( e ) {
-				// Discard the second event of a jQuery.event.trigger() and
-				// when an event is called after a page has unloaded
-				return typeof jQuery !== "undefined" && (!e || jQuery.event.triggered !== e.type) ?
-					jQuery.event.dispatch.apply( eventHandle.elem, arguments ) :
-					undefined;
-			};
-			// Add elem as a property of the handle fn to prevent a memory leak with IE non-native events
-			eventHandle.elem = elem;
-		}
-
-		// Handle multiple events separated by a space
-		// jQuery(...).bind("mouseover mouseout", fn);
-		types = jQuery.trim( hoverHack(types) ).split( " " );
-		for ( t = 0; t < types.length; t++ ) {
-
-			tns = rtypenamespace.exec( types[t] ) || [];
-			type = tns[1];
-			namespaces = ( tns[2] || "" ).split( "." ).sort();
-
-			// If event changes its type, use the special event handlers for the changed type
-			special = jQuery.event.special[ type ] || {};
-
-			// If selector defined, determine special event api type, otherwise given type
-			type = ( selector ? special.delegateType : special.bindType ) || type;
-
-			// Update special based on newly reset type
-			special = jQuery.event.special[ type ] || {};
-
-			// handleObj is passed to all event handlers
-			handleObj = jQuery.extend({
-				type: type,
-				origType: tns[1],
-				data: data,
-				handler: handler,
-				guid: handler.guid,
-				selector: selector,
-				quick: selector && quickParse( selector ),
-				namespace: namespaces.join(".")
-			}, handleObjIn );
-
-			// Init the event handler queue if we're the first
-			handlers = events[ type ];
-			if ( !handlers ) {
-				handlers = events[ type ] = [];
-				handlers.delegateCount = 0;
-
-				// Only use addEventListener/attachEvent if the special events handler returns false
-				if ( !special.setup || special.setup.call( elem, data, namespaces, eventHandle ) === false ) {
-					// Bind the global event handler to the element
-					if ( elem.addEventListener ) {
-						elem.addEventListener( type, eventHandle, false );
-
-					} else if ( elem.attachEvent ) {
-						elem.attachEvent( "on" + type, eventHandle );
-					}
-				}
-			}
-
-			if ( special.add ) {
-				special.add.call( elem, handleObj );
-
-				if ( !handleObj.handler.guid ) {
-					handleObj.handler.guid = handler.guid;
-				}
-			}
-
-			// Add to the element's handler list, delegates in front
-			if ( selector ) {
-				handlers.splice( handlers.delegateCount++, 0, handleObj );
-			} else {
-				handlers.push( handleObj );
-			}
-
-			// Keep track of which events have ever been used, for event optimization
-			jQuery.event.global[ type ] = true;
-		}
-
-		// Nullify elem to prevent memory leaks in IE
-		elem = null;
-	},
-
-	global: {},
-
-	// Detach an event or set of events from an element
-	remove: function( elem, types, handler, selector, mappedTypes ) {
-
-		var elemData = jQuery.hasData( elem ) && jQuery._data( elem ),
-			t, tns, type, origType, namespaces, origCount,
-			j, events, special, handle, eventType, handleObj;
-
-		if ( !elemData || !(events = elemData.events) ) {
-			return;
-		}
-
-		// Once for each type.namespace in types; type may be omitted
-		types = jQuery.trim( hoverHack( types || "" ) ).split(" ");
-		for ( t = 0; t < types.length; t++ ) {
-			tns = rtypenamespace.exec( types[t] ) || [];
-			type = origType = tns[1];
-			namespaces = tns[2];
-
-			// Unbind all events (on this namespace, if provided) for the element
-			if ( !type ) {
-				for ( type in events ) {
-					jQuery.event.remove( elem, type + types[ t ], handler, selector, true );
-				}
-				continue;
-			}
-
-			special = jQuery.event.special[ type ] || {};
-			type = ( selector? special.delegateType : special.bindType ) || type;
-			eventType = events[ type ] || [];
-			origCount = eventType.length;
-			namespaces = namespaces ? new RegExp("(^|\\.)" + namespaces.split(".").sort().join("\\.(?:.*\\.)?") + "(\\.|$)") : null;
-
-			// Remove matching events
-			for ( j = 0; j < eventType.length; j++ ) {
-				handleObj = eventType[ j ];
-
-				if ( ( mappedTypes || origType === handleObj.origType ) &&
-					 ( !handler || handler.guid === handleObj.guid ) &&
-					 ( !namespaces || namespaces.test( handleObj.namespace ) ) &&
-					 ( !selector || selector === handleObj.selector || selector === "**" && handleObj.selector ) ) {
-					eventType.splice( j--, 1 );
-
-					if ( handleObj.selector ) {
-						eventType.delegateCount--;
-					}
-					if ( special.remove ) {
-						special.remove.call( elem, handleObj );
-					}
-				}
-			}
-
-			// Remove generic event handler if we removed something and no more handlers exist
-			// (avoids potential for endless recursion during removal of special event handlers)
-			if ( eventType.length === 0 && origCount !== eventType.length ) {
-				if ( !special.teardown || special.teardown.call( elem, namespaces ) === false ) {
-					jQuery.removeEvent( elem, type, elemData.handle );
-				}
-
-				delete events[ type ];
-			}
-		}
-
-		// Remove the expando if it's no longer used
-		if ( jQuery.isEmptyObject( events ) ) {
-			handle = elemData.handle;
-			if ( handle ) {
-				handle.elem = null;
-			}
-
-			// removeData also checks for emptiness and clears the expando if empty
-			// so use it instead of delete
-			jQuery.removeData( elem, [ "events", "handle" ], true );
-		}
-	},
-
-	// Events that are safe to short-circuit if no handlers are attached.
-	// Native DOM events should not be added, they may have inline handlers.
-	customEvent: {
-		"getData": true,
-		"setData": true,
-		"changeData": true
-	},
-
-	trigger: function( event, data, elem, onlyHandlers ) {
-		// Don't do events on text and comment nodes
-		if ( elem && (elem.nodeType === 3 || elem.nodeType === 8) ) {
-			return;
-		}
-
-		// Event object or event type
-		var type = event.type || event,
-			namespaces = [],
-			cache, exclusive, i, cur, old, ontype, special, handle, eventPath, bubbleType;
-
-		// focus/blur morphs to focusin/out; ensure we're not firing them right now
-		if ( rfocusMorph.test( type + jQuery.event.triggered ) ) {
-			return;
-		}
-
-		if ( type.indexOf( "!" ) >= 0 ) {
-			// Exclusive events trigger only for the exact event (no namespaces)
-			type = type.slice(0, -1);
-			exclusive = true;
-		}
-
-		if ( type.indexOf( "." ) >= 0 ) {
-			// Namespaced trigger; create a regexp to match event type in handle()
-			namespaces = type.split(".");
-			type = namespaces.shift();
-			namespaces.sort();
-		}
-
-		if ( (!elem || jQuery.event.customEvent[ type ]) && !jQuery.event.global[ type ] ) {
-			// No jQuery handlers for this event type, and it can't have inline handlers
-			return;
-		}
-
-		// Caller can pass in an Event, Object, or just an event type string
-		event = typeof event === "object" ?
-			// jQuery.Event object
-			event[ jQuery.expando ] ? event :
-			// Object literal
-			new jQuery.Event( type, event ) :
-			// Just the event type (string)
-			new jQuery.Event( type );
-
-		event.type = type;
-		event.isTrigger = true;
-		event.exclusive = exclusive;
-		event.namespace = namespaces.join( "." );
-		event.namespace_re = event.namespace? new RegExp("(^|\\.)" + namespaces.join("\\.(?:.*\\.)?") + "(\\.|$)") : null;
-		ontype = type.indexOf( ":" ) < 0 ? "on" + type : "";
-
-		// Handle a global trigger
-		if ( !elem ) {
-
-			// TODO: Stop taunting the data cache; remove global events and always attach to document
-			cache = jQuery.cache;
-			for ( i in cache ) {
-				if ( cache[ i ].events && cache[ i ].events[ type ] ) {
-					jQuery.event.trigger( event, data, cache[ i ].handle.elem, true );
-				}
-			}
-			return;
-		}
-
-		// Clean up the event in case it is being reused
-		event.result = undefined;
-		if ( !event.target ) {
-			event.target = elem;
-		}
-
-		// Clone any incoming data and prepend the event, creating the handler arg list
-		data = data != null ? jQuery.makeArray( data ) : [];
-		data.unshift( event );
-
-		// Allow special events to draw outside the lines
-		special = jQuery.event.special[ type ] || {};
-		if ( special.trigger && special.trigger.apply( elem, data ) === false ) {
-			return;
-		}
-
-		// Determine event propagation path in advance, per W3C events spec (#9951)
-		// Bubble up to document, then to window; watch for a global ownerDocument var (#9724)
-		eventPath = [[ elem, special.bindType || type ]];
-		if ( !onlyHandlers && !special.noBubble && !jQuery.isWindow( elem ) ) {
-
-			bubbleType = special.delegateType || type;
-			cur = rfocusMorph.test( bubbleType + type ) ? elem : elem.parentNode;
-			old = null;
-			for ( ; cur; cur = cur.parentNode ) {
-				eventPath.push([ cur, bubbleType ]);
-				old = cur;
-			}
-
-			// Only add window if we got to document (e.g., not plain obj or detached DOM)
-			if ( old && old === elem.ownerDocument ) {
-				eventPath.push([ old.defaultView || old.parentWindow || window, bubbleType ]);
-			}
-		}
-
-		// Fire handlers on the event path
-		for ( i = 0; i < eventPath.length && !event.isPropagationStopped(); i++ ) {
-
-			cur = eventPath[i][0];
-			event.type = eventPath[i][1];
-
-			handle = ( jQuery._data( cur, "events" ) || {} )[ event.type ] && jQuery._data( cur, "handle" );
-			if ( handle ) {
-				handle.apply( cur, data );
-			}
-			// Note that this is a bare JS function and not a jQuery handler
-			handle = ontype && cur[ ontype ];
-			if ( handle && jQuery.acceptData( cur ) && handle.apply( cur, data ) === false ) {
-				event.preventDefault();
-			}
-		}
-		event.type = type;
-
-		// If nobody prevented the default action, do it now
-		if ( !onlyHandlers && !event.isDefaultPrevented() ) {
-
-			if ( (!special._default || special._default.apply( elem.ownerDocument, data ) === false) &&
-				!(type === "click" && jQuery.nodeName( elem, "a" )) && jQuery.acceptData( elem ) ) {
-
-				// Call a native DOM method on the target with the same name name as the event.
-				// Can't use an .isFunction() check here because IE6/7 fails that test.
-				// Don't do default actions on window, that's where global variables be (#6170)
-				// IE<9 dies on focus/blur to hidden element (#1486)
-				if ( ontype && elem[ type ] && ((type !== "focus" && type !== "blur") || event.target.offsetWidth !== 0) && !jQuery.isWindow( elem ) ) {
-
-					// Don't re-trigger an onFOO event when we call its FOO() method
-					old = elem[ ontype ];
-
-					if ( old ) {
-						elem[ ontype ] = null;
-					}
-
-					// Prevent re-triggering of the same event, since we already bubbled it above
-					jQuery.event.triggered = type;
-					elem[ type ]();
-					jQuery.event.triggered = undefined;
-
-					if ( old ) {
-						elem[ ontype ] = old;
-					}
-				}
-			}
-		}
-
-		return event.result;
-	},
-
-	dispatch: function( event ) {
-
-		// Make a writable jQuery.Event from the native event object
-		event = jQuery.event.fix( event || window.event );
-
-		var handlers = ( (jQuery._data( this, "events" ) || {} )[ event.type ] || []),
-			delegateCount = handlers.delegateCount,
-			args = [].slice.call( arguments, 0 ),
-			run_all = !event.exclusive && !event.namespace,
-			special = jQuery.event.special[ event.type ] || {},
-			handlerQueue = [],
-			i, j, cur, jqcur, ret, selMatch, matched, matches, handleObj, sel, related;
-
-		// Use the fix-ed jQuery.Event rather than the (read-only) native event
-		args[0] = event;
-		event.delegateTarget = this;
-
-		// Call the preDispatch hook for the mapped type, and let it bail if desired
-		if ( special.preDispatch && special.preDispatch.call( this, event ) === false ) {
-			return;
-		}
-
-		// Determine handlers that should run if there are delegated events
-		// Avoid non-left-click bubbling in Firefox (#3861)
-		if ( delegateCount && !(event.button && event.type === "click") ) {
-
-			// Pregenerate a single jQuery object for reuse with .is()
-			jqcur = jQuery(this);
-			jqcur.context = this.ownerDocument || this;
-
-			for ( cur = event.target; cur != this; cur = cur.parentNode || this ) {
-
-				// Don't process events on disabled elements (#6911, #8165)
-				if ( cur.disabled !== true ) {
-					selMatch = {};
-					matches = [];
-					jqcur[0] = cur;
-					for ( i = 0; i < delegateCount; i++ ) {
-						handleObj = handlers[ i ];
-						sel = handleObj.selector;
-
-						if ( selMatch[ sel ] === undefined ) {
-							selMatch[ sel ] = (
-								handleObj.quick ? quickIs( cur, handleObj.quick ) : jqcur.is( sel )
-							);
-						}
-						if ( selMatch[ sel ] ) {
-							matches.push( handleObj );
-						}
-					}
-					if ( matches.length ) {
-						handlerQueue.push({ elem: cur, matches: matches });
-					}
-				}
-			}
-		}
-
-		// Add the remaining (directly-bound) handlers
-		if ( handlers.length > delegateCount ) {
-			handlerQueue.push({ elem: this, matches: handlers.slice( delegateCount ) });
-		}
-
-		// Run delegates first; they may want to stop propagation beneath us
-		for ( i = 0; i < handlerQueue.length && !event.isPropagationStopped(); i++ ) {
-			matched = handlerQueue[ i ];
-			event.currentTarget = matched.elem;
-
-			for ( j = 0; j < matched.matches.length && !event.isImmediatePropagationStopped(); j++ ) {
-				handleObj = matched.matches[ j ];
-
-				// Triggered event must either 1) be non-exclusive and have no namespace, or
-				// 2) have namespace(s) a subset or equal to those in the bound event (both can have no namespace).
-				if ( run_all || (!event.namespace && !handleObj.namespace) || event.namespace_re && event.namespace_re.test( handleObj.namespace ) ) {
-
-					event.data = handleObj.data;
-					event.handleObj = handleObj;
-
-					ret = ( (jQuery.event.special[ handleObj.origType ] || {}).handle || handleObj.handler )
-							.apply( matched.elem, args );
-
-					if ( ret !== undefined ) {
-						event.result = ret;
-						if ( ret === false ) {
-							event.preventDefault();
-							event.stopPropagation();
-						}
-					}
-				}
-			}
-		}
-
-		// Call the postDispatch hook for the mapped type
-		if ( special.postDispatch ) {
-			special.postDispatch.call( this, event );
-		}
-
-		return event.result;
-	},
-
-	// Includes some event props shared by KeyEvent and MouseEvent
-	// *** attrChange attrName relatedNode srcElement  are not normalized, non-W3C, deprecated, will be removed in 1.8 ***
-	props: "attrChange attrName relatedNode srcElement altKey bubbles cancelable ctrlKey currentTarget eventPhase metaKey relatedTarget shiftKey target timeStamp view which".split(" "),
-
-	fixHooks: {},
-
-	keyHooks: {
-		props: "char charCode key keyCode".split(" "),
-		filter: function( event, original ) {
-
-			// Add which for key events
-			if ( event.which == null ) {
-				event.which = original.charCode != null ? original.charCode : original.keyCode;
-			}
-
-			return event;
-		}
-	},
-
-	mouseHooks: {
-		props: "button buttons clientX clientY fromElement offsetX offsetY pageX pageY screenX screenY toElement".split(" "),
-		filter: function( event, original ) {
-			var eventDoc, doc, body,
-				button = original.button,
-				fromElement = original.fromElement;
-
-			// Calculate pageX/Y if missing and clientX/Y available
-			if ( event.pageX == null && original.clientX != null ) {
-				eventDoc = event.target.ownerDocument || document;
-				doc = eventDoc.documentElement;
-				body = eventDoc.body;
-
-				event.pageX = original.clientX + ( doc && doc.scrollLeft || body && body.scrollLeft || 0 ) - ( doc && doc.clientLeft || body && body.clientLeft || 0 );
-				event.pageY = original.clientY + ( doc && doc.scrollTop  || body && body.scrollTop  || 0 ) - ( doc && doc.clientTop  || body && body.clientTop  || 0 );
-			}
-
-			// Add relatedTarget, if necessary
-			if ( !event.relatedTarget && fromElement ) {
-				event.relatedTarget = fromElement === event.target ? original.toElement : fromElement;
-			}
-
-			// Add which for click: 1 === left; 2 === middle; 3 === right
-			// Note: button is not normalized, so don't use it
-			if ( !event.which && button !== undefined ) {
-				event.which = ( button & 1 ? 1 : ( button & 2 ? 3 : ( button & 4 ? 2 : 0 ) ) );
-			}
-
-			return event;
-		}
-	},
-
-	fix: function( event ) {
-		if ( event[ jQuery.expando ] ) {
-			return event;
-		}
-
-		// Create a writable copy of the event object and normalize some properties
-		var i, prop,
-			originalEvent = event,
-			fixHook = jQuery.event.fixHooks[ event.type ] || {},
-			copy = fixHook.props ? this.props.concat( fixHook.props ) : this.props;
-
-		event = jQuery.Event( originalEvent );
-
-		for ( i = copy.length; i; ) {
-			prop = copy[ --i ];
-			event[ prop ] = originalEvent[ prop ];
-		}
-
-		// Fix target property, if necessary (#1925, IE 6/7/8 & Safari2)
-		if ( !event.target ) {
-			event.target = originalEvent.srcElement || document;
-		}
-
-		// Target should not be a text node (#504, Safari)
-		if ( event.target.nodeType === 3 ) {
-			event.target = event.target.parentNode;
-		}
-
-		// For mouse/key events; add metaKey if it's not there (#3368, IE6/7/8)
-		if ( event.metaKey === undefined ) {
-			event.metaKey = event.ctrlKey;
-		}
-
-		return fixHook.filter? fixHook.filter( event, originalEvent ) : event;
-	},
-
-	special: {
-		ready: {
-			// Make sure the ready event is setup
-			setup: jQuery.bindReady
-		},
-
-		load: {
-			// Prevent triggered image.load events from bubbling to window.load
-			noBubble: true
-		},
-
-		focus: {
-			delegateType: "focusin"
-		},
-		blur: {
-			delegateType: "focusout"
-		},
-
-		beforeunload: {
-			setup: function( data, namespaces, eventHandle ) {
-				// We only want to do this special case on windows
-				if ( jQuery.isWindow( this ) ) {
-					this.onbeforeunload = eventHandle;
-				}
-			},
-
-			teardown: function( namespaces, eventHandle ) {
-				if ( this.onbeforeunload === eventHandle ) {
-					this.onbeforeunload = null;
-				}
-			}
-		}
-	},
-
-	simulate: function( type, elem, event, bubble ) {
-		// Piggyback on a donor event to simulate a different one.
-		// Fake originalEvent to avoid donor's stopPropagation, but if the
-		// simulated event prevents default then we do the same on the donor.
-		var e = jQuery.extend(
-			new jQuery.Event(),
-			event,
-			{ type: type,
-				isSimulated: true,
-				originalEvent: {}
-			}
-		);
-		if ( bubble ) {
-			jQuery.event.trigger( e, null, elem );
-		} else {
-			jQuery.event.dispatch.call( elem, e );
-		}
-		if ( e.isDefaultPrevented() ) {
-			event.preventDefault();
-		}
-	}
-};
-
-// Some plugins are using, but it's undocumented/deprecated and will be removed.
-// The 1.7 special event interface should provide all the hooks needed now.
-jQuery.event.handle = jQuery.event.dispatch;
-
-jQuery.removeEvent = document.removeEventListener ?
-	function( elem, type, handle ) {
-		if ( elem.removeEventListener ) {
-			elem.removeEventListener( type, handle, false );
-		}
-	} :
-	function( elem, type, handle ) {
-		if ( elem.detachEvent ) {
-			elem.detachEvent( "on" + type, handle );
-		}
-	};
-
-jQuery.Event = function( src, props ) {
-	// Allow instantiation without the 'new' keyword
-	if ( !(this instanceof jQuery.Event) ) {
-		return new jQuery.Event( src, props );
-	}
-
-	// Event object
-	if ( src && src.type ) {
-		this.originalEvent = src;
-		this.type = src.type;
-
-		// Events bubbling up the document may have been marked as prevented
-		// by a handler lower down the tree; reflect the correct value.
-		this.isDefaultPrevented = ( src.defaultPrevented || src.returnValue === false ||
-			src.getPreventDefault && src.getPreventDefault() ) ? returnTrue : returnFalse;
-
-	// Event type
-	} else {
-		this.type = src;
-	}
-
-	// Put explicitly provided properties onto the event object
-	if ( props ) {
-		jQuery.extend( this, props );
-	}
-
-	// Create a timestamp if incoming event doesn't have one
-	this.timeStamp = src && src.timeStamp || jQuery.now();
-
-	// Mark it as fixed
-	this[ jQuery.expando ] = true;
-};
-
-function returnFalse() {
-	return false;
-}
-function returnTrue() {
-	return true;
-}
-
-// jQuery.Event is based on DOM3 Events as specified by the ECMAScript Language Binding
-// http://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html
-jQuery.Event.prototype = {
-	preventDefault: function() {
-		this.isDefaultPrevented = returnTrue;
-
-		var e = this.originalEvent;
-		if ( !e ) {
-			return;
-		}
-
-		// if preventDefault exists run it on the original event
-		if ( e.preventDefault ) {
-			e.preventDefault();
-
-		// otherwise set the returnValue property of the original event to false (IE)
-		} else {
-			e.returnValue = false;
-		}
-	},
-	stopPropagation: function() {
-		this.isPropagationStopped = returnTrue;
-
-		var e = this.originalEvent;
-		if ( !e ) {
-			return;
-		}
-		// if stopPropagation exists run it on the original event
-		if ( e.stopPropagation ) {
-			e.stopPropagation();
-		}
-		// otherwise set the cancelBubble property of the original event to true (IE)
-		e.cancelBubble = true;
-	},
-	stopImmediatePropagation: function() {
-		this.isImmediatePropagationStopped = returnTrue;
-		this.stopPropagation();
-	},
-	isDefaultPrevented: returnFalse,
-	isPropagationStopped: returnFalse,
-	isImmediatePropagationStopped: returnFalse
-};
-
-// Create mouseenter/leave events using mouseover/out and event-time checks
-jQuery.each({
-	mouseenter: "mouseover",
-	mouseleave: "mouseout"
-}, function( orig, fix ) {
-	jQuery.event.special[ orig ] = {
-		delegateType: fix,
-		bindType: fix,
-
-		handle: function( event ) {
-			var target = this,
-				related = event.relatedTarget,
-				handleObj = event.handleObj,
-				selector = handleObj.selector,
-				ret;
-
-			// For mousenter/leave call the handler if related is outside the target.
-			// NB: No relatedTarget if the mouse left/entered the browser window
-			if ( !related || (related !== target && !jQuery.contains( target, related )) ) {
-				event.type = handleObj.origType;
-				ret = handleObj.handler.apply( this, arguments );
-				event.type = fix;
-			}
-			return ret;
-		}
-	};
-});
-
-// IE submit delegation
-if ( !jQuery.support.submitBubbles ) {
-
-	jQuery.event.special.submit = {
-		setup: function() {
-			// Only need this for delegated form submit events
-			if ( jQuery.nodeName( this, "form" ) ) {
-				return false;
-			}
-
-			// Lazy-add a submit handler when a descendant form may potentially be submitted
-			jQuery.event.add( this, "click._submit keypress._submit", function( e ) {
-				// Node name check avoids a VML-related crash in IE (#9807)
-				var elem = e.target,
-					form = jQuery.nodeName( elem, "input" ) || jQuery.nodeName( elem, "button" ) ? elem.form : undefined;
-				if ( form && !form._submit_attached ) {
-					jQuery.event.add( form, "submit._submit", function( event ) {
-						event._submit_bubble = true;
-					});
-					form._submit_attached = true;
-				}
-			});
-			// return undefined since we don't need an event listener
-		},
-		
-		postDispatch: function( event ) {
-			// If form was submitted by the user, bubble the event up the tree
-			if ( event._submit_bubble ) {
-				delete event._submit_bubble;
-				if ( this.parentNode && !event.isTrigger ) {
-					jQuery.event.simulate( "submit", this.parentNode, event, true );
-				}
-			}
-		},
-
-		teardown: function() {
-			// Only need this for delegated form submit events
-			if ( jQuery.nodeName( this, "form" ) ) {
-				return false;
-			}
-
-			// Remove delegated handlers; cleanData eventually reaps submit handlers attached above
-			jQuery.event.remove( this, "._submit" );
-		}
-	};
-}
-
-// IE change delegation and checkbox/radio fix
-if ( !jQuery.support.changeBubbles ) {
-
-	jQuery.event.special.change = {
-
-		setup: function() {
-
-			if ( rformElems.test( this.nodeName ) ) {
-				// IE doesn't fire change on a check/radio until blur; trigger it on click
-				// after a propertychange. Eat the blur-change in special.change.handle.
-				// This still fires onchange a second time for check/radio after blur.
-				if ( this.type === "checkbox" || this.type === "radio" ) {
-					jQuery.event.add( this, "propertychange._change", function( event ) {
-						if ( event.originalEvent.propertyName === "checked" ) {
-							this._just_changed = true;
-						}
-					});
-					jQuery.event.add( this, "click._change", function( event ) {
-						if ( this._just_changed && !event.isTrigger ) {
-							this._just_changed = false;
-							jQuery.event.simulate( "change", this, event, true );
-						}
-					});
-				}
-				return false;
-			}
-			// Delegated event; lazy-add a change handler on descendant inputs
-			jQuery.event.add( this, "beforeactivate._change", function( e ) {
-				var elem = e.target;
-
-				if ( rformElems.test( elem.nodeName ) && !elem._change_attached ) {
-					jQuery.event.add( elem, "change._change", function( event ) {
-						if ( this.parentNode && !event.isSimulated && !event.isTrigger ) {
-							jQuery.event.simulate( "change", this.parentNode, event, true );
-						}
-					});
-					elem._change_attached = true;
-				}
-			});
-		},
-
-		handle: function( event ) {
-			var elem = event.target;
-
-			// Swallow native change events from checkbox/radio, we already triggered them above
-			if ( this !== elem || event.isSimulated || event.isTrigger || (elem.type !== "radio" && elem.type !== "checkbox") ) {
-				return event.handleObj.handler.apply( this, arguments );
-			}
-		},
-
-		teardown: function() {
-			jQuery.event.remove( this, "._change" );
-
-			return rformElems.test( this.nodeName );
-		}
-	};
-}
-
-// Create "bubbling" focus and blur events
-if ( !jQuery.support.focusinBubbles ) {
-	jQuery.each({ focus: "focusin", blur: "focusout" }, function( orig, fix ) {
-
-		// Attach a single capturing handler while someone wants focusin/focusout
-		var attaches = 0,
-			handler = function( event ) {
-				jQuery.event.simulate( fix, event.target, jQuery.event.fix( event ), true );
-			};
-
-		jQuery.event.special[ fix ] = {
-			setup: function() {
-				if ( attaches++ === 0 ) {
-					document.addEventListener( orig, handler, true );
-				}
-			},
-			teardown: function() {
-				if ( --attaches === 0 ) {
-					document.removeEventListener( orig, handler, true );
-				}
-			}
-		};
-	});
-}
-
-jQuery.fn.extend({
-
-	on: function( types, selector, data, fn, /*INTERNAL*/ one ) {
-		var origFn, type;
-
-		// Types can be a map of types/handlers
-		if ( typeof types === "object" ) {
-			// ( types-Object, selector, data )
-			if ( typeof selector !== "string" ) { // && selector != null
-				// ( types-Object, data )
-				data = data || selector;
-				selector = undefined;
-			}
-			for ( type in types ) {
-				this.on( type, selector, data, types[ type ], one );
-			}
-			return this;
-		}
-
-		if ( data == null && fn == null ) {
-			// ( types, fn )
-			fn = selector;
-			data = selector = undefined;
-		} else if ( fn == null ) {
-			if ( typeof selector === "string" ) {
-				// ( types, selector, fn )
-				fn = data;
-				data = undefined;
-			} else {
-				// ( types, data, fn )
-				fn = data;
-				data = selector;
-				selector = undefined;
-			}
-		}
-		if ( fn === false ) {
-			fn = returnFalse;
-		} else if ( !fn ) {
-			return this;
-		}
-
-		if ( one === 1 ) {
-			origFn = fn;
-			fn = function( event ) {
-				// Can use an empty set, since event contains the info
-				jQuery().off( event );
-				return origFn.apply( this, arguments );
-			};
-			// Use same guid so caller can remove using origFn
-			fn.guid = origFn.guid || ( origFn.guid = jQuery.guid++ );
-		}
-		return this.each( function() {
-			jQuery.event.add( this, types, fn, data, selector );
-		});
-	},
-	one: function( types, selector, data, fn ) {
-		return this.on( types, selector, data, fn, 1 );
-	},
-	off: function( types, selector, fn ) {
-		if ( types && types.preventDefault && types.handleObj ) {
-			// ( event )  dispatched jQuery.Event
-			var handleObj = types.handleObj;
-			jQuery( types.delegateTarget ).off(
-				handleObj.namespace ? handleObj.origType + "." + handleObj.namespace : handleObj.origType,
-				handleObj.selector,
-				handleObj.handler
-			);
-			return this;
-		}
-		if ( typeof types === "object" ) {
-			// ( types-object [, selector] )
-			for ( var type in types ) {
-				this.off( type, selector, types[ type ] );
-			}
-			return this;
-		}
-		if ( selector === false || typeof selector === "function" ) {
-			// ( types [, fn] )
-			fn = selector;
-			selector = undefined;
-		}
-		if ( fn === false ) {
-			fn = returnFalse;
-		}
-		return this.each(function() {
-			jQuery.event.remove( this, types, fn, selector );
-		});
-	},
-
-	bind: function( types, data, fn ) {
-		return this.on( types, null, data, fn );
-	},
-	unbind: function( types, fn ) {
-		return this.off( types, null, fn );
-	},
-
-	live: function( types, data, fn ) {
-		jQuery( this.context ).on( types, this.selector, data, fn );
-		return this;
-	},
-	die: function( types, fn ) {
-		jQuery( this.context ).off( types, this.selector || "**", fn );
-		return this;
-	},
-
-	delegate: function( selector, types, data, fn ) {
-		return this.on( types, selector, data, fn );
-	},
-	undelegate: function( selector, types, fn ) {
-		// ( namespace ) or ( selector, types [, fn] )
-		return arguments.length == 1? this.off( selector, "**" ) : this.off( types, selector, fn );
-	},
-
-	trigger: function( type, data ) {
-		return this.each(function() {
-			jQuery.event.trigger( type, data, this );
-		});
-	},
-	triggerHandler: function( type, data ) {
-		if ( this[0] ) {
-			return jQuery.event.trigger( type, data, this[0], true );
-		}
-	},
-
-	toggle: function( fn ) {
-		// Save reference to arguments for access in closure
-		var args = arguments,
-			guid = fn.guid || jQuery.guid++,
-			i = 0,
-			toggler = function( event ) {
-				// Figure out which function to execute
-				var lastToggle = ( jQuery._data( this, "lastToggle" + fn.guid ) || 0 ) % i;
-				jQuery._data( this, "lastToggle" + fn.guid, lastToggle + 1 );
-
-				// Make sure that clicks stop
-				event.preventDefault();
-
-				// and execute the function
-				return args[ lastToggle ].apply( this, arguments ) || false;
-			};
-
-		// link all the functions, so any of them can unbind this click handler
-		toggler.guid = guid;
-		while ( i < args.length ) {
-			args[ i++ ].guid = guid;
-		}
-
-		return this.click( toggler );
-	},
-
-	hover: function( fnOver, fnOut ) {
-		return this.mouseenter( fnOver ).mouseleave( fnOut || fnOver );
-	}
-});
-
-jQuery.each( ("blur focus focusin focusout load resize scroll unload click dblclick " +
-	"mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave " +
-	"change select submit keydown keypress keyup error contextmenu").split(" "), function( i, name ) {
-
-	// Handle event binding
-	jQuery.fn[ name ] = function( data, fn ) {
-		if ( fn == null ) {
-			fn = data;
-			data = null;
-		}
-
-		return arguments.length > 0 ?
-			this.on( name, null, data, fn ) :
-			this.trigger( name );
-	};
-
-	if ( jQuery.attrFn ) {
-		jQuery.attrFn[ name ] = true;
-	}
-
-	if ( rkeyEvent.test( name ) ) {
-		jQuery.event.fixHooks[ name ] = jQuery.event.keyHooks;
-	}
-
-	if ( rmouseEvent.test( name ) ) {
-		jQuery.event.fixHooks[ name ] = jQuery.event.mouseHooks;
-	}
-});
-
-
-
-/*!
- * Sizzle CSS Selector Engine
- *  Copyright 2011, The Dojo Foundation
- *  Released under the MIT, BSD, and GPL Licenses.
- *  More information: http://sizzlejs.com/
- */
-(function(){
-
-var chunker = /((?:\((?:\([^()]+\)|[^()]+)+\)|\[(?:\[[^\[\]]*\]|['"][^'"]*['"]|[^\[\]'"]+)+\]|\\.|[^ >+~,(\[\\]+)+|[>+~])(\s*,\s*)?((?:.|\r|\n)*)/g,
-	expando = "sizcache" + (Math.random() + '').replace('.', ''),
-	done = 0,
-	toString = Object.prototype.toString,
-	hasDuplicate = false,
-	baseHasDuplicate = true,
-	rBackslash = /\\/g,
-	rReturn = /\r\n/g,
-	rNonWord = /\W/;
-
-// Here we check if the JavaScript engine is using some sort of
-// optimization where it does not always call our comparision
-// function. If that is the case, discard the hasDuplicate value.
-//   Thus far that includes Google Chrome.
-[0, 0].sort(function() {
-	baseHasDuplicate = false;
-	return 0;
-});
-
-var Sizzle = function( selector, context, results, seed ) {
-	results = results || [];
-	context = context || document;
-
-	var origContext = context;
-
-	if ( context.nodeType !== 1 && context.nodeType !== 9 ) {
-		return [];
-	}
-
-	if ( !selector || typeof selector !== "string" ) {
-		return results;
-	}
-
-	var m, set, checkSet, extra, ret, cur, pop, i,
-		prune = true,
-		contextXML = Sizzle.isXML( context ),
-		parts = [],
-		soFar = selector;
-
-	// Reset the position of the chunker regexp (start from head)
-	do {
-		chunker.exec( "" );
-		m = chunker.exec( soFar );
-
-		if ( m ) {
-			soFar = m[3];
-
-			parts.push( m[1] );
-
-			if ( m[2] ) {
-				extra = m[3];
-				break;
-			}
-		}
-	} while ( m );
-
-	if ( parts.length > 1 && origPOS.exec( selector ) ) {
-
-		if ( parts.length === 2 && Expr.relative[ parts[0] ] ) {
-			set = posProcess( parts[0] + parts[1], context, seed );
-
-		} else {
-			set = Expr.relative[ parts[0] ] ?
-				[ context ] :
-				Sizzle( parts.shift(), context );
-
-			while ( parts.length ) {
-				selector = parts.shift();
-
-				if ( Expr.relative[ selector ] ) {
-					selector += parts.shift();
-				}
-
-				set = posProcess( selector, set, seed );
-			}
-		}
-
-	} else {
-		// Take a shortcut and set the context if the root selector is an ID
-		// (but not if it'll be faster if the inner selector is an ID)
-		if ( !seed && parts.length > 1 && context.nodeType === 9 && !contextXML &&
-				Expr.match.ID.test(parts[0]) && !Expr.match.ID.test(parts[parts.length - 1]) ) {
-
-			ret = Sizzle.find( parts.shift(), context, contextXML );
-			context = ret.expr ?
-				Sizzle.filter( ret.expr, ret.set )[0] :
-				ret.set[0];
-		}
-
-		if ( context ) {
-			ret = seed ?
-				{ expr: parts.pop(), set: makeArray(seed) } :
-				Sizzle.find( parts.pop(), parts.length === 1 && (parts[0] === "~" || parts[0] === "+") && context.parentNode ? context.parentNode : context, contextXML );
-
-			set = ret.expr ?
-				Sizzle.filter( ret.expr, ret.set ) :
-				ret.set;
-
-			if ( parts.length > 0 ) {
-				checkSet = makeArray( set );
-
-			} else {
-				prune = false;
-			}
-
-			while ( parts.length ) {
-				cur = parts.pop();
-				pop = cur;
-
-				if ( !Expr.relative[ cur ] ) {
-					cur = "";
-				} else {
-					pop = parts.pop();
-				}
-
-				if ( pop == null ) {
-					pop = context;
-				}
-
-				Expr.relative[ cur ]( checkSet, pop, contextXML );
-			}
-
-		} else {
-			checkSet = parts = [];
-		}
-	}
-
-	if ( !checkSet ) {
-		checkSet = set;
-	}
-
-	if ( !checkSet ) {
-		Sizzle.error( cur || selector );
-	}
-
-	if ( toString.call(checkSet) === "[object Array]" ) {
-		if ( !prune ) {
-			results.push.apply( results, checkSet );
-
-		} else if ( context && context.nodeType === 1 ) {
-			for ( i = 0; checkSet[i] != null; i++ ) {
-				if ( checkSet[i] && (checkSet[i] === true || checkSet[i].nodeType === 1 && Sizzle.contains(context, checkSet[i])) ) {
-					results.push( set[i] );
-				}
-			}
-
-		} else {
-			for ( i = 0; checkSet[i] != null; i++ ) {
-				if ( checkSet[i] && checkSet[i].nodeType === 1 ) {
-					results.push( set[i] );
-				}
-			}
-		}
-
-	} else {
-		makeArray( checkSet, results );
-	}
-
-	if ( extra ) {
-		Sizzle( extra, origContext, results, seed );
-		Sizzle.uniqueSort( results );
-	}
-
-	return results;
-};
-
-Sizzle.uniqueSort = function( results ) {
-	if ( sortOrder ) {
-		hasDuplicate = baseHasDuplicate;
-		results.sort( sortOrder );
-
-		if ( hasDuplicate ) {
-			for ( var i = 1; i < results.length; i++ ) {
-				if ( results[i] === results[ i - 1 ] ) {
-					results.splice( i--, 1 );
-				}
-			}
-		}
-	}
-
-	return results;
-};
-
-Sizzle.matches = function( expr, set ) {
-	return Sizzle( expr, null, null, set );
-};
-
-Sizzle.matchesSelector = function( node, expr ) {
-	return Sizzle( expr, null, null, [node] ).length > 0;
-};
-
-Sizzle.find = function( expr, context, isXML ) {
-	var set, i, len, match, type, left;
-
-	if ( !expr ) {
-		return [];
-	}
-
-	for ( i = 0, len = Expr.order.length; i < len; i++ ) {
-		type = Expr.order[i];
-
-		if ( (match = Expr.leftMatch[ type ].exec( expr )) ) {
-			left = match[1];
-			match.splice( 1, 1 );
-
-			if ( left.substr( left.length - 1 ) !== "\\" ) {
-				match[1] = (match[1] || "").replace( rBackslash, "" );
-				set = Expr.find[ type ]( match, context, isXML );
-
-				if ( set != null ) {
-					expr = expr.replace( Expr.match[ type ], "" );
-					break;
-				}
-			}
-		}
-	}
-
-	if ( !set ) {
-		set = typeof context.getElementsByTagName !== "undefined" ?
-			context.getElementsByTagName( "*" ) :
-			[];
-	}
-
-	return { set: set, expr: expr };
-};
-
-Sizzle.filter = function( expr, set, inplace, not ) {
-	var match, anyFound,
-		type, found, item, filter, left,
-		i, pass,
-		old = expr,
-		result = [],
-		curLoop = set,
-		isXMLFilter = set && set[0] && Sizzle.isXML( set[0] );
-
-	while ( expr && set.length ) {
-		for ( type in Expr.filter ) {
-			if ( (match = Expr.leftMatch[ type ].exec( expr )) != null && match[2] ) {
-				filter = Expr.filter[ type ];
-				left = match[1];
-
-				anyFound = false;
-
-				match.splice(1,1);
-
-				if ( left.substr( left.length - 1 ) === "\\" ) {
-					continue;
-				}
-
-				if ( curLoop === result ) {
-					result = [];
-				}
-
-				if ( Expr.preFilter[ type ] ) {
-					match = Expr.preFilter[ type ]( match, curLoop, inplace, result, not, isXMLFilter );
-
-					if ( !match ) {
-						anyFound = found = true;
-
-					} else if ( match === true ) {
-						continue;
-					}
-				}
-
-				if ( match ) {
-					for ( i = 0; (item = curLoop[i]) != null; i++ ) {
-						if ( item ) {
-							found = filter( item, match, i, curLoop );
-							pass = not ^ found;
-
-							if ( inplace && found != null ) {
-								if ( pass ) {
-									anyFound = true;
-
-								} else {
-									curLoop[i] = false;
-								}
-
-							} else if ( pass ) {
-								result.push( item );
-								anyFound = true;
-							}
-						}
-					}
-				}
-
-				if ( found !== undefined ) {
-					if ( !inplace ) {
-						curLoop = result;
-					}
-
-					expr = expr.replace( Expr.match[ type ], "" );
-
-					if ( !anyFound ) {
-						return [];
-					}
-
-					break;
-				}
-			}
-		}
-
-		// Improper expression
-		if ( expr === old ) {
-			if ( anyFound == null ) {
-				Sizzle.error( expr );
-
-			} else {
-				break;
-			}
-		}
-
-		old = expr;
-	}
-
-	return curLoop;
-};
-
-Sizzle.error = function( msg ) {
-	throw new Error( "Syntax error, unrecognized expression: " + msg );
-};
-
-/**
- * Utility function for retreiving the text value of an array of DOM nodes
- * @param {Array|Element} elem
- */
-var getText = Sizzle.getText = function( elem ) {
-    var i, node,
-		nodeType = elem.nodeType,
-		ret = "";
-
-	if ( nodeType ) {
-		if ( nodeType === 1 || nodeType === 9 || nodeType === 11 ) {
-			// Use textContent || innerText for elements
-			if ( typeof elem.textContent === 'string' ) {
-				return elem.textContent;
-			} else if ( typeof elem.innerText === 'string' ) {
-				// Replace IE's carriage returns
-				return elem.innerText.replace( rReturn, '' );
-			} else {
-				// Traverse it's children
-				for ( elem = elem.firstChild; elem; elem = elem.nextSibling) {
-					ret += getText( elem );
-				}
-			}
-		} else if ( nodeType === 3 || nodeType === 4 ) {
-			return elem.nodeValue;
-		}
-	} else {
-
-		// If no nodeType, this is expected to be an array
-		for ( i = 0; (node = elem[i]); i++ ) {
-			// Do not traverse comment nodes
-			if ( node.nodeType !== 8 ) {
-				ret += getText( node );
-			}
-		}
-	}
-	return ret;
-};
-
-var Expr = Sizzle.selectors = {
-	order: [ "ID", "NAME", "TAG" ],
-
-	match: {
-		ID: /#((?:[\w\u00c0-\uFFFF\-]|\\.)+)/,
-		CLASS: /\.((?:[\w\u00c0-\uFFFF\-]|\\.)+)/,
-		NAME: /\[name=['"]*((?:[\w\u00c0-\uFFFF\-]|\\.)+)['"]*\]/,
-		ATTR: /\[\s*((?:[\w\u00c0-\uFFFF\-]|\\.)+)\s*(?:(\S?=)\s*(?:(['"])(.*?)\3|(#?(?:[\w\u00c0-\uFFFF\-]|\\.)*)|)|)\s*\]/,
-		TAG: /^((?:[\w\u00c0-\uFFFF\*\-]|\\.)+)/,
-		CHILD: /:(only|nth|last|first)-child(?:\(\s*(even|odd|(?:[+\-]?\d+|(?:[+\-]?\d*)?n\s*(?:[+\-]\s*\d+)?))\s*\))?/,
-		POS: /:(nth|eq|gt|lt|first|last|even|odd)(?:\((\d*)\))?(?=[^\-]|$)/,
-		PSEUDO: /:((?:[\w\u00c0-\uFFFF\-]|\\.)+)(?:\((['"]?)((?:\([^\)]+\)|[^\(\)]*)+)\2\))?/
-	},
-
-	leftMatch: {},
-
-	attrMap: {
-		"class": "className",
-		"for": "htmlFor"
-	},
-
-	attrHandle: {
-		href: function( elem ) {
-			return elem.getAttribute( "href" );
-		},
-		type: function( elem ) {
-			return elem.getAttribute( "type" );
-		}
-	},
-
-	relative: {
-		"+": function(checkSet, part){
-			var isPartStr = typeof part === "string",
-				isTag = isPartStr && !rNonWord.test( part ),
-				isPartStrNotTag = isPartStr && !isTag;
-
-			if ( isTag ) {
-				part = part.toLowerCase();
-			}
-
-			for ( var i = 0, l = checkSet.length, elem; i < l; i++ ) {
-				if ( (elem = checkSet[i]) ) {
-					while ( (elem = elem.previousSibling) && elem.nodeType !== 1 ) {}
-
-					checkSet[i] = isPartStrNotTag || elem && elem.nodeName.toLowerCase() === part ?
-						elem || false :
-						elem === part;
-				}
-			}
-
-			if ( isPartStrNotTag ) {
-				Sizzle.filter( part, checkSet, true );
-			}
-		},
-
-		">": function( checkSet, part ) {
-			var elem,
-				isPartStr = typeof part === "string",
-				i = 0,
-				l = checkSet.length;
-
-			if ( isPartStr && !rNonWord.test( part ) ) {
-				part = part.toLowerCase();
-
-				for ( ; i < l; i++ ) {
-					elem = checkSet[i];
-
-					if ( elem ) {
-						var parent = elem.parentNode;
-						checkSet[i] = parent.nodeName.toLowerCase() === part ? parent : false;
-					}
-				}
-
-			} else {
-				for ( ; i < l; i++ ) {
-					elem = checkSet[i];
-
-					if ( elem ) {
-						checkSet[i] = isPartStr ?
-							elem.parentNode :
-							elem.parentNode === part;
-					}
-				}
-
-				if ( isPartStr ) {
-					Sizzle.filter( part, checkSet, true );
-				}
-			}
-		},
-
-		"": function(checkSet, part, isXML){
-			var nodeCheck,
-				doneName = done++,
-				checkFn = dirCheck;
-
-			if ( typeof part === "string" && !rNonWord.test( part ) ) {
-				part = part.toLowerCase();
-				nodeCheck = part;
-				checkFn = dirNodeCheck;
-			}
-
-			checkFn( "parentNode", part, doneName, checkSet, nodeCheck, isXML );
-		},
-
-		"~": function( checkSet, part, isXML ) {
-			var nodeCheck,
-				doneName = done++,
-				checkFn = dirCheck;
-
-			if ( typeof part === "string" && !rNonWord.test( part ) ) {
-				part = part.toLowerCase();
-				nodeCheck = part;
-				checkFn = dirNodeCheck;
-			}
-
-			checkFn( "previousSibling", part, doneName, checkSet, nodeCheck, isXML );
-		}
-	},
-
-	find: {
-		ID: function( match, context, isXML ) {
-			if ( typeof context.getElementById !== "undefined" && !isXML ) {
-				var m = context.getElementById(match[1]);
-				// Check parentNode to catch when Blackberry 4.6 returns
-				// nodes that are no longer in the document #6963
-				return m && m.parentNode ? [m] : [];
-			}
-		},
-
-		NAME: function( match, context ) {
-			if ( typeof context.getElementsByName !== "undefined" ) {
-				var ret = [],
-					results = context.getElementsByName( match[1] );
-
-				for ( var i = 0, l = results.length; i < l; i++ ) {
-					if ( results[i].getAttribute("name") === match[1] ) {
-						ret.push( results[i] );
-					}
-				}
-
-				return ret.length === 0 ? null : ret;
-			}
-		},
-
-		TAG: function( match, context ) {
-			if ( typeof context.getElementsByTagName !== "undefined" ) {
-				return context.getElementsByTagName( match[1] );
-			}
-		}
-	},
-	preFilter: {
-		CLASS: function( match, curLoop, inplace, result, not, isXML ) {
-			match = " " + match[1].replace( rBackslash, "" ) + " ";
-
-			if ( isXML ) {
-				return match;
-			}
-
-			for ( var i = 0, elem; (elem = curLoop[i]) != null; i++ ) {
-				if ( elem ) {
-					if ( not ^ (elem.className && (" " + elem.className + " ").replace(/[\t\n\r]/g, " ").indexOf(match) >= 0) ) {
-						if ( !inplace ) {
-							result.push( elem );
-						}
-
-					} else if ( inplace ) {
-						curLoop[i] = false;
-					}
-				}
-			}
-
-			return false;
-		},
-
-		ID: function( match ) {
-			return match[1].replace( rBackslash, "" );
-		},
-
-		TAG: function( match, curLoop ) {
-			return match[1].replace( rBackslash, "" ).toLowerCase();
-		},
-
-		CHILD: function( match ) {
-			if ( match[1] === "nth" ) {
-				if ( !match[2] ) {
-					Sizzle.error( match[0] );
-				}
-
-				match[2] = match[2].replace(/^\+|\s*/g, '');
-
-				// parse equations like 'even', 'odd', '5', '2n', '3n+2', '4n-1', '-n+6'
-				var test = /(-?)(\d*)(?:n([+\-]?\d*))?/.exec(
-					match[2] === "even" && "2n" || match[2] === "odd" && "2n+1" ||
-					!/\D/.test( match[2] ) && "0n+" + match[2] || match[2]);
-
-				// calculate the numbers (first)n+(last) including if they are negative
-				match[2] = (test[1] + (test[2] || 1)) - 0;
-				match[3] = test[3] - 0;
-			}
-			else if ( match[2] ) {
-				Sizzle.error( match[0] );
-			}
-
-			// TODO: Move to normal caching system
-			match[0] = done++;
-
-			return match;
-		},
-
-		ATTR: function( match, curLoop, inplace, result, not, isXML ) {
-			var name = match[1] = match[1].replace( rBackslash, "" );
-
-			if ( !isXML && Expr.attrMap[name] ) {
-				match[1] = Expr.attrMap[name];
-			}
-
-			// Handle if an un-quoted value was used
-			match[4] = ( match[4] || match[5] || "" ).replace( rBackslash, "" );
-
-			if ( match[2] === "~=" ) {
-				match[4] = " " + match[4] + " ";
-			}
-
-			return match;
-		},
-
-		PSEUDO: function( match, curLoop, inplace, result, not ) {
-			if ( match[1] === "not" ) {
-				// If we're dealing with a complex expression, or a simple one
-				if ( ( chunker.exec(match[3]) || "" ).length > 1 || /^\w/.test(match[3]) ) {
-					match[3] = Sizzle(match[3], null, null, curLoop);
-
-				} else {
-					var ret = Sizzle.filter(match[3], curLoop, inplace, true ^ not);
-
-					if ( !inplace ) {
-						result.push.apply( result, ret );
-					}
-
-					return false;
-				}
-
-			} else if ( Expr.match.POS.test( match[0] ) || Expr.match.CHILD.test( match[0] ) ) {
-				return true;
-			}
-
-			return match;
-		},
-
-		POS: function( match ) {
-			match.unshift( true );
-
-			return match;
-		}
-	},
-
-	filters: {
-		enabled: function( elem ) {
-			return elem.disabled === false && elem.type !== "hidden";
-		},
-
-		disabled: function( elem ) {
-			return elem.disabled === true;
-		},
-
-		checked: function( elem ) {
-			return elem.checked === true;
-		},
-
-		selected: function( elem ) {
-			// Accessing this property makes selected-by-default
-			// options in Safari work properly
-			if ( elem.parentNode ) {
-				elem.parentNode.selectedIndex;
-			}
-
-			return elem.selected === true;
-		},
-
-		parent: function( elem ) {
-			return !!elem.firstChild;
-		},
-
-		empty: function( elem ) {
-			return !elem.firstChild;
-		},
-
-		has: function( elem, i, match ) {
-			return !!Sizzle( match[3], elem ).length;
-		},
-
-		header: function( elem ) {
-			return (/h\d/i).test( elem.nodeName );
-		},
-
-		text: function( elem ) {
-			var attr = elem.getAttribute( "type" ), type = elem.type;
-			// IE6 and 7 will map elem.type to 'text' for new HTML5 types (search, etc)
-			// use getAttribute instead to test this case
-			return elem.nodeName.toLowerCase() === "input" && "text" === type && ( attr === type || attr === null );
-		},
-
-		radio: function( elem ) {
-			return elem.nodeName.toLowerCase() === "input" && "radio" === elem.type;
-		},
-
-		checkbox: function( elem ) {
-			return elem.nodeName.toLowerCase() === "input" && "checkbox" === elem.type;
-		},
-
-		file: function( elem ) {
-			return elem.nodeName.toLowerCase() === "input" && "file" === elem.type;
-		},
-
-		password: function( elem ) {
-			return elem.nodeName.toLowerCase() === "input" && "password" === elem.type;
-		},
-
-		submit: function( elem ) {
-			var name = elem.nodeName.toLowerCase();
-			return (name === "input" || name === "button") && "submit" === elem.type;
-		},
-
-		image: function( elem ) {
-			return elem.nodeName.toLowerCase() === "input" && "image" === elem.type;
-		},
-
-		reset: function( elem ) {
-			var name = elem.nodeName.toLowerCase();
-			return (name === "input" || name === "button") && "reset" === elem.type;
-		},
-
-		button: function( elem ) {
-			var name = elem.nodeName.toLowerCase();
-			return name === "input" && "button" === elem.type || name === "button";
-		},
-
-		input: function( elem ) {
-			return (/input|select|textarea|button/i).test( elem.nodeName );
-		},
-
-		focus: function( elem ) {
-			return elem === elem.ownerDocument.activeElement;
-		}
-	},
-	setFilters: {
-		first: function( elem, i ) {
-			return i === 0;
-		},
-
-		last: function( elem, i, match, array ) {
-			return i === array.length - 1;
-		},
-
-		even: function( elem, i ) {
-			return i % 2 === 0;
-		},
-
-		odd: function( elem, i ) {
-			return i % 2 === 1;
-		},
-
-		lt: function( elem, i, match ) {
-			return i < match[3] - 0;
-		},
-
-		gt: function( elem, i, match ) {
-			return i > match[3] - 0;
-		},
-
-		nth: function( elem, i, match ) {
-			return match[3] - 0 === i;
-		},
-
-		eq: function( elem, i, match ) {
-			return match[3] - 0 === i;
-		}
-	},
-	filter: {
-		PSEUDO: function( elem, match, i, array ) {
-			var name = match[1],
-				filter = Expr.filters[ name ];
-
-			if ( filter ) {
-				return filter( elem, i, match, array );
-
-			} else if ( name === "contains" ) {
-				return (elem.textContent || elem.innerText || getText([ elem ]) || "").indexOf(match[3]) >= 0;
-
-			} else if ( name === "not" ) {
-				var not = match[3];
-
-				for ( var j = 0, l = not.length; j < l; j++ ) {
-					if ( not[j] === elem ) {
-						return false;
-					}
-				}
-
-				return true;
-
-			} else {
-				Sizzle.error( name );
-			}
-		},
-
-		CHILD: function( elem, match ) {
-			var first, last,
-				doneName, parent, cache,
-				count, diff,
-				type = match[1],
-				node = elem;
-
-			switch ( type ) {
-				case "only":
-				case "first":
-					while ( (node = node.previousSibling) ) {
-						if ( node.nodeType === 1 ) {
-							return false;
-						}
-					}
-
-					if ( type === "first" ) {
-						return true;
-					}
-
-					node = elem;
-
-					/* falls through */
-				case "last":
-					while ( (node = node.nextSibling) ) {
-						if ( node.nodeType === 1 ) {
-							return false;
-						}
-					}
-
-					return true;
-
-				case "nth":
-					first = match[2];
-					last = match[3];
-
-					if ( first === 1 && last === 0 ) {
-						return true;
-					}
-
-					doneName = match[0];
-					parent = elem.parentNode;
-
-					if ( parent && (parent[ expando ] !== doneName || !elem.nodeIndex) ) {
-						count = 0;
-
-						for ( node = parent.firstChild; node; node = node.nextSibling ) {
-							if ( node.nodeType === 1 ) {
-								node.nodeIndex = ++count;
-							}
-						}
-
-						parent[ expando ] = doneName;
-					}
-
-					diff = elem.nodeIndex - last;
-
-					if ( first === 0 ) {
-						return diff === 0;
-
-					} else {
-						return ( diff % first === 0 && diff / first >= 0 );
-					}
-			}
-		},
-
-		ID: function( elem, match ) {
-			return elem.nodeType === 1 && elem.getAttribute("id") === match;
-		},
-
-		TAG: function( elem, match ) {
-			return (match === "*" && elem.nodeType === 1) || !!elem.nodeName && elem.nodeName.toLowerCase() === match;
-		},
-
-		CLASS: function( elem, match ) {
-			return (" " + (elem.className || elem.getAttribute("class")) + " ")
-				.indexOf( match ) > -1;
-		},
-
-		ATTR: function( elem, match ) {
-			var name = match[1],
-				result = Sizzle.attr ?
-					Sizzle.attr( elem, name ) :
-					Expr.attrHandle[ name ] ?
-					Expr.attrHandle[ name ]( elem ) :
-					elem[ name ] != null ?
-						elem[ name ] :
-						elem.getAttribute( name ),
-				value = result + "",
-				type = match[2],
-				check = match[4];
-
-			return result == null ?
-				type === "!=" :
-				!type && Sizzle.attr ?
-				result != null :
-				type === "=" ?
-				value === check :
-				type === "*=" ?
-				value.indexOf(check) >= 0 :
-				type === "~=" ?
-				(" " + value + " ").indexOf(check) >= 0 :
-				!check ?
-				value && result !== false :
-				type === "!=" ?
-				value !== check :
-				type === "^=" ?
-				value.indexOf(check) === 0 :
-				type === "$=" ?
-				value.substr(value.length - check.length) === check :
-				type === "|=" ?
-				value === check || value.substr(0, check.length + 1) === check + "-" :
-				false;
-		},
-
-		POS: function( elem, match, i, array ) {
-			var name = match[2],
-				filter = Expr.setFilters[ name ];
-
-			if ( filter ) {
-				return filter( elem, i, match, array );
-			}
-		}
-	}
-};
-
-var origPOS = Expr.match.POS,
-	fescape = function(all, num){
-		return "\\" + (num - 0 + 1);
-	};
-
-for ( var type in Expr.match ) {
-	Expr.match[ type ] = new RegExp( Expr.match[ type ].source + (/(?![^\[]*\])(?![^\(]*\))/.source) );
-	Expr.leftMatch[ type ] = new RegExp( /(^(?:.|\r|\n)*?)/.source + Expr.match[ type ].source.replace(/\\(\d+)/g, fescape) );
-}
-// Expose origPOS
-// "global" as in regardless of relation to brackets/parens
-Expr.match.globalPOS = origPOS;
-
-var makeArray = function( array, results ) {
-	array = Array.prototype.slice.call( array, 0 );
-
-	if ( results ) {
-		results.push.apply( results, array );
-		return results;
-	}
-
-	return array;
-};
-
-// Perform a simple check to determine if the browser is capable of
-// converting a NodeList to an array using builtin methods.
-// Also verifies that the returned array holds DOM nodes
-// (which is not the case in the Blackberry browser)
-try {
-	Array.prototype.slice.call( document.documentElement.childNodes, 0 )[0].nodeType;
-
-// Provide a fallback method if it does not work
-} catch( e ) {
-	makeArray = function( array, results ) {
-		var i = 0,
-			ret = results || [];
-
-		if ( toString.call(array) === "[object Array]" ) {
-			Array.prototype.push.apply( ret, array );
-
-		} else {
-			if ( typeof array.length === "number" ) {
-				for ( var l = array.length; i < l; i++ ) {
-					ret.push( array[i] );
-				}
-
-			} else {
-				for ( ; array[i]; i++ ) {
-					ret.push( array[i] );
-				}
-			}
-		}
-
-		return ret;
-	};
-}
-
-var sortOrder, siblingCheck;
-
-if ( document.documentElement.compareDocumentPosition ) {
-	sortOrder = function( a, b ) {
-		if ( a === b ) {
-			hasDuplicate = true;
-			return 0;
-		}
-
-		if ( !a.compareDocumentPosition || !b.compareDocumentPosition ) {
-			return a.compareDocumentPosition ? -1 : 1;
-		}
-
-		return a.compareDocumentPosition(b) & 4 ? -1 : 1;
-	};
-
-} else {
-	sortOrder = function( a, b ) {
-		// The nodes are identical, we can exit early
-		if ( a === b ) {
-			hasDuplicate = true;
-			return 0;
-
-		// Fallback to using sourceIndex (in IE) if it's available on both nodes
-		} else if ( a.sourceIndex && b.sourceIndex ) {
-			return a.sourceIndex - b.sourceIndex;
-		}
-
-		var al, bl,
-			ap = [],
-			bp = [],
-			aup = a.parentNode,
-			bup = b.parentNode,
-			cur = aup;
-
-		// If the nodes are siblings (or identical) we can do a quick check
-		if ( aup === bup ) {
-			return siblingCheck( a, b );
-
-		// If no parents were found then the nodes are disconnected
-		} else if ( !aup ) {
-			return -1;
-
-		} else if ( !bup ) {
-			return 1;
-		}
-
-		// Otherwise they're somewhere else in the tree so we need
-		// to build up a full list of the parentNodes for comparison
-		while ( cur ) {
-			ap.unshift( cur );
-			cur = cur.parentNode;
-		}
-
-		cur = bup;
-
-		while ( cur ) {
-			bp.unshift( cur );
-			cur = cur.parentNode;
-		}
-
-		al = ap.length;
-		bl = bp.length;
-
-		// Start walking down the tree looking for a discrepancy
-		for ( var i = 0; i < al && i < bl; i++ ) {
-			if ( ap[i] !== bp[i] ) {
-				return siblingCheck( ap[i], bp[i] );
-			}
-		}
-
-		// We ended someplace up the tree so do a sibling check
-		return i === al ?
-			siblingCheck( a, bp[i], -1 ) :
-			siblingCheck( ap[i], b, 1 );
-	};
-
-	siblingCheck = function( a, b, ret ) {
-		if ( a === b ) {
-			return ret;
-		}
-
-		var cur = a.nextSibling;
-
-		while ( cur ) {
-			if ( cur === b ) {
-				return -1;
-			}
-
-			cur = cur.nextSibling;
-		}
-
-		return 1;
-	};
-}
-
-// Check to see if the browser returns elements by name when
-// querying by getElementById (and provide a workaround)
-(function(){
-	// We're going to inject a fake input element with a specified name
-	var form = document.createElement("div"),
-		id = "script" + (new Date()).getTime(),
-		root = document.documentElement;
-
-	form.innerHTML = "<a name='" + id + "'/>";
-
-	// Inject it into the root element, check its status, and remove it quickly
-	root.insertBefore( form, root.firstChild );
-
-	// The workaround has to do additional checks after a getElementById
-	// Which slows things down for other browsers (hence the branching)
-	if ( document.getElementById( id ) ) {
-		Expr.find.ID = function( match, context, isXML ) {
-			if ( typeof context.getElementById !== "undefined" && !isXML ) {
-				var m = context.getElementById(match[1]);
-
-				return m ?
-					m.id === match[1] || typeof m.getAttributeNode !== "undefined" && m.getAttributeNode("id").nodeValue === match[1] ?
-						[m] :
-						undefined :
-					[];
-			}
-		};
-
-		Expr.filter.ID = function( elem, match ) {
-			var node = typeof elem.getAttributeNode !== "undefined" && elem.getAttributeNode("id");
-
-			return elem.nodeType === 1 && node && node.nodeValue === match;
-		};
-	}
-
-	root.removeChild( form );
-
-	// release memory in IE
-	root = form = null;
-})();
-
-(function(){
-	// Check to see if the browser returns only elements
-	// when doing getElementsByTagName("*")
-
-	// Create a fake element
-	var div = document.createElement("div");
-	div.appendChild( document.createComment("") );
-
-	// Make sure no comments are found
-	if ( div.getElementsByTagName("*").length > 0 ) {
-		Expr.find.TAG = function( match, context ) {
-			var results = context.getElementsByTagName( match[1] );
-
-			// Filter out possible comments
-			if ( match[1] === "*" ) {
-				var tmp = [];
-
-				for ( var i = 0; results[i]; i++ ) {
-					if ( results[i].nodeType === 1 ) {
-						tmp.push( results[i] );
-					}
-				}
-
-				results = tmp;
-			}
-
-			return results;
-		};
-	}
-
-	// Check to see if an attribute returns normalized href attributes
-	div.innerHTML = "<a href='#'></a>";
-
-	if ( div.firstChild && typeof div.firstChild.getAttribute !== "undefined" &&
-			div.firstChild.getAttribute("href") !== "#" ) {
-
-		Expr.attrHandle.href = function( elem ) {
-			return elem.getAttribute( "href", 2 );
-		};
-	}
-
-	// release memory in IE
-	div = null;
-})();
-
-if ( document.querySelectorAll ) {
-	(function(){
-		var oldSizzle = Sizzle,
-			div = document.createElement("div"),
-			id = "__sizzle__";
-
-		div.innerHTML = "<p class='TEST'></p>";
-
-		// Safari can't handle uppercase or unicode characters when
-		// in quirks mode.
-		if ( div.querySelectorAll && div.querySelectorAll(".TEST").length === 0 ) {
-			return;
-		}
-
-		Sizzle = function( query, context, extra, seed ) {
-			context = context || document;
-
-			// Only use querySelectorAll on non-XML documents
-			// (ID selectors don't work in non-HTML documents)
-			if ( !seed && !Sizzle.isXML(context) ) {
-				// See if we find a selector to speed up
-				var match = /^(\w+$)|^\.([\w\-]+$)|^#([\w\-]+$)/.exec( query );
-
-				if ( match && (context.nodeType === 1 || context.nodeType === 9) ) {
-					// Speed-up: Sizzle("TAG")
-					if ( match[1] ) {
-						return makeArray( context.getElementsByTagName( query ), extra );
-
-					// Speed-up: Sizzle(".CLASS")
-					} else if ( match[2] && Expr.find.CLASS && context.getElementsByMethodName ) {
-						return makeArray( context.getElementsByMethodName( match[2] ), extra );
-					}
-				}
-
-				if ( context.nodeType === 9 ) {
-					// Speed-up: Sizzle("body")
-					// The body element only exists once, optimize finding it
-					if ( query === "body" && context.body ) {
-						return makeArray( [ context.body ], extra );
-
-					// Speed-up: Sizzle("#ID")
-					} else if ( match && match[3] ) {
-						var elem = context.getElementById( match[3] );
-
-						// Check parentNode to catch when Blackberry 4.6 returns
-						// nodes that are no longer in the document #6963
-						if ( elem && elem.parentNode ) {
-							// Handle the case where IE and Opera return items
-							// by name instead of ID
-							if ( elem.id === match[3] ) {
-								return makeArray( [ elem ], extra );
-							}
-
-						} else {
-							return makeArray( [], extra );
-						}
-					}
-
-					try {
-						return makeArray( context.querySelectorAll(query), extra );
-					} catch(qsaError) {}
-
-				// qSA works strangely on Element-rooted queries
-				// We can work around this by specifying an extra ID on the root
-				// and working up from there (Thanks to Andrew Dupont for the technique)
-				// IE 8 doesn't work on object elements
-				} else if ( context.nodeType === 1 && context.nodeName.toLowerCase() !== "object" ) {
-					var oldContext = context,
-						old = context.getAttribute( "id" ),
-						nid = old || id,
-						hasParent = context.parentNode,
-						relativeHierarchySelector = /^\s*[+~]/.test( query );
-
-					if ( !old ) {
-						context.setAttribute( "id", nid );
-					} else {
-						nid = nid.replace( /'/g, "\\$&" );
-					}
-					if ( relativeHierarchySelector && hasParent ) {
-						context = context.parentNode;
-					}
-
-					try {
-						if ( !relativeHierarchySelector || hasParent ) {
-							return makeArray( context.querySelectorAll( "[id='" + nid + "'] " + query ), extra );
-						}
-
-					} catch(pseudoError) {
-					} finally {
-						if ( !old ) {
-							oldContext.removeAttribute( "id" );
-						}
-					}
-				}
-			}
-
-			return oldSizzle(query, context, extra, seed);
-		};
-
-		for ( var prop in oldSizzle ) {
-			Sizzle[ prop ] = oldSizzle[ prop ];
-		}
-
-		// release memory in IE
-		div = null;
-	})();
-}
-
-(function(){
-	var html = document.documentElement,
-		matches = html.matchesSelector || html.mozMatchesSelector || html.webkitMatchesSelector || html.msMatchesSelector;
-
-	if ( matches ) {
-		// Check to see if it's possible to do matchesSelector
-		// on a disconnected node (IE 9 fails this)
-		var disconnectedMatch = !matches.call( document.createElement( "div" ), "div" ),
-			pseudoWorks = false;
-
-		try {
-			// This should fail with an exception
-			// Gecko does not error, returns false instead
-			matches.call( document.documentElement, "[test!='']:sizzle" );
-
-		} catch( pseudoError ) {
-			pseudoWorks = true;
-		}
-
-		Sizzle.matchesSelector = function( node, expr ) {
-			// Make sure that attribute selectors are quoted
-			expr = expr.replace(/\=\s*([^'"\]]*)\s*\]/g, "='$1']");
-
-			if ( !Sizzle.isXML( node ) ) {
-				try {
-					if ( pseudoWorks || !Expr.match.PSEUDO.test( expr ) && !/!=/.test( expr ) ) {
-						var ret = matches.call( node, expr );
-
-						// IE 9's matchesSelector returns false on disconnected nodes
-						if ( ret || !disconnectedMatch ||
-								// As well, disconnected nodes are said to be in a document
-								// fragment in IE 9, so check for that
-								node.document && node.document.nodeType !== 11 ) {
-							return ret;
-						}
-					}
-				} catch(e) {}
-			}
-
-			return Sizzle(expr, null, null, [node]).length > 0;
-		};
-	}
-})();
-
-(function(){
-	var div = document.createElement("div");
-
-	div.innerHTML = "<div class='test e'></div><div class='test'></div>";
-
-	// Opera can't find a second classname (in 9.6)
-	// Also, make sure that getElementsByMethodName actually exists
-	if ( !div.getElementsByMethodName || div.getElementsByMethodName("e").length === 0 ) {
-		return;
-	}
-
-	// Safari caches class attributes, doesn't catch changes (in 3.2)
-	div.lastChild.className = "e";
-
-	if ( div.getElementsByMethodName("e").length === 1 ) {
-		return;
-	}
-
-	Expr.order.splice(1, 0, "CLASS");
-	Expr.find.CLASS = function( match, context, isXML ) {
-		if ( typeof context.getElementsByMethodName !== "undefined" && !isXML ) {
-			return context.getElementsByMethodName(match[1]);
-		}
-	};
-
-	// release memory in IE
-	div = null;
-})();
-
-function dirNodeCheck( dir, cur, doneName, checkSet, nodeCheck, isXML ) {
-	for ( var i = 0, l = checkSet.length; i < l; i++ ) {
-		var elem = checkSet[i];
-
-		if ( elem ) {
-			var match = false;
-
-			elem = elem[dir];
-
-			while ( elem ) {
-				if ( elem[ expando ] === doneName ) {
-					match = checkSet[elem.sizset];
-					break;
-				}
-
-				if ( elem.nodeType === 1 && !isXML ){
-					elem[ expando ] = doneName;
-					elem.sizset = i;
-				}
-
-				if ( elem.nodeName.toLowerCase() === cur ) {
-					match = elem;
-					break;
-				}
-
-				elem = elem[dir];
-			}
-
-			checkSet[i] = match;
-		}
-	}
-}
-
-function dirCheck( dir, cur, doneName, checkSet, nodeCheck, isXML ) {
-	for ( var i = 0, l = checkSet.length; i < l; i++ ) {
-		var elem = checkSet[i];
-
-		if ( elem ) {
-			var match = false;
-
-			elem = elem[dir];
-
-			while ( elem ) {
-				if ( elem[ expando ] === doneName ) {
-					match = checkSet[elem.sizset];
-					break;
-				}
-
-				if ( elem.nodeType === 1 ) {
-					if ( !isXML ) {
-						elem[ expando ] = doneName;
-						elem.sizset = i;
-					}
-
-					if ( typeof cur !== "string" ) {
-						if ( elem === cur ) {
-							match = true;
-							break;
-						}
-
-					} else if ( Sizzle.filter( cur, [elem] ).length > 0 ) {
-						match = elem;
-						break;
-					}
-				}
-
-				elem = elem[dir];
-			}
-
-			checkSet[i] = match;
-		}
-	}
-}
-
-if ( document.documentElement.contains ) {
-	Sizzle.contains = function( a, b ) {
-		return a !== b && (a.contains ? a.contains(b) : true);
-	};
-
-} else if ( document.documentElement.compareDocumentPosition ) {
-	Sizzle.contains = function( a, b ) {
-		return !!(a.compareDocumentPosition(b) & 16);
-	};
-
-} else {
-	Sizzle.contains = function() {
-		return false;
-	};
-}
-
-Sizzle.isXML = function( elem ) {
-	// documentElement is verified for cases where it doesn't yet exist
-	// (such as loading iframes in IE - #4833)
-	var documentElement = (elem ? elem.ownerDocument || elem : 0).documentElement;
-
-	return documentElement ? documentElement.nodeName !== "HTML" : false;
-};
-
-var posProcess = function( selector, context, seed ) {
-	var match,
-		tmpSet = [],
-		later = "",
-		root = context.nodeType ? [context] : context;
-
-	// Position selectors must be done after the filter
-	// And so must :not(positional) so we move all PSEUDOs to the end
-	while ( (match = Expr.match.PSEUDO.exec( selector )) ) {
-		later += match[0];
-		selector = selector.replace( Expr.match.PSEUDO, "" );
-	}
-
-	selector = Expr.relative[selector] ? selector + "*" : selector;
-
-	for ( var i = 0, l = root.length; i < l; i++ ) {
-		Sizzle( selector, root[i], tmpSet, seed );
-	}
-
-	return Sizzle.filter( later, tmpSet );
-};
-
-// EXPOSE
-// Override sizzle attribute retrieval
-Sizzle.attr = jQuery.attr;
-Sizzle.selectors.attrMap = {};
-jQuery.find = Sizzle;
-jQuery.expr = Sizzle.selectors;
-jQuery.expr[":"] = jQuery.expr.filters;
-jQuery.unique = Sizzle.uniqueSort;
-jQuery.text = Sizzle.getText;
-jQuery.isXMLDoc = Sizzle.isXML;
-jQuery.contains = Sizzle.contains;
-
-
-})();
-
-
-var runtil = /Until$/,
-	rparentsprev = /^(?:parents|prevUntil|prevAll)/,
-	// Note: This RegExp should be improved, or likely pulled from Sizzle
-	rmultiselector = /,/,
-	isSimple = /^.[^:#\[\.,]*$/,
-	slice = Array.prototype.slice,
-	POS = jQuery.expr.match.globalPOS,
-	// methods guaranteed to produce a unique set when starting from a unique set
-	guaranteedUnique = {
-		children: true,
-		contents: true,
-		next: true,
-		prev: true
-	};
-
-jQuery.fn.extend({
-	find: function( selector ) {
-		var self = this,
-			i, l;
-
-		if ( typeof selector !== "string" ) {
-			return jQuery( selector ).filter(function() {
-				for ( i = 0, l = self.length; i < l; i++ ) {
-					if ( jQuery.contains( self[ i ], this ) ) {
-						return true;
-					}
-				}
-			});
-		}
-
-		var ret = this.pushStack( "", "find", selector ),
-			length, n, r;
-
-		for ( i = 0, l = this.length; i < l; i++ ) {
-			length = ret.length;
-			jQuery.find( selector, this[i], ret );
-
-			if ( i > 0 ) {
-				// Make sure that the results are unique
-				for ( n = length; n < ret.length; n++ ) {
-					for ( r = 0; r < length; r++ ) {
-						if ( ret[r] === ret[n] ) {
-							ret.splice(n--, 1);
-							break;
-						}
-					}
-				}
-			}
-		}
-
-		return ret;
-	},
-
-	has: function( target ) {
-		var targets = jQuery( target );
-		return this.filter(function() {
-			for ( var i = 0, l = targets.length; i < l; i++ ) {
-				if ( jQuery.contains( this, targets[i] ) ) {
-					return true;
-				}
-			}
-		});
-	},
-
-	not: function( selector ) {
-		return this.pushStack( winnow(this, selector, false), "not", selector);
-	},
-
-	filter: function( selector ) {
-		return this.pushStack( winnow(this, selector, true), "filter", selector );
-	},
-
-	is: function( selector ) {
-		return !!selector && (
-			typeof selector === "string" ?
-				// If this is a positional selector, check membership in the returned set
-				// so $("p:first").is("p:last") won't return true for a doc with two "p".
-				POS.test( selector ) ?
-					jQuery( selector, this.context ).index( this[0] ) >= 0 :
-					jQuery.filter( selector, this ).length > 0 :
-				this.filter( selector ).length > 0 );
-	},
-
-	closest: function( selectors, context ) {
-		var ret = [], i, l, cur = this[0];
-
-		// Array (deprecated as of jQuery 1.7)
-		if ( jQuery.isArray( selectors ) ) {
-			var level = 1;
-
-			while ( cur && cur.ownerDocument && cur !== context ) {
-				for ( i = 0; i < selectors.length; i++ ) {
-
-					if ( jQuery( cur ).is( selectors[ i ] ) ) {
-						ret.push({ selector: selectors[ i ], elem: cur, level: level });
-					}
-				}
-
-				cur = cur.parentNode;
-				level++;
-			}
-
-			return ret;
-		}
-
-		// String
-		var pos = POS.test( selectors ) || typeof selectors !== "string" ?
-				jQuery( selectors, context || this.context ) :
-				0;
-
-		for ( i = 0, l = this.length; i < l; i++ ) {
-			cur = this[i];
-
-			while ( cur ) {
-				if ( pos ? pos.index(cur) > -1 : jQuery.find.matchesSelector(cur, selectors) ) {
-					ret.push( cur );
-					break;
-
-				} else {
-					cur = cur.parentNode;
-					if ( !cur || !cur.ownerDocument || cur === context || cur.nodeType === 11 ) {
-						break;
-					}
-				}
-			}
-		}
-
-		ret = ret.length > 1 ? jQuery.unique( ret ) : ret;
-
-		return this.pushStack( ret, "closest", selectors );
-	},
-
-	// Determine the position of an element within
-	// the matched set of elements
-	index: function( elem ) {
-
-		// No argument, return index in parent
-		if ( !elem ) {
-			return ( this[0] && this[0].parentNode ) ? this.prevAll().length : -1;
-		}
-
-		// index in selector
-		if ( typeof elem === "string" ) {
-			return jQuery.inArray( this[0], jQuery( elem ) );
-		}
-
-		// Locate the position of the desired element
-		return jQuery.inArray(
-			// If it receives a jQuery object, the first element is used
-			elem.jquery ? elem[0] : elem, this );
-	},
-
-	add: function( selector, context ) {
-		var set = typeof selector === "string" ?
-				jQuery( selector, context ) :
-				jQuery.makeArray( selector && selector.nodeType ? [ selector ] : selector ),
-			all = jQuery.merge( this.get(), set );
-
-		return this.pushStack( isDisconnected( set[0] ) || isDisconnected( all[0] ) ?
-			all :
-			jQuery.unique( all ) );
-	},
-
-	andSelf: function() {
-		return this.add( this.prevObject );
-	}
-});
-
-// A painfully simple check to see if an element is disconnected
-// from a document (should be improved, where feasible).
-function isDisconnected( node ) {
-	return !node || !node.parentNode || node.parentNode.nodeType === 11;
-}
-
-jQuery.each({
-	parent: function( elem ) {
-		var parent = elem.parentNode;
-		return parent && parent.nodeType !== 11 ? parent : null;
-	},
-	parents: function( elem ) {
-		return jQuery.dir( elem, "parentNode" );
-	},
-	parentsUntil: function( elem, i, until ) {
-		return jQuery.dir( elem, "parentNode", until );
-	},
-	next: function( elem ) {
-		return jQuery.nth( elem, 2, "nextSibling" );
-	},
-	prev: function( elem ) {
-		return jQuery.nth( elem, 2, "previousSibling" );
-	},
-	nextAll: function( elem ) {
-		return jQuery.dir( elem, "nextSibling" );
-	},
-	prevAll: function( elem ) {
-		return jQuery.dir( elem, "previousSibling" );
-	},
-	nextUntil: function( elem, i, until ) {
-		return jQuery.dir( elem, "nextSibling", until );
-	},
-	prevUntil: function( elem, i, until ) {
-		return jQuery.dir( elem, "previousSibling", until );
-	},
-	siblings: function( elem ) {
-		return jQuery.sibling( ( elem.parentNode || {} ).firstChild, elem );
-	},
-	children: function( elem ) {
-		return jQuery.sibling( elem.firstChild );
-	},
-	contents: function( elem ) {
-		return jQuery.nodeName( elem, "iframe" ) ?
-			elem.contentDocument || elem.contentWindow.document :
-			jQuery.makeArray( elem.childNodes );
-	}
-}, function( name, fn ) {
-	jQuery.fn[ name ] = function( until, selector ) {
-		var ret = jQuery.map( this, fn, until );
-
-		if ( !runtil.test( name ) ) {
-			selector = until;
-		}
-
-		if ( selector && typeof selector === "string" ) {
-			ret = jQuery.filter( selector, ret );
-		}
-
-		ret = this.length > 1 && !guaranteedUnique[ name ] ? jQuery.unique( ret ) : ret;
-
-		if ( (this.length > 1 || rmultiselector.test( selector )) && rparentsprev.test( name ) ) {
-			ret = ret.reverse();
-		}
-
-		return this.pushStack( ret, name, slice.call( arguments ).join(",") );
-	};
-});
-
-jQuery.extend({
-	filter: function( expr, elems, not ) {
-		if ( not ) {
-			expr = ":not(" + expr + ")";
-		}
-
-		return elems.length === 1 ?
-			jQuery.find.matchesSelector(elems[0], expr) ? [ elems[0] ] : [] :
-			jQuery.find.matches(expr, elems);
-	},
-
-	dir: function( elem, dir, until ) {
-		var matched = [],
-			cur = elem[ dir ];
-
-		while ( cur && cur.nodeType !== 9 && (until === undefined || cur.nodeType !== 1 || !jQuery( cur ).is( until )) ) {
-			if ( cur.nodeType === 1 ) {
-				matched.push( cur );
-			}
-			cur = cur[dir];
-		}
-		return matched;
-	},
-
-	nth: function( cur, result, dir, elem ) {
-		result = result || 1;
-		var num = 0;
-
-		for ( ; cur; cur = cur[dir] ) {
-			if ( cur.nodeType === 1 && ++num === result ) {
-				break;
-			}
-		}
-
-		return cur;
-	},
-
-	sibling: function( n, elem ) {
-		var r = [];
-
-		for ( ; n; n = n.nextSibling ) {
-			if ( n.nodeType === 1 && n !== elem ) {
-				r.push( n );
-			}
-		}
-
-		return r;
-	}
-});
-
-// Implement the identical functionality for filter and not
-function winnow( elements, qualifier, keep ) {
-
-	// Can't pass null or undefined to indexOf in Firefox 4
-	// Set to 0 to skip string check
-	qualifier = qualifier || 0;
-
-	if ( jQuery.isFunction( qualifier ) ) {
-		return jQuery.grep(elements, function( elem, i ) {
-			var retVal = !!qualifier.call( elem, i, elem );
-			return retVal === keep;
-		});
-
-	} else if ( qualifier.nodeType ) {
-		return jQuery.grep(elements, function( elem, i ) {
-			return ( elem === qualifier ) === keep;
-		});
-
-	} else if ( typeof qualifier === "string" ) {
-		var filtered = jQuery.grep(elements, function( elem ) {
-			return elem.nodeType === 1;
-		});
-
-		if ( isSimple.test( qualifier ) ) {
-			return jQuery.filter(qualifier, filtered, !keep);
-		} else {
-			qualifier = jQuery.filter( qualifier, filtered );
-		}
-	}
-
-	return jQuery.grep(elements, function( elem, i ) {
-		return ( jQuery.inArray( elem, qualifier ) >= 0 ) === keep;
-	});
-}
-
-
-
-
-function createSafeFragment( document ) {
-	var list = nodeNames.split( "|" ),
-	safeFrag = document.createDocumentFragment();
-
-	if ( safeFrag.createElement ) {
-		while ( list.length ) {
-			safeFrag.createElement(
-				list.pop()
-			);
-		}
-	}
-	return safeFrag;
-}
-
-var nodeNames = "abbr|article|aside|audio|bdi|canvas|data|datalist|details|figcaption|figure|footer|" +
-		"header|hgroup|mark|meter|nav|output|progress|section|summary|time|video",
-	rinlinejQuery = / jQuery\d+="(?:\d+|null)"/g,
-	rleadingWhitespace = /^\s+/,
-	rxhtmlTag = /<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[^>]*)\/>/ig,
-	rtagName = /<([\w:]+)/,
-	rtbody = /<tbody/i,
-	rhtml = /<|&#?\w+;/,
-	rnoInnerhtml = /<(?:script|style)/i,
-	rnocache = /<(?:script|object|embed|option|style)/i,
-	rnoshimcache = new RegExp("<(?:" + nodeNames + ")[\\s/>]", "i"),
-	// checked="checked" or checked
-	rchecked = /checked\s*(?:[^=]|=\s*.checked.)/i,
-	rscriptType = /\/(java|ecma)script/i,
-	rcleanScript = /^\s*<!(?:\[CDATA\[|\-\-)/,
-	wrapMap = {
-		option: [ 1, "<select multiple='multiple'>", "</select>" ],
-		legend: [ 1, "<fieldset>", "</fieldset>" ],
-		thead: [ 1, "<table>", "</table>" ],
-		tr: [ 2, "<table><tbody>", "</tbody></table>" ],
-		td: [ 3, "<table><tbody><tr>", "</tr></tbody></table>" ],
-		col: [ 2, "<table><tbody></tbody><colgroup>", "</colgroup></table>" ],
-		area: [ 1, "<map>", "</map>" ],
-		_default: [ 0, "", "" ]
-	},
-	safeFragment = createSafeFragment( document );
-
-wrapMap.optgroup = wrapMap.option;
-wrapMap.tbody = wrapMap.tfoot = wrapMap.colgroup = wrapMap.caption = wrapMap.thead;
-wrapMap.th = wrapMap.td;
-
-// IE can't serialize <link> and <script> tags normally
-if ( !jQuery.support.htmlSerialize ) {
-	wrapMap._default = [ 1, "div<div>", "</div>" ];
-}
-
-jQuery.fn.extend({
-	text: function( value ) {
-		return jQuery.access( this, function( value ) {
-			return value === undefined ?
-				jQuery.text( this ) :
-				this.empty().append( ( this[0] && this[0].ownerDocument || document ).createTextNode( value ) );
-		}, null, value, arguments.length );
-	},
-
-	wrapAll: function( html ) {
-		if ( jQuery.isFunction( html ) ) {
-			return this.each(function(i) {
-				jQuery(this).wrapAll( html.call(this, i) );
-			});
-		}
-
-		if ( this[0] ) {
-			// The elements to wrap the target around
-			var wrap = jQuery( html, this[0].ownerDocument ).eq(0).clone(true);
-
-			if ( this[0].parentNode ) {
-				wrap.insertBefore( this[0] );
-			}
-
-			wrap.map(function() {
-				var elem = this;
-
-				while ( elem.firstChild && elem.firstChild.nodeType === 1 ) {
-					elem = elem.firstChild;
-				}
-
-				return elem;
-			}).append( this );
-		}
-
-		return this;
-	},
-
-	wrapInner: function( html ) {
-		if ( jQuery.isFunction( html ) ) {
-			return this.each(function(i) {
-				jQuery(this).wrapInner( html.call(this, i) );
-			});
-		}
-
-		return this.each(function() {
-			var self = jQuery( this ),
-				contents = self.contents();
-
-			if ( contents.length ) {
-				contents.wrapAll( html );
-
-			} else {
-				self.append( html );
-			}
-		});
-	},
-
-	wrap: function( html ) {
-		var isFunction = jQuery.isFunction( html );
-
-		return this.each(function(i) {
-			jQuery( this ).wrapAll( isFunction ? html.call(this, i) : html );
-		});
-	},
-
-	unwrap: function() {
-		return this.parent().each(function() {
-			if ( !jQuery.nodeName( this, "body" ) ) {
-				jQuery( this ).replaceWith( this.childNodes );
-			}
-		}).end();
-	},
-
-	append: function() {
-		return this.domManip(arguments, true, function( elem ) {
-			if ( this.nodeType === 1 ) {
-				this.appendChild( elem );
-			}
-		});
-	},
-
-	prepend: function() {
-		return this.domManip(arguments, true, function( elem ) {
-			if ( this.nodeType === 1 ) {
-				this.insertBefore( elem, this.firstChild );
-			}
-		});
-	},
-
-	before: function() {
-		if ( this[0] && this[0].parentNode ) {
-			return this.domManip(arguments, false, function( elem ) {
-				this.parentNode.insertBefore( elem, this );
-			});
-		} else if ( arguments.length ) {
-			var set = jQuery.clean( arguments );
-			set.push.apply( set, this.toArray() );
-			return this.pushStack( set, "before", arguments );
-		}
-	},
-
-	after: function() {
-		if ( this[0] && this[0].parentNode ) {
-			return this.domManip(arguments, false, function( elem ) {
-				this.parentNode.insertBefore( elem, this.nextSibling );
-			});
-		} else if ( arguments.length ) {
-			var set = this.pushStack( this, "after", arguments );
-			set.push.apply( set, jQuery.clean(arguments) );
-			return set;
-		}
-	},
-
-	// keepData is for internal use only--do not document
-	remove: function( selector, keepData ) {
-		for ( var i = 0, elem; (elem = this[i]) != null; i++ ) {
-			if ( !selector || jQuery.filter( selector, [ elem ] ).length ) {
-				if ( !keepData && elem.nodeType === 1 ) {
-					jQuery.cleanData( elem.getElementsByTagName("*") );
-					jQuery.cleanData( [ elem ] );
-				}
-
-				if ( elem.parentNode ) {
-					elem.parentNode.removeChild( elem );
-				}
-			}
-		}
-
-		return this;
-	},
-
-	empty: function() {
-		for ( var i = 0, elem; (elem = this[i]) != null; i++ ) {
-			// Remove element nodes and prevent memory leaks
-			if ( elem.nodeType === 1 ) {
-				jQuery.cleanData( elem.getElementsByTagName("*") );
-			}
-
-			// Remove any remaining nodes
-			while ( elem.firstChild ) {
-				elem.removeChild( elem.firstChild );
-			}
-		}
-
-		return this;
-	},
-
-	clone: function( dataAndEvents, deepDataAndEvents ) {
-		dataAndEvents = dataAndEvents == null ? false : dataAndEvents;
-		deepDataAndEvents = deepDataAndEvents == null ? dataAndEvents : deepDataAndEvents;
-
-		return this.map( function () {
-			return jQuery.clone( this, dataAndEvents, deepDataAndEvents );
-		});
-	},
-
-	html: function( value ) {
-		return jQuery.access( this, function( value ) {
-			var elem = this[0] || {},
-				i = 0,
-				l = this.length;
-
-			if ( value === undefined ) {
-				return elem.nodeType === 1 ?
-					elem.innerHTML.replace( rinlinejQuery, "" ) :
-					null;
-			}
-
-
-			if ( typeof value === "string" && !rnoInnerhtml.test( value ) &&
-				( jQuery.support.leadingWhitespace || !rleadingWhitespace.test( value ) ) &&
-				!wrapMap[ ( rtagName.exec( value ) || ["", ""] )[1].toLowerCase() ] ) {
-
-				value = value.replace( rxhtmlTag, "<$1></$2>" );
-
-				try {
-					for (; i < l; i++ ) {
-						// Remove element nodes and prevent memory leaks
-						elem = this[i] || {};
-						if ( elem.nodeType === 1 ) {
-							jQuery.cleanData( elem.getElementsByTagName( "*" ) );
-							elem.innerHTML = value;
-						}
-					}
-
-					elem = 0;
-
-				// If using innerHTML throws an exception, use the fallback method
-				} catch(e) {}
-			}
-
-			if ( elem ) {
-				this.empty().append( value );
-			}
-		}, null, value, arguments.length );
-	},
-
-	replaceWith: function( value ) {
-		if ( this[0] && this[0].parentNode ) {
-			// Make sure that the elements are removed from the DOM before they are inserted
-			// this can help fix replacing a parent with child elements
-			if ( jQuery.isFunction( value ) ) {
-				return this.each(function(i) {
-					var self = jQuery(this), old = self.html();
-					self.replaceWith( value.call( this, i, old ) );
-				});
-			}
-
-			if ( typeof value !== "string" ) {
-				value = jQuery( value ).detach();
-			}
-
-			return this.each(function() {
-				var next = this.nextSibling,
-					parent = this.parentNode;
-
-				jQuery( this ).remove();
-
-				if ( next ) {
-					jQuery(next).before( value );
-				} else {
-					jQuery(parent).append( value );
-				}
-			});
-		} else {
-			return this.length ?
-				this.pushStack( jQuery(jQuery.isFunction(value) ? value() : value), "replaceWith", value ) :
-				this;
-		}
-	},
-
-	detach: function( selector ) {
-		return this.remove( selector, true );
-	},
-
-	domManip: function( args, table, callback ) {
-		var results, first, fragment, parent,
-			value = args[0],
-			scripts = [];
-
-		// We can't cloneNode fragments that contain checked, in WebKit
-		if ( !jQuery.support.checkClone && arguments.length === 3 && typeof value === "string" && rchecked.test( value ) ) {
-			return this.each(function() {
-				jQuery(this).domManip( args, table, callback, true );
-			});
-		}
-
-		if ( jQuery.isFunction(value) ) {
-			return this.each(function(i) {
-				var self = jQuery(this);
-				args[0] = value.call(this, i, table ? self.html() : undefined);
-				self.domManip( args, table, callback );
-			});
-		}
-
-		if ( this[0] ) {
-			parent = value && value.parentNode;
-
-			// If we're in a fragment, just use that instead of building a new one
-			if ( jQuery.support.parentNode && parent && parent.nodeType === 11 && parent.childNodes.length === this.length ) {
-				results = { fragment: parent };
-
-			} else {
-				results = jQuery.buildFragment( args, this, scripts );
-			}
-
-			fragment = results.fragment;
-
-			if ( fragment.childNodes.length === 1 ) {
-				first = fragment = fragment.firstChild;
-			} else {
-				first = fragment.firstChild;
-			}
-
-			if ( first ) {
-				table = table && jQuery.nodeName( first, "tr" );
-
-				for ( var i = 0, l = this.length, lastIndex = l - 1; i < l; i++ ) {
-					callback.call(
-						table ?
-							root(this[i], first) :
-							this[i],
-						// Make sure that we do not leak memory by inadvertently discarding
-						// the original fragment (which might have attached data) instead of
-						// using it; in addition, use the original fragment object for the last
-						// item instead of first because it can end up being emptied incorrectly
-						// in certain situations (Bug #8070).
-						// Fragments from the fragment cache must always be cloned and never used
-						// in place.
-						results.cacheable || ( l > 1 && i < lastIndex ) ?
-							jQuery.clone( fragment, true, true ) :
-							fragment
-					);
-				}
-			}
-
-			if ( scripts.length ) {
-				jQuery.each( scripts, function( i, elem ) {
-					if ( elem.src ) {
-						jQuery.ajax({
-							type: "GET",
-							global: false,
-							url: elem.src,
-							async: false,
-							dataType: "script"
-						});
-					} else {
-						jQuery.globalEval( ( elem.text || elem.textContent || elem.innerHTML || "" ).replace( rcleanScript, "/*$0*/" ) );
-					}
-
-					if ( elem.parentNode ) {
-						elem.parentNode.removeChild( elem );
-					}
-				});
-			}
-		}
-
-		return this;
-	}
-});
-
-function root( elem, cur ) {
-	return jQuery.nodeName(elem, "table") ?
-		(elem.getElementsByTagName("tbody")[0] ||
-		elem.appendChild(elem.ownerDocument.createElement("tbody"))) :
-		elem;
-}
-
-function cloneCopyEvent( src, dest ) {
-
-	if ( dest.nodeType !== 1 || !jQuery.hasData( src ) ) {
-		return;
-	}
-
-	var type, i, l,
-		oldData = jQuery._data( src ),
-		curData = jQuery._data( dest, oldData ),
-		events = oldData.events;
-
-	if ( events ) {
-		delete curData.handle;
-		curData.events = {};
-
-		for ( type in events ) {
-			for ( i = 0, l = events[ type ].length; i < l; i++ ) {
-				jQuery.event.add( dest, type, events[ type ][ i ] );
-			}
-		}
-	}
-
-	// make the cloned public data object a copy from the original
-	if ( curData.data ) {
-		curData.data = jQuery.extend( {}, curData.data );
-	}
-}
-
-function cloneFixAttributes( src, dest ) {
-	var nodeName;
-
-	// We do not need to do anything for non-Elements
-	if ( dest.nodeType !== 1 ) {
-		return;
-	}
-
-	// clearAttributes removes the attributes, which we don't want,
-	// but also removes the attachEvent events, which we *do* want
-	if ( dest.clearAttributes ) {
-		dest.clearAttributes();
-	}
-
-	// mergeAttributes, in contrast, only merges back on the
-	// original attributes, not the events
-	if ( dest.mergeAttributes ) {
-		dest.mergeAttributes( src );
-	}
-
-	nodeName = dest.nodeName.toLowerCase();
-
-	// IE6-8 fail to clone children inside object elements that use
-	// the proprietary classid attribute value (rather than the type
-	// attribute) to identify the type of content to display
-	if ( nodeName === "object" ) {
-		dest.outerHTML = src.outerHTML;
-
-	} else if ( nodeName === "input" && (src.type === "checkbox" || src.type === "radio") ) {
-		// IE6-8 fails to persist the checked state of a cloned checkbox
-		// or radio button. Worse, IE6-7 fail to give the cloned element
-		// a checked appearance if the defaultChecked value isn't also set
-		if ( src.checked ) {
-			dest.defaultChecked = dest.checked = src.checked;
-		}
-
-		// IE6-7 get confused and end up setting the value of a cloned
-		// checkbox/radio button to an empty string instead of "on"
-		if ( dest.value !== src.value ) {
-			dest.value = src.value;
-		}
-
-	// IE6-8 fails to return the selected option to the default selected
-	// state when cloning options
-	} else if ( nodeName === "option" ) {
-		dest.selected = src.defaultSelected;
-
-	// IE6-8 fails to set the defaultValue to the correct value when
-	// cloning other types of input fields
-	} else if ( nodeName === "input" || nodeName === "textarea" ) {
-		dest.defaultValue = src.defaultValue;
-
-	// IE blanks contents when cloning scripts
-	} else if ( nodeName === "script" && dest.text !== src.text ) {
-		dest.text = src.text;
-	}
-
-	// Event data gets referenced instead of copied if the expando
-	// gets copied too
-	dest.removeAttribute( jQuery.expando );
-
-	// Clear flags for bubbling special change/submit events, they must
-	// be reattached when the newly cloned events are first activated
-	dest.removeAttribute( "_submit_attached" );
-	dest.removeAttribute( "_change_attached" );
-}
-
-jQuery.buildFragment = function( args, nodes, scripts ) {
-	var fragment, cacheable, cacheresults, doc,
-	first = args[ 0 ];
-
-	// nodes may contain either an explicit document object,
-	// a jQuery collection or context object.
-	// If nodes[0] contains a valid object to assign to doc
-	if ( nodes && nodes[0] ) {
-		doc = nodes[0].ownerDocument || nodes[0];
-	}
-
-	// Ensure that an attr object doesn't incorrectly stand in as a document object
-	// Chrome and Firefox seem to allow this to occur and will throw exception
-	// Fixes #8950
-	if ( !doc.createDocumentFragment ) {
-		doc = document;
-	}
-
-	// Only cache "small" (1/2 KB) HTML strings that are associated with the main document
-	// Cloning options loses the selected state, so don't cache them
-	// IE 6 doesn't like it when you put <object> or <embed> elements in a fragment
-	// Also, WebKit does not clone 'checked' attributes on cloneNode, so don't cache
-	// Lastly, IE6,7,8 will not correctly reuse cached fragments that were created from unknown elems #10501
-	if ( args.length === 1 && typeof first === "string" && first.length < 512 && doc === document &&
-		first.charAt(0) === "<" && !rnocache.test( first ) &&
-		(jQuery.support.checkClone || !rchecked.test( first )) &&
-		(jQuery.support.html5Clone || !rnoshimcache.test( first )) ) {
-
-		cacheable = true;
-
-		cacheresults = jQuery.fragments[ first ];
-		if ( cacheresults && cacheresults !== 1 ) {
-			fragment = cacheresults;
-		}
-	}
-
-	if ( !fragment ) {
-		fragment = doc.createDocumentFragment();
-		jQuery.clean( args, doc, fragment, scripts );
-	}
-
-	if ( cacheable ) {
-		jQuery.fragments[ first ] = cacheresults ? fragment : 1;
-	}
-
-	return { fragment: fragment, cacheable: cacheable };
-};
-
-jQuery.fragments = {};
-
-jQuery.each({
-	appendTo: "append",
-	prependTo: "prepend",
-	insertBefore: "before",
-	insertAfter: "after",
-	replaceAll: "replaceWith"
-}, function( name, original ) {
-	jQuery.fn[ name ] = function( selector ) {
-		var ret = [],
-			insert = jQuery( selector ),
-			parent = this.length === 1 && this[0].parentNode;
-
-		if ( parent && parent.nodeType === 11 && parent.childNodes.length === 1 && insert.length === 1 ) {
-			insert[ original ]( this[0] );
-			return this;
-
-		} else {
-			for ( var i = 0, l = insert.length; i < l; i++ ) {
-				var elems = ( i > 0 ? this.clone(true) : this ).get();
-				jQuery( insert[i] )[ original ]( elems );
-				ret = ret.concat( elems );
-			}
-
-			return this.pushStack( ret, name, insert.selector );
-		}
-	};
-});
-
-function getAll( elem ) {
-	if ( typeof elem.getElementsByTagName !== "undefined" ) {
-		return elem.getElementsByTagName( "*" );
-
-	} else if ( typeof elem.querySelectorAll !== "undefined" ) {
-		return elem.querySelectorAll( "*" );
-
-	} else {
-		return [];
-	}
-}
-
-// Used in clean, fixes the defaultChecked property
-function fixDefaultChecked( elem ) {
-	if ( elem.type === "checkbox" || elem.type === "radio" ) {
-		elem.defaultChecked = elem.checked;
-	}
-}
-// Finds all inputs and passes them to fixDefaultChecked
-function findInputs( elem ) {
-	var nodeName = ( elem.nodeName || "" ).toLowerCase();
-	if ( nodeName === "input" ) {
-		fixDefaultChecked( elem );
-	// Skip scripts, get other children
-	} else if ( nodeName !== "script" && typeof elem.getElementsByTagName !== "undefined" ) {
-		jQuery.grep( elem.getElementsByTagName("input"), fixDefaultChecked );
-	}
-}
-
-// Derived From: http://www.iecss.com/shimprove/javascript/shimprove.1-0-1.js
-function shimCloneNode( elem ) {
-	var div = document.createElement( "div" );
-	safeFragment.appendChild( div );
-
-	div.innerHTML = elem.outerHTML;
-	return div.firstChild;
-}
-
-jQuery.extend({
-	clone: function( elem, dataAndEvents, deepDataAndEvents ) {
-		var srcElements,
-			destElements,
-			i,
-			// IE<=8 does not properly clone detached, unknown element nodes
-			clone = jQuery.support.html5Clone || jQuery.isXMLDoc(elem) || !rnoshimcache.test( "<" + elem.nodeName + ">" ) ?
-				elem.cloneNode( true ) :
-				shimCloneNode( elem );
-
-		if ( (!jQuery.support.noCloneEvent || !jQuery.support.noCloneChecked) &&
-				(elem.nodeType === 1 || elem.nodeType === 11) && !jQuery.isXMLDoc(elem) ) {
-			// IE copies events bound via attachEvent when using cloneNode.
-			// Calling detachEvent on the clone will also remove the events
-			// from the original. In order to get around this, we use some
-			// proprietary methods to clear the events. Thanks to MooTools
-			// guys for this hotness.
-
-			cloneFixAttributes( elem, clone );
-
-			// Using Sizzle here is crazy slow, so we use getElementsByTagName instead
-			srcElements = getAll( elem );
-			destElements = getAll( clone );
-
-			// Weird iteration because IE will replace the length property
-			// with an element if you are cloning the body and one of the
-			// elements on the page has a name or id of "length"
-			for ( i = 0; srcElements[i]; ++i ) {
-				// Ensure that the destination node is not null; Fixes #9587
-				if ( destElements[i] ) {
-					cloneFixAttributes( srcElements[i], destElements[i] );
-				}
-			}
-		}
-
-		// Copy the events from the original to the clone
-		if ( dataAndEvents ) {
-			cloneCopyEvent( elem, clone );
-
-			if ( deepDataAndEvents ) {
-				srcElements = getAll( elem );
-				destElements = getAll( clone );
-
-				for ( i = 0; srcElements[i]; ++i ) {
-					cloneCopyEvent( srcElements[i], destElements[i] );
-				}
-			}
-		}
-
-		srcElements = destElements = null;
-
-		// Return the cloned set
-		return clone;
-	},
-
-	clean: function( elems, context, fragment, scripts ) {
-		var checkScriptType, script, j,
-				ret = [];
-
-		context = context || document;
-
-		// !context.createElement fails in IE with an error but returns typeof 'object'
-		if ( typeof context.createElement === "undefined" ) {
-			context = context.ownerDocument || context[0] && context[0].ownerDocument || document;
-		}
-
-		for ( var i = 0, elem; (elem = elems[i]) != null; i++ ) {
-			if ( typeof elem === "number" ) {
-				elem += "";
-			}
-
-			if ( !elem ) {
-				continue;
-			}
-
-			// Convert html string into DOM nodes
-			if ( typeof elem === "string" ) {
-				if ( !rhtml.test( elem ) ) {
-					elem = context.createTextNode( elem );
-				} else {
-					// Fix "XHTML"-style tags in all browsers
-					elem = elem.replace(rxhtmlTag, "<$1></$2>");
-
-					// Trim whitespace, otherwise indexOf won't work as expected
-					var tag = ( rtagName.exec( elem ) || ["", ""] )[1].toLowerCase(),
-						wrap = wrapMap[ tag ] || wrapMap._default,
-						depth = wrap[0],
-						div = context.createElement("div"),
-						safeChildNodes = safeFragment.childNodes,
-						remove;
-
-					// Append wrapper element to unknown element safe doc fragment
-					if ( context === document ) {
-						// Use the fragment we've already created for this document
-						safeFragment.appendChild( div );
-					} else {
-						// Use a fragment created with the owner document
-						createSafeFragment( context ).appendChild( div );
-					}
-
-					// Go to html and back, then peel off extra wrappers
-					div.innerHTML = wrap[1] + elem + wrap[2];
-
-					// Move to the right depth
-					while ( depth-- ) {
-						div = div.lastChild;
-					}
-
-					// Remove IE's autoinserted <tbody> from table fragments
-					if ( !jQuery.support.tbody ) {
-
-						// String was a <table>, *may* have spurious <tbody>
-						var hasBody = rtbody.test(elem),
-							tbody = tag === "table" && !hasBody ?
-								div.firstChild && div.firstChild.childNodes :
-
-								// String was a bare <thead> or <tfoot>
-								wrap[1] === "<table>" && !hasBody ?
-									div.childNodes :
-									[];
-
-						for ( j = tbody.length - 1; j >= 0 ; --j ) {
-							if ( jQuery.nodeName( tbody[ j ], "tbody" ) && !tbody[ j ].childNodes.length ) {
-								tbody[ j ].parentNode.removeChild( tbody[ j ] );
-							}
-						}
-					}
-
-					// IE completely kills leading whitespace when innerHTML is used
-					if ( !jQuery.support.leadingWhitespace && rleadingWhitespace.test( elem ) ) {
-						div.insertBefore( context.createTextNode( rleadingWhitespace.exec(elem)[0] ), div.firstChild );
-					}
-
-					elem = div.childNodes;
-
-					// Clear elements from DocumentFragment (safeFragment or otherwise)
-					// to avoid hoarding elements. Fixes #11356
-					if ( div ) {
-						div.parentNode.removeChild( div );
-
-						// Guard against -1 index exceptions in FF3.6
-						if ( safeChildNodes.length > 0 ) {
-							remove = safeChildNodes[ safeChildNodes.length - 1 ];
-
-							if ( remove && remove.parentNode ) {
-								remove.parentNode.removeChild( remove );
-							}
-						}
-					}
-				}
-			}
-
-			// Resets defaultChecked for any radios and checkboxes
-			// about to be appended to the DOM in IE 6/7 (#8060)
-			var len;
-			if ( !jQuery.support.appendChecked ) {
-				if ( elem[0] && typeof (len = elem.length) === "number" ) {
-					for ( j = 0; j < len; j++ ) {
-						findInputs( elem[j] );
-					}
-				} else {
-					findInputs( elem );
-				}
-			}
-
-			if ( elem.nodeType ) {
-				ret.push( elem );
-			} else {
-				ret = jQuery.merge( ret, elem );
-			}
-		}
-
-		if ( fragment ) {
-			checkScriptType = function( elem ) {
-				return !elem.type || rscriptType.test( elem.type );
-			};
-			for ( i = 0; ret[i]; i++ ) {
-				script = ret[i];
-				if ( scripts && jQuery.nodeName( script, "script" ) && (!script.type || rscriptType.test( script.type )) ) {
-					scripts.push( script.parentNode ? script.parentNode.removeChild( script ) : script );
-
-				} else {
-					if ( script.nodeType === 1 ) {
-						var jsTags = jQuery.grep( script.getElementsByTagName( "script" ), checkScriptType );
-
-						ret.splice.apply( ret, [i + 1, 0].concat( jsTags ) );
-					}
-					fragment.appendChild( script );
-				}
-			}
-		}
-
-		return ret;
-	},
-
-	cleanData: function( elems ) {
-		var data, id,
-			cache = jQuery.cache,
-			special = jQuery.event.special,
-			deleteExpando = jQuery.support.deleteExpando;
-
-		for ( var i = 0, elem; (elem = elems[i]) != null; i++ ) {
-			if ( elem.nodeName && jQuery.noData[elem.nodeName.toLowerCase()] ) {
-				continue;
-			}
-
-			id = elem[ jQuery.expando ];
-
-			if ( id ) {
-				data = cache[ id ];
-
-				if ( data && data.events ) {
-					for ( var type in data.events ) {
-						if ( special[ type ] ) {
-							jQuery.event.remove( elem, type );
-
-						// This is a shortcut to avoid jQuery.event.remove's overhead
-						} else {
-							jQuery.removeEvent( elem, type, data.handle );
-						}
-					}
-
-					// Null the DOM reference to avoid IE6/7/8 leak (#7054)
-					if ( data.handle ) {
-						data.handle.elem = null;
-					}
-				}
-
-				if ( deleteExpando ) {
-					delete elem[ jQuery.expando ];
-
-				} else if ( elem.removeAttribute ) {
-					elem.removeAttribute( jQuery.expando );
-				}
-
-				delete cache[ id ];
-			}
-		}
-	}
-});
-
-
-
-
-var ralpha = /alpha\([^)]*\)/i,
-	ropacity = /opacity=([^)]*)/,
-	// fixed for IE9, see #8346
-	rupper = /([A-Z]|^ms)/g,
-	rnum = /^[\-+]?(?:\d*\.)?\d+$/i,
-	rnumnonpx = /^-?(?:\d*\.)?\d+(?!px)[^\d\s]+$/i,
-	rrelNum = /^([\-+])=([\-+.\de]+)/,
-	rmargin = /^margin/,
-
-	cssShow = { position: "absolute", visibility: "hidden", display: "block" },
-
-	// order is important!
-	cssExpand = [ "Top", "Right", "Bottom", "Left" ],
-
-	curCSS,
-
-	getComputedStyle,
-	currentStyle;
-
-jQuery.fn.css = function( name, value ) {
-	return jQuery.access( this, function( elem, name, value ) {
-		return value !== undefined ?
-			jQuery.style( elem, name, value ) :
-			jQuery.css( elem, name );
-	}, name, value, arguments.length > 1 );
-};
-
-jQuery.extend({
-	// Add in style property hooks for overriding the default
-	// behavior of getting and setting a style property
-	cssHooks: {
-		opacity: {
-			get: function( elem, computed ) {
-				if ( computed ) {
-					// We should always get a number back from opacity
-					var ret = curCSS( elem, "opacity" );
-					return ret === "" ? "1" : ret;
-
-				} else {
-					return elem.style.opacity;
-				}
-			}
-		}
-	},
-
-	// Exclude the following css properties to add px
-	cssNumber: {
-		"fillOpacity": true,
-		"fontWeight": true,
-		"lineHeight": true,
-		"opacity": true,
-		"orphans": true,
-		"widows": true,
-		"zIndex": true,
-		"zoom": true
-	},
-
-	// Add in properties whose names you wish to fix before
-	// setting or getting the value
-	cssProps: {
-		// normalize float css property
-		"float": jQuery.support.cssFloat ? "cssFloat" : "styleFloat"
-	},
-
-	// Get and set the style property on a DOM Node
-	style: function( elem, name, value, extra ) {
-		// Don't set styles on text and comment nodes
-		if ( !elem || elem.nodeType === 3 || elem.nodeType === 8 || !elem.style ) {
-			return;
-		}
-
-		// Make sure that we're working with the right name
-		var ret, type, origName = jQuery.camelCase( name ),
-			style = elem.style, hooks = jQuery.cssHooks[ origName ];
-
-		name = jQuery.cssProps[ origName ] || origName;
-
-		// Check if we're setting a value
-		if ( value !== undefined ) {
-			type = typeof value;
-
-			// convert relative number strings (+= or -=) to relative numbers. #7345
-			if ( type === "string" && (ret = rrelNum.exec( value )) ) {
-				value = ( +( ret[1] + 1) * +ret[2] ) + parseFloat( jQuery.css( elem, name ) );
-				// Fixes bug #9237
-				type = "number";
-			}
-
-			// Make sure that NaN and null values aren't set. See: #7116
-			if ( value == null || type === "number" && isNaN( value ) ) {
-				return;
-			}
-
-			// If a number was passed in, add 'px' to the (except for certain CSS properties)
-			if ( type === "number" && !jQuery.cssNumber[ origName ] ) {
-				value += "px";
-			}
-
-			// If a hook was provided, use that value, otherwise just set the specified value
-			if ( !hooks || !("set" in hooks) || (value = hooks.set( elem, value )) !== undefined ) {
-				// Wrapped to prevent IE from throwing errors when 'invalid' values are provided
-				// Fixes bug #5509
-				try {
-					style[ name ] = value;
-				} catch(e) {}
-			}
-
-		} else {
-			// If a hook was provided get the non-computed value from there
-			if ( hooks && "get" in hooks && (ret = hooks.get( elem, false, extra )) !== undefined ) {
-				return ret;
-			}
-
-			// Otherwise just get the value from the style object
-			return style[ name ];
-		}
-	},
-
-	css: function( elem, name, extra ) {
-		var ret, hooks;
-
-		// Make sure that we're working with the right name
-		name = jQuery.camelCase( name );
-		hooks = jQuery.cssHooks[ name ];
-		name = jQuery.cssProps[ name ] || name;
-
-		// cssFloat needs a special treatment
-		if ( name === "cssFloat" ) {
-			name = "float";
-		}
-
-		// If a hook was provided get the computed value from there
-		if ( hooks && "get" in hooks && (ret = hooks.get( elem, true, extra )) !== undefined ) {
-			return ret;
-
-		// Otherwise, if a way to get the computed value exists, use that
-		} else if ( curCSS ) {
-			return curCSS( elem, name );
-		}
-	},
-
-	// A method for quickly swapping in/out CSS properties to get correct calculations
-	swap: function( elem, options, callback ) {
-		var old = {},
-			ret, name;
-
-		// Remember the old values, and insert the new ones
-		for ( name in options ) {
-			old[ name ] = elem.style[ name ];
-			elem.style[ name ] = options[ name ];
-		}
-
-		ret = callback.call( elem );
-
-		// Revert the old values
-		for ( name in options ) {
-			elem.style[ name ] = old[ name ];
-		}
-
-		return ret;
-	}
-});
-
-// DEPRECATED in 1.3, Use jQuery.css() instead
-jQuery.curCSS = jQuery.css;
-
-if ( document.defaultView && document.defaultView.getComputedStyle ) {
-	getComputedStyle = function( elem, name ) {
-		var ret, defaultView, computedStyle, width,
-			style = elem.style;
-
-		name = name.replace( rupper, "-$1" ).toLowerCase();
-
-		if ( (defaultView = elem.ownerDocument.defaultView) &&
-				(computedStyle = defaultView.getComputedStyle( elem, null )) ) {
-
-			ret = computedStyle.getPropertyValue( name );
-			if ( ret === "" && !jQuery.contains( elem.ownerDocument.documentElement, elem ) ) {
-				ret = jQuery.style( elem, name );
-			}
-		}
-
-		// A tribute to the "awesome hack by Dean Edwards"
-		// WebKit uses "computed value (percentage if specified)" instead of "used value" for margins
-		// which is against the CSSOM draft spec: http://dev.w3.org/csswg/cssom/#resolved-values
-		if ( !jQuery.support.pixelMargin && computedStyle && rmargin.test( name ) && rnumnonpx.test( ret ) ) {
-			width = style.width;
-			style.width = ret;
-			ret = computedStyle.width;
-			style.width = width;
-		}
-
-		return ret;
-	};
-}
-
-if ( document.documentElement.currentStyle ) {
-	currentStyle = function( elem, name ) {
-		var left, rsLeft, uncomputed,
-			ret = elem.currentStyle && elem.currentStyle[ name ],
-			style = elem.style;
-
-		// Avoid setting ret to empty string here
-		// so we don't default to auto
-		if ( ret == null && style && (uncomputed = style[ name ]) ) {
-			ret = uncomputed;
-		}
-
-		// From the awesome hack by Dean Edwards
-		// http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291
-
-		// If we're not dealing with a regular pixel number
-		// but a number that has a weird ending, we need to convert it to pixels
-		if ( rnumnonpx.test( ret ) ) {
-
-			// Remember the original values
-			left = style.left;
-			rsLeft = elem.runtimeStyle && elem.runtimeStyle.left;
-
-			// Put in the new values to get a computed value out
-			if ( rsLeft ) {
-				elem.runtimeStyle.left = elem.currentStyle.left;
-			}
-			style.left = name === "fontSize" ? "1em" : ret;
-			ret = style.pixelLeft + "px";
-
-			// Revert the changed values
-			style.left = left;
-			if ( rsLeft ) {
-				elem.runtimeStyle.left = rsLeft;
-			}
-		}
-
-		return ret === "" ? "auto" : ret;
-	};
-}
-
-curCSS = getComputedStyle || currentStyle;
-
-function getWidthOrHeight( elem, name, extra ) {
-
-	// Start with offset property
-	var val = name === "width" ? elem.offsetWidth : elem.offsetHeight,
-		i = name === "width" ? 1 : 0,
-		len = 4;
-
-	if ( val > 0 ) {
-		if ( extra !== "border" ) {
-			for ( ; i < len; i += 2 ) {
-				if ( !extra ) {
-					val -= parseFloat( jQuery.css( elem, "padding" + cssExpand[ i ] ) ) || 0;
-				}
-				if ( extra === "margin" ) {
-					val += parseFloat( jQuery.css( elem, extra + cssExpand[ i ] ) ) || 0;
-				} else {
-					val -= parseFloat( jQuery.css( elem, "border" + cssExpand[ i ] + "Width" ) ) || 0;
-				}
-			}
-		}
-
-		return val + "px";
-	}
-
-	// Fall back to computed then uncomputed css if necessary
-	val = curCSS( elem, name );
-	if ( val < 0 || val == null ) {
-		val = elem.style[ name ];
-	}
-
-	// Computed unit is not pixels. Stop here and return.
-	if ( rnumnonpx.test(val) ) {
-		return val;
-	}
-
-	// Normalize "", auto, and prepare for extra
-	val = parseFloat( val ) || 0;
-
-	// Add padding, border, margin
-	if ( extra ) {
-		for ( ; i < len; i += 2 ) {
-			val += parseFloat( jQuery.css( elem, "padding" + cssExpand[ i ] ) ) || 0;
-			if ( extra !== "padding" ) {
-				val += parseFloat( jQuery.css( elem, "border" + cssExpand[ i ] + "Width" ) ) || 0;
-			}
-			if ( extra === "margin" ) {
-				val += parseFloat( jQuery.css( elem, extra + cssExpand[ i ]) ) || 0;
-			}
-		}
-	}
-
-	return val + "px";
-}
-
-jQuery.each([ "height", "width" ], function( i, name ) {
-	jQuery.cssHooks[ name ] = {
-		get: function( elem, computed, extra ) {
-			if ( computed ) {
-				if ( elem.offsetWidth !== 0 ) {
-					return getWidthOrHeight( elem, name, extra );
-				} else {
-					return jQuery.swap( elem, cssShow, function() {
-						return getWidthOrHeight( elem, name, extra );
-					});
-				}
-			}
-		},
-
-		set: function( elem, value ) {
-			return rnum.test( value ) ?
-				value + "px" :
-				value;
-		}
-	};
-});
-
-if ( !jQuery.support.opacity ) {
-	jQuery.cssHooks.opacity = {
-		get: function( elem, computed ) {
-			// IE uses filters for opacity
-			return ropacity.test( (computed && elem.currentStyle ? elem.currentStyle.filter : elem.style.filter) || "" ) ?
-				( parseFloat( RegExp.$1 ) / 100 ) + "" :
-				computed ? "1" : "";
-		},
-
-		set: function( elem, value ) {
-			var style = elem.style,
-				currentStyle = elem.currentStyle,
-				opacity = jQuery.isNumeric( value ) ? "alpha(opacity=" + value * 100 + ")" : "",
-				filter = currentStyle && currentStyle.filter || style.filter || "";
-
-			// IE has trouble with opacity if it does not have layout
-			// Force it by setting the zoom level
-			style.zoom = 1;
-
-			// if setting opacity to 1, and no other filters exist - attempt to remove filter attribute #6652
-			if ( value >= 1 && jQuery.trim( filter.replace( ralpha, "" ) ) === "" ) {
-
-				// Setting style.filter to null, "" & " " still leave "filter:" in the cssText
-				// if "filter:" is present at all, clearType is disabled, we want to avoid this
-				// style.removeAttribute is IE Only, but so apparently is this code path...
-				style.removeAttribute( "filter" );
-
-				// if there there is no filter style applied in a css rule, we are done
-				if ( currentStyle && !currentStyle.filter ) {
-					return;
-				}
-			}
-
-			// otherwise, set new filter values
-			style.filter = ralpha.test( filter ) ?
-				filter.replace( ralpha, opacity ) :
-				filter + " " + opacity;
-		}
-	};
-}
-
-jQuery(function() {
-	// This hook cannot be added until DOM ready because the support test
-	// for it is not run until after DOM ready
-	if ( !jQuery.support.reliableMarginRight ) {
-		jQuery.cssHooks.marginRight = {
-			get: function( elem, computed ) {
-				// WebKit Bug 13343 - getComputedStyle returns wrong value for margin-right
-				// Work around by temporarily setting element display to inline-block
-				return jQuery.swap( elem, { "display": "inline-block" }, function() {
-					if ( computed ) {
-						return curCSS( elem, "margin-right" );
-					} else {
-						return elem.style.marginRight;
-					}
-				});
-			}
-		};
-	}
-});
-
-if ( jQuery.expr && jQuery.expr.filters ) {
-	jQuery.expr.filters.hidden = function( elem ) {
-		var width = elem.offsetWidth,
-			height = elem.offsetHeight;
-
-		return ( width === 0 && height === 0 ) || (!jQuery.support.reliableHiddenOffsets && ((elem.style && elem.style.display) || jQuery.css( elem, "display" )) === "none");
-	};
-
-	jQuery.expr.filters.visible = function( elem ) {
-		return !jQuery.expr.filters.hidden( elem );
-	};
-}
-
-// These hooks are used by animate to expand properties
-jQuery.each({
-	margin: "",
-	padding: "",
-	border: "Width"
-}, function( prefix, suffix ) {
-
-	jQuery.cssHooks[ prefix + suffix ] = {
-		expand: function( value ) {
-			var i,
-
-				// assumes a single number if not a string
-				parts = typeof value === "string" ? value.split(" ") : [ value ],
-				expanded = {};
-
-			for ( i = 0; i < 4; i++ ) {
-				expanded[ prefix + cssExpand[ i ] + suffix ] =
-					parts[ i ] || parts[ i - 2 ] || parts[ 0 ];
-			}
-
-			return expanded;
-		}
-	};
-});
-
-
-
-
-var r20 = /%20/g,
-	rbracket = /\[\]$/,
-	rCRLF = /\r?\n/g,
-	rhash = /#.*$/,
-	rheaders = /^(.*?):[ \t]*([^\r\n]*)\r?$/mg, // IE leaves an \r character at EOL
-	rinput = /^(?:color|date|datetime|datetime-local|email|hidden|month|number|password|range|search|tel|text|time|url|week)$/i,
-	// #7653, #8125, #8152: local protocol detection
-	rlocalProtocol = /^(?:about|app|app\-storage|.+\-extension|file|res|widget):$/,
-	rnoContent = /^(?:GET|HEAD)$/,
-	rprotocol = /^\/\//,
-	rquery = /\?/,
-	rscript = /<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi,
-	rselectTextarea = /^(?:select|textarea)/i,
-	rspacesAjax = /\s+/,
-	rts = /([?&])_=[^&]*/,
-	rurl = /^([\w\+\.\-]+:)(?:\/\/([^\/?#:]*)(?::(\d+))?)?/,
-
-	// Keep a copy of the old load method
-	_load = jQuery.fn.load,
-
-	/* Prefilters
-	 * 1) They are useful to introduce custom dataTypes (see ajax/jsonp.js for an example)
-	 * 2) These are called:
-	 *    - BEFORE asking for a transport
-	 *    - AFTER param serialization (s.data is a string if s.processData is true)
-	 * 3) key is the dataType
-	 * 4) the catchall symbol "*" can be used
-	 * 5) execution will start with transport dataType and THEN continue down to "*" if needed
-	 */
-	prefilters = {},
-
-	/* Transports bindings
-	 * 1) key is the dataType
-	 * 2) the catchall symbol "*" can be used
-	 * 3) selection will start with transport dataType and THEN go to "*" if needed
-	 */
-	transports = {},
-
-	// Document location
-	ajaxLocation,
-
-	// Document location segments
-	ajaxLocParts,
-
-	// Avoid comment-prolog char sequence (#10098); must appease lint and evade compression
-	allTypes = ["*/"] + ["*"];
-
-// #8138, IE may throw an exception when accessing
-// a field from window.location if document.domain has been set
-try {
-	ajaxLocation = location.href;
-} catch( e ) {
-	// Use the href attribute of an A element
-	// since IE will modify it given document.location
-	ajaxLocation = document.createElement( "a" );
-	ajaxLocation.href = "";
-	ajaxLocation = ajaxLocation.href;
-}
-
-// Segment location into parts
-ajaxLocParts = rurl.exec( ajaxLocation.toLowerCase() ) || [];
-
-// Base "constructor" for jQuery.ajaxPrefilter and jQuery.ajaxTransport
-function addToPrefiltersOrTransports( structure ) {
-
-	// dataTypeExpression is optional and defaults to "*"
-	return function( dataTypeExpression, func ) {
-
-		if ( typeof dataTypeExpression !== "string" ) {
-			func = dataTypeExpression;
-			dataTypeExpression = "*";
-		}
-
-		if ( jQuery.isFunction( func ) ) {
-			var dataTypes = dataTypeExpression.toLowerCase().split( rspacesAjax ),
-				i = 0,
-				length = dataTypes.length,
-				dataType,
-				list,
-				placeBefore;
-
-			// For each dataType in the dataTypeExpression
-			for ( ; i < length; i++ ) {
-				dataType = dataTypes[ i ];
-				// We control if we're asked to add before
-				// any existing element
-				placeBefore = /^\+/.test( dataType );
-				if ( placeBefore ) {
-					dataType = dataType.substr( 1 ) || "*";
-				}
-				list = structure[ dataType ] = structure[ dataType ] || [];
-				// then we add to the structure accordingly
-				list[ placeBefore ? "unshift" : "push" ]( func );
-			}
-		}
-	};
-}
-
-// Base inspection function for prefilters and transports
-function inspectPrefiltersOrTransports( structure, options, originalOptions, jqXHR,
-		dataType /* internal */, inspected /* internal */ ) {
-
-	dataType = dataType || options.dataTypes[ 0 ];
-	inspected = inspected || {};
-
-	inspected[ dataType ] = true;
-
-	var list = structure[ dataType ],
-		i = 0,
-		length = list ? list.length : 0,
-		executeOnly = ( structure === prefilters ),
-		selection;
-
-	for ( ; i < length && ( executeOnly || !selection ); i++ ) {
-		selection = list[ i ]( options, originalOptions, jqXHR );
-		// If we got redirected to another dataType
-		// we try there if executing only and not done already
-		if ( typeof selection === "string" ) {
-			if ( !executeOnly || inspected[ selection ] ) {
-				selection = undefined;
-			} else {
-				options.dataTypes.unshift( selection );
-				selection = inspectPrefiltersOrTransports(
-						structure, options, originalOptions, jqXHR, selection, inspected );
-			}
-		}
-	}
-	// If we're only executing or nothing was selected
-	// we try the catchall dataType if not done already
-	if ( ( executeOnly || !selection ) && !inspected[ "*" ] ) {
-		selection = inspectPrefiltersOrTransports(
-				structure, options, originalOptions, jqXHR, "*", inspected );
-	}
-	// unnecessary when only executing (prefilters)
-	// but it'll be ignored by the caller in that case
-	return selection;
-}
-
-// A special extend for ajax options
-// that takes "flat" options (not to be deep extended)
-// Fixes #9887
-function ajaxExtend( target, src ) {
-	var key, deep,
-		flatOptions = jQuery.ajaxSettings.flatOptions || {};
-	for ( key in src ) {
-		if ( src[ key ] !== undefined ) {
-			( flatOptions[ key ] ? target : ( deep || ( deep = {} ) ) )[ key ] = src[ key ];
-		}
-	}
-	if ( deep ) {
-		jQuery.extend( true, target, deep );
-	}
-}
-
-jQuery.fn.extend({
-	load: function( url, params, callback ) {
-		if ( typeof url !== "string" && _load ) {
-			return _load.apply( this, arguments );
-
-		// Don't do a request if no elements are being requested
-		} else if ( !this.length ) {
-			return this;
-		}
-
-		var off = url.indexOf( " " );
-		if ( off >= 0 ) {
-			var selector = url.slice( off, url.length );
-			url = url.slice( 0, off );
-		}
-
-		// Default to a GET request
-		var type = "GET";
-
-		// If the second parameter was provided
-		if ( params ) {
-			// If it's a function
-			if ( jQuery.isFunction( params ) ) {
-				// We assume that it's the callback
-				callback = params;
-				params = undefined;
-
-			// Otherwise, build a param string
-			} else if ( typeof params === "object" ) {
-				params = jQuery.param( params, jQuery.ajaxSettings.traditional );
-				type = "POST";
-			}
-		}
-
-		var self = this;
-
-		// Request the remote document
-		jQuery.ajax({
-			url: url,
-			type: type,
-			dataType: "html",
-			data: params,
-			// Complete callback (responseText is used internally)
-			complete: function( jqXHR, status, responseText ) {
-				// Store the response as specified by the jqXHR object
-				responseText = jqXHR.responseText;
-				// If successful, inject the HTML into all the matched elements
-				if ( jqXHR.isResolved() ) {
-					// #4825: Get the actual response in case
-					// a dataFilter is present in ajaxSettings
-					jqXHR.done(function( r ) {
-						responseText = r;
-					});
-					// See if a selector was specified
-					self.html( selector ?
-						// Create a dummy div to hold the results
-						jQuery("<div>")
-							// inject the contents of the document in, removing the scripts
-							// to avoid any 'Permission Denied' errors in IE
-							.append(responseText.replace(rscript, ""))
-
-							// Locate the specified elements
-							.find(selector) :
-
-						// If not, just inject the full result
-						responseText );
-				}
-
-				if ( callback ) {
-					self.each( callback, [ responseText, status, jqXHR ] );
-				}
-			}
-		});
-
-		return this;
-	},
-
-	serialize: function() {
-		return jQuery.param( this.serializeArray() );
-	},
-
-	serializeArray: function() {
-		return this.map(function(){
-			return this.elements ? jQuery.makeArray( this.elements ) : this;
-		})
-		.filter(function(){
-			return this.name && !this.disabled &&
-				( this.checked || rselectTextarea.test( this.nodeName ) ||
-					rinput.test( this.type ) );
-		})
-		.map(function( i, elem ){
-			var val = jQuery( this ).val();
-
-			return val == null ?
-				null :
-				jQuery.isArray( val ) ?
-					jQuery.map( val, function( val, i ){
-						return { name: elem.name, value: val.replace( rCRLF, "\r\n" ) };
-					}) :
-					{ name: elem.name, value: val.replace( rCRLF, "\r\n" ) };
-		}).get();
-	}
-});
-
-// Attach a bunch of functions for handling common AJAX events
-jQuery.each( "ajaxStart ajaxStop ajaxComplete ajaxError ajaxSuccess ajaxSend".split( " " ), function( i, o ){
-	jQuery.fn[ o ] = function( f ){
-		return this.on( o, f );
-	};
-});
-
-jQuery.each( [ "get", "post" ], function( i, method ) {
-	jQuery[ method ] = function( url, data, callback, type ) {
-		// shift arguments if data argument was omitted
-		if ( jQuery.isFunction( data ) ) {
-			type = type || callback;
-			callback = data;
-			data = undefined;
-		}
-
-		return jQuery.ajax({
-			type: method,
-			url: url,
-			data: data,
-			success: callback,
-			dataType: type
-		});
-	};
-});
-
-jQuery.extend({
-
-	getScript: function( url, callback ) {
-		return jQuery.get( url, undefined, callback, "script" );
-	},
-
-	getJSON: function( url, data, callback ) {
-		return jQuery.get( url, data, callback, "json" );
-	},
-
-	// Creates a full fledged settings object into target
-	// with both ajaxSettings and settings fields.
-	// If target is omitted, writes into ajaxSettings.
-	ajaxSetup: function( target, settings ) {
-		if ( settings ) {
-			// Building a settings object
-			ajaxExtend( target, jQuery.ajaxSettings );
-		} else {
-			// Extending ajaxSettings
-			settings = target;
-			target = jQuery.ajaxSettings;
-		}
-		ajaxExtend( target, settings );
-		return target;
-	},
-
-	ajaxSettings: {
-		url: ajaxLocation,
-		isLocal: rlocalProtocol.test( ajaxLocParts[ 1 ] ),
-		global: true,
-		type: "GET",
-		contentType: "application/x-www-form-urlencoded; charset=UTF-8",
-		processData: true,
-		async: true,
-		/*
-		timeout: 0,
-		data: null,
-		dataType: null,
-		username: null,
-		password: null,
-		cache: null,
-		traditional: false,
-		headers: {},
-		*/
-
-		accepts: {
-			xml: "application/xml, text/xml",
-			html: "text/html",
-			text: "text/plain",
-			json: "application/json, text/javascript",
-			"*": allTypes
-		},
-
-		contents: {
-			xml: /xml/,
-			html: /html/,
-			json: /json/
-		},
-
-		responseFields: {
-			xml: "responseXML",
-			text: "responseText"
-		},
-
-		// List of data converters
-		// 1) key format is "source_type destination_type" (a single space in-between)
-		// 2) the catchall symbol "*" can be used for source_type
-		converters: {
-
-			// Convert anything to text
-			"* text": window.String,
-
-			// Text to html (true = no transformation)
-			"text html": true,
-
-			// Evaluate text as a json expression
-			"text json": jQuery.parseJSON,
-
-			// Parse text as xml
-			"text xml": jQuery.parseXML
-		},
-
-		// For options that shouldn't be deep extended:
-		// you can add your own custom options here if
-		// and when you create one that shouldn't be
-		// deep extended (see ajaxExtend)
-		flatOptions: {
-			context: true,
-			url: true
-		}
-	},
-
-	ajaxPrefilter: addToPrefiltersOrTransports( prefilters ),
-	ajaxTransport: addToPrefiltersOrTransports( transports ),
-
-	// Main method
-	ajax: function( url, options ) {
-
-		// If url is an object, simulate pre-1.5 signature
-		if ( typeof url === "object" ) {
-			options = url;
-			url = undefined;
-		}
-
-		// Force options to be an object
-		options = options || {};
-
-		var // Create the final options object
-			s = jQuery.ajaxSetup( {}, options ),
-			// Callbacks context
-			callbackContext = s.context || s,
-			// Context for global events
-			// It's the callbackContext if one was provided in the options
-			// and if it's a DOM node or a jQuery collection
-			globalEventContext = callbackContext !== s &&
-				( callbackContext.nodeType || callbackContext instanceof jQuery ) ?
-						jQuery( callbackContext ) : jQuery.event,
-			// Deferreds
-			deferred = jQuery.Deferred(),
-			completeDeferred = jQuery.Callbacks( "once memory" ),
-			// Status-dependent callbacks
-			statusCode = s.statusCode || {},
-			// ifModified key
-			ifModifiedKey,
-			// Headers (they are sent all at once)
-			requestHeaders = {},
-			requestHeadersNames = {},
-			// Response headers
-			responseHeadersString,
-			responseHeaders,
-			// transport
-			transport,
-			// timeout handle
-			timeoutTimer,
-			// Cross-domain detection vars
-			parts,
-			// The jqXHR state
-			state = 0,
-			// To know if global events are to be dispatched
-			fireGlobals,
-			// Loop variable
-			i,
-			// Fake xhr
-			jqXHR = {
-
-				readyState: 0,
-
-				// Caches the header
-				setRequestHeader: function( name, value ) {
-					if ( !state ) {
-						var lname = name.toLowerCase();
-						name = requestHeadersNames[ lname ] = requestHeadersNames[ lname ] || name;
-						requestHeaders[ name ] = value;
-					}
-					return this;
-				},
-
-				// Raw string
-				getAllResponseHeaders: function() {
-					return state === 2 ? responseHeadersString : null;
-				},
-
-				// Builds headers hashtable if needed
-				getResponseHeader: function( key ) {
-					var match;
-					if ( state === 2 ) {
-						if ( !responseHeaders ) {
-							responseHeaders = {};
-							while( ( match = rheaders.exec( responseHeadersString ) ) ) {
-								responseHeaders[ match[1].toLowerCase() ] = match[ 2 ];
-							}
-						}
-						match = responseHeaders[ key.toLowerCase() ];
-					}
-					return match === undefined ? null : match;
-				},
-
-				// Overrides response content-type header
-				overrideMimeType: function( type ) {
-					if ( !state ) {
-						s.mimeType = type;
-					}
-					return this;
-				},
-
-				// Cancel the request
-				abort: function( statusText ) {
-					statusText = statusText || "abort";
-					if ( transport ) {
-						transport.abort( statusText );
-					}
-					done( 0, statusText );
-					return this;
-				}
-			};
-
-		// Callback for when everything is done
-		// It is defined here because jslint complains if it is declared
-		// at the end of the function (which would be more logical and readable)
-		function done( status, nativeStatusText, responses, headers ) {
-
-			// Called once
-			if ( state === 2 ) {
-				return;
-			}
-
-			// State is "done" now
-			state = 2;
-
-			// Clear timeout if it exists
-			if ( timeoutTimer ) {
-				clearTimeout( timeoutTimer );
-			}
-
-			// Dereference transport for early garbage collection
-			// (no matter how long the jqXHR object will be used)
-			transport = undefined;
-
-			// Cache response headers
-			responseHeadersString = headers || "";
-
-			// Set readyState
-			jqXHR.readyState = status > 0 ? 4 : 0;
-
-			var isSuccess,
-				success,
-				error,
-				statusText = nativeStatusText,
-				response = responses ? ajaxHandleResponses( s, jqXHR, responses ) : undefined,
-				lastModified,
-				etag;
-
-			// If successful, handle type chaining
-			if ( status >= 200 && status < 300 || status === 304 ) {
-
-				// Set the If-Modified-Since and/or If-None-Match header, if in ifModified mode.
-				if ( s.ifModified ) {
-
-					if ( ( lastModified = jqXHR.getResponseHeader( "Last-Modified" ) ) ) {
-						jQuery.lastModified[ ifModifiedKey ] = lastModified;
-					}
-					if ( ( etag = jqXHR.getResponseHeader( "Etag" ) ) ) {
-						jQuery.etag[ ifModifiedKey ] = etag;
-					}
-				}
-
-				// If not modified
-				if ( status === 304 ) {
-
-					statusText = "notmodified";
-					isSuccess = true;
-
-				// If we have data
-				} else {
-
-					try {
-						success = ajaxConvert( s, response );
-						statusText = "success";
-						isSuccess = true;
-					} catch(e) {
-						// We have a parsererror
-						statusText = "parsererror";
-						error = e;
-					}
-				}
-			} else {
-				// We extract error from statusText
-				// then normalize statusText and status for non-aborts
-				error = statusText;
-				if ( !statusText || status ) {
-					statusText = "error";
-					if ( status < 0 ) {
-						status = 0;
-					}
-				}
-			}
-
-			// Set data for the fake xhr object
-			jqXHR.status = status;
-			jqXHR.statusText = "" + ( nativeStatusText || statusText );
-
-			// Success/Error
-			if ( isSuccess ) {
-				deferred.resolveWith( callbackContext, [ success, statusText, jqXHR ] );
-			} else {
-				deferred.rejectWith( callbackContext, [ jqXHR, statusText, error ] );
-			}
-
-			// Status-dependent callbacks
-			jqXHR.statusCode( statusCode );
-			statusCode = undefined;
-
-			if ( fireGlobals ) {
-				globalEventContext.trigger( "ajax" + ( isSuccess ? "Success" : "Error" ),
-						[ jqXHR, s, isSuccess ? success : error ] );
-			}
-
-			// Complete
-			completeDeferred.fireWith( callbackContext, [ jqXHR, statusText ] );
-
-			if ( fireGlobals ) {
-				globalEventContext.trigger( "ajaxComplete", [ jqXHR, s ] );
-				// Handle the global AJAX counter
-				if ( !( --jQuery.active ) ) {
-					jQuery.event.trigger( "ajaxStop" );
-				}
-			}
-		}
-
-		// Attach deferreds
-		deferred.promise( jqXHR );
-		jqXHR.success = jqXHR.done;
-		jqXHR.error = jqXHR.fail;
-		jqXHR.complete = completeDeferred.add;
-
-		// Status-dependent callbacks
-		jqXHR.statusCode = function( map ) {
-			if ( map ) {
-				var tmp;
-				if ( state < 2 ) {
-					for ( tmp in map ) {
-						statusCode[ tmp ] = [ statusCode[tmp], map[tmp] ];
-					}
-				} else {
-					tmp = map[ jqXHR.status ];
-					jqXHR.then( tmp, tmp );
-				}
-			}
-			return this;
-		};
-
-		// Remove hash character (#7531: and string promotion)
-		// Add protocol if not provided (#5866: IE7 issue with protocol-less urls)
-		// We also use the url parameter if available
-		s.url = ( ( url || s.url ) + "" ).replace( rhash, "" ).replace( rprotocol, ajaxLocParts[ 1 ] + "//" );
-
-		// Extract dataTypes list
-		s.dataTypes = jQuery.trim( s.dataType || "*" ).toLowerCase().split( rspacesAjax );
-
-		// Determine if a cross-domain request is in order
-		if ( s.crossDomain == null ) {
-			parts = rurl.exec( s.url.toLowerCase() );
-			s.crossDomain = !!( parts &&
-				( parts[ 1 ] != ajaxLocParts[ 1 ] || parts[ 2 ] != ajaxLocParts[ 2 ] ||
-					( parts[ 3 ] || ( parts[ 1 ] === "http:" ? 80 : 443 ) ) !=
-						( ajaxLocParts[ 3 ] || ( ajaxLocParts[ 1 ] === "http:" ? 80 : 443 ) ) )
-			);
-		}
-
-		// Convert data if not already a string
-		if ( s.data && s.processData && typeof s.data !== "string" ) {
-			s.data = jQuery.param( s.data, s.traditional );
-		}
-
-		// Apply prefilters
-		inspectPrefiltersOrTransports( prefilters, s, options, jqXHR );
-
-		// If request was aborted inside a prefilter, stop there
-		if ( state === 2 ) {
-			return false;
-		}
-
-		// We can fire global events as of now if asked to
-		fireGlobals = s.global;
-
-		// Uppercase the type
-		s.type = s.type.toUpperCase();
-
-		// Determine if request has content
-		s.hasContent = !rnoContent.test( s.type );
-
-		// Watch for a new set of requests
-		if ( fireGlobals && jQuery.active++ === 0 ) {
-			jQuery.event.trigger( "ajaxStart" );
-		}
-
-		// More options handling for requests with no content
-		if ( !s.hasContent ) {
-
-			// If data is available, append data to url
-			if ( s.data ) {
-				s.url += ( rquery.test( s.url ) ? "&" : "?" ) + s.data;
-				// #9682: remove data so that it's not used in an eventual retry
-				delete s.data;
-			}
-
-			// Get ifModifiedKey before adding the anti-cache parameter
-			ifModifiedKey = s.url;
-
-			// Add anti-cache in url if needed
-			if ( s.cache === false ) {
-
-				var ts = jQuery.now(),
-					// try replacing _= if it is there
-					ret = s.url.replace( rts, "$1_=" + ts );
-
-				// if nothing was replaced, add timestamp to the end
-				s.url = ret + ( ( ret === s.url ) ? ( rquery.test( s.url ) ? "&" : "?" ) + "_=" + ts : "" );
-			}
-		}
-
-		// Set the correct header, if data is being sent
-		if ( s.data && s.hasContent && s.contentType !== false || options.contentType ) {
-			jqXHR.setRequestHeader( "Content-Type", s.contentType );
-		}
-
-		// Set the If-Modified-Since and/or If-None-Match header, if in ifModified mode.
-		if ( s.ifModified ) {
-			ifModifiedKey = ifModifiedKey || s.url;
-			if ( jQuery.lastModified[ ifModifiedKey ] ) {
-				jqXHR.setRequestHeader( "If-Modified-Since", jQuery.lastModified[ ifModifiedKey ] );
-			}
-			if ( jQuery.etag[ ifModifiedKey ] ) {
-				jqXHR.setRequestHeader( "If-None-Match", jQuery.etag[ ifModifiedKey ] );
-			}
-		}
-
-		// Set the Accepts header for the server, depending on the dataType
-		jqXHR.setRequestHeader(
-			"Accept",
-			s.dataTypes[ 0 ] && s.accepts[ s.dataTypes[0] ] ?
-				s.accepts[ s.dataTypes[0] ] + ( s.dataTypes[ 0 ] !== "*" ? ", " + allTypes + "; q=0.01" : "" ) :
-				s.accepts[ "*" ]
-		);
-
-		// Check for headers option
-		for ( i in s.headers ) {
-			jqXHR.setRequestHeader( i, s.headers[ i ] );
-		}
-
-		// Allow custom headers/mimetypes and early abort
-		if ( s.beforeSend && ( s.beforeSend.call( callbackContext, jqXHR, s ) === false || state === 2 ) ) {
-				// Abort if not done already
-				jqXHR.abort();
-				return false;
-
-		}
-
-		// Install callbacks on deferreds
-		for ( i in { success: 1, error: 1, complete: 1 } ) {
-			jqXHR[ i ]( s[ i ] );
-		}
-
-		// Get transport
-		transport = inspectPrefiltersOrTransports( transports, s, options, jqXHR );
-
-		// If no transport, we auto-abort
-		if ( !transport ) {
-			done( -1, "No Transport" );
-		} else {
-			jqXHR.readyState = 1;
-			// Send global event
-			if ( fireGlobals ) {
-				globalEventContext.trigger( "ajaxSend", [ jqXHR, s ] );
-			}
-			// Timeout
-			if ( s.async && s.timeout > 0 ) {
-				timeoutTimer = setTimeout( function(){
-					jqXHR.abort( "timeout" );
-				}, s.timeout );
-			}
-
-			try {
-				state = 1;
-				transport.send( requestHeaders, done );
-			} catch (e) {
-				// Propagate exception as error if not done
-				if ( state < 2 ) {
-					done( -1, e );
-				// Simply rethrow otherwise
-				} else {
-					throw e;
-				}
-			}
-		}
-
-		return jqXHR;
-	},
-
-	// Serialize an array of form elements or a set of
-	// key/values into a query string
-	param: function( a, traditional ) {
-		var s = [],
-			add = function( key, value ) {
-				// If value is a function, invoke it and return its value
-				value = jQuery.isFunction( value ) ? value() : value;
-				s[ s.length ] = encodeURIComponent( key ) + "=" + encodeURIComponent( value );
-			};
-
-		// Set traditional to true for jQuery <= 1.3.2 behavior.
-		if ( traditional === undefined ) {
-			traditional = jQuery.ajaxSettings.traditional;
-		}
-
-		// If an array was passed in, assume that it is an array of form elements.
-		if ( jQuery.isArray( a ) || ( a.jquery && !jQuery.isPlainObject( a ) ) ) {
-			// Serialize the form elements
-			jQuery.each( a, function() {
-				add( this.name, this.value );
-			});
-
-		} else {
-			// If traditional, encode the "old" way (the way 1.3.2 or older
-			// did it), otherwise encode params recursively.
-			for ( var prefix in a ) {
-				buildParams( prefix, a[ prefix ], traditional, add );
-			}
-		}
-
-		// Return the resulting serialization
-		return s.join( "&" ).replace( r20, "+" );
-	}
-});
-
-function buildParams( prefix, obj, traditional, add ) {
-	if ( jQuery.isArray( obj ) ) {
-		// Serialize array item.
-		jQuery.each( obj, function( i, v ) {
-			if ( traditional || rbracket.test( prefix ) ) {
-				// Treat each array item as a scalar.
-				add( prefix, v );
-
-			} else {
-				// If array item is non-scalar (array or object), encode its
-				// numeric index to resolve deserialization ambiguity issues.
-				// Note that rack (as of 1.0.0) can't currently deserialize
-				// nested arrays properly, and attempting to do so may cause
-				// a server error. Possible fixes are to modify rack's
-				// deserialization algorithm or to provide an option or flag
-				// to force array serialization to be shallow.
-				buildParams( prefix + "[" + ( typeof v === "object" ? i : "" ) + "]", v, traditional, add );
-			}
-		});
-
-	} else if ( !traditional && jQuery.type( obj ) === "object" ) {
-		// Serialize object item.
-		for ( var name in obj ) {
-			buildParams( prefix + "[" + name + "]", obj[ name ], traditional, add );
-		}
-
-	} else {
-		// Serialize scalar item.
-		add( prefix, obj );
-	}
-}
-
-// This is still on the jQuery object... for now
-// Want to move this to jQuery.ajax some day
-jQuery.extend({
-
-	// Counter for holding the number of active queries
-	active: 0,
-
-	// Last-Modified header cache for next request
-	lastModified: {},
-	etag: {}
-
-});
-
-/* Handles responses to an ajax request:
- * - sets all responseXXX fields accordingly
- * - finds the right dataType (mediates between content-type and expected dataType)
- * - returns the corresponding response
- */
-function ajaxHandleResponses( s, jqXHR, responses ) {
-
-	var contents = s.contents,
-		dataTypes = s.dataTypes,
-		responseFields = s.responseFields,
-		ct,
-		type,
-		finalDataType,
-		firstDataType;
-
-	// Fill responseXXX fields
-	for ( type in responseFields ) {
-		if ( type in responses ) {
-			jqXHR[ responseFields[type] ] = responses[ type ];
-		}
-	}
-
-	// Remove auto dataType and get content-type in the process
-	while( dataTypes[ 0 ] === "*" ) {
-		dataTypes.shift();
-		if ( ct === undefined ) {
-			ct = s.mimeType || jqXHR.getResponseHeader( "content-type" );
-		}
-	}
-
-	// Check if we're dealing with a known content-type
-	if ( ct ) {
-		for ( type in contents ) {
-			if ( contents[ type ] && contents[ type ].test( ct ) ) {
-				dataTypes.unshift( type );
-				break;
-			}
-		}
-	}
-
-	// Check to see if we have a response for the expected dataType
-	if ( dataTypes[ 0 ] in responses ) {
-		finalDataType = dataTypes[ 0 ];
-	} else {
-		// Try convertible dataTypes
-		for ( type in responses ) {
-			if ( !dataTypes[ 0 ] || s.converters[ type + " " + dataTypes[0] ] ) {
-				finalDataType = type;
-				break;
-			}
-			if ( !firstDataType ) {
-				firstDataType = type;
-			}
-		}
-		// Or just use first one
-		finalDataType = finalDataType || firstDataType;
-	}
-
-	// If we found a dataType
-	// We add the dataType to the list if needed
-	// and return the corresponding response
-	if ( finalDataType ) {
-		if ( finalDataType !== dataTypes[ 0 ] ) {
-			dataTypes.unshift( finalDataType );
-		}
-		return responses[ finalDataType ];
-	}
-}
-
-// Chain conversions given the request and the original response
-function ajaxConvert( s, response ) {
-
-	// Apply the dataFilter if provided
-	if ( s.dataFilter ) {
-		response = s.dataFilter( response, s.dataType );
-	}
-
-	var dataTypes = s.dataTypes,
-		converters = {},
-		i,
-		key,
-		length = dataTypes.length,
-		tmp,
-		// Current and previous dataTypes
-		current = dataTypes[ 0 ],
-		prev,
-		// Conversion expression
-		conversion,
-		// Conversion function
-		conv,
-		// Conversion functions (transitive conversion)
-		conv1,
-		conv2;
-
-	// For each dataType in the chain
-	for ( i = 1; i < length; i++ ) {
-
-		// Create converters map
-		// with lowercased keys
-		if ( i === 1 ) {
-			for ( key in s.converters ) {
-				if ( typeof key === "string" ) {
-					converters[ key.toLowerCase() ] = s.converters[ key ];
-				}
-			}
-		}
-
-		// Get the dataTypes
-		prev = current;
-		current = dataTypes[ i ];
-
-		// If current is auto dataType, update it to prev
-		if ( current === "*" ) {
-			current = prev;
-		// If no auto and dataTypes are actually different
-		} else if ( prev !== "*" && prev !== current ) {
-
-			// Get the converter
-			conversion = prev + " " + current;
-			conv = converters[ conversion ] || converters[ "* " + current ];
-
-			// If there is no direct converter, search transitively
-			if ( !conv ) {
-				conv2 = undefined;
-				for ( conv1 in converters ) {
-					tmp = conv1.split( " " );
-					if ( tmp[ 0 ] === prev || tmp[ 0 ] === "*" ) {
-						conv2 = converters[ tmp[1] + " " + current ];
-						if ( conv2 ) {
-							conv1 = converters[ conv1 ];
-							if ( conv1 === true ) {
-								conv = conv2;
-							} else if ( conv2 === true ) {
-								conv = conv1;
-							}
-							break;
-						}
-					}
-				}
-			}
-			// If we found no converter, dispatch an error
-			if ( !( conv || conv2 ) ) {
-				jQuery.error( "No conversion from " + conversion.replace(" "," to ") );
-			}
-			// If found converter is not an equivalence
-			if ( conv !== true ) {
-				// Convert with 1 or 2 converters accordingly
-				response = conv ? conv( response ) : conv2( conv1(response) );
-			}
-		}
-	}
-	return response;
-}
-
-
-
-
-var jsc = jQuery.now(),
-	jsre = /(\=)\?(&|$)|\?\?/i;
-
-// Default jsonp settings
-jQuery.ajaxSetup({
-	jsonp: "callback",
-	jsonpCallback: function() {
-		return jQuery.expando + "_" + ( jsc++ );
-	}
-});
-
-// Detect, normalize options and install callbacks for jsonp requests
-jQuery.ajaxPrefilter( "json jsonp", function( s, originalSettings, jqXHR ) {
-
-	var inspectData = ( typeof s.data === "string" ) && /^application\/x\-www\-form\-urlencoded/.test( s.contentType );
-
-	if ( s.dataTypes[ 0 ] === "jsonp" ||
-		s.jsonp !== false && ( jsre.test( s.url ) ||
-				inspectData && jsre.test( s.data ) ) ) {
-
-		var responseContainer,
-			jsonpCallback = s.jsonpCallback =
-				jQuery.isFunction( s.jsonpCallback ) ? s.jsonpCallback() : s.jsonpCallback,
-			previous = window[ jsonpCallback ],
-			url = s.url,
-			data = s.data,
-			replace = "$1" + jsonpCallback + "$2";
-
-		if ( s.jsonp !== false ) {
-			url = url.replace( jsre, replace );
-			if ( s.url === url ) {
-				if ( inspectData ) {
-					data = data.replace( jsre, replace );
-				}
-				if ( s.data === data ) {
-					// Add callback manually
-					url += (/\?/.test( url ) ? "&" : "?") + s.jsonp + "=" + jsonpCallback;
-				}
-			}
-		}
-
-		s.url = url;
-		s.data = data;
-
-		// Install callback
-		window[ jsonpCallback ] = function( response ) {
-			responseContainer = [ response ];
-		};
-
-		// Clean-up function
-		jqXHR.always(function() {
-			// Set callback back to previous value
-			window[ jsonpCallback ] = previous;
-			// Call if it was a function and we have a response
-			if ( responseContainer && jQuery.isFunction( previous ) ) {
-				window[ jsonpCallback ]( responseContainer[ 0 ] );
-			}
-		});
-
-		// Use data converter to retrieve json after script execution
-		s.converters["script json"] = function() {
-			if ( !responseContainer ) {
-				jQuery.error( jsonpCallback + " was not called" );
-			}
-			return responseContainer[ 0 ];
-		};
-
-		// force json dataType
-		s.dataTypes[ 0 ] = "json";
-
-		// Delegate to script
-		return "script";
-	}
-});
-
-
-
-
-// Install script dataType
-jQuery.ajaxSetup({
-	accepts: {
-		script: "text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"
-	},
-	contents: {
-		script: /javascript|ecmascript/
-	},
-	converters: {
-		"text script": function( text ) {
-			jQuery.globalEval( text );
-			return text;
-		}
-	}
-});
-
-// Handle cache's special case and global
-jQuery.ajaxPrefilter( "script", function( s ) {
-	if ( s.cache === undefined ) {
-		s.cache = false;
-	}
-	if ( s.crossDomain ) {
-		s.type = "GET";
-		s.global = false;
-	}
-});
-
-// Bind script tag hack transport
-jQuery.ajaxTransport( "script", function(s) {
-
-	// This transport only deals with cross domain requests
-	if ( s.crossDomain ) {
-
-		var script,
-			head = document.head || document.getElementsByTagName( "head" )[0] || document.documentElement;
-
-		return {
-
-			send: function( _, callback ) {
-
-				script = document.createElement( "script" );
-
-				script.async = "async";
-
-				if ( s.scriptCharset ) {
-					script.charset = s.scriptCharset;
-				}
-
-				script.src = s.url;
-
-				// Attach handlers for all browsers
-				script.onload = script.onreadystatechange = function( _, isAbort ) {
-
-					if ( isAbort || !script.readyState || /loaded|complete/.test( script.readyState ) ) {
-
-						// Handle memory leak in IE
-						script.onload = script.onreadystatechange = null;
-
-						// Remove the script
-						if ( head && script.parentNode ) {
-							head.removeChild( script );
-						}
-
-						// Dereference the script
-						script = undefined;
-
-						// Callback if not abort
-						if ( !isAbort ) {
-							callback( 200, "success" );
-						}
-					}
-				};
-				// Use insertBefore instead of appendChild  to circumvent an IE6 bug.
-				// This arises when a base node is used (#2709 and #4378).
-				head.insertBefore( script, head.firstChild );
-			},
-
-			abort: function() {
-				if ( script ) {
-					script.onload( 0, 1 );
-				}
-			}
-		};
-	}
-});
-
-
-
-
-var // #5280: Internet Explorer will keep connections alive if we don't abort on unload
-	xhrOnUnloadAbort = window.ActiveXObject ? function() {
-		// Abort all pending requests
-		for ( var key in xhrCallbacks ) {
-			xhrCallbacks[ key ]( 0, 1 );
-		}
-	} : false,
-	xhrId = 0,
-	xhrCallbacks;
-
-// Functions to create xhrs
-function createStandardXHR() {
-	try {
-		return new window.XMLHttpRequest();
-	} catch( e ) {}
-}
-
-function createActiveXHR() {
-	try {
-		return new window.ActiveXObject( "Microsoft.XMLHTTP" );
-	} catch( e ) {}
-}
-
-// Create the request object
-// (This is still attached to ajaxSettings for backward compatibility)
-jQuery.ajaxSettings.xhr = window.ActiveXObject ?
-	/* Microsoft failed to properly
-	 * implement the XMLHttpRequest in IE7 (can't request local files),
-	 * so we use the ActiveXObject when it is available
-	 * Additionally XMLHttpRequest can be disabled in IE7/IE8 so
-	 * we need a fallback.
-	 */
-	function() {
-		return !this.isLocal && createStandardXHR() || createActiveXHR();
-	} :
-	// For all other browsers, use the standard XMLHttpRequest object
-	createStandardXHR;
-
-// Determine support properties
-(function( xhr ) {
-	jQuery.extend( jQuery.support, {
-		ajax: !!xhr,
-		cors: !!xhr && ( "withCredentials" in xhr )
-	});
-})( jQuery.ajaxSettings.xhr() );
-
-// Create transport if the browser can provide an xhr
-if ( jQuery.support.ajax ) {
-
-	jQuery.ajaxTransport(function( s ) {
-		// Cross domain only allowed if supported through XMLHttpRequest
-		if ( !s.crossDomain || jQuery.support.cors ) {
-
-			var callback;
-
-			return {
-				send: function( headers, complete ) {
-
-					// Get a new xhr
-					var xhr = s.xhr(),
-						handle,
-						i;
-
-					// Open the socket
-					// Passing null username, generates a login popup on Opera (#2865)
-					if ( s.username ) {
-						xhr.open( s.type, s.url, s.async, s.username, s.password );
-					} else {
-						xhr.open( s.type, s.url, s.async );
-					}
-
-					// Apply custom fields if provided
-					if ( s.xhrFields ) {
-						for ( i in s.xhrFields ) {
-							xhr[ i ] = s.xhrFields[ i ];
-						}
-					}
-
-					// Override mime type if needed
-					if ( s.mimeType && xhr.overrideMimeType ) {
-						xhr.overrideMimeType( s.mimeType );
-					}
-
-					// X-Requested-With header
-					// For cross-domain requests, seeing as conditions for a preflight are
-					// akin to a jigsaw puzzle, we simply never set it to be sure.
-					// (it can always be set on a per-request basis or even using ajaxSetup)
-					// For same-domain requests, won't change header if already provided.
-					if ( !s.crossDomain && !headers["X-Requested-With"] ) {
-						headers[ "X-Requested-With" ] = "XMLHttpRequest";
-					}
-
-					// Need an extra try/catch for cross domain requests in Firefox 3
-					try {
-						for ( i in headers ) {
-							xhr.setRequestHeader( i, headers[ i ] );
-						}
-					} catch( _ ) {}
-
-					// Do send the request
-					// This may raise an exception which is actually
-					// handled in jQuery.ajax (so no try/catch here)
-					xhr.send( ( s.hasContent && s.data ) || null );
-
-					// Listener
-					callback = function( _, isAbort ) {
-
-						var status,
-							statusText,
-							responseHeaders,
-							responses,
-							xml;
-
-						// Firefox throws exceptions when accessing properties
-						// of an xhr when a network error occured
-						// http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_(NS_ERROR_NOT_AVAILABLE)
-						try {
-
-							// Was never called and is aborted or complete
-							if ( callback && ( isAbort || xhr.readyState === 4 ) ) {
-
-								// Only called once
-								callback = undefined;
-
-								// Do not keep as active anymore
-								if ( handle ) {
-									xhr.onreadystatechange = jQuery.noop;
-									if ( xhrOnUnloadAbort ) {
-										delete xhrCallbacks[ handle ];
-									}
-								}
-
-								// If it's an abort
-								if ( isAbort ) {
-									// Abort it manually if needed
-									if ( xhr.readyState !== 4 ) {
-										xhr.abort();
-									}
-								} else {
-									status = xhr.status;
-									responseHeaders = xhr.getAllResponseHeaders();
-									responses = {};
-									xml = xhr.responseXML;
-
-									// Construct response list
-									if ( xml && xml.documentElement /* #4958 */ ) {
-										responses.xml = xml;
-									}
-
-									// When requesting binary data, IE6-9 will throw an exception
-									// on any attempt to access responseText (#11426)
-									try {
-										responses.text = xhr.responseText;
-									} catch( _ ) {
-									}
-
-									// Firefox throws an exception when accessing
-									// statusText for faulty cross-domain requests
-									try {
-										statusText = xhr.statusText;
-									} catch( e ) {
-										// We normalize with Webkit giving an empty statusText
-										statusText = "";
-									}
-
-									// Filter status for non standard behaviors
-
-									// If the request is local and we have data: assume a success
-									// (success with no data won't get notified, that's the best we
-									// can do given current implementations)
-									if ( !status && s.isLocal && !s.crossDomain ) {
-										status = responses.text ? 200 : 404;
-									// IE - #1450: sometimes returns 1223 when it should be 204
-									} else if ( status === 1223 ) {
-										status = 204;
-									}
-								}
-							}
-						} catch( firefoxAccessException ) {
-							if ( !isAbort ) {
-								complete( -1, firefoxAccessException );
-							}
-						}
-
-						// Call complete if needed
-						if ( responses ) {
-							complete( status, statusText, responses, responseHeaders );
-						}
-					};
-
-					// if we're in sync mode or it's in cache
-					// and has been retrieved directly (IE6 & IE7)
-					// we need to manually fire the callback
-					if ( !s.async || xhr.readyState === 4 ) {
-						callback();
-					} else {
-						handle = ++xhrId;
-						if ( xhrOnUnloadAbort ) {
-							// Create the active xhrs callbacks list if needed
-							// and attach the unload handler
-							if ( !xhrCallbacks ) {
-								xhrCallbacks = {};
-								jQuery( window ).unload( xhrOnUnloadAbort );
-							}
-							// Add to list of active xhrs callbacks
-							xhrCallbacks[ handle ] = callback;
-						}
-						xhr.onreadystatechange = callback;
-					}
-				},
-
-				abort: function() {
-					if ( callback ) {
-						callback(0,1);
-					}
-				}
-			};
-		}
-	});
-}
-
-
-
-
-var elemdisplay = {},
-	iframe, iframeDoc,
-	rfxtypes = /^(?:toggle|show|hide)$/,
-	rfxnum = /^([+\-]=)?([\d+.\-]+)([a-z%]*)$/i,
-	timerId,
-	fxAttrs = [
-		// height animations
-		[ "height", "marginTop", "marginBottom", "paddingTop", "paddingBottom" ],
-		// width animations
-		[ "width", "marginLeft", "marginRight", "paddingLeft", "paddingRight" ],
-		// opacity animations
-		[ "opacity" ]
-	],
-	fxNow;
-
-jQuery.fn.extend({
-	show: function( speed, easing, callback ) {
-		var elem, display;
-
-		if ( speed || speed === 0 ) {
-			return this.animate( genFx("show", 3), speed, easing, callback );
-
-		} else {
-			for ( var i = 0, j = this.length; i < j; i++ ) {
-				elem = this[ i ];
-
-				if ( elem.style ) {
-					display = elem.style.display;
-
-					// Reset the inline display of this element to learn if it is
-					// being hidden by cascaded rules or not
-					if ( !jQuery._data(elem, "olddisplay") && display === "none" ) {
-						display = elem.style.display = "";
-					}
-
-					// Set elements which have been overridden with display: none
-					// in a stylesheet to whatever the default browser style is
-					// for such an element
-					if ( (display === "" && jQuery.css(elem, "display") === "none") ||
-						!jQuery.contains( elem.ownerDocument.documentElement, elem ) ) {
-						jQuery._data( elem, "olddisplay", defaultDisplay(elem.nodeName) );
-					}
-				}
-			}
-
-			// Set the display of most of the elements in a second loop
-			// to avoid the constant reflow
-			for ( i = 0; i < j; i++ ) {
-				elem = this[ i ];
-
-				if ( elem.style ) {
-					display = elem.style.display;
-
-					if ( display === "" || display === "none" ) {
-						elem.style.display = jQuery._data( elem, "olddisplay" ) || "";
-					}
-				}
-			}
-
-			return this;
-		}
-	},
-
-	hide: function( speed, easing, callback ) {
-		if ( speed || speed === 0 ) {
-			return this.animate( genFx("hide", 3), speed, easing, callback);
-
-		} else {
-			var elem, display,
-				i = 0,
-				j = this.length;
-
-			for ( ; i < j; i++ ) {
-				elem = this[i];
-				if ( elem.style ) {
-					display = jQuery.css( elem, "display" );
-
-					if ( display !== "none" && !jQuery._data( elem, "olddisplay" ) ) {
-						jQuery._data( elem, "olddisplay", display );
-					}
-				}
-			}
-
-			// Set the display of the elements in a second loop
-			// to avoid the constant reflow
-			for ( i = 0; i < j; i++ ) {
-				if ( this[i].style ) {
-					this[i].style.display = "none";
-				}
-			}
-
-			return this;
-		}
-	},
-
-	// Save the old toggle function
-	_toggle: jQuery.fn.toggle,
-
-	toggle: function( fn, fn2, callback ) {
-		var bool = typeof fn === "boolean";
-
-		if ( jQuery.isFunction(fn) && jQuery.isFunction(fn2) ) {
-			this._toggle.apply( this, arguments );
-
-		} else if ( fn == null || bool ) {
-			this.each(function() {
-				var state = bool ? fn : jQuery(this).is(":hidden");
-				jQuery(this)[ state ? "show" : "hide" ]();
-			});
-
-		} else {
-			this.animate(genFx("toggle", 3), fn, fn2, callback);
-		}
-
-		return this;
-	},
-
-	fadeTo: function( speed, to, easing, callback ) {
-		return this.filter(":hidden").css("opacity", 0).show().end()
-					.animate({opacity: to}, speed, easing, callback);
-	},
-
-	animate: function( prop, speed, easing, callback ) {
-		var optall = jQuery.speed( speed, easing, callback );
-
-		if ( jQuery.isEmptyObject( prop ) ) {
-			return this.each( optall.complete, [ false ] );
-		}
-
-		// Do not change referenced properties as per-property easing will be lost
-		prop = jQuery.extend( {}, prop );
-
-		function doAnimation() {
-			// XXX 'this' does not always have a nodeName when running the
-			// test suite
-
-			if ( optall.queue === false ) {
-				jQuery._mark( this );
-			}
-
-			var opt = jQuery.extend( {}, optall ),
-				isElement = this.nodeType === 1,
-				hidden = isElement && jQuery(this).is(":hidden"),
-				name, val, p, e, hooks, replace,
-				parts, start, end, unit,
-				method;
-
-			// will store per property easing and be used to determine when an animation is complete
-			opt.animatedProperties = {};
-
-			// first pass over propertys to expand / normalize
-			for ( p in prop ) {
-				name = jQuery.camelCase( p );
-				if ( p !== name ) {
-					prop[ name ] = prop[ p ];
-					delete prop[ p ];
-				}
-
-				if ( ( hooks = jQuery.cssHooks[ name ] ) && "expand" in hooks ) {
-					replace = hooks.expand( prop[ name ] );
-					delete prop[ name ];
-
-					// not quite $.extend, this wont overwrite keys already present.
-					// also - reusing 'p' from above because we have the correct "name"
-					for ( p in replace ) {
-						if ( ! ( p in prop ) ) {
-							prop[ p ] = replace[ p ];
-						}
-					}
-				}
-			}
-
-			for ( name in prop ) {
-				val = prop[ name ];
-				// easing resolution: per property > opt.specialEasing > opt.easing > 'swing' (default)
-				if ( jQuery.isArray( val ) ) {
-					opt.animatedProperties[ name ] = val[ 1 ];
-					val = prop[ name ] = val[ 0 ];
-				} else {
-					opt.animatedProperties[ name ] = opt.specialEasing && opt.specialEasing[ name ] || opt.easing || 'swing';
-				}
-
-				if ( val === "hide" && hidden || val === "show" && !hidden ) {
-					return opt.complete.call( this );
-				}
-
-				if ( isElement && ( name === "height" || name === "width" ) ) {
-					// Make sure that nothing sneaks out
-					// Record all 3 overflow attributes because IE does not
-					// change the overflow attribute when overflowX and
-					// overflowY are set to the same value
-					opt.overflow = [ this.style.overflow, this.style.overflowX, this.style.overflowY ];
-
-					// Set display property to inline-block for height/width
-					// animations on inline elements that are having width/height animated
-					if ( jQuery.css( this, "display" ) === "inline" &&
-							jQuery.css( this, "float" ) === "none" ) {
-
-						// inline-level elements accept inline-block;
-						// block-level elements need to be inline with layout
-						if ( !jQuery.support.inlineBlockNeedsLayout || defaultDisplay( this.nodeName ) === "inline" ) {
-							this.style.display = "inline-block";
-
-						} else {
-							this.style.zoom = 1;
-						}
-					}
-				}
-			}
-
-			if ( opt.overflow != null ) {
-				this.style.overflow = "hidden";
-			}
-
-			for ( p in prop ) {
-				e = new jQuery.fx( this, opt, p );
-				val = prop[ p ];
-
-				if ( rfxtypes.test( val ) ) {
-
-					// Tracks whether to show or hide based on private
-					// data attached to the element
-					method = jQuery._data( this, "toggle" + p ) || ( val === "toggle" ? hidden ? "show" : "hide" : 0 );
-					if ( method ) {
-						jQuery._data( this, "toggle" + p, method === "show" ? "hide" : "show" );
-						e[ method ]();
-					} else {
-						e[ val ]();
-					}
-
-				} else {
-					parts = rfxnum.exec( val );
-					start = e.cur();
-
-					if ( parts ) {
-						end = parseFloat( parts[2] );
-						unit = parts[3] || ( jQuery.cssNumber[ p ] ? "" : "px" );
-
-						// We need to compute starting value
-						if ( unit !== "px" ) {
-							jQuery.style( this, p, (end || 1) + unit);
-							start = ( (end || 1) / e.cur() ) * start;
-							jQuery.style( this, p, start + unit);
-						}
-
-						// If a +=/-= token was provided, we're doing a relative animation
-						if ( parts[1] ) {
-							end = ( (parts[ 1 ] === "-=" ? -1 : 1) * end ) + start;
-						}
-
-						e.custom( start, end, unit );
-
-					} else {
-						e.custom( start, val, "" );
-					}
-				}
-			}
-
-			// For JS strict compliance
-			return true;
-		}
-
-		return optall.queue === false ?
-			this.each( doAnimation ) :
-			this.queue( optall.queue, doAnimation );
-	},
-
-	stop: function( type, clearQueue, gotoEnd ) {
-		if ( typeof type !== "string" ) {
-			gotoEnd = clearQueue;
-			clearQueue = type;
-			type = undefined;
-		}
-		if ( clearQueue && type !== false ) {
-			this.queue( type || "fx", [] );
-		}
-
-		return this.each(function() {
-			var index,
-				hadTimers = false,
-				timers = jQuery.timers,
-				data = jQuery._data( this );
-
-			// clear marker counters if we know they won't be
-			if ( !gotoEnd ) {
-				jQuery._unmark( true, this );
-			}
-
-			function stopQueue( elem, data, index ) {
-				var hooks = data[ index ];
-				jQuery.removeData( elem, index, true );
-				hooks.stop( gotoEnd );
-			}
-
-			if ( type == null ) {
-				for ( index in data ) {
-					if ( data[ index ] && data[ index ].stop && index.indexOf(".run") === index.length - 4 ) {
-						stopQueue( this, data, index );
-					}
-				}
-			} else if ( data[ index = type + ".run" ] && data[ index ].stop ){
-				stopQueue( this, data, index );
-			}
-
-			for ( index = timers.length; index--; ) {
-				if ( timers[ index ].elem === this && (type == null || timers[ index ].queue === type) ) {
-					if ( gotoEnd ) {
-
-						// force the next step to be the last
-						timers[ index ]( true );
-					} else {
-						timers[ index ].saveState();
-					}
-					hadTimers = true;
-					timers.splice( index, 1 );
-				}
-			}
-
-			// start the next in the queue if the last step wasn't forced
-			// timers currently will call their complete callbacks, which will dequeue
-			// but only if they were gotoEnd
-			if ( !( gotoEnd && hadTimers ) ) {
-				jQuery.dequeue( this, type );
-			}
-		});
-	}
-
-});
-
-// Animations created synchronously will run synchronously
-function createFxNow() {
-	setTimeout( clearFxNow, 0 );
-	return ( fxNow = jQuery.now() );
-}
-
-function clearFxNow() {
-	fxNow = undefined;
-}
-
-// Generate parameters to create a standard animation
-function genFx( type, num ) {
-	var obj = {};
-
-	jQuery.each( fxAttrs.concat.apply([], fxAttrs.slice( 0, num )), function() {
-		obj[ this ] = type;
-	});
-
-	return obj;
-}
-
-// Generate shortcuts for custom animations
-jQuery.each({
-	slideDown: genFx( "show", 1 ),
-	slideUp: genFx( "hide", 1 ),
-	slideToggle: genFx( "toggle", 1 ),
-	fadeIn: { opacity: "show" },
-	fadeOut: { opacity: "hide" },
-	fadeToggle: { opacity: "toggle" }
-}, function( name, props ) {
-	jQuery.fn[ name ] = function( speed, easing, callback ) {
-		return this.animate( props, speed, easing, callback );
-	};
-});
-
-jQuery.extend({
-	speed: function( speed, easing, fn ) {
-		var opt = speed && typeof speed === "object" ? jQuery.extend( {}, speed ) : {
-			complete: fn || !fn && easing ||
-				jQuery.isFunction( speed ) && speed,
-			duration: speed,
-			easing: fn && easing || easing && !jQuery.isFunction( easing ) && easing
-		};
-
-		opt.duration = jQuery.fx.off ? 0 : typeof opt.duration === "number" ? opt.duration :
-			opt.duration in jQuery.fx.speeds ? jQuery.fx.speeds[ opt.duration ] : jQuery.fx.speeds._default;
-
-		// normalize opt.queue - true/undefined/null -> "fx"
-		if ( opt.queue == null || opt.queue === true ) {
-			opt.queue = "fx";
-		}
-
-		// Queueing
-		opt.old = opt.complete;
-
-		opt.complete = function( noUnmark ) {
-			if ( jQuery.isFunction( opt.old ) ) {
-				opt.old.call( this );
-			}
-
-			if ( opt.queue ) {
-				jQuery.dequeue( this, opt.queue );
-			} else if ( noUnmark !== false ) {
-				jQuery._unmark( this );
-			}
-		};
-
-		return opt;
-	},
-
-	easing: {
-		linear: function( p ) {
-			return p;
-		},
-		swing: function( p ) {
-			return ( -Math.cos( p*Math.PI ) / 2 ) + 0.5;
-		}
-	},
-
-	timers: [],
-
-	fx: function( elem, options, prop ) {
-		this.options = options;
-		this.elem = elem;
-		this.prop = prop;
-
-		options.orig = options.orig || {};
-	}
-
-});
-
-jQuery.fx.prototype = {
-	// Simple function for setting a style value
-	update: function() {
-		if ( this.options.step ) {
-			this.options.step.call( this.elem, this.now, this );
-		}
-
-		( jQuery.fx.step[ this.prop ] || jQuery.fx.step._default )( this );
-	},
-
-	// Get the current size
-	cur: function() {
-		if ( this.elem[ this.prop ] != null && (!this.elem.style || this.elem.style[ this.prop ] == null) ) {
-			return this.elem[ this.prop ];
-		}
-
-		var parsed,
-			r = jQuery.css( this.elem, this.prop );
-		// Empty strings, null, undefined and "auto" are converted to 0,
-		// complex values such as "rotate(1rad)" are returned as is,
-		// simple values such as "10px" are parsed to Float.
-		return isNaN( parsed = parseFloat( r ) ) ? !r || r === "auto" ? 0 : r : parsed;
-	},
-
-	// Start an animation from one number to another
-	custom: function( from, to, unit ) {
-		var self = this,
-			fx = jQuery.fx;
-
-		this.startTime = fxNow || createFxNow();
-		this.end = to;
-		this.now = this.start = from;
-		this.pos = this.state = 0;
-		this.unit = unit || this.unit || ( jQuery.cssNumber[ this.prop ] ? "" : "px" );
-
-		function t( gotoEnd ) {
-			return self.step( gotoEnd );
-		}
-
-		t.queue = this.options.queue;
-		t.elem = this.elem;
-		t.saveState = function() {
-			if ( jQuery._data( self.elem, "fxshow" + self.prop ) === undefined ) {
-				if ( self.options.hide ) {
-					jQuery._data( self.elem, "fxshow" + self.prop, self.start );
-				} else if ( self.options.show ) {
-					jQuery._data( self.elem, "fxshow" + self.prop, self.end );
-				}
-			}
-		};
-
-		if ( t() && jQuery.timers.push(t) && !timerId ) {
-			timerId = setInterval( fx.tick, fx.interval );
-		}
-	},
-
-	// Simple 'show' function
-	show: function() {
-		var dataShow = jQuery._data( this.elem, "fxshow" + this.prop );
-
-		// Remember where we started, so that we can go back to it later
-		this.options.orig[ this.prop ] = dataShow || jQuery.style( this.elem, this.prop );
-		this.options.show = true;
-
-		// Begin the animation
-		// Make sure that we start at a small width/height to avoid any flash of content
-		if ( dataShow !== undefined ) {
-			// This show is picking up where a previous hide or show left off
-			this.custom( this.cur(), dataShow );
-		} else {
-			this.custom( this.prop === "width" || this.prop === "height" ? 1 : 0, this.cur() );
-		}
-
-		// Start by showing the element
-		jQuery( this.elem ).show();
-	},
-
-	// Simple 'hide' function
-	hide: function() {
-		// Remember where we started, so that we can go back to it later
-		this.options.orig[ this.prop ] = jQuery._data( this.elem, "fxshow" + this.prop ) || jQuery.style( this.elem, this.prop );
-		this.options.hide = true;
-
-		// Begin the animation
-		this.custom( this.cur(), 0 );
-	},
-
-	// Each step of an animation
-	step: function( gotoEnd ) {
-		var p, n, complete,
-			t = fxNow || createFxNow(),
-			done = true,
-			elem = this.elem,
-			options = this.options;
-
-		if ( gotoEnd || t >= options.duration + this.startTime ) {
-			this.now = this.end;
-			this.pos = this.state = 1;
-			this.update();
-
-			options.animatedProperties[ this.prop ] = true;
-
-			for ( p in options.animatedProperties ) {
-				if ( options.animatedProperties[ p ] !== true ) {
-					done = false;
-				}
-			}
-
-			if ( done ) {
-				// Reset the overflow
-				if ( options.overflow != null && !jQuery.support.shrinkWrapBlocks ) {
-
-					jQuery.each( [ "", "X", "Y" ], function( index, value ) {
-						elem.style[ "overflow" + value ] = options.overflow[ index ];
-					});
-				}
-
-				// Hide the element if the "hide" operation was done
-				if ( options.hide ) {
-					jQuery( elem ).hide();
-				}
-
-				// Reset the properties, if the item has been hidden or shown
-				if ( options.hide || options.show ) {
-					for ( p in options.animatedProperties ) {
-						jQuery.style( elem, p, options.orig[ p ] );
-						jQuery.removeData( elem, "fxshow" + p, true );
-						// Toggle data is no longer needed
-						jQuery.removeData( elem, "toggle" + p, true );
-					}
-				}
-
-				// Execute the complete function
-				// in the event that the complete function throws an exception
-				// we must ensure it won't be called twice. #5684
-
-				complete = options.complete;
-				if ( complete ) {
-
-					options.complete = false;
-					complete.call( elem );
-				}
-			}
-
-			return false;
-
-		} else {
-			// classical easing cannot be used with an Infinity duration
-			if ( options.duration == Infinity ) {
-				this.now = t;
-			} else {
-				n = t - this.startTime;
-				this.state = n / options.duration;
-
-				// Perform the easing function, defaults to swing
-				this.pos = jQuery.easing[ options.animatedProperties[this.prop] ]( this.state, n, 0, 1, options.duration );
-				this.now = this.start + ( (this.end - this.start) * this.pos );
-			}
-			// Perform the next step of the animation
-			this.update();
-		}
-
-		return true;
-	}
-};
-
-jQuery.extend( jQuery.fx, {
-	tick: function() {
-		var timer,
-			timers = jQuery.timers,
-			i = 0;
-
-		for ( ; i < timers.length; i++ ) {
-			timer = timers[ i ];
-			// Checks the timer has not already been removed
-			if ( !timer() && timers[ i ] === timer ) {
-				timers.splice( i--, 1 );
-			}
-		}
-
-		if ( !timers.length ) {
-			jQuery.fx.stop();
-		}
-	},
-
-	interval: 13,
-
-	stop: function() {
-		clearInterval( timerId );
-		timerId = null;
-	},
-
-	speeds: {
-		slow: 600,
-		fast: 200,
-		// Default speed
-		_default: 400
-	},
-
-	step: {
-		opacity: function( fx ) {
-			jQuery.style( fx.elem, "opacity", fx.now );
-		},
-
-		_default: function( fx ) {
-			if ( fx.elem.style && fx.elem.style[ fx.prop ] != null ) {
-				fx.elem.style[ fx.prop ] = fx.now + fx.unit;
-			} else {
-				fx.elem[ fx.prop ] = fx.now;
-			}
-		}
-	}
-});
-
-// Ensure props that can't be negative don't go there on undershoot easing
-jQuery.each( fxAttrs.concat.apply( [], fxAttrs ), function( i, prop ) {
-	// exclude marginTop, marginLeft, marginBottom and marginRight from this list
-	if ( prop.indexOf( "margin" ) ) {
-		jQuery.fx.step[ prop ] = function( fx ) {
-			jQuery.style( fx.elem, prop, Math.max(0, fx.now) + fx.unit );
-		};
-	}
-});
-
-if ( jQuery.expr && jQuery.expr.filters ) {
-	jQuery.expr.filters.animated = function( elem ) {
-		return jQuery.grep(jQuery.timers, function( fn ) {
-			return elem === fn.elem;
-		}).length;
-	};
-}
-
-// Try to restore the default display value of an element
-function defaultDisplay( nodeName ) {
-
-	if ( !elemdisplay[ nodeName ] ) {
-
-		var body = document.body,
-			elem = jQuery( "<" + nodeName + ">" ).appendTo( body ),
-			display = elem.css( "display" );
-		elem.remove();
-
-		// If the simple way fails,
-		// get element's real default display by attaching it to a temp iframe
-		if ( display === "none" || display === "" ) {
-			// No iframe to use yet, so create it
-			if ( !iframe ) {
-				iframe = document.createElement( "iframe" );
-				iframe.frameBorder = iframe.width = iframe.height = 0;
-			}
-
-			body.appendChild( iframe );
-
-			// Create a cacheable copy of the iframe document on first call.
-			// IE and Opera will allow us to reuse the iframeDoc without re-writing the fake HTML
-			// document to it; WebKit & Firefox won't allow reusing the iframe document.
-			if ( !iframeDoc || !iframe.createElement ) {
-				iframeDoc = ( iframe.contentWindow || iframe.contentDocument ).document;
-				iframeDoc.write( ( jQuery.support.boxModel ? "<!doctype html>" : "" ) + "<html><body>" );
-				iframeDoc.close();
-			}
-
-			elem = iframeDoc.createElement( nodeName );
-
-			iframeDoc.body.appendChild( elem );
-
-			display = jQuery.css( elem, "display" );
-			body.removeChild( iframe );
-		}
-
-		// Store the correct default display
-		elemdisplay[ nodeName ] = display;
-	}
-
-	return elemdisplay[ nodeName ];
-}
-
-
-
-
-var getOffset,
-	rtable = /^t(?:able|d|h)$/i,
-	rroot = /^(?:body|html)$/i;
-
-if ( "getBoundingClientRect" in document.documentElement ) {
-	getOffset = function( elem, doc, docElem, box ) {
-		try {
-			box = elem.getBoundingClientRect();
-		} catch(e) {}
-
-		// Make sure we're not dealing with a disconnected DOM node
-		if ( !box || !jQuery.contains( docElem, elem ) ) {
-			return box ? { top: box.top, left: box.left } : { top: 0, left: 0 };
-		}
-
-		var body = doc.body,
-			win = getWindow( doc ),
-			clientTop  = docElem.clientTop  || body.clientTop  || 0,
-			clientLeft = docElem.clientLeft || body.clientLeft || 0,
-			scrollTop  = win.pageYOffset || jQuery.support.boxModel && docElem.scrollTop  || body.scrollTop,
-			scrollLeft = win.pageXOffset || jQuery.support.boxModel && docElem.scrollLeft || body.scrollLeft,
-			top  = box.top  + scrollTop  - clientTop,
-			left = box.left + scrollLeft - clientLeft;
-
-		return { top: top, left: left };
-	};
-
-} else {
-	getOffset = function( elem, doc, docElem ) {
-		var computedStyle,
-			offsetParent = elem.offsetParent,
-			prevOffsetParent = elem,
-			body = doc.body,
-			defaultView = doc.defaultView,
-			prevComputedStyle = defaultView ? defaultView.getComputedStyle( elem, null ) : elem.currentStyle,
-			top = elem.offsetTop,
-			left = elem.offsetLeft;
-
-		while ( (elem = elem.parentNode) && elem !== body && elem !== docElem ) {
-			if ( jQuery.support.fixedPosition && prevComputedStyle.position === "fixed" ) {
-				break;
-			}
-
-			computedStyle = defaultView ? defaultView.getComputedStyle(elem, null) : elem.currentStyle;
-			top  -= elem.scrollTop;
-			left -= elem.scrollLeft;
-
-			if ( elem === offsetParent ) {
-				top  += elem.offsetTop;
-				left += elem.offsetLeft;
-
-				if ( jQuery.support.doesNotAddBorder && !(jQuery.support.doesAddBorderForTableAndCells && rtable.test(elem.nodeName)) ) {
-					top  += parseFloat( computedStyle.borderTopWidth  ) || 0;
-					left += parseFloat( computedStyle.borderLeftWidth ) || 0;
-				}
-
-				prevOffsetParent = offsetParent;
-				offsetParent = elem.offsetParent;
-			}
-
-			if ( jQuery.support.subtractsBorderForOverflowNotVisible && computedStyle.overflow !== "visible" ) {
-				top  += parseFloat( computedStyle.borderTopWidth  ) || 0;
-				left += parseFloat( computedStyle.borderLeftWidth ) || 0;
-			}
-
-			prevComputedStyle = computedStyle;
-		}
-
-		if ( prevComputedStyle.position === "relative" || prevComputedStyle.position === "static" ) {
-			top  += body.offsetTop;
-			left += body.offsetLeft;
-		}
-
-		if ( jQuery.support.fixedPosition && prevComputedStyle.position === "fixed" ) {
-			top  += Math.max( docElem.scrollTop, body.scrollTop );
-			left += Math.max( docElem.scrollLeft, body.scrollLeft );
-		}
-
-		return { top: top, left: left };
-	};
-}
-
-jQuery.fn.offset = function( options ) {
-	if ( arguments.length ) {
-		return options === undefined ?
-			this :
-			this.each(function( i ) {
-				jQuery.offset.setOffset( this, options, i );
-			});
-	}
-
-	var elem = this[0],
-		doc = elem && elem.ownerDocument;
-
-	if ( !doc ) {
-		return null;
-	}
-
-	if ( elem === doc.body ) {
-		return jQuery.offset.bodyOffset( elem );
-	}
-
-	return getOffset( elem, doc, doc.documentElement );
-};
-
-jQuery.offset = {
-
-	bodyOffset: function( body ) {
-		var top = body.offsetTop,
-			left = body.offsetLeft;
-
-		if ( jQuery.support.doesNotIncludeMarginInBodyOffset ) {
-			top  += parseFloat( jQuery.css(body, "marginTop") ) || 0;
-			left += parseFloat( jQuery.css(body, "marginLeft") ) || 0;
-		}
-
-		return { top: top, left: left };
-	},
-
-	setOffset: function( elem, options, i ) {
-		var position = jQuery.css( elem, "position" );
-
-		// set position first, in-case top/left are set even on static elem
-		if ( position === "static" ) {
-			elem.style.position = "relative";
-		}
-
-		var curElem = jQuery( elem ),
-			curOffset = curElem.offset(),
-			curCSSTop = jQuery.css( elem, "top" ),
-			curCSSLeft = jQuery.css( elem, "left" ),
-			calculatePosition = ( position === "absolute" || position === "fixed" ) && jQuery.inArray("auto", [curCSSTop, curCSSLeft]) > -1,
-			props = {}, curPosition = {}, curTop, curLeft;
-
-		// need to be able to calculate position if either top or left is auto and position is either absolute or fixed
-		if ( calculatePosition ) {
-			curPosition = curElem.position();
-			curTop = curPosition.top;
-			curLeft = curPosition.left;
-		} else {
-			curTop = parseFloat( curCSSTop ) || 0;
-			curLeft = parseFloat( curCSSLeft ) || 0;
-		}
-
-		if ( jQuery.isFunction( options ) ) {
-			options = options.call( elem, i, curOffset );
-		}
-
-		if ( options.top != null ) {
-			props.top = ( options.top - curOffset.top ) + curTop;
-		}
-		if ( options.left != null ) {
-			props.left = ( options.left - curOffset.left ) + curLeft;
-		}
-
-		if ( "using" in options ) {
-			options.using.call( elem, props );
-		} else {
-			curElem.css( props );
-		}
-	}
-};
-
-
-jQuery.fn.extend({
-
-	position: function() {
-		if ( !this[0] ) {
-			return null;
-		}
-
-		var elem = this[0],
-
-		// Get *real* offsetParent
-		offsetParent = this.offsetParent(),
-
-		// Get correct offsets
-		offset       = this.offset(),
-		parentOffset = rroot.test(offsetParent[0].nodeName) ? { top: 0, left: 0 } : offsetParent.offset();
-
-		// Subtract element margins
-		// note: when an element has margin: auto the offsetLeft and marginLeft
-		// are the same in Safari causing offset.left to incorrectly be 0
-		offset.top  -= parseFloat( jQuery.css(elem, "marginTop") ) || 0;
-		offset.left -= parseFloat( jQuery.css(elem, "marginLeft") ) || 0;
-
-		// Add offsetParent borders
-		parentOffset.top  += parseFloat( jQuery.css(offsetParent[0], "borderTopWidth") ) || 0;
-		parentOffset.left += parseFloat( jQuery.css(offsetParent[0], "borderLeftWidth") ) || 0;
-
-		// Subtract the two offsets
-		return {
-			top:  offset.top  - parentOffset.top,
-			left: offset.left - parentOffset.left
-		};
-	},
-
-	offsetParent: function() {
-		return this.map(function() {
-			var offsetParent = this.offsetParent || document.body;
-			while ( offsetParent && (!rroot.test(offsetParent.nodeName) && jQuery.css(offsetParent, "position") === "static") ) {
-				offsetParent = offsetParent.offsetParent;
-			}
-			return offsetParent;
-		});
-	}
-});
-
-
-// Create scrollLeft and scrollTop methods
-jQuery.each( {scrollLeft: "pageXOffset", scrollTop: "pageYOffset"}, function( method, prop ) {
-	var top = /Y/.test( prop );
-
-	jQuery.fn[ method ] = function( val ) {
-		return jQuery.access( this, function( elem, method, val ) {
-			var win = getWindow( elem );
-
-			if ( val === undefined ) {
-				return win ? (prop in win) ? win[ prop ] :
-					jQuery.support.boxModel && win.document.documentElement[ method ] ||
-						win.document.body[ method ] :
-					elem[ method ];
-			}
-
-			if ( win ) {
-				win.scrollTo(
-					!top ? val : jQuery( win ).scrollLeft(),
-					 top ? val : jQuery( win ).scrollTop()
-				);
-
-			} else {
-				elem[ method ] = val;
-			}
-		}, method, val, arguments.length, null );
-	};
-});
-
-function getWindow( elem ) {
-	return jQuery.isWindow( elem ) ?
-		elem :
-		elem.nodeType === 9 ?
-			elem.defaultView || elem.parentWindow :
-			false;
-}
-
-
-
-
-// Create width, height, innerHeight, innerWidth, outerHeight and outerWidth methods
-jQuery.each( { Height: "height", Width: "width" }, function( name, type ) {
-	var clientProp = "client" + name,
-		scrollProp = "scroll" + name,
-		offsetProp = "offset" + name;
-
-	// innerHeight and innerWidth
-	jQuery.fn[ "inner" + name ] = function() {
-		var elem = this[0];
-		return elem ?
-			elem.style ?
-			parseFloat( jQuery.css( elem, type, "padding" ) ) :
-			this[ type ]() :
-			null;
-	};
-
-	// outerHeight and outerWidth
-	jQuery.fn[ "outer" + name ] = function( margin ) {
-		var elem = this[0];
-		return elem ?
-			elem.style ?
-			parseFloat( jQuery.css( elem, type, margin ? "margin" : "border" ) ) :
-			this[ type ]() :
-			null;
-	};
-
-	jQuery.fn[ type ] = function( value ) {
-		return jQuery.access( this, function( elem, type, value ) {
-			var doc, docElemProp, orig, ret;
-
-			if ( jQuery.isWindow( elem ) ) {
-				// 3rd condition allows Nokia support, as it supports the docElem prop but not CSS1Compat
-				doc = elem.document;
-				docElemProp = doc.documentElement[ clientProp ];
-				return jQuery.support.boxModel && docElemProp ||
-					doc.body && doc.body[ clientProp ] || docElemProp;
-			}
-
-			// Get document width or height
-			if ( elem.nodeType === 9 ) {
-				// Either scroll[Width/Height] or offset[Width/Height], whichever is greater
-				doc = elem.documentElement;
-
-				// when a window > document, IE6 reports a offset[Width/Height] > client[Width/Height]
-				// so we can't use max, as it'll choose the incorrect offset[Width/Height]
-				// instead we use the correct client[Width/Height]
-				// support:IE6
-				if ( doc[ clientProp ] >= doc[ scrollProp ] ) {
-					return doc[ clientProp ];
-				}
-
-				return Math.max(
-					elem.body[ scrollProp ], doc[ scrollProp ],
-					elem.body[ offsetProp ], doc[ offsetProp ]
-				);
-			}
-
-			// Get width or height on the element
-			if ( value === undefined ) {
-				orig = jQuery.css( elem, type );
-				ret = parseFloat( orig );
-				return jQuery.isNumeric( ret ) ? ret : orig;
-			}
-
-			// Set the width or height on the element
-			jQuery( elem ).css( type, value );
-		}, type, value, arguments.length, null );
-	};
-});
-
-
-
-
-// Expose jQuery to the global object
-window.jQuery = window.$ = jQuery;
-
-// Expose jQuery as an AMD module, but only for AMD loaders that
-// understand the issues with loading multiple versions of jQuery
-// in a page that all might call define(). The loader will indicate
-// they have special allowances for multiple jQuery versions by
-// specifying define.amd.jQuery = true. Register as a named module,
-// since jQuery can be concatenated with other files that may use define,
-// but not use a proper concatenation script that understands anonymous
-// AMD modules. A named AMD is safest and most robust way to register.
-// Lowercase jquery is used because AMD module names are derived from
-// file names, and jQuery is normally delivered in a lowercase file name.
-// Do this after creating the global so that if an AMD module wants to call
-// noConflict to hide this version of jQuery, it will work.
-if ( typeof define === "function" && define.amd && define.amd.jQuery ) {
-	define( "jquery", [], function () { return jQuery; } );
-}
-
-
-
-})( window );
+/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */
+!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[o.call(e)]||"object":typeof e}var f="3.6.0",S=function(e,t){return new S.fn.init(e,t)};function p(e){var t=!!e&&"length"in e&&e.length,n=w(e);return!m(e)&&!x(e)&&("array"===n||0===t||"number"==typeof t&&0<t&&t-1 in e)}S.fn=S.prototype={jquery:f,constructor:S,length:0,toArray:function(){return s.call(this)},get:function(e){return null==e?s.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=S.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return S.each(this,e)},map:function(n){return this.pushStack(S.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(s.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(S.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(S.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject||this.constructor()},push:u,sort:t.sort,splice:t.splice},S.extend=S.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]||{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]||{},s++),"object"==typeof a||m(a)||(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(S.isPlainObject(r)||(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i||S.isPlainObject(n)?n:{},i=!1,a[t]=S.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},S.extend({expando:"jQuery"+(f+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e||"[object Object]"!==o.call(e))&&(!(t=r(e))||"function"==typeof(n=v.call(t,"constructor")&&t.constructor)&&a.call(n)===l)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){b(e,{nonce:t&&t.nonce},n)},each:function(e,t){var n,r=0;if(p(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},makeArray:function(e,t){var n=t||[];return null!=e&&(p(Object(e))?S.merge(n,"string"==typeof e?[e]:e):u.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:i.call(t,e,n)},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){var r,i,o=0,a=[];if(p(e))for(r=e.length;o<r;o++)null!=(i=t(e[o],o,n))&&a.push(i);else for(o in e)null!=(i=t(e[o],o,n))&&a.push(i);return g(a)},guid:1,support:y}),"function"==typeof Symbol&&(S.fn[Symbol.iterator]=t[Symbol.iterator]),S.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var d=function(n){var e,d,b,o,i,h,f,g,w,u,l,T,C,a,E,v,s,c,y,S="sizzle"+1*new Date,p=n.document,k=0,r=0,m=ue(),x=ue(),A=ue(),N=ue(),j=function(e,t){return e===t&&(l=!0),0},D={}.hasOwnProperty,t=[],q=t.pop,L=t.push,H=t.push,O=t.slice,P=function(e,t){for(var n=0,r=e.length;n<r;n++)if(e[n]===t)return n;return-1},R="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",M="[\\x20\\t\\r\\n\\f]",I="(?:\\\\[\\da-fA-F]{1,6}"+M+"?|\\\\[^\\r\\n\\f]|[\\w-]|[^\0-\\x7f])+",W="\\["+M+"*("+I+")(?:"+M+"*([*^$|!~]?=)"+M+"*(?:'((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\"|("+I+"))|)"+M+"*\\]",F=":("+I+")(?:\\((('((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\")|((?:\\\\.|[^\\\\()[\\]]|"+W+")*)|.*)\\)|)",B=new RegExp(M+"+","g"),$=new RegExp("^"+M+"+|((?:^|[^\\\\])(?:\\\\.)*)"+M+"+$","g"),_=new RegExp("^"+M+"*,"+M+"*"),z=new RegExp("^"+M+"*([>+~]|"+M+")"+M+"*"),U=new RegExp(M+"|>"),X=new RegExp(F),V=new RegExp("^"+I+"$"),G={ID:new RegExp("^#("+I+")"),CLASS:new RegExp("^\\.("+I+")"),TAG:new RegExp("^("+I+"|[*])"),ATTR:new RegExp("^"+W),PSEUDO:new RegExp("^"+F),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+M+"*(even|odd|(([+-]|)(\\d*)n|)"+M+"*(?:([+-]|)"+M+"*(\\d+)|))"+M+"*\\)|)","i"),bool:new RegExp("^(?:"+R+")$","i"),needsContext:new RegExp("^"+M+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+M+"*((?:-\\d)?\\d*)"+M+"*\\)|)(?=[^-]|$)","i")},Y=/HTML$/i,Q=/^(?:input|select|textarea|button)$/i,J=/^h\d$/i,K=/^[^{]+\{\s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,ee=/[+~]/,te=new RegExp("\\\\[\\da-fA-F]{1,6}"+M+"?|\\\\([^\\r\\n\\f])","g"),ne=function(e,t){var n="0x"+e.slice(1)-65536;return t||(n<0?String.fromCharCode(n+65536):String.fromCharCode(n>>10|55296,1023&n|56320))},re=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\x7f-\uFFFF\w-]/g,ie=function(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e},oe=function(){T()},ae=be(function(e){return!0===e.disabled&&"fieldset"===e.nodeName.toLowerCase()},{dir:"parentNode",next:"legend"});try{H.apply(t=O.call(p.childNodes),p.childNodes),t[p.childNodes.length].nodeType}catch(e){H={apply:t.length?function(e,t){L.apply(e,O.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function se(t,e,n,r){var i,o,a,s,u,l,c,f=e&&e.ownerDocument,p=e?e.nodeType:9;if(n=n||[],"string"!=typeof t||!t||1!==p&&9!==p&&11!==p)return n;if(!r&&(T(e),e=e||C,E)){if(11!==p&&(u=Z.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return n.push(a),n}else if(f&&(a=f.getElementById(i))&&y(e,a)&&a.id===i)return n.push(a),n}else{if(u[2])return H.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&d.getElementsByClassName&&e.getElementsByClassName)return H.apply(n,e.getElementsByClassName(i)),n}if(d.qsa&&!N[t+" "]&&(!v||!v.test(t))&&(1!==p||"object"!==e.nodeName.toLowerCase())){if(c=t,f=e,1===p&&(U.test(t)||z.test(t))){(f=ee.test(t)&&ye(e.parentNode)||e)===e&&d.scope||((s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=S)),o=(l=h(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+xe(l[o]);c=l.join(",")}try{return H.apply(n,f.querySelectorAll(c)),n}catch(e){N(t,!0)}finally{s===S&&e.removeAttribute("id")}}}return g(t.replace($,"$1"),e,n,r)}function ue(){var r=[];return function e(t,n){return r.push(t+" ")>b.cacheLength&&delete e[r.shift()],e[t+" "]=n}}function le(e){return e[S]=!0,e}function ce(e){var t=C.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function fe(e,t){var n=e.split("|"),r=n.length;while(r--)b.attrHandle[n[r]]=t}function pe(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&e.sourceIndex-t.sourceIndex;if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function de(t){return function(e){return"input"===e.nodeName.toLowerCase()&&e.type===t}}function he(n){return function(e){var t=e.nodeName.toLowerCase();return("input"===t||"button"===t)&&e.type===n}}function ge(t){return function(e){return"form"in e?e.parentNode&&!1===e.disabled?"label"in e?"label"in e.parentNode?e.parentNode.disabled===t:e.disabled===t:e.isDisabled===t||e.isDisabled!==!t&&ae(e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function ve(a){return le(function(o){return o=+o,le(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument||e).documentElement;return!Y.test(t||n&&n.nodeName||"HTML")},T=se.setDocument=function(e){var t,n,r=e?e.ownerDocument||e:p;return r!=C&&9===r.nodeType&&r.documentElement&&(a=(C=r).documentElement,E=!i(C),p!=C&&(n=C.defaultView)&&n.top!==n&&(n.addEventListener?n.addEventListener("unload",oe,!1):n.attachEvent&&n.attachEvent("onunload",oe)),d.scope=ce(function(e){return a.appendChild(e).appendChild(C.createElement("div")),"undefined"!=typeof e.querySelectorAll&&!e.querySelectorAll(":scope fieldset div").length}),d.attributes=ce(function(e){return e.className="i",!e.getAttribute("className")}),d.getElementsByTagName=ce(function(e){return e.appendChild(C.createComment("")),!e.getElementsByTagName("*").length}),d.getElementsByClassName=K.test(C.getElementsByClassName),d.getById=ce(function(e){return a.appendChild(e).id=S,!C.getElementsByName||!C.getElementsByName(S).length}),d.getById?(b.filter.ID=function(e){var t=e.replace(te,ne);return function(e){return e.getAttribute("id")===t}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n=t.getElementById(e);return n?[n]:[]}}):(b.filter.ID=function(e){var n=e.replace(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=d.getElementsByTagName?function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):d.qsa?t.querySelectorAll(e):void 0}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},b.find.CLASS=d.getElementsByClassName&&function(e,t){if("undefined"!=typeof t.getElementsByClassName&&E)return t.getElementsByClassName(e)},s=[],v=[],(d.qsa=K.test(C.querySelectorAll))&&(ce(function(e){var t;a.appendChild(e).innerHTML="<a id='"+S+"'></a><select id='"+S+"-\r\\' msallowcapture=''><option selected=''></option></select>",e.querySelectorAll("[msallowcapture^='']").length&&v.push("[*^$]="+M+"*(?:''|\"\")"),e.querySelectorAll("[selected]").length||v.push("\\["+M+"*(?:value|"+R+")"),e.querySelectorAll("[id~="+S+"-]").length||v.push("~="),(t=C.createElement("input")).setAttribute("name",""),e.appendChild(t),e.querySelectorAll("[name='']").length||v.push("\\["+M+"*name"+M+"*="+M+"*(?:''|\"\")"),e.querySelectorAll(":checked").length||v.push(":checked"),e.querySelectorAll("a#"+S+"+*").length||v.push(".#.+[+~]"),e.querySelectorAll("\\\f"),v.push("[\\r\\n\\f]")}),ce(function(e){e.innerHTML="<a href='' disabled='disabled'></a><select disabled='disabled'><option/></select>";var t=C.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("name","D"),e.querySelectorAll("[name=d]").length&&v.push("name"+M+"*[*^$|!~]?="),2!==e.querySelectorAll(":enabled").length&&v.push(":enabled",":disabled"),a.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&v.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),v.push(",.*:")})),(d.matchesSelector=K.test(c=a.matches||a.webkitMatchesSelector||a.mozMatchesSelector||a.oMatchesSelector||a.msMatchesSelector))&&ce(function(e){d.disconnectedMatch=c.call(e,"*"),c.call(e,"[s!='']:x"),s.push("!=",F)}),v=v.length&&new RegExp(v.join("|")),s=s.length&&new RegExp(s.join("|")),t=K.test(a.compareDocumentPosition),y=t||K.test(a.contains)?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},j=t?function(e,t){if(e===t)return l=!0,0;var n=!e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)==(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!d.sortDetached&&t.compareDocumentPosition(e)===n?e==C||e.ownerDocument==p&&y(p,e)?-1:t==C||t.ownerDocument==p&&y(p,t)?1:u?P(u,e)-P(u,t):0:4&n?-1:1)}:function(e,t){if(e===t)return l=!0,0;var n,r=0,i=e.parentNode,o=t.parentNode,a=[e],s=[t];if(!i||!o)return e==C?-1:t==C?1:i?-1:o?1:u?P(u,e)-P(u,t):0;if(i===o)return pe(e,t);n=e;while(n=n.parentNode)a.unshift(n);n=t;while(n=n.parentNode)s.unshift(n);while(a[r]===s[r])r++;return r?pe(a[r],s[r]):a[r]==p?-1:s[r]==p?1:0}),C},se.matches=function(e,t){return se(e,null,null,t)},se.matchesSelector=function(e,t){if(T(e),d.matchesSelector&&E&&!N[t+" "]&&(!s||!s.test(t))&&(!v||!v.test(t)))try{var n=c.call(e,t);if(n||d.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(e){N(t,!0)}return 0<se(t,C,null,[e]).length},se.contains=function(e,t){return(e.ownerDocument||e)!=C&&T(e),y(e,t)},se.attr=function(e,t){(e.ownerDocument||e)!=C&&T(e);var n=b.attrHandle[t.toLowerCase()],r=n&&D.call(b.attrHandle,t.toLowerCase())?n(e,t,!E):void 0;return void 0!==r?r:d.attributes||!E?e.getAttribute(t):(r=e.getAttributeNode(t))&&r.specified?r.value:null},se.escape=function(e){return(e+"").replace(re,ie)},se.error=function(e){throw new Error("Syntax error, unrecognized expression: "+e)},se.uniqueSort=function(e){var t,n=[],r=0,i=0;if(l=!d.detectDuplicates,u=!d.sortStable&&e.slice(0),e.sort(j),l){while(t=e[i++])t===e[i]&&(r=n.push(i));while(r--)e.splice(n[r],1)}return u=null,e},o=se.getText=function(e){var t,n="",r=0,i=e.nodeType;if(i){if(1===i||9===i||11===i){if("string"==typeof e.textContent)return e.textContent;for(e=e.firstChild;e;e=e.nextSibling)n+=o(e)}else if(3===i||4===i)return e.nodeValue}else while(t=e[r++])n+=o(t);return n},(b=se.selectors={cacheLength:50,createPseudo:le,match:G,attrHandle:{},find:{},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(te,ne),e[3]=(e[3]||e[4]||e[5]||"").replace(te,ne),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||se.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&se.error(e[0]),e},PSEUDO:function(e){var t,n=!e[6]&&e[2];return G.CHILD.test(e[0])?null:(e[3]?e[2]=e[4]||e[5]||"":n&&X.test(n)&&(t=h(n,!0))&&(t=n.indexOf(")",n.length-t)-n.length)&&(e[0]=e[0].slice(0,t),e[2]=n.slice(0,t)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(te,ne).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=m[e+" "];return t||(t=new RegExp("(^|"+M+")"+e+"("+M+"|$)"))&&m(e,function(e){return t.test("string"==typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(n,r,i){return function(e){var t=se.attr(e,n);return null==t?"!="===r:!r||(t+="","="===r?t===i:"!="===r?t!==i:"^="===r?i&&0===t.indexOf(i):"*="===r?i&&-1<t.indexOf(i):"$="===r?i&&t.slice(-i.length)===i:"~="===r?-1<(" "+t.replace(B," ")+" ").indexOf(i):"|="===r&&(t===i||t.slice(0,i.length+1)===i+"-"))}},CHILD:function(h,e,t,g,v){var y="nth"!==h.slice(0,3),m="last"!==h.slice(-4),x="of-type"===e;return 1===g&&0===v?function(e){return!!e.parentNode}:function(e,t,n){var r,i,o,a,s,u,l=y!==m?"nextSibling":"previousSibling",c=e.parentNode,f=x&&e.nodeName.toLowerCase(),p=!n&&!x,d=!1;if(c){if(y){while(l){a=e;while(a=a[l])if(x?a.nodeName.toLowerCase()===f:1===a.nodeType)return!1;u=l="only"===h&&!u&&"nextSibling"}return!0}if(u=[m?c.firstChild:c.lastChild],m&&p){d=(s=(r=(i=(o=(a=c)[S]||(a[S]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]||[])[0]===k&&r[1])&&r[2],a=s&&c.childNodes[s];while(a=++s&&a&&a[l]||(d=s=0)||u.pop())if(1===a.nodeType&&++d&&a===e){i[h]=[k,s,d];break}}else if(p&&(d=s=(r=(i=(o=(a=e)[S]||(a[S]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]||[])[0]===k&&r[1]),!1===d)while(a=++s&&a&&a[l]||(d=s=0)||u.pop())if((x?a.nodeName.toLowerCase()===f:1===a.nodeType)&&++d&&(p&&((i=(o=a[S]||(a[S]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]=[k,d]),a===e))break;return(d-=v)===g||d%g==0&&0<=d/g}}},PSEUDO:function(e,o){var t,a=b.pseudos[e]||b.setFilters[e.toLowerCase()]||se.error("unsupported pseudo: "+e);return a[S]?a(o):1<a.length?(t=[e,e,"",o],b.setFilters.hasOwnProperty(e.toLowerCase())?le(function(e,t){var n,r=a(e,o),i=r.length;while(i--)e[n=P(e,r[i])]=!(t[n]=r[i])}):function(e){return a(e,0,t)}):a}},pseudos:{not:le(function(e){var r=[],i=[],s=f(e.replace($,"$1"));return s[S]?le(function(e,t,n,r){var i,o=s(e,null,r,[]),a=e.length;while(a--)(i=o[a])&&(e[a]=!(t[a]=i))}):function(e,t,n){return r[0]=e,s(r,null,n,i),r[0]=null,!i.pop()}}),has:le(function(t){return function(e){return 0<se(t,e).length}}),contains:le(function(t){return t=t.replace(te,ne),function(e){return-1<(e.textContent||o(e)).indexOf(t)}}),lang:le(function(n){return V.test(n||"")||se.error("unsupported lang: "+n),n=n.replace(te,ne).toLowerCase(),function(e){var t;do{if(t=E?e.lang:e.getAttribute("xml:lang")||e.getAttribute("lang"))return(t=t.toLowerCase())===n||0===t.indexOf(n+"-")}while((e=e.parentNode)&&1===e.nodeType);return!1}}),target:function(e){var t=n.location&&n.location.hash;return t&&t.slice(1)===e.id},root:function(e){return e===a},focus:function(e){return e===C.activeElement&&(!C.hasFocus||C.hasFocus())&&!!(e.type||e.href||~e.tabIndex)},enabled:ge(!1),disabled:ge(!0),checked:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&!!e.checked||"option"===t&&!!e.selected},selected:function(e){return e.parentNode&&e.parentNode.selectedIndex,!0===e.selected},empty:function(e){for(e=e.firstChild;e;e=e.nextSibling)if(e.nodeType<6)return!1;return!0},parent:function(e){return!b.pseudos.empty(e)},header:function(e){return J.test(e.nodeName)},input:function(e){return Q.test(e.nodeName)},button:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&"button"===e.type||"button"===t},text:function(e){var t;return"input"===e.nodeName.toLowerCase()&&"text"===e.type&&(null==(t=e.getAttribute("type"))||"text"===t.toLowerCase())},first:ve(function(){return[0]}),last:ve(function(e,t){return[t-1]}),eq:ve(function(e,t,n){return[n<0?n+t:n]}),even:ve(function(e,t){for(var n=0;n<t;n+=2)e.push(n);return e}),odd:ve(function(e,t){for(var n=1;n<t;n+=2)e.push(n);return e}),lt:ve(function(e,t,n){for(var r=n<0?n+t:t<n?t:n;0<=--r;)e.push(r);return e}),gt:ve(function(e,t,n){for(var r=n<0?n+t:n;++r<t;)e.push(r);return e})}}).pseudos.nth=b.pseudos.eq,{radio:!0,checkbox:!0,file:!0,password:!0,image:!0})b.pseudos[e]=de(e);for(e in{submit:!0,reset:!0})b.pseudos[e]=he(e);function me(){}function xe(e){for(var t=0,n=e.length,r="";t<n;t++)r+=e[t].value;return r}function be(s,e,t){var u=e.dir,l=e.next,c=l||u,f=t&&"parentNode"===c,p=r++;return e.first?function(e,t,n){while(e=e[u])if(1===e.nodeType||f)return s(e,t,n);return!1}:function(e,t,n){var r,i,o,a=[k,p];if(n){while(e=e[u])if((1===e.nodeType||f)&&s(e,t,n))return!0}else while(e=e[u])if(1===e.nodeType||f)if(i=(o=e[S]||(e[S]={}))[e.uniqueID]||(o[e.uniqueID]={}),l&&l===e.nodeName.toLowerCase())e=e[u]||e;else{if((r=i[c])&&r[0]===k&&r[1]===p)return a[2]=r[2];if((i[c]=a)[2]=s(e,t,n))return!0}return!1}}function we(i){return 1<i.length?function(e,t,n){var r=i.length;while(r--)if(!i[r](e,t,n))return!1;return!0}:i[0]}function Te(e,t,n,r,i){for(var o,a=[],s=0,u=e.length,l=null!=t;s<u;s++)(o=e[s])&&(n&&!n(o,r,i)||(a.push(o),l&&t.push(s)));return a}function Ce(d,h,g,v,y,e){return v&&!v[S]&&(v=Ce(v)),y&&!y[S]&&(y=Ce(y,e)),le(function(e,t,n,r){var i,o,a,s=[],u=[],l=t.length,c=e||function(e,t,n){for(var r=0,i=t.length;r<i;r++)se(e,t[r],n);return n}(h||"*",n.nodeType?[n]:n,[]),f=!d||!e&&h?c:Te(c,s,d,n,r),p=g?y||(e?d:l||v)?[]:t:f;if(g&&g(f,p,n,r),v){i=Te(p,u),v(i,[],n,r),o=i.length;while(o--)(a=i[o])&&(p[u[o]]=!(f[u[o]]=a))}if(e){if(y||d){if(y){i=[],o=p.length;while(o--)(a=p[o])&&i.push(f[o]=a);y(null,p=[],i,r)}o=p.length;while(o--)(a=p[o])&&-1<(i=y?P(e,a):s[o])&&(e[i]=!(t[i]=a))}}else p=Te(p===t?p.splice(l,p.length):p),y?y(null,t,p,r):H.apply(t,p)})}function Ee(e){for(var i,t,n,r=e.length,o=b.relative[e[0].type],a=o||b.relative[" "],s=o?1:0,u=be(function(e){return e===i},a,!0),l=be(function(e){return-1<P(i,e)},a,!0),c=[function(e,t,n){var r=!o&&(n||t!==w)||((i=t).nodeType?u(e,t,n):l(e,t,n));return i=null,r}];s<r;s++)if(t=b.relative[e[s].type])c=[be(we(c),t)];else{if((t=b.filter[e[s].type].apply(null,e[s].matches))[S]){for(n=++s;n<r;n++)if(b.relative[e[n].type])break;return Ce(1<s&&we(c),1<s&&xe(e.slice(0,s-1).concat({value:" "===e[s-2].type?"*":""})).replace($,"$1"),t,s<n&&Ee(e.slice(s,n)),n<r&&Ee(e=e.slice(n)),n<r&&xe(e))}c.push(t)}return we(c)}return me.prototype=b.filters=b.pseudos,b.setFilters=new me,h=se.tokenize=function(e,t){var n,r,i,o,a,s,u,l=x[e+" "];if(l)return t?0:l.slice(0);a=e,s=[],u=b.preFilter;while(a){for(o in n&&!(r=_.exec(a))||(r&&(a=a.slice(r[0].length)||a),s.push(i=[])),n=!1,(r=z.exec(a))&&(n=r.shift(),i.push({value:n,type:r[0].replace($," ")}),a=a.slice(n.length)),b.filter)!(r=G[o].exec(a))||u[o]&&!(r=u[o](r))||(n=r.shift(),i.push({value:n,type:o,matches:r}),a=a.slice(n.length));if(!n)break}return t?a.length:a?se.error(e):x(e,s).slice(0)},f=se.compile=function(e,t){var n,v,y,m,x,r,i=[],o=[],a=A[e+" "];if(!a){t||(t=h(e)),n=t.length;while(n--)(a=Ee(t[n]))[S]?i.push(a):o.push(a);(a=A(e,(v=o,m=0<(y=i).length,x=0<v.length,r=function(e,t,n,r,i){var o,a,s,u=0,l="0",c=e&&[],f=[],p=w,d=e||x&&b.find.TAG("*",i),h=k+=null==p?1:Math.random()||.1,g=d.length;for(i&&(w=t==C||t||i);l!==g&&null!=(o=d[l]);l++){if(x&&o){a=0,t||o.ownerDocument==C||(T(o),n=!E);while(s=v[a++])if(s(o,t||C,n)){r.push(o);break}i&&(k=h)}m&&((o=!s&&o)&&u--,e&&c.push(o))}if(u+=l,m&&l!==u){a=0;while(s=y[a++])s(c,f,t,n);if(e){if(0<u)while(l--)c[l]||f[l]||(f[l]=q.call(r));f=Te(f)}H.apply(r,f),i&&!e&&0<f.length&&1<u+y.length&&se.uniqueSort(r)}return i&&(k=h,w=p),c},m?le(r):r))).selector=e}return a},g=se.select=function(e,t,n,r){var i,o,a,s,u,l="function"==typeof e&&e,c=!r&&h(e=l.selector||e);if(n=n||[],1===c.length){if(2<(o=c[0]=c[0].slice(0)).length&&"ID"===(a=o[0]).type&&9===t.nodeType&&E&&b.relative[o[1].type]){if(!(t=(b.find.ID(a.matches[0].replace(te,ne),t)||[])[0]))return n;l&&(t=t.parentNode),e=e.slice(o.shift().value.length)}i=G.needsContext.test(e)?0:o.length;while(i--){if(a=o[i],b.relative[s=a.type])break;if((u=b.find[s])&&(r=u(a.matches[0].replace(te,ne),ee.test(o[0].type)&&ye(t.parentNode)||t))){if(o.splice(i,1),!(e=r.length&&xe(o)))return H.apply(n,r),n;break}}}return(l||f(e,c))(r,t,!E,n,!t||ee.test(e)&&ye(t.parentNode)||t),n},d.sortStable=S.split("").sort(j).join("")===S,d.detectDuplicates=!!l,T(),d.sortDetached=ce(function(e){return 1&e.compareDocumentPosition(C.createElement("fieldset"))}),ce(function(e){return e.innerHTML="<a href='#'></a>","#"===e.firstChild.getAttribute("href")})||fe("type|href|height|width",function(e,t,n){if(!n)return e.getAttribute(t,"type"===t.toLowerCase()?1:2)}),d.attributes&&ce(function(e){return e.innerHTML="<input/>",e.firstChild.setAttribute("value",""),""===e.firstChild.getAttribute("value")})||fe("value",function(e,t,n){if(!n&&"input"===e.nodeName.toLowerCase())return e.defaultValue}),ce(function(e){return null==e.getAttribute("disabled")})||fe(R,function(e,t,n){var r;if(!n)return!0===e[t]?t.toLowerCase():(r=e.getAttributeNode(t))&&r.specified?r.value:null}),se}(C);S.find=d,S.expr=d.selectors,S.expr[":"]=S.expr.pseudos,S.uniqueSort=S.unique=d.uniqueSort,S.text=d.getText,S.isXMLDoc=d.isXML,S.contains=d.contains,S.escapeSelector=d.escape;var h=function(e,t,n){var r=[],i=void 0!==n;while((e=e[t])&&9!==e.nodeType)if(1===e.nodeType){if(i&&S(e).is(n))break;r.push(e)}return r},T=function(e,t){for(var n=[];e;e=e.nextSibling)1===e.nodeType&&e!==t&&n.push(e);return n},k=S.expr.match.needsContext;function A(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()}var N=/^<([a-z][^\/\0>:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;function j(e,n,r){return m(n)?S.grep(e,function(e,t){return!!n.call(e,t,e)!==r}):n.nodeType?S.grep(e,function(e){return e===n!==r}):"string"!=typeof n?S.grep(e,function(e){return-1<i.call(n,e)!==r}):S.filter(n,e,r)}S.filter=function(e,t,n){var r=t[0];return n&&(e=":not("+e+")"),1===t.length&&1===r.nodeType?S.find.matchesSelector(r,e)?[r]:[]:S.find.matches(e,S.grep(t,function(e){return 1===e.nodeType}))},S.fn.extend({find:function(e){var t,n,r=this.length,i=this;if("string"!=typeof e)return this.pushStack(S(e).filter(function(){for(t=0;t<r;t++)if(S.contains(i[t],this))return!0}));for(n=this.pushStack([]),t=0;t<r;t++)S.find(e,i[t],n);return 1<r?S.uniqueSort(n):n},filter:function(e){return this.pushStack(j(this,e||[],!1))},not:function(e){return this.pushStack(j(this,e||[],!0))},is:function(e){return!!j(this,"string"==typeof e&&k.test(e)?S(e):e||[],!1).length}});var D,q=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]+))$/;(S.fn.init=function(e,t,n){var r,i;if(!e)return this;if(n=n||D,"string"==typeof e){if(!(r="<"===e[0]&&">"===e[e.length-1]&&3<=e.length?[null,e,null]:q.exec(e))||!r[1]&&t)return!t||t.jquery?(t||n).find(e):this.constructor(t).find(e);if(r[1]){if(t=t instanceof S?t[0]:t,S.merge(this,S.parseHTML(r[1],t&&t.nodeType?t.ownerDocument||t:E,!0)),N.test(r[1])&&S.isPlainObject(t))for(r in t)m(this[r])?this[r](t[r]):this.attr(r,t[r]);return this}return(i=E.getElementById(r[2]))&&(this[0]=i,this.length=1),this}return e.nodeType?(this[0]=e,this.length=1,this):m(e)?void 0!==n.ready?n.ready(e):e(S):S.makeArray(e,this)}).prototype=S.fn,D=S(E);var L=/^(?:parents|prev(?:Until|All))/,H={children:!0,contents:!0,next:!0,prev:!0};function O(e,t){while((e=e[t])&&1!==e.nodeType);return e}S.fn.extend({has:function(e){var t=S(e,this),n=t.length;return this.filter(function(){for(var e=0;e<n;e++)if(S.contains(this,t[e]))return!0})},closest:function(e,t){var n,r=0,i=this.length,o=[],a="string"!=typeof e&&S(e);if(!k.test(e))for(;r<i;r++)for(n=this[r];n&&n!==t;n=n.parentNode)if(n.nodeType<11&&(a?-1<a.index(n):1===n.nodeType&&S.find.matchesSelector(n,e))){o.push(n);break}return this.pushStack(1<o.length?S.uniqueSort(o):o)},index:function(e){return e?"string"==typeof e?i.call(S(e),this[0]):i.call(this,e.jquery?e[0]:e):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(e,t){return this.pushStack(S.uniqueSort(S.merge(this.get(),S(e,t))))},addBack:function(e){return this.add(null==e?this.prevObject:this.prevObject.filter(e))}}),S.each({parent:function(e){var t=e.parentNode;return t&&11!==t.nodeType?t:null},parents:function(e){return h(e,"parentNode")},parentsUntil:function(e,t,n){return h(e,"parentNode",n)},next:function(e){return O(e,"nextSibling")},prev:function(e){return O(e,"previousSibling")},nextAll:function(e){return h(e,"nextSibling")},prevAll:function(e){return h(e,"previousSibling")},nextUntil:function(e,t,n){return h(e,"nextSibling",n)},prevUntil:function(e,t,n){return h(e,"previousSibling",n)},siblings:function(e){return T((e.parentNode||{}).firstChild,e)},children:function(e){return T(e.firstChild)},contents:function(e){return null!=e.contentDocument&&r(e.contentDocument)?e.contentDocument:(A(e,"template")&&(e=e.content||e),S.merge([],e.childNodes))}},function(r,i){S.fn[r]=function(e,t){var n=S.map(this,i,e);return"Until"!==r.slice(-5)&&(t=e),t&&"string"==typeof t&&(n=S.filter(t,n)),1<this.length&&(H[r]||S.uniqueSort(n),L.test(r)&&n.reverse()),this.pushStack(n)}});var P=/[^\x20\t\r\n\f]+/g;function R(e){return e}function M(e){throw e}function I(e,t,n,r){var i;try{e&&m(i=e.promise)?i.call(e).done(t).fail(n):e&&m(i=e.then)?i.call(e,t,n):t.apply(void 0,[e].slice(r))}catch(e){n.apply(void 0,[e])}}S.Callbacks=function(r){var e,n;r="string"==typeof r?(e=r,n={},S.each(e.match(P)||[],function(e,t){n[t]=!0}),n):S.extend({},r);var i,t,o,a,s=[],u=[],l=-1,c=function(){for(a=a||r.once,o=i=!0;u.length;l=-1){t=u.shift();while(++l<s.length)!1===s[l].apply(t[0],t[1])&&r.stopOnFalse&&(l=s.length,t=!1)}r.memory||(t=!1),i=!1,a&&(s=t?[]:"")},f={add:function(){return s&&(t&&!i&&(l=s.length-1,u.push(t)),function n(e){S.each(e,function(e,t){m(t)?r.unique&&f.has(t)||s.push(t):t&&t.length&&"string"!==w(t)&&n(t)})}(arguments),t&&!i&&c()),this},remove:function(){return S.each(arguments,function(e,t){var n;while(-1<(n=S.inArray(t,s,n)))s.splice(n,1),n<=l&&l--}),this},has:function(e){return e?-1<S.inArray(e,s):0<s.length},empty:function(){return s&&(s=[]),this},disable:function(){return a=u=[],s=t="",this},disabled:function(){return!s},lock:function(){return a=u=[],t||i||(s=t=""),this},locked:function(){return!!a},fireWith:function(e,t){return a||(t=[e,(t=t||[]).slice?t.slice():t],u.push(t),i||c()),this},fire:function(){return f.fireWith(this,arguments),this},fired:function(){return!!o}};return f},S.extend({Deferred:function(e){var o=[["notify","progress",S.Callbacks("memory"),S.Callbacks("memory"),2],["resolve","done",S.Callbacks("once memory"),S.Callbacks("once memory"),0,"resolved"],["reject","fail",S.Callbacks("once memory"),S.Callbacks("once memory"),1,"rejected"]],i="pending",a={state:function(){return i},always:function(){return s.done(arguments).fail(arguments),this},"catch":function(e){return a.then(null,e)},pipe:function(){var i=arguments;return S.Deferred(function(r){S.each(o,function(e,t){var n=m(i[t[4]])&&i[t[4]];s[t[1]](function(){var e=n&&n.apply(this,arguments);e&&m(e.promise)?e.promise().progress(r.notify).done(r.resolve).fail(r.reject):r[t[0]+"With"](this,n?[e]:arguments)})}),i=null}).promise()},then:function(t,n,r){var u=0;function l(i,o,a,s){return function(){var n=this,r=arguments,e=function(){var e,t;if(!(i<u)){if((e=a.apply(n,r))===o.promise())throw new TypeError("Thenable self-resolution");t=e&&("object"==typeof e||"function"==typeof e)&&e.then,m(t)?s?t.call(e,l(u,o,R,s),l(u,o,M,s)):(u++,t.call(e,l(u,o,R,s),l(u,o,M,s),l(u,o,R,o.notifyWith))):(a!==R&&(n=void 0,r=[e]),(s||o.resolveWith)(n,r))}},t=s?e:function(){try{e()}catch(e){S.Deferred.exceptionHook&&S.Deferred.exceptionHook(e,t.stackTrace),u<=i+1&&(a!==M&&(n=void 0,r=[e]),o.rejectWith(n,r))}};i?t():(S.Deferred.getStackHook&&(t.stackTrace=S.Deferred.getStackHook()),C.setTimeout(t))}}return S.Deferred(function(e){o[0][3].add(l(0,e,m(r)?r:R,e.notifyWith)),o[1][3].add(l(0,e,m(t)?t:R)),o[2][3].add(l(0,e,m(n)?n:M))}).promise()},promise:function(e){return null!=e?S.extend(e,a):a}},s={};return S.each(o,function(e,t){var n=t[2],r=t[5];a[t[1]]=n.add,r&&n.add(function(){i=r},o[3-e][2].disable,o[3-e][3].disable,o[0][2].lock,o[0][3].lock),n.add(t[3].fire),s[t[0]]=function(){return s[t[0]+"With"](this===s?void 0:this,arguments),this},s[t[0]+"With"]=n.fireWith}),a.promise(s),e&&e.call(s,s),s},when:function(e){var n=arguments.length,t=n,r=Array(t),i=s.call(arguments),o=S.Deferred(),a=function(t){return function(e){r[t]=this,i[t]=1<arguments.length?s.call(arguments):e,--n||o.resolveWith(r,i)}};if(n<=1&&(I(e,o.done(a(t)).resolve,o.reject,!n),"pending"===o.state()||m(i[t]&&i[t].then)))return o.then();while(t--)I(i[t],a(t),o.reject);return o.promise()}});var W=/^(Eval|Internal|Range|Reference|Syntax|Type|URI)Error$/;S.Deferred.exceptionHook=function(e,t){C.console&&C.console.warn&&e&&W.test(e.name)&&C.console.warn("jQuery.Deferred exception: "+e.message,e.stack,t)},S.readyException=function(e){C.setTimeout(function(){throw e})};var F=S.Deferred();function B(){E.removeEventListener("DOMContentLoaded",B),C.removeEventListener("load",B),S.ready()}S.fn.ready=function(e){return F.then(e)["catch"](function(e){S.readyException(e)}),this},S.extend({isReady:!1,readyWait:1,ready:function(e){(!0===e?--S.readyWait:S.isReady)||(S.isReady=!0)!==e&&0<--S.readyWait||F.resolveWith(E,[S])}}),S.ready.then=F.then,"complete"===E.readyState||"loading"!==E.readyState&&!E.documentElement.doScroll?C.setTimeout(S.ready):(E.addEventListener("DOMContentLoaded",B),C.addEventListener("load",B));var $=function(e,t,n,r,i,o,a){var s=0,u=e.length,l=null==n;if("object"===w(n))for(s in i=!0,n)$(e,t,s,n[s],!0,o,a);else if(void 0!==r&&(i=!0,m(r)||(a=!0),l&&(a?(t.call(e,r),t=null):(l=t,t=function(e,t,n){return l.call(S(e),n)})),t))for(;s<u;s++)t(e[s],n,a?r:r.call(e[s],s,t(e[s],n)));return i?e:l?t.call(e):u?t(e[0],n):o},_=/^-ms-/,z=/-([a-z])/g;function U(e,t){return t.toUpperCase()}function X(e){return e.replace(_,"ms-").replace(z,U)}var V=function(e){return 1===e.nodeType||9===e.nodeType||!+e.nodeType};function G(){this.expando=S.expando+G.uid++}G.uid=1,G.prototype={cache:function(e){var t=e[this.expando];return t||(t={},V(e)&&(e.nodeType?e[this.expando]=t:Object.defineProperty(e,this.expando,{value:t,configurable:!0}))),t},set:function(e,t,n){var r,i=this.cache(e);if("string"==typeof t)i[X(t)]=n;else for(r in t)i[X(r)]=t[r];return i},get:function(e,t){return void 0===t?this.cache(e):e[this.expando]&&e[this.expando][X(t)]},access:function(e,t,n){return void 0===t||t&&"string"==typeof t&&void 0===n?this.get(e,t):(this.set(e,t,n),void 0!==n?n:t)},remove:function(e,t){var n,r=e[this.expando];if(void 0!==r){if(void 0!==t){n=(t=Array.isArray(t)?t.map(X):(t=X(t))in r?[t]:t.match(P)||[]).length;while(n--)delete r[t[n]]}(void 0===t||S.isEmptyObject(r))&&(e.nodeType?e[this.expando]=void 0:delete e[this.expando])}},hasData:function(e){var t=e[this.expando];return void 0!==t&&!S.isEmptyObject(t)}};var Y=new G,Q=new G,J=/^(?:\{[\w\W]*\}|\[[\w\W]*\])$/,K=/[A-Z]/g;function Z(e,t,n){var r,i;if(void 0===n&&1===e.nodeType)if(r="data-"+t.replace(K,"-$&").toLowerCase(),"string"==typeof(n=e.getAttribute(r))){try{n="true"===(i=n)||"false"!==i&&("null"===i?null:i===+i+""?+i:J.test(i)?JSON.parse(i):i)}catch(e){}Q.set(e,t,n)}else n=void 0;return n}S.extend({hasData:function(e){return Q.hasData(e)||Y.hasData(e)},data:function(e,t,n){return Q.access(e,t,n)},removeData:function(e,t){Q.remove(e,t)},_data:function(e,t,n){return Y.access(e,t,n)},_removeData:function(e,t){Y.remove(e,t)}}),S.fn.extend({data:function(n,e){var t,r,i,o=this[0],a=o&&o.attributes;if(void 0===n){if(this.length&&(i=Q.get(o),1===o.nodeType&&!Y.get(o,"hasDataAttrs"))){t=a.length;while(t--)a[t]&&0===(r=a[t].name).indexOf("data-")&&(r=X(r.slice(5)),Z(o,r,i[r]));Y.set(o,"hasDataAttrs",!0)}return i}return"object"==typeof n?this.each(function(){Q.set(this,n)}):$(this,function(e){var t;if(o&&void 0===e)return void 0!==(t=Q.get(o,n))?t:void 0!==(t=Z(o,n))?t:void 0;this.each(function(){Q.set(this,n,e)})},null,e,1<arguments.length,null,!0)},removeData:function(e){return this.each(function(){Q.remove(this,e)})}}),S.extend({queue:function(e,t,n){var r;if(e)return t=(t||"fx")+"queue",r=Y.get(e,t),n&&(!r||Array.isArray(n)?r=Y.access(e,t,S.makeArray(n)):r.push(n)),r||[]},dequeue:function(e,t){t=t||"fx";var n=S.queue(e,t),r=n.length,i=n.shift(),o=S._queueHooks(e,t);"inprogress"===i&&(i=n.shift(),r--),i&&("fx"===t&&n.unshift("inprogress"),delete o.stop,i.call(e,function(){S.dequeue(e,t)},o)),!r&&o&&o.empty.fire()},_queueHooks:function(e,t){var n=t+"queueHooks";return Y.get(e,n)||Y.access(e,n,{empty:S.Callbacks("once memory").add(function(){Y.remove(e,[t+"queue",n])})})}}),S.fn.extend({queue:function(t,n){var e=2;return"string"!=typeof t&&(n=t,t="fx",e--),arguments.length<e?S.queue(this[0],t):void 0===n?this:this.each(function(){var e=S.queue(this,t,n);S._queueHooks(this,t),"fx"===t&&"inprogress"!==e[0]&&S.dequeue(this,t)})},dequeue:function(e){return this.each(function(){S.dequeue(this,e)})},clearQueue:function(e){return this.queue(e||"fx",[])},promise:function(e,t){var n,r=1,i=S.Deferred(),o=this,a=this.length,s=function(){--r||i.resolveWith(o,[o])};"string"!=typeof e&&(t=e,e=void 0),e=e||"fx";while(a--)(n=Y.get(o[a],e+"queueHooks"))&&n.empty&&(r++,n.empty.add(s));return s(),i.promise(t)}});var ee=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,te=new RegExp("^(?:([+-])=|)("+ee+")([a-z%]*)$","i"),ne=["Top","Right","Bottom","Left"],re=E.documentElement,ie=function(e){return S.contains(e.ownerDocument,e)},oe={composed:!0};re.getRootNode&&(ie=function(e){return S.contains(e.ownerDocument,e)||e.getRootNode(oe)===e.ownerDocument});var ae=function(e,t){return"none"===(e=t||e).style.display||""===e.style.display&&ie(e)&&"none"===S.css(e,"display")};function se(e,t,n,r){var i,o,a=20,s=r?function(){return r.cur()}:function(){return S.css(e,t,"")},u=s(),l=n&&n[3]||(S.cssNumber[t]?"":"px"),c=e.nodeType&&(S.cssNumber[t]||"px"!==l&&+u)&&te.exec(S.css(e,t));if(c&&c[3]!==l){u/=2,l=l||c[3],c=+u||1;while(a--)S.style(e,t,c+l),(1-o)*(1-(o=s()/u||.5))<=0&&(a=0),c/=o;c*=2,S.style(e,t,c+l),n=n||[]}return n&&(c=+c||+u||0,i=n[1]?c+(n[1]+1)*n[2]:+n[2],r&&(r.unit=l,r.start=c,r.end=i)),i}var ue={};function le(e,t){for(var n,r,i,o,a,s,u,l=[],c=0,f=e.length;c<f;c++)(r=e[c]).style&&(n=r.style.display,t?("none"===n&&(l[c]=Y.get(r,"display")||null,l[c]||(r.style.display="")),""===r.style.display&&ae(r)&&(l[c]=(u=a=o=void 0,a=(i=r).ownerDocument,s=i.nodeName,(u=ue[s])||(o=a.body.appendChild(a.createElement(s)),u=S.css(o,"display"),o.parentNode.removeChild(o),"none"===u&&(u="block"),ue[s]=u)))):"none"!==n&&(l[c]="none",Y.set(r,"display",n)));for(c=0;c<f;c++)null!=l[c]&&(e[c].style.display=l[c]);return e}S.fn.extend({show:function(){return le(this,!0)},hide:function(){return le(this)},toggle:function(e){return"boolean"==typeof e?e?this.show():this.hide():this.each(function(){ae(this)?S(this).show():S(this).hide()})}});var ce,fe,pe=/^(?:checkbox|radio)$/i,de=/<([a-z][^\/\0>\x20\t\r\n\f]*)/i,he=/^$|^module$|\/(?:java|ecma)script/i;ce=E.createDocumentFragment().appendChild(E.createElement("div")),(fe=E.createElement("input")).setAttribute("type","radio"),fe.setAttribute("checked","checked"),fe.setAttribute("name","t"),ce.appendChild(fe),y.checkClone=ce.cloneNode(!0).cloneNode(!0).lastChild.checked,ce.innerHTML="<textarea>x</textarea>",y.noCloneChecked=!!ce.cloneNode(!0).lastChild.defaultValue,ce.innerHTML="<option></option>",y.option=!!ce.lastChild;var ge={thead:[1,"<table>","</table>"],col:[2,"<table><colgroup>","</colgroup></table>"],tr:[2,"<table><tbody>","</tbody></table>"],td:[3,"<table><tbody><tr>","</tr></tbody></table>"],_default:[0,"",""]};function ve(e,t){var n;return n="undefined"!=typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!=typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[],void 0===t||t&&A(e,t)?S.merge([e],n):n}function ye(e,t){for(var n=0,r=e.length;n<r;n++)Y.set(e[n],"globalEval",!t||Y.get(t[n],"globalEval"))}ge.tbody=ge.tfoot=ge.colgroup=ge.caption=ge.thead,ge.th=ge.td,y.option||(ge.optgroup=ge.option=[1,"<select multiple='multiple'>","</select>"]);var me=/<|&#?\w+;/;function xe(e,t,n,r,i){for(var o,a,s,u,l,c,f=t.createDocumentFragment(),p=[],d=0,h=e.length;d<h;d++)if((o=e[d])||0===o)if("object"===w(o))S.merge(p,o.nodeType?[o]:o);else if(me.test(o)){a=a||f.appendChild(t.createElement("div")),s=(de.exec(o)||["",""])[1].toLowerCase(),u=ge[s]||ge._default,a.innerHTML=u[1]+S.htmlPrefilter(o)+u[2],c=u[0];while(c--)a=a.lastChild;S.merge(p,a.childNodes),(a=f.firstChild).textContent=""}else p.push(t.createTextNode(o));f.textContent="",d=0;while(o=p[d++])if(r&&-1<S.inArray(o,r))i&&i.push(o);else if(l=ie(o),a=ve(f.appendChild(o),"script"),l&&ye(a),n){c=0;while(o=a[c++])he.test(o.type||"")&&n.push(o)}return f}var be=/^([^.]*)(?:\.(.+)|)/;function we(){return!0}function Te(){return!1}function Ce(e,t){return e===function(){try{return E.activeElement}catch(e){}}()==("focus"===t)}function Ee(e,t,n,r,i,o){var a,s;if("object"==typeof t){for(s in"string"!=typeof n&&(r=r||n,n=void 0),t)Ee(e,s,n,r,t[s],o);return e}if(null==r&&null==i?(i=n,r=n=void 0):null==i&&("string"==typeof n?(i=r,r=void 0):(i=r,r=n,n=void 0)),!1===i)i=Te;else if(!i)return e;return 1===o&&(a=i,(i=function(e){return S().off(e),a.apply(this,arguments)}).guid=a.guid||(a.guid=S.guid++)),e.each(function(){S.event.add(this,t,i,r,n)})}function Se(e,i,o){o?(Y.set(e,i,!1),S.event.add(e,i,{namespace:!1,handler:function(e){var t,n,r=Y.get(this,i);if(1&e.isTrigger&&this[i]){if(r.length)(S.event.special[i]||{}).delegateType&&e.stopPropagation();else if(r=s.call(arguments),Y.set(this,i,r),t=o(this,i),this[i](),r!==(n=Y.get(this,i))||t?Y.set(this,i,!1):n={},r!==n)return e.stopImmediatePropagation(),e.preventDefault(),n&&n.value}else r.length&&(Y.set(this,i,{value:S.event.trigger(S.extend(r[0],S.Event.prototype),r.slice(1),this)}),e.stopImmediatePropagation())}})):void 0===Y.get(e,i)&&S.event.add(e,i,we)}S.event={global:{},add:function(t,e,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=Y.get(t);if(V(t)){n.handler&&(n=(o=n).handler,i=o.selector),i&&S.find.matchesSelector(re,i),n.guid||(n.guid=S.guid++),(u=v.events)||(u=v.events=Object.create(null)),(a=v.handle)||(a=v.handle=function(e){return"undefined"!=typeof S&&S.event.triggered!==e.type?S.event.dispatch.apply(t,arguments):void 0}),l=(e=(e||"").match(P)||[""]).length;while(l--)d=g=(s=be.exec(e[l])||[])[1],h=(s[2]||"").split(".").sort(),d&&(f=S.event.special[d]||{},d=(i?f.delegateType:f.bindType)||d,f=S.event.special[d]||{},c=S.extend({type:d,origType:g,data:r,handler:n,guid:n.guid,selector:i,needsContext:i&&S.expr.match.needsContext.test(i),namespace:h.join(".")},o),(p=u[d])||((p=u[d]=[]).delegateCount=0,f.setup&&!1!==f.setup.call(t,r,h,a)||t.addEventListener&&t.addEventListener(d,a)),f.add&&(f.add.call(t,c),c.handler.guid||(c.handler.guid=n.guid)),i?p.splice(p.delegateCount++,0,c):p.push(c),S.event.global[d]=!0)}},remove:function(e,t,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=Y.hasData(e)&&Y.get(e);if(v&&(u=v.events)){l=(t=(t||"").match(P)||[""]).length;while(l--)if(d=g=(s=be.exec(t[l])||[])[1],h=(s[2]||"").split(".").sort(),d){f=S.event.special[d]||{},p=u[d=(r?f.delegateType:f.bindType)||d]||[],s=s[2]&&new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"),a=o=p.length;while(o--)c=p[o],!i&&g!==c.origType||n&&n.guid!==c.guid||s&&!s.test(c.namespace)||r&&r!==c.selector&&("**"!==r||!c.selector)||(p.splice(o,1),c.selector&&p.delegateCount--,f.remove&&f.remove.call(e,c));a&&!p.length&&(f.teardown&&!1!==f.teardown.call(e,h,v.handle)||S.removeEvent(e,d,v.handle),delete u[d])}else for(d in u)S.event.remove(e,d+t[l],n,r,!0);S.isEmptyObject(u)&&Y.remove(e,"handle events")}},dispatch:function(e){var t,n,r,i,o,a,s=new Array(arguments.length),u=S.event.fix(e),l=(Y.get(this,"events")||Object.create(null))[u.type]||[],c=S.event.special[u.type]||{};for(s[0]=u,t=1;t<arguments.length;t++)s[t]=arguments[t];if(u.delegateTarget=this,!c.preDispatch||!1!==c.preDispatch.call(this,u)){a=S.event.handlers.call(this,u,l),t=0;while((i=a[t++])&&!u.isPropagationStopped()){u.currentTarget=i.elem,n=0;while((o=i.handlers[n++])&&!u.isImmediatePropagationStopped())u.rnamespace&&!1!==o.namespace&&!u.rnamespace.test(o.namespace)||(u.handleObj=o,u.data=o.data,void 0!==(r=((S.event.special[o.origType]||{}).handle||o.handler).apply(i.elem,s))&&!1===(u.result=r)&&(u.preventDefault(),u.stopPropagation()))}return c.postDispatch&&c.postDispatch.call(this,u),u.result}},handlers:function(e,t){var n,r,i,o,a,s=[],u=t.delegateCount,l=e.target;if(u&&l.nodeType&&!("click"===e.type&&1<=e.button))for(;l!==this;l=l.parentNode||this)if(1===l.nodeType&&("click"!==e.type||!0!==l.disabled)){for(o=[],a={},n=0;n<u;n++)void 0===a[i=(r=t[n]).selector+" "]&&(a[i]=r.needsContext?-1<S(i,this).index(l):S.find(i,this,null,[l]).length),a[i]&&o.push(r);o.length&&s.push({elem:l,handlers:o})}return l=this,u<t.length&&s.push({elem:l,handlers:t.slice(u)}),s},addProp:function(t,e){Object.defineProperty(S.Event.prototype,t,{enumerable:!0,configurable:!0,get:m(e)?function(){if(this.originalEvent)return e(this.originalEvent)}:function(){if(this.originalEvent)return this.originalEvent[t]},set:function(e){Object.defineProperty(this,t,{enumerable:!0,configurable:!0,writable:!0,value:e})}})},fix:function(e){return e[S.expando]?e:new S.Event(e)},special:{load:{noBubble:!0},click:{setup:function(e){var t=this||e;return pe.test(t.type)&&t.click&&A(t,"input")&&Se(t,"click",we),!1},trigger:function(e){var t=this||e;return pe.test(t.type)&&t.click&&A(t,"input")&&Se(t,"click"),!0},_default:function(e){var t=e.target;return pe.test(t.type)&&t.click&&A(t,"input")&&Y.get(t,"click")||A(t,"a")}},beforeunload:{postDispatch:function(e){void 0!==e.result&&e.originalEvent&&(e.originalEvent.returnValue=e.result)}}}},S.removeEvent=function(e,t,n){e.removeEventListener&&e.removeEventListener(t,n)},S.Event=function(e,t){if(!(this instanceof S.Event))return new S.Event(e,t);e&&e.type?(this.originalEvent=e,this.type=e.type,this.isDefaultPrevented=e.defaultPrevented||void 0===e.defaultPrevented&&!1===e.returnValue?we:Te,this.target=e.target&&3===e.target.nodeType?e.target.parentNode:e.target,this.currentTarget=e.currentTarget,this.relatedTarget=e.relatedTarget):this.type=e,t&&S.extend(this,t),this.timeStamp=e&&e.timeStamp||Date.now(),this[S.expando]=!0},S.Event.prototype={constructor:S.Event,isDefaultPrevented:Te,isPropagationStopped:Te,isImmediatePropagationStopped:Te,isSimulated:!1,preventDefault:function(){var e=this.originalEvent;this.isDefaultPrevented=we,e&&!this.isSimulated&&e.preventDefault()},stopPropagation:function(){var e=this.originalEvent;this.isPropagationStopped=we,e&&!this.isSimulated&&e.stopPropagation()},stopImmediatePropagation:function(){var e=this.originalEvent;this.isImmediatePropagationStopped=we,e&&!this.isSimulated&&e.stopImmediatePropagation(),this.stopPropagation()}},S.each({altKey:!0,bubbles:!0,cancelable:!0,changedTouches:!0,ctrlKey:!0,detail:!0,eventPhase:!0,metaKey:!0,pageX:!0,pageY:!0,shiftKey:!0,view:!0,"char":!0,code:!0,charCode:!0,key:!0,keyCode:!0,button:!0,buttons:!0,clientX:!0,clientY:!0,offsetX:!0,offsetY:!0,pointerId:!0,pointerType:!0,screenX:!0,screenY:!0,targetTouches:!0,toElement:!0,touches:!0,which:!0},S.event.addProp),S.each({focus:"focusin",blur:"focusout"},function(e,t){S.event.special[e]={setup:function(){return Se(this,e,Ce),!1},trigger:function(){return Se(this,e),!0},_default:function(){return!0},delegateType:t}}),S.each({mouseenter:"mouseover",mouseleave:"mouseout",pointerenter:"pointerover",pointerleave:"pointerout"},function(e,i){S.event.special[e]={delegateType:i,bindType:i,handle:function(e){var t,n=e.relatedTarget,r=e.handleObj;return n&&(n===this||S.contains(this,n))||(e.type=r.origType,t=r.handler.apply(this,arguments),e.type=i),t}}}),S.fn.extend({on:function(e,t,n,r){return Ee(this,e,t,n,r)},one:function(e,t,n,r){return Ee(this,e,t,n,r,1)},off:function(e,t,n){var r,i;if(e&&e.preventDefault&&e.handleObj)return r=e.handleObj,S(e.delegateTarget).off(r.namespace?r.origType+"."+r.namespace:r.origType,r.selector,r.handler),this;if("object"==typeof e){for(i in e)this.off(i,t,e[i]);return this}return!1!==t&&"function"!=typeof t||(n=t,t=void 0),!1===n&&(n=Te),this.each(function(){S.event.remove(this,e,n,t)})}});var ke=/<script|<style|<link/i,Ae=/checked\s*(?:[^=]|=\s*.checked.)/i,Ne=/^\s*<!(?:\[CDATA\[|--)|(?:\]\]|--)>\s*$/g;function je(e,t){return A(e,"table")&&A(11!==t.nodeType?t:t.firstChild,"tr")&&S(e).children("tbody")[0]||e}function De(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function qe(e){return"true/"===(e.type||"").slice(0,5)?e.type=e.type.slice(5):e.removeAttribute("type"),e}function Le(e,t){var n,r,i,o,a,s;if(1===t.nodeType){if(Y.hasData(e)&&(s=Y.get(e).events))for(i in Y.remove(t,"handle events"),s)for(n=0,r=s[i].length;n<r;n++)S.event.add(t,i,s[i][n]);Q.hasData(e)&&(o=Q.access(e),a=S.extend({},o),Q.set(t,a))}}function He(n,r,i,o){r=g(r);var e,t,a,s,u,l,c=0,f=n.length,p=f-1,d=r[0],h=m(d);if(h||1<f&&"string"==typeof d&&!y.checkClone&&Ae.test(d))return n.each(function(e){var t=n.eq(e);h&&(r[0]=d.call(this,e,t.html())),He(t,r,i,o)});if(f&&(t=(e=xe(r,n[0].ownerDocument,!1,n,o)).firstChild,1===e.childNodes.length&&(e=t),t||o)){for(s=(a=S.map(ve(e,"script"),De)).length;c<f;c++)u=e,c!==p&&(u=S.clone(u,!0,!0),s&&S.merge(a,ve(u,"script"))),i.call(n[c],u,c);if(s)for(l=a[a.length-1].ownerDocument,S.map(a,qe),c=0;c<s;c++)u=a[c],he.test(u.type||"")&&!Y.access(u,"globalEval")&&S.contains(l,u)&&(u.src&&"module"!==(u.type||"").toLowerCase()?S._evalUrl&&!u.noModule&&S._evalUrl(u.src,{nonce:u.nonce||u.getAttribute("nonce")},l):b(u.textContent.replace(Ne,""),u,l))}return n}function Oe(e,t,n){for(var r,i=t?S.filter(t,e):e,o=0;null!=(r=i[o]);o++)n||1!==r.nodeType||S.cleanData(ve(r)),r.parentNode&&(n&&ie(r)&&ye(ve(r,"script")),r.parentNode.removeChild(r));return e}S.extend({htmlPrefilter:function(e){return e},clone:function(e,t,n){var r,i,o,a,s,u,l,c=e.cloneNode(!0),f=ie(e);if(!(y.noCloneChecked||1!==e.nodeType&&11!==e.nodeType||S.isXMLDoc(e)))for(a=ve(c),r=0,i=(o=ve(e)).length;r<i;r++)s=o[r],u=a[r],void 0,"input"===(l=u.nodeName.toLowerCase())&&pe.test(s.type)?u.checked=s.checked:"input"!==l&&"textarea"!==l||(u.defaultValue=s.defaultValue);if(t)if(n)for(o=o||ve(e),a=a||ve(c),r=0,i=o.length;r<i;r++)Le(o[r],a[r]);else Le(e,c);return 0<(a=ve(c,"script")).length&&ye(a,!f&&ve(e,"script")),c},cleanData:function(e){for(var t,n,r,i=S.event.special,o=0;void 0!==(n=e[o]);o++)if(V(n)){if(t=n[Y.expando]){if(t.events)for(r in t.events)i[r]?S.event.remove(n,r):S.removeEvent(n,r,t.handle);n[Y.expando]=void 0}n[Q.expando]&&(n[Q.expando]=void 0)}}}),S.fn.extend({detach:function(e){return Oe(this,e,!0)},remove:function(e){return Oe(this,e)},text:function(e){return $(this,function(e){return void 0===e?S.text(this):this.empty().each(function(){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||(this.textContent=e)})},null,e,arguments.length)},append:function(){return He(this,arguments,function(e){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||je(this,e).appendChild(e)})},prepend:function(){return He(this,arguments,function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=je(this,e);t.insertBefore(e,t.firstChild)}})},before:function(){return He(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this)})},after:function(){return He(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this.nextSibling)})},empty:function(){for(var e,t=0;null!=(e=this[t]);t++)1===e.nodeType&&(S.cleanData(ve(e,!1)),e.textContent="");return this},clone:function(e,t){return e=null!=e&&e,t=null==t?e:t,this.map(function(){return S.clone(this,e,t)})},html:function(e){return $(this,function(e){var t=this[0]||{},n=0,r=this.length;if(void 0===e&&1===t.nodeType)return t.innerHTML;if("string"==typeof e&&!ke.test(e)&&!ge[(de.exec(e)||["",""])[1].toLowerCase()]){e=S.htmlPrefilter(e);try{for(;n<r;n++)1===(t=this[n]||{}).nodeType&&(S.cleanData(ve(t,!1)),t.innerHTML=e);t=0}catch(e){}}t&&this.empty().append(e)},null,e,arguments.length)},replaceWith:function(){var n=[];return He(this,arguments,function(e){var t=this.parentNode;S.inArray(this,n)<0&&(S.cleanData(ve(this)),t&&t.replaceChild(e,this))},n)}}),S.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(e,a){S.fn[e]=function(e){for(var t,n=[],r=S(e),i=r.length-1,o=0;o<=i;o++)t=o===i?this:this.clone(!0),S(r[o])[a](t),u.apply(n,t.get());return this.pushStack(n)}});var Pe=new RegExp("^("+ee+")(?!px)[a-z%]+$","i"),Re=function(e){var t=e.ownerDocument.defaultView;return t&&t.opener||(t=C),t.getComputedStyle(e)},Me=function(e,t,n){var r,i,o={};for(i in t)o[i]=e.style[i],e.style[i]=t[i];for(i in r=n.call(e),t)e.style[i]=o[i];return r},Ie=new RegExp(ne.join("|"),"i");function We(e,t,n){var r,i,o,a,s=e.style;return(n=n||Re(e))&&(""!==(a=n.getPropertyValue(t)||n[t])||ie(e)||(a=S.style(e,t)),!y.pixelBoxStyles()&&Pe.test(a)&&Ie.test(t)&&(r=s.width,i=s.minWidth,o=s.maxWidth,s.minWidth=s.maxWidth=s.width=a,a=n.width,s.width=r,s.minWidth=i,s.maxWidth=o)),void 0!==a?a+"":a}function Fe(e,t){return{get:function(){if(!e())return(this.get=t).apply(this,arguments);delete this.get}}}!function(){function e(){if(l){u.style.cssText="position:absolute;left:-11111px;width:60px;margin-top:1px;padding:0;border:0",l.style.cssText="position:relative;display:block;box-sizing:border-box;overflow:scroll;margin:auto;border:1px;padding:1px;width:60%;top:1%",re.appendChild(u).appendChild(l);var e=C.getComputedStyle(l);n="1%"!==e.top,s=12===t(e.marginLeft),l.style.right="60%",o=36===t(e.right),r=36===t(e.width),l.style.position="absolute",i=12===t(l.offsetWidth/3),re.removeChild(u),l=null}}function t(e){return Math.round(parseFloat(e))}var n,r,i,o,a,s,u=E.createElement("div"),l=E.createElement("div");l.style&&(l.style.backgroundClip="content-box",l.cloneNode(!0).style.backgroundClip="",y.clearCloneStyle="content-box"===l.style.backgroundClip,S.extend(y,{boxSizingReliable:function(){return e(),r},pixelBoxStyles:function(){return e(),o},pixelPosition:function(){return e(),n},reliableMarginLeft:function(){return e(),s},scrollboxSize:function(){return e(),i},reliableTrDimensions:function(){var e,t,n,r;return null==a&&(e=E.createElement("table"),t=E.createElement("tr"),n=E.createElement("div"),e.style.cssText="position:absolute;left:-11111px;border-collapse:separate",t.style.cssText="border:1px solid",t.style.height="1px",n.style.height="9px",n.style.display="block",re.appendChild(e).appendChild(t).appendChild(n),r=C.getComputedStyle(t),a=parseInt(r.height,10)+parseInt(r.borderTopWidth,10)+parseInt(r.borderBottomWidth,10)===t.offsetHeight,re.removeChild(e)),a}}))}();var Be=["Webkit","Moz","ms"],$e=E.createElement("div").style,_e={};function ze(e){var t=S.cssProps[e]||_e[e];return t||(e in $e?e:_e[e]=function(e){var t=e[0].toUpperCase()+e.slice(1),n=Be.length;while(n--)if((e=Be[n]+t)in $e)return e}(e)||e)}var Ue=/^(none|table(?!-c[ea]).+)/,Xe=/^--/,Ve={position:"absolute",visibility:"hidden",display:"block"},Ge={letterSpacing:"0",fontWeight:"400"};function Ye(e,t,n){var r=te.exec(t);return r?Math.max(0,r[2]-(n||0))+(r[3]||"px"):t}function Qe(e,t,n,r,i,o){var a="width"===t?1:0,s=0,u=0;if(n===(r?"border":"content"))return 0;for(;a<4;a+=2)"margin"===n&&(u+=S.css(e,n+ne[a],!0,i)),r?("content"===n&&(u-=S.css(e,"padding"+ne[a],!0,i)),"margin"!==n&&(u-=S.css(e,"border"+ne[a]+"Width",!0,i))):(u+=S.css(e,"padding"+ne[a],!0,i),"padding"!==n?u+=S.css(e,"border"+ne[a]+"Width",!0,i):s+=S.css(e,"border"+ne[a]+"Width",!0,i));return!r&&0<=o&&(u+=Math.max(0,Math.ceil(e["offset"+t[0].toUpperCase()+t.slice(1)]-o-u-s-.5))||0),u}function Je(e,t,n){var r=Re(e),i=(!y.boxSizingReliable()||n)&&"border-box"===S.css(e,"boxSizing",!1,r),o=i,a=We(e,t,r),s="offset"+t[0].toUpperCase()+t.slice(1);if(Pe.test(a)){if(!n)return a;a="auto"}return(!y.boxSizingReliable()&&i||!y.reliableTrDimensions()&&A(e,"tr")||"auto"===a||!parseFloat(a)&&"inline"===S.css(e,"display",!1,r))&&e.getClientRects().length&&(i="border-box"===S.css(e,"boxSizing",!1,r),(o=s in e)&&(a=e[s])),(a=parseFloat(a)||0)+Qe(e,t,n||(i?"border":"content"),o,r,a)+"px"}function Ke(e,t,n,r,i){return new Ke.prototype.init(e,t,n,r,i)}S.extend({cssHooks:{opacity:{get:function(e,t){if(t){var n=We(e,"opacity");return""===n?"1":n}}}},cssNumber:{animationIterationCount:!0,columnCount:!0,fillOpacity:!0,flexGrow:!0,flexShrink:!0,fontWeight:!0,gridArea:!0,gridColumn:!0,gridColumnEnd:!0,gridColumnStart:!0,gridRow:!0,gridRowEnd:!0,gridRowStart:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{},style:function(e,t,n,r){if(e&&3!==e.nodeType&&8!==e.nodeType&&e.style){var i,o,a,s=X(t),u=Xe.test(t),l=e.style;if(u||(t=ze(s)),a=S.cssHooks[t]||S.cssHooks[s],void 0===n)return a&&"get"in a&&void 0!==(i=a.get(e,!1,r))?i:l[t];"string"===(o=typeof n)&&(i=te.exec(n))&&i[1]&&(n=se(e,t,i),o="number"),null!=n&&n==n&&("number"!==o||u||(n+=i&&i[3]||(S.cssNumber[s]?"":"px")),y.clearCloneStyle||""!==n||0!==t.indexOf("background")||(l[t]="inherit"),a&&"set"in a&&void 0===(n=a.set(e,n,r))||(u?l.setProperty(t,n):l[t]=n))}},css:function(e,t,n,r){var i,o,a,s=X(t);return Xe.test(t)||(t=ze(s)),(a=S.cssHooks[t]||S.cssHooks[s])&&"get"in a&&(i=a.get(e,!0,n)),void 0===i&&(i=We(e,t,r)),"normal"===i&&t in Ge&&(i=Ge[t]),""===n||n?(o=parseFloat(i),!0===n||isFinite(o)?o||0:i):i}}),S.each(["height","width"],function(e,u){S.cssHooks[u]={get:function(e,t,n){if(t)return!Ue.test(S.css(e,"display"))||e.getClientRects().length&&e.getBoundingClientRect().width?Je(e,u,n):Me(e,Ve,function(){return Je(e,u,n)})},set:function(e,t,n){var r,i=Re(e),o=!y.scrollboxSize()&&"absolute"===i.position,a=(o||n)&&"border-box"===S.css(e,"boxSizing",!1,i),s=n?Qe(e,u,n,a,i):0;return a&&o&&(s-=Math.ceil(e["offset"+u[0].toUpperCase()+u.slice(1)]-parseFloat(i[u])-Qe(e,u,"border",!1,i)-.5)),s&&(r=te.exec(t))&&"px"!==(r[3]||"px")&&(e.style[u]=t,t=S.css(e,u)),Ye(0,t,s)}}}),S.cssHooks.marginLeft=Fe(y.reliableMarginLeft,function(e,t){if(t)return(parseFloat(We(e,"marginLeft"))||e.getBoundingClientRect().left-Me(e,{marginLeft:0},function(){return e.getBoundingClientRect().left}))+"px"}),S.each({margin:"",padding:"",border:"Width"},function(i,o){S.cssHooks[i+o]={expand:function(e){for(var t=0,n={},r="string"==typeof e?e.split(" "):[e];t<4;t++)n[i+ne[t]+o]=r[t]||r[t-2]||r[0];return n}},"margin"!==i&&(S.cssHooks[i+o].set=Ye)}),S.fn.extend({css:function(e,t){return $(this,function(e,t,n){var r,i,o={},a=0;if(Array.isArray(t)){for(r=Re(e),i=t.length;a<i;a++)o[t[a]]=S.css(e,t[a],!1,r);return o}return void 0!==n?S.style(e,t,n):S.css(e,t)},e,t,1<arguments.length)}}),((S.Tween=Ke).prototype={constructor:Ke,init:function(e,t,n,r,i,o){this.elem=e,this.prop=n,this.easing=i||S.easing._default,this.options=t,this.start=this.now=this.cur(),this.end=r,this.unit=o||(S.cssNumber[n]?"":"px")},cur:function(){var e=Ke.propHooks[this.prop];return e&&e.get?e.get(this):Ke.propHooks._default.get(this)},run:function(e){var t,n=Ke.propHooks[this.prop];return this.options.duration?this.pos=t=S.easing[this.easing](e,this.options.duration*e,0,1,this.options.duration):this.pos=t=e,this.now=(this.end-this.start)*t+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),n&&n.set?n.set(this):Ke.propHooks._default.set(this),this}}).init.prototype=Ke.prototype,(Ke.propHooks={_default:{get:function(e){var t;return 1!==e.elem.nodeType||null!=e.elem[e.prop]&&null==e.elem.style[e.prop]?e.elem[e.prop]:(t=S.css(e.elem,e.prop,""))&&"auto"!==t?t:0},set:function(e){S.fx.step[e.prop]?S.fx.step[e.prop](e):1!==e.elem.nodeType||!S.cssHooks[e.prop]&&null==e.elem.style[ze(e.prop)]?e.elem[e.prop]=e.now:S.style(e.elem,e.prop,e.now+e.unit)}}}).scrollTop=Ke.propHooks.scrollLeft={set:function(e){e.elem.nodeType&&e.elem.parentNode&&(e.elem[e.prop]=e.now)}},S.easing={linear:function(e){return e},swing:function(e){return.5-Math.cos(e*Math.PI)/2},_default:"swing"},S.fx=Ke.prototype.init,S.fx.step={};var Ze,et,tt,nt,rt=/^(?:toggle|show|hide)$/,it=/queueHooks$/;function ot(){et&&(!1===E.hidden&&C.requestAnimationFrame?C.requestAnimationFrame(ot):C.setTimeout(ot,S.fx.interval),S.fx.tick())}function at(){return C.setTimeout(function(){Ze=void 0}),Ze=Date.now()}function st(e,t){var n,r=0,i={height:e};for(t=t?1:0;r<4;r+=2-t)i["margin"+(n=ne[r])]=i["padding"+n]=e;return t&&(i.opacity=i.width=e),i}function ut(e,t,n){for(var r,i=(lt.tweeners[t]||[]).concat(lt.tweeners["*"]),o=0,a=i.length;o<a;o++)if(r=i[o].call(n,t,e))return r}function lt(o,e,t){var n,a,r=0,i=lt.prefilters.length,s=S.Deferred().always(function(){delete u.elem}),u=function(){if(a)return!1;for(var e=Ze||at(),t=Math.max(0,l.startTime+l.duration-e),n=1-(t/l.duration||0),r=0,i=l.tweens.length;r<i;r++)l.tweens[r].run(n);return s.notifyWith(o,[l,n,t]),n<1&&i?t:(i||s.notifyWith(o,[l,1,0]),s.resolveWith(o,[l]),!1)},l=s.promise({elem:o,props:S.extend({},e),opts:S.extend(!0,{specialEasing:{},easing:S.easing._default},t),originalProperties:e,originalOptions:t,startTime:Ze||at(),duration:t.duration,tweens:[],createTween:function(e,t){var n=S.Tween(o,l.opts,e,t,l.opts.specialEasing[e]||l.opts.easing);return l.tweens.push(n),n},stop:function(e){var t=0,n=e?l.tweens.length:0;if(a)return this;for(a=!0;t<n;t++)l.tweens[t].run(1);return e?(s.notifyWith(o,[l,1,0]),s.resolveWith(o,[l,e])):s.rejectWith(o,[l,e]),this}}),c=l.props;for(!function(e,t){var n,r,i,o,a;for(n in e)if(i=t[r=X(n)],o=e[n],Array.isArray(o)&&(i=o[1],o=e[n]=o[0]),n!==r&&(e[r]=o,delete e[n]),(a=S.cssHooks[r])&&"expand"in a)for(n in o=a.expand(o),delete e[r],o)n in e||(e[n]=o[n],t[n]=i);else t[r]=i}(c,l.opts.specialEasing);r<i;r++)if(n=lt.prefilters[r].call(l,o,c,l.opts))return m(n.stop)&&(S._queueHooks(l.elem,l.opts.queue).stop=n.stop.bind(n)),n;return S.map(c,ut,l),m(l.opts.start)&&l.opts.start.call(o,l),l.progress(l.opts.progress).done(l.opts.done,l.opts.complete).fail(l.opts.fail).always(l.opts.always),S.fx.timer(S.extend(u,{elem:o,anim:l,queue:l.opts.queue})),l}S.Animation=S.extend(lt,{tweeners:{"*":[function(e,t){var n=this.createTween(e,t);return se(n.elem,e,te.exec(t),n),n}]},tweener:function(e,t){m(e)?(t=e,e=["*"]):e=e.match(P);for(var n,r=0,i=e.length;r<i;r++)n=e[r],lt.tweeners[n]=lt.tweeners[n]||[],lt.tweeners[n].unshift(t)},prefilters:[function(e,t,n){var r,i,o,a,s,u,l,c,f="width"in t||"height"in t,p=this,d={},h=e.style,g=e.nodeType&&ae(e),v=Y.get(e,"fxshow");for(r in n.queue||(null==(a=S._queueHooks(e,"fx")).unqueued&&(a.unqueued=0,s=a.empty.fire,a.empty.fire=function(){a.unqueued||s()}),a.unqueued++,p.always(function(){p.always(function(){a.unqueued--,S.queue(e,"fx").length||a.empty.fire()})})),t)if(i=t[r],rt.test(i)){if(delete t[r],o=o||"toggle"===i,i===(g?"hide":"show")){if("show"!==i||!v||void 0===v[r])continue;g=!0}d[r]=v&&v[r]||S.style(e,r)}if((u=!S.isEmptyObject(t))||!S.isEmptyObject(d))for(r in f&&1===e.nodeType&&(n.overflow=[h.overflow,h.overflowX,h.overflowY],null==(l=v&&v.display)&&(l=Y.get(e,"display")),"none"===(c=S.css(e,"display"))&&(l?c=l:(le([e],!0),l=e.style.display||l,c=S.css(e,"display"),le([e]))),("inline"===c||"inline-block"===c&&null!=l)&&"none"===S.css(e,"float")&&(u||(p.done(function(){h.display=l}),null==l&&(c=h.display,l="none"===c?"":c)),h.display="inline-block")),n.overflow&&(h.overflow="hidden",p.always(function(){h.overflow=n.overflow[0],h.overflowX=n.overflow[1],h.overflowY=n.overflow[2]})),u=!1,d)u||(v?"hidden"in v&&(g=v.hidden):v=Y.access(e,"fxshow",{display:l}),o&&(v.hidden=!g),g&&le([e],!0),p.done(function(){for(r in g||le([e]),Y.remove(e,"fxshow"),d)S.style(e,r,d[r])})),u=ut(g?v[r]:0,r,p),r in v||(v[r]=u.start,g&&(u.end=u.start,u.start=0))}],prefilter:function(e,t){t?lt.prefilters.unshift(e):lt.prefilters.push(e)}}),S.speed=function(e,t,n){var r=e&&"object"==typeof e?S.extend({},e):{complete:n||!n&&t||m(e)&&e,duration:e,easing:n&&t||t&&!m(t)&&t};return S.fx.off?r.duration=0:"number"!=typeof r.duration&&(r.duration in S.fx.speeds?r.duration=S.fx.speeds[r.duration]:r.duration=S.fx.speeds._default),null!=r.queue&&!0!==r.queue||(r.queue="fx"),r.old=r.complete,r.complete=function(){m(r.old)&&r.old.call(this),r.queue&&S.dequeue(this,r.queue)},r},S.fn.extend({fadeTo:function(e,t,n,r){return this.filter(ae).css("opacity",0).show().end().animate({opacity:t},e,n,r)},animate:function(t,e,n,r){var i=S.isEmptyObject(t),o=S.speed(e,n,r),a=function(){var e=lt(this,S.extend({},t),o);(i||Y.get(this,"finish"))&&e.stop(!0)};return a.finish=a,i||!1===o.queue?this.each(a):this.queue(o.queue,a)},stop:function(i,e,o){var a=function(e){var t=e.stop;delete e.stop,t(o)};return"string"!=typeof i&&(o=e,e=i,i=void 0),e&&this.queue(i||"fx",[]),this.each(function(){var e=!0,t=null!=i&&i+"queueHooks",n=S.timers,r=Y.get(this);if(t)r[t]&&r[t].stop&&a(r[t]);else for(t in r)r[t]&&r[t].stop&&it.test(t)&&a(r[t]);for(t=n.length;t--;)n[t].elem!==this||null!=i&&n[t].queue!==i||(n[t].anim.stop(o),e=!1,n.splice(t,1));!e&&o||S.dequeue(this,i)})},finish:function(a){return!1!==a&&(a=a||"fx"),this.each(function(){var e,t=Y.get(this),n=t[a+"queue"],r=t[a+"queueHooks"],i=S.timers,o=n?n.length:0;for(t.finish=!0,S.queue(this,a,[]),r&&r.stop&&r.stop.call(this,!0),e=i.length;e--;)i[e].elem===this&&i[e].queue===a&&(i[e].anim.stop(!0),i.splice(e,1));for(e=0;e<o;e++)n[e]&&n[e].finish&&n[e].finish.call(this);delete t.finish})}}),S.each(["toggle","show","hide"],function(e,r){var i=S.fn[r];S.fn[r]=function(e,t,n){return null==e||"boolean"==typeof e?i.apply(this,arguments):this.animate(st(r,!0),e,t,n)}}),S.each({slideDown:st("show"),slideUp:st("hide"),slideToggle:st("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},function(e,r){S.fn[e]=function(e,t,n){return this.animate(r,e,t,n)}}),S.timers=[],S.fx.tick=function(){var e,t=0,n=S.timers;for(Ze=Date.now();t<n.length;t++)(e=n[t])()||n[t]!==e||n.splice(t--,1);n.length||S.fx.stop(),Ze=void 0},S.fx.timer=function(e){S.timers.push(e),S.fx.start()},S.fx.interval=13,S.fx.start=function(){et||(et=!0,ot())},S.fx.stop=function(){et=null},S.fx.speeds={slow:600,fast:200,_default:400},S.fn.delay=function(r,e){return r=S.fx&&S.fx.speeds[r]||r,e=e||"fx",this.queue(e,function(e,t){var n=C.setTimeout(e,r);t.stop=function(){C.clearTimeout(n)}})},tt=E.createElement("input"),nt=E.createElement("select").appendChild(E.createElement("option")),tt.type="checkbox",y.checkOn=""!==tt.value,y.optSelected=nt.selected,(tt=E.createElement("input")).value="t",tt.type="radio",y.radioValue="t"===tt.value;var ct,ft=S.expr.attrHandle;S.fn.extend({attr:function(e,t){return $(this,S.attr,e,t,1<arguments.length)},removeAttr:function(e){return this.each(function(){S.removeAttr(this,e)})}}),S.extend({attr:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return"undefined"==typeof e.getAttribute?S.prop(e,t,n):(1===o&&S.isXMLDoc(e)||(i=S.attrHooks[t.toLowerCase()]||(S.expr.match.bool.test(t)?ct:void 0)),void 0!==n?null===n?void S.removeAttr(e,t):i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:(e.setAttribute(t,n+""),n):i&&"get"in i&&null!==(r=i.get(e,t))?r:null==(r=S.find.attr(e,t))?void 0:r)},attrHooks:{type:{set:function(e,t){if(!y.radioValue&&"radio"===t&&A(e,"input")){var n=e.value;return e.setAttribute("type",t),n&&(e.value=n),t}}}},removeAttr:function(e,t){var n,r=0,i=t&&t.match(P);if(i&&1===e.nodeType)while(n=i[r++])e.removeAttribute(n)}}),ct={set:function(e,t,n){return!1===t?S.removeAttr(e,n):e.setAttribute(n,n),n}},S.each(S.expr.match.bool.source.match(/\w+/g),function(e,t){var a=ft[t]||S.find.attr;ft[t]=function(e,t,n){var r,i,o=t.toLowerCase();return n||(i=ft[o],ft[o]=r,r=null!=a(e,t,n)?o:null,ft[o]=i),r}});var pt=/^(?:input|select|textarea|button)$/i,dt=/^(?:a|area)$/i;function ht(e){return(e.match(P)||[]).join(" ")}function gt(e){return e.getAttribute&&e.getAttribute("class")||""}function vt(e){return Array.isArray(e)?e:"string"==typeof e&&e.match(P)||[]}S.fn.extend({prop:function(e,t){return $(this,S.prop,e,t,1<arguments.length)},removeProp:function(e){return this.each(function(){delete this[S.propFix[e]||e]})}}),S.extend({prop:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return 1===o&&S.isXMLDoc(e)||(t=S.propFix[t]||t,i=S.propHooks[t]),void 0!==n?i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:e[t]=n:i&&"get"in i&&null!==(r=i.get(e,t))?r:e[t]},propHooks:{tabIndex:{get:function(e){var t=S.find.attr(e,"tabindex");return t?parseInt(t,10):pt.test(e.nodeName)||dt.test(e.nodeName)&&e.href?0:-1}}},propFix:{"for":"htmlFor","class":"className"}}),y.optSelected||(S.propHooks.selected={get:function(e){var t=e.parentNode;return t&&t.parentNode&&t.parentNode.selectedIndex,null},set:function(e){var t=e.parentNode;t&&(t.selectedIndex,t.parentNode&&t.parentNode.selectedIndex)}}),S.each(["tabIndex","readOnly","maxLength","cellSpacing","cellPadding","rowSpan","colSpan","useMap","frameBorder","contentEditable"],function(){S.propFix[this.toLowerCase()]=this}),S.fn.extend({addClass:function(t){var e,n,r,i,o,a,s,u=0;if(m(t))return this.each(function(e){S(this).addClass(t.call(this,e,gt(this)))});if((e=vt(t)).length)while(n=this[u++])if(i=gt(n),r=1===n.nodeType&&" "+ht(i)+" "){a=0;while(o=e[a++])r.indexOf(" "+o+" ")<0&&(r+=o+" ");i!==(s=ht(r))&&n.setAttribute("class",s)}return this},removeClass:function(t){var e,n,r,i,o,a,s,u=0;if(m(t))return this.each(function(e){S(this).removeClass(t.call(this,e,gt(this)))});if(!arguments.length)return this.attr("class","");if((e=vt(t)).length)while(n=this[u++])if(i=gt(n),r=1===n.nodeType&&" "+ht(i)+" "){a=0;while(o=e[a++])while(-1<r.indexOf(" "+o+" "))r=r.replace(" "+o+" "," ");i!==(s=ht(r))&&n.setAttribute("class",s)}return this},toggleClass:function(i,t){var o=typeof i,a="string"===o||Array.isArray(i);return"boolean"==typeof t&&a?t?this.addClass(i):this.removeClass(i):m(i)?this.each(function(e){S(this).toggleClass(i.call(this,e,gt(this),t),t)}):this.each(function(){var e,t,n,r;if(a){t=0,n=S(this),r=vt(i);while(e=r[t++])n.hasClass(e)?n.removeClass(e):n.addClass(e)}else void 0!==i&&"boolean"!==o||((e=gt(this))&&Y.set(this,"__className__",e),this.setAttribute&&this.setAttribute("class",e||!1===i?"":Y.get(this,"__className__")||""))})},hasClass:function(e){var t,n,r=0;t=" "+e+" ";while(n=this[r++])if(1===n.nodeType&&-1<(" "+ht(gt(n))+" ").indexOf(t))return!0;return!1}});var yt=/\r/g;S.fn.extend({val:function(n){var r,e,i,t=this[0];return arguments.length?(i=m(n),this.each(function(e){var t;1===this.nodeType&&(null==(t=i?n.call(this,e,S(this).val()):n)?t="":"number"==typeof t?t+="":Array.isArray(t)&&(t=S.map(t,function(e){return null==e?"":e+""})),(r=S.valHooks[this.type]||S.valHooks[this.nodeName.toLowerCase()])&&"set"in r&&void 0!==r.set(this,t,"value")||(this.value=t))})):t?(r=S.valHooks[t.type]||S.valHooks[t.nodeName.toLowerCase()])&&"get"in r&&void 0!==(e=r.get(t,"value"))?e:"string"==typeof(e=t.value)?e.replace(yt,""):null==e?"":e:void 0}}),S.extend({valHooks:{option:{get:function(e){var t=S.find.attr(e,"value");return null!=t?t:ht(S.text(e))}},select:{get:function(e){var t,n,r,i=e.options,o=e.selectedIndex,a="select-one"===e.type,s=a?null:[],u=a?o+1:i.length;for(r=o<0?u:a?o:0;r<u;r++)if(((n=i[r]).selected||r===o)&&!n.disabled&&(!n.parentNode.disabled||!A(n.parentNode,"optgroup"))){if(t=S(n).val(),a)return t;s.push(t)}return s},set:function(e,t){var n,r,i=e.options,o=S.makeArray(t),a=i.length;while(a--)((r=i[a]).selected=-1<S.inArray(S.valHooks.option.get(r),o))&&(n=!0);return n||(e.selectedIndex=-1),o}}}}),S.each(["radio","checkbox"],function(){S.valHooks[this]={set:function(e,t){if(Array.isArray(t))return e.checked=-1<S.inArray(S(e).val(),t)}},y.checkOn||(S.valHooks[this].get=function(e){return null===e.getAttribute("value")?"on":e.value})}),y.focusin="onfocusin"in C;var mt=/^(?:focusinfocus|focusoutblur)$/,xt=function(e){e.stopPropagation()};S.extend(S.event,{trigger:function(e,t,n,r){var i,o,a,s,u,l,c,f,p=[n||E],d=v.call(e,"type")?e.type:e,h=v.call(e,"namespace")?e.namespace.split("."):[];if(o=f=a=n=n||E,3!==n.nodeType&&8!==n.nodeType&&!mt.test(d+S.event.triggered)&&(-1<d.indexOf(".")&&(d=(h=d.split(".")).shift(),h.sort()),u=d.indexOf(":")<0&&"on"+d,(e=e[S.expando]?e:new S.Event(d,"object"==typeof e&&e)).isTrigger=r?2:3,e.namespace=h.join("."),e.rnamespace=e.namespace?new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,e.result=void 0,e.target||(e.target=n),t=null==t?[e]:S.makeArray(t,[e]),c=S.event.special[d]||{},r||!c.trigger||!1!==c.trigger.apply(n,t))){if(!r&&!c.noBubble&&!x(n)){for(s=c.delegateType||d,mt.test(s+d)||(o=o.parentNode);o;o=o.parentNode)p.push(o),a=o;a===(n.ownerDocument||E)&&p.push(a.defaultView||a.parentWindow||C)}i=0;while((o=p[i++])&&!e.isPropagationStopped())f=o,e.type=1<i?s:c.bindType||d,(l=(Y.get(o,"events")||Object.create(null))[e.type]&&Y.get(o,"handle"))&&l.apply(o,t),(l=u&&o[u])&&l.apply&&V(o)&&(e.result=l.apply(o,t),!1===e.result&&e.preventDefault());return e.type=d,r||e.isDefaultPrevented()||c._default&&!1!==c._default.apply(p.pop(),t)||!V(n)||u&&m(n[d])&&!x(n)&&((a=n[u])&&(n[u]=null),S.event.triggered=d,e.isPropagationStopped()&&f.addEventListener(d,xt),n[d](),e.isPropagationStopped()&&f.removeEventListener(d,xt),S.event.triggered=void 0,a&&(n[u]=a)),e.result}},simulate:function(e,t,n){var r=S.extend(new S.Event,n,{type:e,isSimulated:!0});S.event.trigger(r,null,t)}}),S.fn.extend({trigger:function(e,t){return this.each(function(){S.event.trigger(e,t,this)})},triggerHandler:function(e,t){var n=this[0];if(n)return S.event.trigger(e,t,n,!0)}}),y.focusin||S.each({focus:"focusin",blur:"focusout"},function(n,r){var i=function(e){S.event.simulate(r,e.target,S.event.fix(e))};S.event.special[r]={setup:function(){var e=this.ownerDocument||this.document||this,t=Y.access(e,r);t||e.addEventListener(n,i,!0),Y.access(e,r,(t||0)+1)},teardown:function(){var e=this.ownerDocument||this.document||this,t=Y.access(e,r)-1;t?Y.access(e,r,t):(e.removeEventListener(n,i,!0),Y.remove(e,r))}}});var bt=C.location,wt={guid:Date.now()},Tt=/\?/;S.parseXML=function(e){var t,n;if(!e||"string"!=typeof e)return null;try{t=(new C.DOMParser).parseFromString(e,"text/xml")}catch(e){}return n=t&&t.getElementsByTagName("parsererror")[0],t&&!n||S.error("Invalid XML: "+(n?S.map(n.childNodes,function(e){return e.textContent}).join("\n"):e)),t};var Ct=/\[\]$/,Et=/\r?\n/g,St=/^(?:submit|button|image|reset|file)$/i,kt=/^(?:input|select|textarea|keygen)/i;function At(n,e,r,i){var t;if(Array.isArray(e))S.each(e,function(e,t){r||Ct.test(n)?i(n,t):At(n+"["+("object"==typeof t&&null!=t?e:"")+"]",t,r,i)});else if(r||"object"!==w(e))i(n,e);else for(t in e)At(n+"["+t+"]",e[t],r,i)}S.param=function(e,t){var n,r=[],i=function(e,t){var n=m(t)?t():t;r[r.length]=encodeURIComponent(e)+"="+encodeURIComponent(null==n?"":n)};if(null==e)return"";if(Array.isArray(e)||e.jquery&&!S.isPlainObject(e))S.each(e,function(){i(this.name,this.value)});else for(n in e)At(n,e[n],t,i);return r.join("&")},S.fn.extend({serialize:function(){return S.param(this.serializeArray())},serializeArray:function(){return this.map(function(){var e=S.prop(this,"elements");return e?S.makeArray(e):this}).filter(function(){var e=this.type;return this.name&&!S(this).is(":disabled")&&kt.test(this.nodeName)&&!St.test(e)&&(this.checked||!pe.test(e))}).map(function(e,t){var n=S(this).val();return null==n?null:Array.isArray(n)?S.map(n,function(e){return{name:t.name,value:e.replace(Et,"\r\n")}}):{name:t.name,value:n.replace(Et,"\r\n")}}).get()}});var Nt=/%20/g,jt=/#.*$/,Dt=/([?&])_=[^&]*/,qt=/^(.*?):[ \t]*([^\r\n]*)$/gm,Lt=/^(?:GET|HEAD)$/,Ht=/^\/\//,Ot={},Pt={},Rt="*/".concat("*"),Mt=E.createElement("a");function It(o){return function(e,t){"string"!=typeof e&&(t=e,e="*");var n,r=0,i=e.toLowerCase().match(P)||[];if(m(t))while(n=i[r++])"+"===n[0]?(n=n.slice(1)||"*",(o[n]=o[n]||[]).unshift(t)):(o[n]=o[n]||[]).push(t)}}function Wt(t,i,o,a){var s={},u=t===Pt;function l(e){var r;return s[e]=!0,S.each(t[e]||[],function(e,t){var n=t(i,o,a);return"string"!=typeof n||u||s[n]?u?!(r=n):void 0:(i.dataTypes.unshift(n),l(n),!1)}),r}return l(i.dataTypes[0])||!s["*"]&&l("*")}function Ft(e,t){var n,r,i=S.ajaxSettings.flatOptions||{};for(n in t)void 0!==t[n]&&((i[n]?e:r||(r={}))[n]=t[n]);return r&&S.extend(!0,e,r),e}Mt.href=bt.href,S.extend({active:0,lastModified:{},etag:{},ajaxSettings:{url:bt.href,type:"GET",isLocal:/^(?:about|app|app-storage|.+-extension|file|res|widget):$/.test(bt.protocol),global:!0,processData:!0,async:!0,contentType:"application/x-www-form-urlencoded; charset=UTF-8",accepts:{"*":Rt,text:"text/plain",html:"text/html",xml:"application/xml, text/xml",json:"application/json, text/javascript"},contents:{xml:/\bxml\b/,html:/\bhtml/,json:/\bjson\b/},responseFields:{xml:"responseXML",text:"responseText",json:"responseJSON"},converters:{"* text":String,"text html":!0,"text json":JSON.parse,"text xml":S.parseXML},flatOptions:{url:!0,context:!0}},ajaxSetup:function(e,t){return t?Ft(Ft(e,S.ajaxSettings),t):Ft(S.ajaxSettings,e)},ajaxPrefilter:It(Ot),ajaxTransport:It(Pt),ajax:function(e,t){"object"==typeof e&&(t=e,e=void 0),t=t||{};var c,f,p,n,d,r,h,g,i,o,v=S.ajaxSetup({},t),y=v.context||v,m=v.context&&(y.nodeType||y.jquery)?S(y):S.event,x=S.Deferred(),b=S.Callbacks("once memory"),w=v.statusCode||{},a={},s={},u="canceled",T={readyState:0,getResponseHeader:function(e){var t;if(h){if(!n){n={};while(t=qt.exec(p))n[t[1].toLowerCase()+" "]=(n[t[1].toLowerCase()+" "]||[]).concat(t[2])}t=n[e.toLowerCase()+" "]}return null==t?null:t.join(", ")},getAllResponseHeaders:function(){return h?p:null},setRequestHeader:function(e,t){return null==h&&(e=s[e.toLowerCase()]=s[e.toLowerCase()]||e,a[e]=t),this},overrideMimeType:function(e){return null==h&&(v.mimeType=e),this},statusCode:function(e){var t;if(e)if(h)T.always(e[T.status]);else for(t in e)w[t]=[w[t],e[t]];return this},abort:function(e){var t=e||u;return c&&c.abort(t),l(0,t),this}};if(x.promise(T),v.url=((e||v.url||bt.href)+"").replace(Ht,bt.protocol+"//"),v.type=t.method||t.type||v.method||v.type,v.dataTypes=(v.dataType||"*").toLowerCase().match(P)||[""],null==v.crossDomain){r=E.createElement("a");try{r.href=v.url,r.href=r.href,v.crossDomain=Mt.protocol+"//"+Mt.host!=r.protocol+"//"+r.host}catch(e){v.crossDomain=!0}}if(v.data&&v.processData&&"string"!=typeof v.data&&(v.data=S.param(v.data,v.traditional)),Wt(Ot,v,t,T),h)return T;for(i in(g=S.event&&v.global)&&0==S.active++&&S.event.trigger("ajaxStart"),v.type=v.type.toUpperCase(),v.hasContent=!Lt.test(v.type),f=v.url.replace(jt,""),v.hasContent?v.data&&v.processData&&0===(v.contentType||"").indexOf("application/x-www-form-urlencoded")&&(v.data=v.data.replace(Nt,"+")):(o=v.url.slice(f.length),v.data&&(v.processData||"string"==typeof v.data)&&(f+=(Tt.test(f)?"&":"?")+v.data,delete v.data),!1===v.cache&&(f=f.replace(Dt,"$1"),o=(Tt.test(f)?"&":"?")+"_="+wt.guid+++o),v.url=f+o),v.ifModified&&(S.lastModified[f]&&T.setRequestHeader("If-Modified-Since",S.lastModified[f]),S.etag[f]&&T.setRequestHeader("If-None-Match",S.etag[f])),(v.data&&v.hasContent&&!1!==v.contentType||t.contentType)&&T.setRequestHeader("Content-Type",v.contentType),T.setRequestHeader("Accept",v.dataTypes[0]&&v.accepts[v.dataTypes[0]]?v.accepts[v.dataTypes[0]]+("*"!==v.dataTypes[0]?", "+Rt+"; q=0.01":""):v.accepts["*"]),v.headers)T.setRequestHeader(i,v.headers[i]);if(v.beforeSend&&(!1===v.beforeSend.call(y,T,v)||h))return T.abort();if(u="abort",b.add(v.complete),T.done(v.success),T.fail(v.error),c=Wt(Pt,v,t,T)){if(T.readyState=1,g&&m.trigger("ajaxSend",[T,v]),h)return T;v.async&&0<v.timeout&&(d=C.setTimeout(function(){T.abort("timeout")},v.timeout));try{h=!1,c.send(a,l)}catch(e){if(h)throw e;l(-1,e)}}else l(-1,"No Transport");function l(e,t,n,r){var i,o,a,s,u,l=t;h||(h=!0,d&&C.clearTimeout(d),c=void 0,p=r||"",T.readyState=0<e?4:0,i=200<=e&&e<300||304===e,n&&(s=function(e,t,n){var r,i,o,a,s=e.contents,u=e.dataTypes;while("*"===u[0])u.shift(),void 0===r&&(r=e.mimeType||t.getResponseHeader("Content-Type"));if(r)for(i in s)if(s[i]&&s[i].test(r)){u.unshift(i);break}if(u[0]in n)o=u[0];else{for(i in n){if(!u[0]||e.converters[i+" "+u[0]]){o=i;break}a||(a=i)}o=o||a}if(o)return o!==u[0]&&u.unshift(o),n[o]}(v,T,n)),!i&&-1<S.inArray("script",v.dataTypes)&&S.inArray("json",v.dataTypes)<0&&(v.converters["text script"]=function(){}),s=function(e,t,n,r){var i,o,a,s,u,l={},c=e.dataTypes.slice();if(c[1])for(a in e.converters)l[a.toLowerCase()]=e.converters[a];o=c.shift();while(o)if(e.responseFields[o]&&(n[e.responseFields[o]]=t),!u&&r&&e.dataFilter&&(t=e.dataFilter(t,e.dataType)),u=o,o=c.shift())if("*"===o)o=u;else if("*"!==u&&u!==o){if(!(a=l[u+" "+o]||l["* "+o]))for(i in l)if((s=i.split(" "))[1]===o&&(a=l[u+" "+s[0]]||l["* "+s[0]])){!0===a?a=l[i]:!0!==l[i]&&(o=s[0],c.unshift(s[1]));break}if(!0!==a)if(a&&e["throws"])t=a(t);else try{t=a(t)}catch(e){return{state:"parsererror",error:a?e:"No conversion from "+u+" to "+o}}}return{state:"success",data:t}}(v,s,T,i),i?(v.ifModified&&((u=T.getResponseHeader("Last-Modified"))&&(S.lastModified[f]=u),(u=T.getResponseHeader("etag"))&&(S.etag[f]=u)),204===e||"HEAD"===v.type?l="nocontent":304===e?l="notmodified":(l=s.state,o=s.data,i=!(a=s.error))):(a=l,!e&&l||(l="error",e<0&&(e=0))),T.status=e,T.statusText=(t||l)+"",i?x.resolveWith(y,[o,l,T]):x.rejectWith(y,[T,l,a]),T.statusCode(w),w=void 0,g&&m.trigger(i?"ajaxSuccess":"ajaxError",[T,v,i?o:a]),b.fireWith(y,[T,l]),g&&(m.trigger("ajaxComplete",[T,v]),--S.active||S.event.trigger("ajaxStop")))}return T},getJSON:function(e,t,n){return S.get(e,t,n,"json")},getScript:function(e,t){return S.get(e,void 0,t,"script")}}),S.each(["get","post"],function(e,i){S[i]=function(e,t,n,r){return m(t)&&(r=r||n,n=t,t=void 0),S.ajax(S.extend({url:e,type:i,dataType:r,data:t,success:n},S.isPlainObject(e)&&e))}}),S.ajaxPrefilter(function(e){var t;for(t in e.headers)"content-type"===t.toLowerCase()&&(e.contentType=e.headers[t]||"")}),S._evalUrl=function(e,t,n){return S.ajax({url:e,type:"GET",dataType:"script",cache:!0,async:!1,global:!1,converters:{"text script":function(){}},dataFilter:function(e){S.globalEval(e,t,n)}})},S.fn.extend({wrapAll:function(e){var t;return this[0]&&(m(e)&&(e=e.call(this[0])),t=S(e,this[0].ownerDocument).eq(0).clone(!0),this[0].parentNode&&t.insertBefore(this[0]),t.map(function(){var e=this;while(e.firstElementChild)e=e.firstElementChild;return e}).append(this)),this},wrapInner:function(n){return m(n)?this.each(function(e){S(this).wrapInner(n.call(this,e))}):this.each(function(){var e=S(this),t=e.contents();t.length?t.wrapAll(n):e.append(n)})},wrap:function(t){var n=m(t);return this.each(function(e){S(this).wrapAll(n?t.call(this,e):t)})},unwrap:function(e){return this.parent(e).not("body").each(function(){S(this).replaceWith(this.childNodes)}),this}}),S.expr.pseudos.hidden=function(e){return!S.expr.pseudos.visible(e)},S.expr.pseudos.visible=function(e){return!!(e.offsetWidth||e.offsetHeight||e.getClientRects().length)},S.ajaxSettings.xhr=function(){try{return new C.XMLHttpRequest}catch(e){}};var Bt={0:200,1223:204},$t=S.ajaxSettings.xhr();y.cors=!!$t&&"withCredentials"in $t,y.ajax=$t=!!$t,S.ajaxTransport(function(i){var o,a;if(y.cors||$t&&!i.crossDomain)return{send:function(e,t){var n,r=i.xhr();if(r.open(i.type,i.url,i.async,i.username,i.password),i.xhrFields)for(n in i.xhrFields)r[n]=i.xhrFields[n];for(n in i.mimeType&&r.overrideMimeType&&r.overrideMimeType(i.mimeType),i.crossDomain||e["X-Requested-With"]||(e["X-Requested-With"]="XMLHttpRequest"),e)r.setRequestHeader(n,e[n]);o=function(e){return function(){o&&(o=a=r.onload=r.onerror=r.onabort=r.ontimeout=r.onreadystatechange=null,"abort"===e?r.abort():"error"===e?"number"!=typeof r.status?t(0,"error"):t(r.status,r.statusText):t(Bt[r.status]||r.status,r.statusText,"text"!==(r.responseType||"text")||"string"!=typeof r.responseText?{binary:r.response}:{text:r.responseText},r.getAllResponseHeaders()))}},r.onload=o(),a=r.onerror=r.ontimeout=o("error"),void 0!==r.onabort?r.onabort=a:r.onreadystatechange=function(){4===r.readyState&&C.setTimeout(function(){o&&a()})},o=o("abort");try{r.send(i.hasContent&&i.data||null)}catch(e){if(o)throw e}},abort:function(){o&&o()}}}),S.ajaxPrefilter(function(e){e.crossDomain&&(e.contents.script=!1)}),S.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/\b(?:java|ecma)script\b/},converters:{"text script":function(e){return S.globalEval(e),e}}}),S.ajaxPrefilter("script",function(e){void 0===e.cache&&(e.cache=!1),e.crossDomain&&(e.type="GET")}),S.ajaxTransport("script",function(n){var r,i;if(n.crossDomain||n.scriptAttrs)return{send:function(e,t){r=S("<script>").attr(n.scriptAttrs||{}).prop({charset:n.scriptCharset,src:n.url}).on("load error",i=function(e){r.remove(),i=null,e&&t("error"===e.type?404:200,e.type)}),E.head.appendChild(r[0])},abort:function(){i&&i()}}});var _t,zt=[],Ut=/(=)\?(?=&|$)|\?\?/;S.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=zt.pop()||S.expando+"_"+wt.guid++;return this[e]=!0,e}}),S.ajaxPrefilter("json jsonp",function(e,t,n){var r,i,o,a=!1!==e.jsonp&&(Ut.test(e.url)?"url":"string"==typeof e.data&&0===(e.contentType||"").indexOf("application/x-www-form-urlencoded")&&Ut.test(e.data)&&"data");if(a||"jsonp"===e.dataTypes[0])return r=e.jsonpCallback=m(e.jsonpCallback)?e.jsonpCallback():e.jsonpCallback,a?e[a]=e[a].replace(Ut,"$1"+r):!1!==e.jsonp&&(e.url+=(Tt.test(e.url)?"&":"?")+e.jsonp+"="+r),e.converters["script json"]=function(){return o||S.error(r+" was not called"),o[0]},e.dataTypes[0]="json",i=C[r],C[r]=function(){o=arguments},n.always(function(){void 0===i?S(C).removeProp(r):C[r]=i,e[r]&&(e.jsonpCallback=t.jsonpCallback,zt.push(r)),o&&m(i)&&i(o[0]),o=i=void 0}),"script"}),y.createHTMLDocument=((_t=E.implementation.createHTMLDocument("").body).innerHTML="<form></form><form></form>",2===_t.childNodes.length),S.parseHTML=function(e,t,n){return"string"!=typeof e?[]:("boolean"==typeof t&&(n=t,t=!1),t||(y.createHTMLDocument?((r=(t=E.implementation.createHTMLDocument("")).createElement("base")).href=E.location.href,t.head.appendChild(r)):t=E),o=!n&&[],(i=N.exec(e))?[t.createElement(i[1])]:(i=xe([e],t,o),o&&o.length&&S(o).remove(),S.merge([],i.childNodes)));var r,i,o},S.fn.load=function(e,t,n){var r,i,o,a=this,s=e.indexOf(" ");return-1<s&&(r=ht(e.slice(s)),e=e.slice(0,s)),m(t)?(n=t,t=void 0):t&&"object"==typeof t&&(i="POST"),0<a.length&&S.ajax({url:e,type:i||"GET",dataType:"html",data:t}).done(function(e){o=arguments,a.html(r?S("<div>").append(S.parseHTML(e)).find(r):e)}).always(n&&function(e,t){a.each(function(){n.apply(this,o||[e.responseText,t,e])})}),this},S.expr.pseudos.animated=function(t){return S.grep(S.timers,function(e){return t===e.elem}).length},S.offset={setOffset:function(e,t,n){var r,i,o,a,s,u,l=S.css(e,"position"),c=S(e),f={};"static"===l&&(e.style.position="relative"),s=c.offset(),o=S.css(e,"top"),u=S.css(e,"left"),("absolute"===l||"fixed"===l)&&-1<(o+u).indexOf("auto")?(a=(r=c.position()).top,i=r.left):(a=parseFloat(o)||0,i=parseFloat(u)||0),m(t)&&(t=t.call(e,n,S.extend({},s))),null!=t.top&&(f.top=t.top-s.top+a),null!=t.left&&(f.left=t.left-s.left+i),"using"in t?t.using.call(e,f):c.css(f)}},S.fn.extend({offset:function(t){if(arguments.length)return void 0===t?this:this.each(function(e){S.offset.setOffset(this,t,e)});var e,n,r=this[0];return r?r.getClientRects().length?(e=r.getBoundingClientRect(),n=r.ownerDocument.defaultView,{top:e.top+n.pageYOffset,left:e.left+n.pageXOffset}):{top:0,left:0}:void 0},position:function(){if(this[0]){var e,t,n,r=this[0],i={top:0,left:0};if("fixed"===S.css(r,"position"))t=r.getBoundingClientRect();else{t=this.offset(),n=r.ownerDocument,e=r.offsetParent||n.documentElement;while(e&&(e===n.body||e===n.documentElement)&&"static"===S.css(e,"position"))e=e.parentNode;e&&e!==r&&1===e.nodeType&&((i=S(e).offset()).top+=S.css(e,"borderTopWidth",!0),i.left+=S.css(e,"borderLeftWidth",!0))}return{top:t.top-i.top-S.css(r,"marginTop",!0),left:t.left-i.left-S.css(r,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var e=this.offsetParent;while(e&&"static"===S.css(e,"position"))e=e.offsetParent;return e||re})}}),S.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(t,i){var o="pageYOffset"===i;S.fn[t]=function(e){return $(this,function(e,t,n){var r;if(x(e)?r=e:9===e.nodeType&&(r=e.defaultView),void 0===n)return r?r[i]:e[t];r?r.scrollTo(o?r.pageXOffset:n,o?n:r.pageYOffset):e[t]=n},t,e,arguments.length)}}),S.each(["top","left"],function(e,n){S.cssHooks[n]=Fe(y.pixelPosition,function(e,t){if(t)return t=We(e,n),Pe.test(t)?S(e).position()[n]+"px":t})}),S.each({Height:"height",Width:"width"},function(a,s){S.each({padding:"inner"+a,content:s,"":"outer"+a},function(r,o){S.fn[o]=function(e,t){var n=arguments.length&&(r||"boolean"!=typeof e),i=r||(!0===e||!0===t?"margin":"border");return $(this,function(e,t,n){var r;return x(e)?0===o.indexOf("outer")?e["inner"+a]:e.document.documentElement["client"+a]:9===e.nodeType?(r=e.documentElement,Math.max(e.body["scroll"+a],r["scroll"+a],e.body["offset"+a],r["offset"+a],r["client"+a])):void 0===n?S.css(e,t,i):S.style(e,t,n,i)},s,n?e:void 0,n)}})}),S.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(e,t){S.fn[t]=function(e){return this.on(t,e)}}),S.fn.extend({bind:function(e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return 1===arguments.length?this.off(e,"**"):this.off(t,e||"**",n)},hover:function(e,t){return this.mouseenter(e).mouseleave(t||e)}}),S.each("blur focus focusin focusout resize scroll click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup contextmenu".split(" "),function(e,n){S.fn[n]=function(e,t){return 0<arguments.length?this.on(n,null,e,t):this.trigger(n)}});var Xt=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g;S.proxy=function(e,t){var n,r,i;if("string"==typeof t&&(n=e[t],t=e,e=n),m(e))return r=s.call(arguments,2),(i=function(){return e.apply(t||this,r.concat(s.call(arguments)))}).guid=e.guid=e.guid||S.guid++,i},S.holdReady=function(e){e?S.readyWait++:S.ready(!0)},S.isArray=Array.isArray,S.parseJSON=JSON.parse,S.nodeName=A,S.isFunction=m,S.isWindow=x,S.camelCase=X,S.type=w,S.now=Date.now,S.isNumeric=function(e){var t=S.type(e);return("number"===t||"string"===t)&&!isNaN(e-parseFloat(e))},S.trim=function(e){return null==e?"":(e+"").replace(Xt,"")},"function"==typeof define&&define.amd&&define("jquery",[],function(){return S});var Vt=C.jQuery,Gt=C.$;return S.noConflict=function(e){return C.$===S&&(C.$=Gt),e&&C.jQuery===S&&(C.jQuery=Vt),S},"undefined"==typeof e&&(C.jQuery=C.$=S),S});
diff --git a/docs/saml2/_static/js/badge_only.js b/docs/saml2/_static/js/badge_only.js
new file mode 100644
index 00000000..526d7234
--- /dev/null
+++ b/docs/saml2/_static/js/badge_only.js
@@ -0,0 +1 @@
+!function(e){var t={};function r(n){if(t[n])return t[n].exports;var o=t[n]={i:n,l:!1,exports:{}};return e[n].call(o.exports,o,o.exports,r),o.l=!0,o.exports}r.m=e,r.c=t,r.d=function(e,t,n){r.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:n})},r.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.t=function(e,t){if(1&t&&(e=r(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(r.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var o in e)r.d(n,o,function(t){return e[t]}.bind(null,o));return n},r.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return r.d(t,"a",t),t},r.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},r.p="",r(r.s=4)}({4:function(e,t,r){}});
\ No newline at end of file
diff --git a/docs/saml2/_static/js/html5shiv-printshiv.min.js b/docs/saml2/_static/js/html5shiv-printshiv.min.js
new file mode 100644
index 00000000..2b43bd06
--- /dev/null
+++ b/docs/saml2/_static/js/html5shiv-printshiv.min.js
@@ -0,0 +1,4 @@
+/**
+* @preserve HTML5 Shiv 3.7.3-pre | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed
+*/
+!function(a,b){function c(a,b){var c=a.createElement("p"),d=a.getElementsByTagName("head")[0]||a.documentElement;return c.innerHTML="x<style>"+b+"</style>",d.insertBefore(c.lastChild,d.firstChild)}function d(){var a=y.elements;return"string"==typeof a?a.split(" "):a}function e(a,b){var c=y.elements;"string"!=typeof c&&(c=c.join(" ")),"string"!=typeof a&&(a=a.join(" ")),y.elements=c+" "+a,j(b)}function f(a){var b=x[a[v]];return b||(b={},w++,a[v]=w,x[w]=b),b}function g(a,c,d){if(c||(c=b),q)return c.createElement(a);d||(d=f(c));var e;return e=d.cache[a]?d.cache[a].cloneNode():u.test(a)?(d.cache[a]=d.createElem(a)).cloneNode():d.createElem(a),!e.canHaveChildren||t.test(a)||e.tagUrn?e:d.frag.appendChild(e)}function h(a,c){if(a||(a=b),q)return a.createDocumentFragment();c=c||f(a);for(var e=c.frag.cloneNode(),g=0,h=d(),i=h.length;i>g;g++)e.createElement(h[g]);return e}function i(a,b){b.cache||(b.cache={},b.createElem=a.createElement,b.createFrag=a.createDocumentFragment,b.frag=b.createFrag()),a.createElement=function(c){return y.shivMethods?g(c,a,b):b.createElem(c)},a.createDocumentFragment=Function("h,f","return function(){var n=f.cloneNode(),c=n.createElement;h.shivMethods&&("+d().join().replace(/[\w\-:]+/g,function(a){return b.createElem(a),b.frag.createElement(a),'c("'+a+'")'})+");return n}")(y,b.frag)}function j(a){a||(a=b);var d=f(a);return!y.shivCSS||p||d.hasCSS||(d.hasCSS=!!c(a,"article,aside,dialog,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}mark{background:#FF0;color:#000}template{display:none}")),q||i(a,d),a}function k(a){for(var b,c=a.getElementsByTagName("*"),e=c.length,f=RegExp("^(?:"+d().join("|")+")$","i"),g=[];e--;)b=c[e],f.test(b.nodeName)&&g.push(b.applyElement(l(b)));return g}function l(a){for(var b,c=a.attributes,d=c.length,e=a.ownerDocument.createElement(A+":"+a.nodeName);d--;)b=c[d],b.specified&&e.setAttribute(b.nodeName,b.nodeValue);return e.style.cssText=a.style.cssText,e}function m(a){for(var b,c=a.split("{"),e=c.length,f=RegExp("(^|[\\s,>+~])("+d().join("|")+")(?=[[\\s,>+~#.:]|$)","gi"),g="$1"+A+"\\:$2";e--;)b=c[e]=c[e].split("}"),b[b.length-1]=b[b.length-1].replace(f,g),c[e]=b.join("}");return c.join("{")}function n(a){for(var b=a.length;b--;)a[b].removeNode()}function o(a){function b(){clearTimeout(g._removeSheetTimer),d&&d.removeNode(!0),d=null}var d,e,g=f(a),h=a.namespaces,i=a.parentWindow;return!B||a.printShived?a:("undefined"==typeof h[A]&&h.add(A),i.attachEvent("onbeforeprint",function(){b();for(var f,g,h,i=a.styleSheets,j=[],l=i.length,n=Array(l);l--;)n[l]=i[l];for(;h=n.pop();)if(!h.disabled&&z.test(h.media)){try{f=h.imports,g=f.length}catch(o){g=0}for(l=0;g>l;l++)n.push(f[l]);try{j.push(h.cssText)}catch(o){}}j=m(j.reverse().join("")),e=k(a),d=c(a,j)}),i.attachEvent("onafterprint",function(){n(e),clearTimeout(g._removeSheetTimer),g._removeSheetTimer=setTimeout(b,500)}),a.printShived=!0,a)}var p,q,r="3.7.3",s=a.html5||{},t=/^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i,u=/^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i,v="_html5shiv",w=0,x={};!function(){try{var a=b.createElement("a");a.innerHTML="<xyz></xyz>",p="hidden"in a,q=1==a.childNodes.length||function(){b.createElement("a");var a=b.createDocumentFragment();return"undefined"==typeof a.cloneNode||"undefined"==typeof a.createDocumentFragment||"undefined"==typeof a.createElement}()}catch(c){p=!0,q=!0}}();var y={elements:s.elements||"abbr article aside audio bdi canvas data datalist details dialog figcaption figure footer header hgroup main mark meter nav output picture progress section summary template time video",version:r,shivCSS:s.shivCSS!==!1,supportsUnknownElements:q,shivMethods:s.shivMethods!==!1,type:"default",shivDocument:j,createElement:g,createDocumentFragment:h,addElements:e};a.html5=y,j(b);var z=/^$|\b(?:all|print)\b/,A="html5shiv",B=!q&&function(){var c=b.documentElement;return!("undefined"==typeof b.namespaces||"undefined"==typeof b.parentWindow||"undefined"==typeof c.applyElement||"undefined"==typeof c.removeNode||"undefined"==typeof a.attachEvent)}();y.type+=" print",y.shivPrint=o,o(b),"object"==typeof module&&module.exports&&(module.exports=y)}("undefined"!=typeof window?window:this,document);
\ No newline at end of file
diff --git a/docs/saml2/_static/js/html5shiv.min.js b/docs/saml2/_static/js/html5shiv.min.js
new file mode 100644
index 00000000..cd1c674f
--- /dev/null
+++ b/docs/saml2/_static/js/html5shiv.min.js
@@ -0,0 +1,4 @@
+/**
+* @preserve HTML5 Shiv 3.7.3 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed
+*/
+!function(a,b){function c(a,b){var c=a.createElement("p"),d=a.getElementsByTagName("head")[0]||a.documentElement;return c.innerHTML="x<style>"+b+"</style>",d.insertBefore(c.lastChild,d.firstChild)}function d(){var a=t.elements;return"string"==typeof a?a.split(" "):a}function e(a,b){var c=t.elements;"string"!=typeof c&&(c=c.join(" ")),"string"!=typeof a&&(a=a.join(" ")),t.elements=c+" "+a,j(b)}function f(a){var b=s[a[q]];return b||(b={},r++,a[q]=r,s[r]=b),b}function g(a,c,d){if(c||(c=b),l)return c.createElement(a);d||(d=f(c));var e;return e=d.cache[a]?d.cache[a].cloneNode():p.test(a)?(d.cache[a]=d.createElem(a)).cloneNode():d.createElem(a),!e.canHaveChildren||o.test(a)||e.tagUrn?e:d.frag.appendChild(e)}function h(a,c){if(a||(a=b),l)return a.createDocumentFragment();c=c||f(a);for(var e=c.frag.cloneNode(),g=0,h=d(),i=h.length;i>g;g++)e.createElement(h[g]);return e}function i(a,b){b.cache||(b.cache={},b.createElem=a.createElement,b.createFrag=a.createDocumentFragment,b.frag=b.createFrag()),a.createElement=function(c){return t.shivMethods?g(c,a,b):b.createElem(c)},a.createDocumentFragment=Function("h,f","return function(){var n=f.cloneNode(),c=n.createElement;h.shivMethods&&("+d().join().replace(/[\w\-:]+/g,function(a){return b.createElem(a),b.frag.createElement(a),'c("'+a+'")'})+");return n}")(t,b.frag)}function j(a){a||(a=b);var d=f(a);return!t.shivCSS||k||d.hasCSS||(d.hasCSS=!!c(a,"article,aside,dialog,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}mark{background:#FF0;color:#000}template{display:none}")),l||i(a,d),a}var k,l,m="3.7.3-pre",n=a.html5||{},o=/^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i,p=/^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i,q="_html5shiv",r=0,s={};!function(){try{var a=b.createElement("a");a.innerHTML="<xyz></xyz>",k="hidden"in a,l=1==a.childNodes.length||function(){b.createElement("a");var a=b.createDocumentFragment();return"undefined"==typeof a.cloneNode||"undefined"==typeof a.createDocumentFragment||"undefined"==typeof a.createElement}()}catch(c){k=!0,l=!0}}();var t={elements:n.elements||"abbr article aside audio bdi canvas data datalist details dialog figcaption figure footer header hgroup main mark meter nav output picture progress section summary template time video",version:m,shivCSS:n.shivCSS!==!1,supportsUnknownElements:l,shivMethods:n.shivMethods!==!1,type:"default",shivDocument:j,createElement:g,createDocumentFragment:h,addElements:e};a.html5=t,j(b),"object"==typeof module&&module.exports&&(module.exports=t)}("undefined"!=typeof window?window:this,document);
\ No newline at end of file
diff --git a/docs/saml2/_static/js/theme.js b/docs/saml2/_static/js/theme.js
new file mode 100644
index 00000000..1fddb6ee
--- /dev/null
+++ b/docs/saml2/_static/js/theme.js
@@ -0,0 +1 @@
+!function(n){var e={};function t(i){if(e[i])return e[i].exports;var o=e[i]={i:i,l:!1,exports:{}};return n[i].call(o.exports,o,o.exports,t),o.l=!0,o.exports}t.m=n,t.c=e,t.d=function(n,e,i){t.o(n,e)||Object.defineProperty(n,e,{enumerable:!0,get:i})},t.r=function(n){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(n,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(n,"__esModule",{value:!0})},t.t=function(n,e){if(1&e&&(n=t(n)),8&e)return n;if(4&e&&"object"==typeof n&&n&&n.__esModule)return n;var i=Object.create(null);if(t.r(i),Object.defineProperty(i,"default",{enumerable:!0,value:n}),2&e&&"string"!=typeof n)for(var o in n)t.d(i,o,function(e){return n[e]}.bind(null,o));return i},t.n=function(n){var e=n&&n.__esModule?function(){return n.default}:function(){return n};return t.d(e,"a",e),e},t.o=function(n,e){return Object.prototype.hasOwnProperty.call(n,e)},t.p="",t(t.s=0)}([function(n,e,t){t(1),n.exports=t(3)},function(n,e,t){(function(){var e="undefined"!=typeof window?window.jQuery:t(2);n.exports.ThemeNav={navBar:null,win:null,winScroll:!1,winResize:!1,linkScroll:!1,winPosition:0,winHeight:null,docHeight:null,isRunning:!1,enable:function(n){var t=this;void 0===n&&(n=!0),t.isRunning||(t.isRunning=!0,e((function(e){t.init(e),t.reset(),t.win.on("hashchange",t.reset),n&&t.win.on("scroll",(function(){t.linkScroll||t.winScroll||(t.winScroll=!0,requestAnimationFrame((function(){t.onScroll()})))})),t.win.on("resize",(function(){t.winResize||(t.winResize=!0,requestAnimationFrame((function(){t.onResize()})))})),t.onResize()})))},enableSticky:function(){this.enable(!0)},init:function(n){n(document);var e=this;this.navBar=n("div.wy-side-scroll:first"),this.win=n(window),n(document).on("click","[data-toggle='wy-nav-top']",(function(){n("[data-toggle='wy-nav-shift']").toggleClass("shift"),n("[data-toggle='rst-versions']").toggleClass("shift")})).on("click",".wy-menu-vertical .current ul li a",(function(){var t=n(this);n("[data-toggle='wy-nav-shift']").removeClass("shift"),n("[data-toggle='rst-versions']").toggleClass("shift"),e.toggleCurrent(t),e.hashChange()})).on("click","[data-toggle='rst-current-version']",(function(){n("[data-toggle='rst-versions']").toggleClass("shift-up")})),n("table.docutils:not(.field-list,.footnote,.citation)").wrap("<div class='wy-table-responsive'></div>"),n("table.docutils.footnote").wrap("<div class='wy-table-responsive footnote'></div>"),n("table.docutils.citation").wrap("<div class='wy-table-responsive citation'></div>"),n(".wy-menu-vertical ul").not(".simple").siblings("a").each((function(){var t=n(this);expand=n('<button class="toctree-expand" title="Open/close menu"></button>'),expand.on("click",(function(n){return e.toggleCurrent(t),n.stopPropagation(),!1})),t.prepend(expand)}))},reset:function(){var n=encodeURI(window.location.hash)||"#";try{var e=$(".wy-menu-vertical"),t=e.find('[href="'+n+'"]');if(0===t.length){var i=$('.document [id="'+n.substring(1)+'"]').closest("div.section");0===(t=e.find('[href="#'+i.attr("id")+'"]')).length&&(t=e.find('[href="#"]'))}if(t.length>0){$(".wy-menu-vertical .current").removeClass("current").attr("aria-expanded","false"),t.addClass("current").attr("aria-expanded","true"),t.closest("li.toctree-l1").parent().addClass("current").attr("aria-expanded","true");for(let n=1;n<=10;n++)t.closest("li.toctree-l"+n).addClass("current").attr("aria-expanded","true");t[0].scrollIntoView()}}catch(n){console.log("Error expanding nav for anchor",n)}},onScroll:function(){this.winScroll=!1;var n=this.win.scrollTop(),e=n+this.winHeight,t=this.navBar.scrollTop()+(n-this.winPosition);n<0||e>this.docHeight||(this.navBar.scrollTop(t),this.winPosition=n)},onResize:function(){this.winResize=!1,this.winHeight=this.win.height(),this.docHeight=$(document).height()},hashChange:function(){this.linkScroll=!0,this.win.one("hashchange",(function(){this.linkScroll=!1}))},toggleCurrent:function(n){var e=n.closest("li");e.siblings("li.current").removeClass("current").attr("aria-expanded","false"),e.siblings().find("li.current").removeClass("current").attr("aria-expanded","false");var t=e.find("> ul li");t.length&&(t.removeClass("current").attr("aria-expanded","false"),e.toggleClass("current").attr("aria-expanded",(function(n,e){return"true"==e?"false":"true"})))}},"undefined"!=typeof window&&(window.SphinxRtdTheme={Navigation:n.exports.ThemeNav,StickyNav:n.exports.ThemeNav}),function(){for(var n=0,e=["ms","moz","webkit","o"],t=0;t<e.length&&!window.requestAnimationFrame;++t)window.requestAnimationFrame=window[e[t]+"RequestAnimationFrame"],window.cancelAnimationFrame=window[e[t]+"CancelAnimationFrame"]||window[e[t]+"CancelRequestAnimationFrame"];window.requestAnimationFrame||(window.requestAnimationFrame=function(e,t){var i=(new Date).getTime(),o=Math.max(0,16-(i-n)),r=window.setTimeout((function(){e(i+o)}),o);return n=i+o,r}),window.cancelAnimationFrame||(window.cancelAnimationFrame=function(n){clearTimeout(n)})}()}).call(window)},function(n,e){n.exports=jQuery},function(n,e,t){}]);
\ No newline at end of file
diff --git a/docs/saml2/_static/language_data.js b/docs/saml2/_static/language_data.js
new file mode 100644
index 00000000..250f5665
--- /dev/null
+++ b/docs/saml2/_static/language_data.js
@@ -0,0 +1,199 @@
+/*
+ * language_data.js
+ * ~~~~~~~~~~~~~~~~
+ *
+ * This script contains the language-specific data used by searchtools.js,
+ * namely the list of stopwords, stemmer, scorer and splitter.
+ *
+ * :copyright: Copyright 2007-2023 by the Sphinx team, see AUTHORS.
+ * :license: BSD, see LICENSE for details.
+ *
+ */
+
+var stopwords = ["a", "and", "are", "as", "at", "be", "but", "by", "for", "if", "in", "into", "is", "it", "near", "no", "not", "of", "on", "or", "such", "that", "the", "their", "then", "there", "these", "they", "this", "to", "was", "will", "with"];
+
+
+/* Non-minified version is copied as a separate JS file, is available */
+
+/**
+ * Porter Stemmer
+ */
+var Stemmer = function() {
+
+  var step2list = {
+    ational: 'ate',
+    tional: 'tion',
+    enci: 'ence',
+    anci: 'ance',
+    izer: 'ize',
+    bli: 'ble',
+    alli: 'al',
+    entli: 'ent',
+    eli: 'e',
+    ousli: 'ous',
+    ization: 'ize',
+    ation: 'ate',
+    ator: 'ate',
+    alism: 'al',
+    iveness: 'ive',
+    fulness: 'ful',
+    ousness: 'ous',
+    aliti: 'al',
+    iviti: 'ive',
+    biliti: 'ble',
+    logi: 'log'
+  };
+
+  var step3list = {
+    icate: 'ic',
+    ative: '',
+    alize: 'al',
+    iciti: 'ic',
+    ical: 'ic',
+    ful: '',
+    ness: ''
+  };
+
+  var c = "[^aeiou]";          // consonant
+  var v = "[aeiouy]";          // vowel
+  var C = c + "[^aeiouy]*";    // consonant sequence
+  var V = v + "[aeiou]*";      // vowel sequence
+
+  var mgr0 = "^(" + C + ")?" + V + C;                      // [C]VC... is m>0
+  var meq1 = "^(" + C + ")?" + V + C + "(" + V + ")?$";    // [C]VC[V] is m=1
+  var mgr1 = "^(" + C + ")?" + V + C + V + C;              // [C]VCVC... is m>1
+  var s_v   = "^(" + C + ")?" + v;                         // vowel in stem
+
+  this.stemWord = function (w) {
+    var stem;
+    var suffix;
+    var firstch;
+    var origword = w;
+
+    if (w.length < 3)
+      return w;
+
+    var re;
+    var re2;
+    var re3;
+    var re4;
+
+    firstch = w.substr(0,1);
+    if (firstch == "y")
+      w = firstch.toUpperCase() + w.substr(1);
+
+    // Step 1a
+    re = /^(.+?)(ss|i)es$/;
+    re2 = /^(.+?)([^s])s$/;
+
+    if (re.test(w))
+      w = w.replace(re,"$1$2");
+    else if (re2.test(w))
+      w = w.replace(re2,"$1$2");
+
+    // Step 1b
+    re = /^(.+?)eed$/;
+    re2 = /^(.+?)(ed|ing)$/;
+    if (re.test(w)) {
+      var fp = re.exec(w);
+      re = new RegExp(mgr0);
+      if (re.test(fp[1])) {
+        re = /.$/;
+        w = w.replace(re,"");
+      }
+    }
+    else if (re2.test(w)) {
+      var fp = re2.exec(w);
+      stem = fp[1];
+      re2 = new RegExp(s_v);
+      if (re2.test(stem)) {
+        w = stem;
+        re2 = /(at|bl|iz)$/;
+        re3 = new RegExp("([^aeiouylsz])\\1$");
+        re4 = new RegExp("^" + C + v + "[^aeiouwxy]$");
+        if (re2.test(w))
+          w = w + "e";
+        else if (re3.test(w)) {
+          re = /.$/;
+          w = w.replace(re,"");
+        }
+        else if (re4.test(w))
+          w = w + "e";
+      }
+    }
+
+    // Step 1c
+    re = /^(.+?)y$/;
+    if (re.test(w)) {
+      var fp = re.exec(w);
+      stem = fp[1];
+      re = new RegExp(s_v);
+      if (re.test(stem))
+        w = stem + "i";
+    }
+
+    // Step 2
+    re = /^(.+?)(ational|tional|enci|anci|izer|bli|alli|entli|eli|ousli|ization|ation|ator|alism|iveness|fulness|ousness|aliti|iviti|biliti|logi)$/;
+    if (re.test(w)) {
+      var fp = re.exec(w);
+      stem = fp[1];
+      suffix = fp[2];
+      re = new RegExp(mgr0);
+      if (re.test(stem))
+        w = stem + step2list[suffix];
+    }
+
+    // Step 3
+    re = /^(.+?)(icate|ative|alize|iciti|ical|ful|ness)$/;
+    if (re.test(w)) {
+      var fp = re.exec(w);
+      stem = fp[1];
+      suffix = fp[2];
+      re = new RegExp(mgr0);
+      if (re.test(stem))
+        w = stem + step3list[suffix];
+    }
+
+    // Step 4
+    re = /^(.+?)(al|ance|ence|er|ic|able|ible|ant|ement|ment|ent|ou|ism|ate|iti|ous|ive|ize)$/;
+    re2 = /^(.+?)(s|t)(ion)$/;
+    if (re.test(w)) {
+      var fp = re.exec(w);
+      stem = fp[1];
+      re = new RegExp(mgr1);
+      if (re.test(stem))
+        w = stem;
+    }
+    else if (re2.test(w)) {
+      var fp = re2.exec(w);
+      stem = fp[1] + fp[2];
+      re2 = new RegExp(mgr1);
+      if (re2.test(stem))
+        w = stem;
+    }
+
+    // Step 5
+    re = /^(.+?)e$/;
+    if (re.test(w)) {
+      var fp = re.exec(w);
+      stem = fp[1];
+      re = new RegExp(mgr1);
+      re2 = new RegExp(meq1);
+      re3 = new RegExp("^" + C + v + "[^aeiouwxy]$");
+      if (re.test(stem) || (re2.test(stem) && !(re3.test(stem))))
+        w = stem;
+    }
+    re = /ll$/;
+    re2 = new RegExp(mgr1);
+    if (re.test(w) && re2.test(w)) {
+      re = /.$/;
+      w = w.replace(re,"");
+    }
+
+    // and turn initial Y back to y
+    if (firstch == "y")
+      w = firstch.toLowerCase() + w.substr(1);
+    return w;
+  }
+}
+
diff --git a/docs/saml2/_static/minus.png b/docs/saml2/_static/minus.png
index da1c5620..d96755fd 100644
Binary files a/docs/saml2/_static/minus.png and b/docs/saml2/_static/minus.png differ
diff --git a/docs/saml2/_static/plus.png b/docs/saml2/_static/plus.png
index b3cb3742..7107cec9 100644
Binary files a/docs/saml2/_static/plus.png and b/docs/saml2/_static/plus.png differ
diff --git a/docs/saml2/_static/pygments.css b/docs/saml2/_static/pygments.css
index f0c5a071..84ab3030 100644
--- a/docs/saml2/_static/pygments.css
+++ b/docs/saml2/_static/pygments.css
@@ -1,62 +1,75 @@
+pre { line-height: 125%; }
+td.linenos .normal { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
+span.linenos { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
+td.linenos .special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
+span.linenos.special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
 .highlight .hll { background-color: #ffffcc }
-.highlight  { background: #eeffcc; }
-.highlight .c { color: #408090; font-style: italic } /* Comment */
+.highlight { background: #f8f8f8; }
+.highlight .c { color: #3D7B7B; font-style: italic } /* Comment */
 .highlight .err { border: 1px solid #FF0000 } /* Error */
-.highlight .k { color: #007020; font-weight: bold } /* Keyword */
+.highlight .k { color: #008000; font-weight: bold } /* Keyword */
 .highlight .o { color: #666666 } /* Operator */
-.highlight .cm { color: #408090; font-style: italic } /* Comment.Multiline */
-.highlight .cp { color: #007020 } /* Comment.Preproc */
-.highlight .c1 { color: #408090; font-style: italic } /* Comment.Single */
-.highlight .cs { color: #408090; background-color: #fff0f0 } /* Comment.Special */
+.highlight .ch { color: #3D7B7B; font-style: italic } /* Comment.Hashbang */
+.highlight .cm { color: #3D7B7B; font-style: italic } /* Comment.Multiline */
+.highlight .cp { color: #9C6500 } /* Comment.Preproc */
+.highlight .cpf { color: #3D7B7B; font-style: italic } /* Comment.PreprocFile */
+.highlight .c1 { color: #3D7B7B; font-style: italic } /* Comment.Single */
+.highlight .cs { color: #3D7B7B; font-style: italic } /* Comment.Special */
 .highlight .gd { color: #A00000 } /* Generic.Deleted */
 .highlight .ge { font-style: italic } /* Generic.Emph */
-.highlight .gr { color: #FF0000 } /* Generic.Error */
+.highlight .ges { font-weight: bold; font-style: italic } /* Generic.EmphStrong */
+.highlight .gr { color: #E40000 } /* Generic.Error */
 .highlight .gh { color: #000080; font-weight: bold } /* Generic.Heading */
-.highlight .gi { color: #00A000 } /* Generic.Inserted */
-.highlight .go { color: #333333 } /* Generic.Output */
-.highlight .gp { color: #c65d09; font-weight: bold } /* Generic.Prompt */
+.highlight .gi { color: #008400 } /* Generic.Inserted */
+.highlight .go { color: #717171 } /* Generic.Output */
+.highlight .gp { color: #000080; font-weight: bold } /* Generic.Prompt */
 .highlight .gs { font-weight: bold } /* Generic.Strong */
 .highlight .gu { color: #800080; font-weight: bold } /* Generic.Subheading */
 .highlight .gt { color: #0044DD } /* Generic.Traceback */
-.highlight .kc { color: #007020; font-weight: bold } /* Keyword.Constant */
-.highlight .kd { color: #007020; font-weight: bold } /* Keyword.Declaration */
-.highlight .kn { color: #007020; font-weight: bold } /* Keyword.Namespace */
-.highlight .kp { color: #007020 } /* Keyword.Pseudo */
-.highlight .kr { color: #007020; font-weight: bold } /* Keyword.Reserved */
-.highlight .kt { color: #902000 } /* Keyword.Type */
-.highlight .m { color: #208050 } /* Literal.Number */
-.highlight .s { color: #4070a0 } /* Literal.String */
-.highlight .na { color: #4070a0 } /* Name.Attribute */
-.highlight .nb { color: #007020 } /* Name.Builtin */
-.highlight .nc { color: #0e84b5; font-weight: bold } /* Name.Method */
-.highlight .no { color: #60add5 } /* Name.Constant */
-.highlight .nd { color: #555555; font-weight: bold } /* Name.Decorator */
-.highlight .ni { color: #d55537; font-weight: bold } /* Name.Entity */
-.highlight .ne { color: #007020 } /* Name.Exception */
-.highlight .nf { color: #06287e } /* Name.Function */
-.highlight .nl { color: #002070; font-weight: bold } /* Name.Label */
-.highlight .nn { color: #0e84b5; font-weight: bold } /* Name.Namespace */
-.highlight .nt { color: #062873; font-weight: bold } /* Name.Tag */
-.highlight .nv { color: #bb60d5 } /* Name.Variable */
-.highlight .ow { color: #007020; font-weight: bold } /* Operator.Word */
+.highlight .kc { color: #008000; font-weight: bold } /* Keyword.Constant */
+.highlight .kd { color: #008000; font-weight: bold } /* Keyword.Declaration */
+.highlight .kn { color: #008000; font-weight: bold } /* Keyword.Namespace */
+.highlight .kp { color: #008000 } /* Keyword.Pseudo */
+.highlight .kr { color: #008000; font-weight: bold } /* Keyword.Reserved */
+.highlight .kt { color: #B00040 } /* Keyword.Type */
+.highlight .m { color: #666666 } /* Literal.Number */
+.highlight .s { color: #BA2121 } /* Literal.String */
+.highlight .na { color: #687822 } /* Name.Attribute */
+.highlight .nb { color: #008000 } /* Name.Builtin */
+.highlight .nc { color: #0000FF; font-weight: bold } /* Name.Class */
+.highlight .no { color: #880000 } /* Name.Constant */
+.highlight .nd { color: #AA22FF } /* Name.Decorator */
+.highlight .ni { color: #717171; font-weight: bold } /* Name.Entity */
+.highlight .ne { color: #CB3F38; font-weight: bold } /* Name.Exception */
+.highlight .nf { color: #0000FF } /* Name.Function */
+.highlight .nl { color: #767600 } /* Name.Label */
+.highlight .nn { color: #0000FF; font-weight: bold } /* Name.Namespace */
+.highlight .nt { color: #008000; font-weight: bold } /* Name.Tag */
+.highlight .nv { color: #19177C } /* Name.Variable */
+.highlight .ow { color: #AA22FF; font-weight: bold } /* Operator.Word */
 .highlight .w { color: #bbbbbb } /* Text.Whitespace */
-.highlight .mf { color: #208050 } /* Literal.Number.Float */
-.highlight .mh { color: #208050 } /* Literal.Number.Hex */
-.highlight .mi { color: #208050 } /* Literal.Number.Integer */
-.highlight .mo { color: #208050 } /* Literal.Number.Oct */
-.highlight .sb { color: #4070a0 } /* Literal.String.Backtick */
-.highlight .sc { color: #4070a0 } /* Literal.String.Char */
-.highlight .sd { color: #4070a0; font-style: italic } /* Literal.String.Doc */
-.highlight .s2 { color: #4070a0 } /* Literal.String.Double */
-.highlight .se { color: #4070a0; font-weight: bold } /* Literal.String.Escape */
-.highlight .sh { color: #4070a0 } /* Literal.String.Heredoc */
-.highlight .si { color: #70a0d0; font-style: italic } /* Literal.String.Interpol */
-.highlight .sx { color: #c65d09 } /* Literal.String.Other */
-.highlight .sr { color: #235388 } /* Literal.String.Regex */
-.highlight .s1 { color: #4070a0 } /* Literal.String.Single */
-.highlight .ss { color: #517918 } /* Literal.String.Symbol */
-.highlight .bp { color: #007020 } /* Name.Builtin.Pseudo */
-.highlight .vc { color: #bb60d5 } /* Name.Variable.Method */
-.highlight .vg { color: #bb60d5 } /* Name.Variable.Global */
-.highlight .vi { color: #bb60d5 } /* Name.Variable.Instance */
-.highlight .il { color: #208050 } /* Literal.Number.Integer.Long */
\ No newline at end of file
+.highlight .mb { color: #666666 } /* Literal.Number.Bin */
+.highlight .mf { color: #666666 } /* Literal.Number.Float */
+.highlight .mh { color: #666666 } /* Literal.Number.Hex */
+.highlight .mi { color: #666666 } /* Literal.Number.Integer */
+.highlight .mo { color: #666666 } /* Literal.Number.Oct */
+.highlight .sa { color: #BA2121 } /* Literal.String.Affix */
+.highlight .sb { color: #BA2121 } /* Literal.String.Backtick */
+.highlight .sc { color: #BA2121 } /* Literal.String.Char */
+.highlight .dl { color: #BA2121 } /* Literal.String.Delimiter */
+.highlight .sd { color: #BA2121; font-style: italic } /* Literal.String.Doc */
+.highlight .s2 { color: #BA2121 } /* Literal.String.Double */
+.highlight .se { color: #AA5D1F; font-weight: bold } /* Literal.String.Escape */
+.highlight .sh { color: #BA2121 } /* Literal.String.Heredoc */
+.highlight .si { color: #A45A77; font-weight: bold } /* Literal.String.Interpol */
+.highlight .sx { color: #008000 } /* Literal.String.Other */
+.highlight .sr { color: #A45A77 } /* Literal.String.Regex */
+.highlight .s1 { color: #BA2121 } /* Literal.String.Single */
+.highlight .ss { color: #19177C } /* Literal.String.Symbol */
+.highlight .bp { color: #008000 } /* Name.Builtin.Pseudo */
+.highlight .fm { color: #0000FF } /* Name.Function.Magic */
+.highlight .vc { color: #19177C } /* Name.Variable.Class */
+.highlight .vg { color: #19177C } /* Name.Variable.Global */
+.highlight .vi { color: #19177C } /* Name.Variable.Instance */
+.highlight .vm { color: #19177C } /* Name.Variable.Magic */
+.highlight .il { color: #666666 } /* Literal.Number.Integer.Long */
\ No newline at end of file
diff --git a/docs/saml2/_static/searchtools.js b/docs/saml2/_static/searchtools.js
index 2302b40e..97d56a74 100644
--- a/docs/saml2/_static/searchtools.js
+++ b/docs/saml2/_static/searchtools.js
@@ -1,567 +1,566 @@
 /*
- * searchtools.js_t
+ * searchtools.js
  * ~~~~~~~~~~~~~~~~
  *
- * Sphinx JavaScript utilties for the full-text search.
+ * Sphinx JavaScript utilities for the full-text search.
  *
- * :copyright: Copyright 2007-2011 by the Sphinx team, see AUTHORS.
+ * :copyright: Copyright 2007-2023 by the Sphinx team, see AUTHORS.
  * :license: BSD, see LICENSE for details.
  *
  */
+"use strict";
 
 /**
- * helper function to return a node containing the
- * search summary for a given text. keywords is a list
- * of stemmed words, hlwords is the list of normal, unstemmed
- * words. the first one is used to find the occurance, the
- * latter for highlighting it.
+ * Simple result scoring code.
  */
-
-jQuery.makeSearchSummary = function(text, keywords, hlwords) {
-  var textLower = text.toLowerCase();
-  var start = 0;
-  $.each(keywords, function() {
-    var i = textLower.indexOf(this.toLowerCase());
-    if (i > -1)
-      start = i;
-  });
-  start = Math.max(start - 120, 0);
-  var excerpt = ((start > 0) ? '...' : '') +
-  $.trim(text.substr(start, 240)) +
-  ((start + 240 - text.length) ? '...' : '');
-  var rv = $('<div class="context"></div>').text(excerpt);
-  $.each(hlwords, function() {
-    rv = rv.highlightText(this, 'highlighted');
-  });
-  return rv;
+if (typeof Scorer === "undefined") {
+  var Scorer = {
+    // Implement the following function to further tweak the score for each result
+    // The function takes a result array [docname, title, anchor, descr, score, filename]
+    // and returns the new score.
+    /*
+    score: result => {
+      const [docname, title, anchor, descr, score, filename] = result
+      return score
+    },
+    */
+
+    // query matches the full name of an object
+    objNameMatch: 11,
+    // or matches in the last dotted part of the object name
+    objPartialMatch: 6,
+    // Additive scores depending on the priority of the object
+    objPrio: {
+      0: 15, // used to be importantResults
+      1: 5, // used to be objectResults
+      2: -5, // used to be unimportantResults
+    },
+    //  Used when the priority is not in the mapping.
+    objPrioDefault: 0,
+
+    // query found in title
+    title: 15,
+    partialTitle: 7,
+    // query found in terms
+    term: 5,
+    partialTerm: 2,
+  };
 }
 
+const _removeChildren = (element) => {
+  while (element && element.lastChild) element.removeChild(element.lastChild);
+};
 
 /**
- * Porter Stemmer
+ * See https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions#escaping
  */
-var Stemmer = function() {
-
-  var step2list = {
-    ational: 'ate',
-    tional: 'tion',
-    enci: 'ence',
-    anci: 'ance',
-    izer: 'ize',
-    bli: 'ble',
-    alli: 'al',
-    entli: 'ent',
-    eli: 'e',
-    ousli: 'ous',
-    ization: 'ize',
-    ation: 'ate',
-    ator: 'ate',
-    alism: 'al',
-    iveness: 'ive',
-    fulness: 'ful',
-    ousness: 'ous',
-    aliti: 'al',
-    iviti: 'ive',
-    biliti: 'ble',
-    logi: 'log'
-  };
-
-  var step3list = {
-    icate: 'ic',
-    ative: '',
-    alize: 'al',
-    iciti: 'ic',
-    ical: 'ic',
-    ful: '',
-    ness: ''
-  };
-
-  var c = "[^aeiou]";          // consonant
-  var v = "[aeiouy]";          // vowel
-  var C = c + "[^aeiouy]*";    // consonant sequence
-  var V = v + "[aeiou]*";      // vowel sequence
-
-  var mgr0 = "^(" + C + ")?" + V + C;                      // [C]VC... is m>0
-  var meq1 = "^(" + C + ")?" + V + C + "(" + V + ")?$";    // [C]VC[V] is m=1
-  var mgr1 = "^(" + C + ")?" + V + C + V + C;              // [C]VCVC... is m>1
-  var s_v   = "^(" + C + ")?" + v;                         // vowel in stem
-
-  this.stemWord = function (w) {
-    var stem;
-    var suffix;
-    var firstch;
-    var origword = w;
-
-    if (w.length < 3)
-      return w;
-
-    var re;
-    var re2;
-    var re3;
-    var re4;
-
-    firstch = w.substr(0,1);
-    if (firstch == "y")
-      w = firstch.toUpperCase() + w.substr(1);
-
-    // Step 1a
-    re = /^(.+?)(ss|i)es$/;
-    re2 = /^(.+?)([^s])s$/;
-
-    if (re.test(w))
-      w = w.replace(re,"$1$2");
-    else if (re2.test(w))
-      w = w.replace(re2,"$1$2");
-
-    // Step 1b
-    re = /^(.+?)eed$/;
-    re2 = /^(.+?)(ed|ing)$/;
-    if (re.test(w)) {
-      var fp = re.exec(w);
-      re = new RegExp(mgr0);
-      if (re.test(fp[1])) {
-        re = /.$/;
-        w = w.replace(re,"");
-      }
-    }
-    else if (re2.test(w)) {
-      var fp = re2.exec(w);
-      stem = fp[1];
-      re2 = new RegExp(s_v);
-      if (re2.test(stem)) {
-        w = stem;
-        re2 = /(at|bl|iz)$/;
-        re3 = new RegExp("([^aeiouylsz])\\1$");
-        re4 = new RegExp("^" + C + v + "[^aeiouwxy]$");
-        if (re2.test(w))
-          w = w + "e";
-        else if (re3.test(w)) {
-          re = /.$/;
-          w = w.replace(re,"");
-        }
-        else if (re4.test(w))
-          w = w + "e";
-      }
-    }
-
-    // Step 1c
-    re = /^(.+?)y$/;
-    if (re.test(w)) {
-      var fp = re.exec(w);
-      stem = fp[1];
-      re = new RegExp(s_v);
-      if (re.test(stem))
-        w = stem + "i";
-    }
-
-    // Step 2
-    re = /^(.+?)(ational|tional|enci|anci|izer|bli|alli|entli|eli|ousli|ization|ation|ator|alism|iveness|fulness|ousness|aliti|iviti|biliti|logi)$/;
-    if (re.test(w)) {
-      var fp = re.exec(w);
-      stem = fp[1];
-      suffix = fp[2];
-      re = new RegExp(mgr0);
-      if (re.test(stem))
-        w = stem + step2list[suffix];
-    }
-
-    // Step 3
-    re = /^(.+?)(icate|ative|alize|iciti|ical|ful|ness)$/;
-    if (re.test(w)) {
-      var fp = re.exec(w);
-      stem = fp[1];
-      suffix = fp[2];
-      re = new RegExp(mgr0);
-      if (re.test(stem))
-        w = stem + step3list[suffix];
-    }
-
-    // Step 4
-    re = /^(.+?)(al|ance|ence|er|ic|able|ible|ant|ement|ment|ent|ou|ism|ate|iti|ous|ive|ize)$/;
-    re2 = /^(.+?)(s|t)(ion)$/;
-    if (re.test(w)) {
-      var fp = re.exec(w);
-      stem = fp[1];
-      re = new RegExp(mgr1);
-      if (re.test(stem))
-        w = stem;
-    }
-    else if (re2.test(w)) {
-      var fp = re2.exec(w);
-      stem = fp[1] + fp[2];
-      re2 = new RegExp(mgr1);
-      if (re2.test(stem))
-        w = stem;
-    }
-
-    // Step 5
-    re = /^(.+?)e$/;
-    if (re.test(w)) {
-      var fp = re.exec(w);
-      stem = fp[1];
-      re = new RegExp(mgr1);
-      re2 = new RegExp(meq1);
-      re3 = new RegExp("^" + C + v + "[^aeiouwxy]$");
-      if (re.test(stem) || (re2.test(stem) && !(re3.test(stem))))
-        w = stem;
-    }
-    re = /ll$/;
-    re2 = new RegExp(mgr1);
-    if (re.test(w) && re2.test(w)) {
-      re = /.$/;
-      w = w.replace(re,"");
-    }
-
-    // and turn initial Y back to y
-    if (firstch == "y")
-      w = firstch.toLowerCase() + w.substr(1);
-    return w;
+const _escapeRegExp = (string) =>
+  string.replace(/[.*+\-?^${}()|[\]\\]/g, "\\$&"); // $& means the whole matched string
+
+const _displayItem = (item, searchTerms) => {
+  const docBuilder = DOCUMENTATION_OPTIONS.BUILDER;
+  const docUrlRoot = DOCUMENTATION_OPTIONS.URL_ROOT;
+  const docFileSuffix = DOCUMENTATION_OPTIONS.FILE_SUFFIX;
+  const docLinkSuffix = DOCUMENTATION_OPTIONS.LINK_SUFFIX;
+  const showSearchSummary = DOCUMENTATION_OPTIONS.SHOW_SEARCH_SUMMARY;
+
+  const [docName, title, anchor, descr, score, _filename] = item;
+
+  let listItem = document.createElement("li");
+  let requestUrl;
+  let linkUrl;
+  if (docBuilder === "dirhtml") {
+    // dirhtml builder
+    let dirname = docName + "/";
+    if (dirname.match(/\/index\/$/))
+      dirname = dirname.substring(0, dirname.length - 6);
+    else if (dirname === "index/") dirname = "";
+    requestUrl = docUrlRoot + dirname;
+    linkUrl = requestUrl;
+  } else {
+    // normal html builders
+    requestUrl = docUrlRoot + docName + docFileSuffix;
+    linkUrl = docName + docLinkSuffix;
   }
-}
+  let linkEl = listItem.appendChild(document.createElement("a"));
+  linkEl.href = linkUrl + anchor;
+  linkEl.dataset.score = score;
+  linkEl.innerHTML = title;
+  if (descr)
+    listItem.appendChild(document.createElement("span")).innerHTML =
+      " (" + descr + ")";
+  else if (showSearchSummary)
+    fetch(requestUrl)
+      .then((responseData) => responseData.text())
+      .then((data) => {
+        if (data)
+          listItem.appendChild(
+            Search.makeSearchSummary(data, searchTerms)
+          );
+      });
+  Search.output.appendChild(listItem);
+};
+const _finishSearch = (resultCount) => {
+  Search.stopPulse();
+  Search.title.innerText = _("Search Results");
+  if (!resultCount)
+    Search.status.innerText = Documentation.gettext(
+      "Your search did not match any documents. Please make sure that all words are spelled correctly and that you've selected enough categories."
+    );
+  else
+    Search.status.innerText = _(
+      `Search finished, found ${resultCount} page(s) matching the search query.`
+    );
+};
+const _displayNextItem = (
+  results,
+  resultCount,
+  searchTerms
+) => {
+  // results left, load the summary and display it
+  // this is intended to be dynamic (don't sub resultsCount)
+  if (results.length) {
+    _displayItem(results.pop(), searchTerms);
+    setTimeout(
+      () => _displayNextItem(results, resultCount, searchTerms),
+      5
+    );
+  }
+  // search finished, update title and status message
+  else _finishSearch(resultCount);
+};
 
+/**
+ * Default splitQuery function. Can be overridden in ``sphinx.search`` with a
+ * custom function per language.
+ *
+ * The regular expression works by splitting the string on consecutive characters
+ * that are not Unicode letters, numbers, underscores, or emoji characters.
+ * This is the same as ``\W+`` in Python, preserving the surrogate pair area.
+ */
+if (typeof splitQuery === "undefined") {
+  var splitQuery = (query) => query
+      .split(/[^\p{Letter}\p{Number}_\p{Emoji_Presentation}]+/gu)
+      .filter(term => term)  // remove remaining empty strings
+}
 
 /**
- * Search Class
+ * Search Module
  */
-var Search = {
-
-  _index : null,
-  _queued_query : null,
-  _pulse_status : -1,
-
-  init : function() {
-      var params = $.getQueryParameters();
-      if (params.q) {
-          var query = params.q[0];
-          $('input[name="q"]')[0].value = query;
-          this.performSearch(query);
-      }
+const Search = {
+  _index: null,
+  _queued_query: null,
+  _pulse_status: -1,
+
+  htmlToText: (htmlString) => {
+    const htmlElement = new DOMParser().parseFromString(htmlString, 'text/html');
+    htmlElement.querySelectorAll(".headerlink").forEach((el) => { el.remove() });
+    const docContent = htmlElement.querySelector('[role="main"]');
+    if (docContent !== undefined) return docContent.textContent;
+    console.warn(
+      "Content block not found. Sphinx search tries to obtain it via '[role=main]'. Could you check your theme or template."
+    );
+    return "";
   },
 
-  loadIndex : function(url) {
-    $.ajax({type: "GET", url: url, data: null,
-            dataType: "script", cache: true,
-            complete: function(jqxhr, textstatus) {
-              if (textstatus != "success") {
-                document.getElementById("searchindexloader").src = url;
-              }
-            }});
+  init: () => {
+    const query = new URLSearchParams(window.location.search).get("q");
+    document
+      .querySelectorAll('input[name="q"]')
+      .forEach((el) => (el.value = query));
+    if (query) Search.performSearch(query);
   },
 
-  setIndex : function(index) {
-    var q;
-    this._index = index;
-    if ((q = this._queued_query) !== null) {
-      this._queued_query = null;
-      Search.query(q);
+  loadIndex: (url) =>
+    (document.body.appendChild(document.createElement("script")).src = url),
+
+  setIndex: (index) => {
+    Search._index = index;
+    if (Search._queued_query !== null) {
+      const query = Search._queued_query;
+      Search._queued_query = null;
+      Search.query(query);
     }
   },
 
-  hasIndex : function() {
-      return this._index !== null;
-  },
+  hasIndex: () => Search._index !== null,
 
-  deferQuery : function(query) {
-      this._queued_query = query;
-  },
+  deferQuery: (query) => (Search._queued_query = query),
 
-  stopPulse : function() {
-      this._pulse_status = 0;
-  },
+  stopPulse: () => (Search._pulse_status = -1),
 
-  startPulse : function() {
-    if (this._pulse_status >= 0)
-        return;
-    function pulse() {
+  startPulse: () => {
+    if (Search._pulse_status >= 0) return;
+
+    const pulse = () => {
       Search._pulse_status = (Search._pulse_status + 1) % 4;
-      var dotString = '';
-      for (var i = 0; i < Search._pulse_status; i++)
-        dotString += '.';
-      Search.dots.text(dotString);
-      if (Search._pulse_status > -1)
-        window.setTimeout(pulse, 500);
+      Search.dots.innerText = ".".repeat(Search._pulse_status);
+      if (Search._pulse_status >= 0) window.setTimeout(pulse, 500);
     };
     pulse();
   },
 
   /**
-   * perform a search for something
+   * perform a search for something (or wait until index is loaded)
    */
-  performSearch : function(query) {
+  performSearch: (query) => {
     // create the required interface elements
-    this.out = $('#search-results');
-    this.title = $('<h2>' + _('Searching') + '</h2>').appendTo(this.out);
-    this.dots = $('<span></span>').appendTo(this.title);
-    this.status = $('<p style="display: none"></p>').appendTo(this.out);
-    this.output = $('<ul class="search"/>').appendTo(this.out);
-
-    $('#search-progress').text(_('Preparing search...'));
-    this.startPulse();
+    const searchText = document.createElement("h2");
+    searchText.textContent = _("Searching");
+    const searchSummary = document.createElement("p");
+    searchSummary.classList.add("search-summary");
+    searchSummary.innerText = "";
+    const searchList = document.createElement("ul");
+    searchList.classList.add("search");
+
+    const out = document.getElementById("search-results");
+    Search.title = out.appendChild(searchText);
+    Search.dots = Search.title.appendChild(document.createElement("span"));
+    Search.status = out.appendChild(searchSummary);
+    Search.output = out.appendChild(searchList);
+
+    const searchProgress = document.getElementById("search-progress");
+    // Some themes don't use the search progress node
+    if (searchProgress) {
+      searchProgress.innerText = _("Preparing search...");
+    }
+    Search.startPulse();
 
     // index already loaded, the browser was quick!
-    if (this.hasIndex())
-      this.query(query);
-    else
-      this.deferQuery(query);
+    if (Search.hasIndex()) Search.query(query);
+    else Search.deferQuery(query);
   },
 
-  query : function(query) {
-    var stopwords = ["a","and","are","as","at","be","but","by","for","if","in","into","is","it","near","no","not","of","on","or","such","that","the","their","then","there","these","they","this","to","was","will","with"];
-
-    // Stem the searchterms and add them to the correct list
-    var stemmer = new Stemmer();
-    var searchterms = [];
-    var excluded = [];
-    var hlterms = [];
-    var tmp = query.split(/\s+/);
-    var objectterms = [];
-    for (var i = 0; i < tmp.length; i++) {
-      if (tmp[i] != "") {
-          objectterms.push(tmp[i].toLowerCase());
-      }
+  /**
+   * execute search (requires search index to be loaded)
+   */
+  query: (query) => {
+    const filenames = Search._index.filenames;
+    const docNames = Search._index.docnames;
+    const titles = Search._index.titles;
+    const allTitles = Search._index.alltitles;
+    const indexEntries = Search._index.indexentries;
+
+    // stem the search terms and add them to the correct list
+    const stemmer = new Stemmer();
+    const searchTerms = new Set();
+    const excludedTerms = new Set();
+    const highlightTerms = new Set();
+    const objectTerms = new Set(splitQuery(query.toLowerCase().trim()));
+    splitQuery(query.trim()).forEach((queryTerm) => {
+      const queryTermLower = queryTerm.toLowerCase();
+
+      // maybe skip this "word"
+      // stopwords array is from language_data.js
+      if (
+        stopwords.indexOf(queryTermLower) !== -1 ||
+        queryTerm.match(/^\d+$/)
+      )
+        return;
 
-      if ($u.indexOf(stopwords, tmp[i]) != -1 || tmp[i].match(/^\d+$/) ||
-          tmp[i] == "") {
-        // skip this "word"
-        continue;
-      }
       // stem the word
-      var word = stemmer.stemWord(tmp[i]).toLowerCase();
+      let word = stemmer.stemWord(queryTermLower);
       // select the correct list
-      if (word[0] == '-') {
-        var toAppend = excluded;
-        word = word.substr(1);
-      }
+      if (word[0] === "-") excludedTerms.add(word.substr(1));
       else {
-        var toAppend = searchterms;
-        hlterms.push(tmp[i].toLowerCase());
+        searchTerms.add(word);
+        highlightTerms.add(queryTermLower);
       }
-      // only add if not already in the list
-      if (!$.contains(toAppend, word))
-        toAppend.push(word);
-    };
-    var highlightstring = '?highlight=' + $.urlencode(hlterms.join(" "));
+    });
 
-    // console.debug('SEARCH: searching for:');
-    // console.info('required: ', searchterms);
-    // console.info('excluded: ', excluded);
+    if (SPHINX_HIGHLIGHT_ENABLED) {  // set in sphinx_highlight.js
+      localStorage.setItem("sphinx_highlight_terms", [...highlightTerms].join(" "))
+    }
 
-    // prepare search
-    var filenames = this._index.filenames;
-    var titles = this._index.titles;
-    var terms = this._index.terms;
-    var fileMap = {};
-    var files = null;
-    // different result priorities
-    var importantResults = [];
-    var objectResults = [];
-    var regularResults = [];
-    var unimportantResults = [];
-    $('#search-progress').empty();
+    // console.debug("SEARCH: searching for:");
+    // console.info("required: ", [...searchTerms]);
+    // console.info("excluded: ", [...excludedTerms]);
+
+    // array of [docname, title, anchor, descr, score, filename]
+    let results = [];
+    _removeChildren(document.getElementById("search-progress"));
+
+    const queryLower = query.toLowerCase();
+    for (const [title, foundTitles] of Object.entries(allTitles)) {
+      if (title.toLowerCase().includes(queryLower) && (queryLower.length >= title.length/2)) {
+        for (const [file, id] of foundTitles) {
+          let score = Math.round(100 * queryLower.length / title.length)
+          results.push([
+            docNames[file],
+            titles[file] !== title ? `${titles[file]} > ${title}` : title,
+            id !== null ? "#" + id : "",
+            null,
+            score,
+            filenames[file],
+          ]);
+        }
+      }
+    }
 
-    // lookup as object
-    for (var i = 0; i < objectterms.length; i++) {
-      var others = [].concat(objectterms.slice(0,i),
-                             objectterms.slice(i+1, objectterms.length))
-      var results = this.performObjectSearch(objectterms[i], others);
-      // Assume first word is most likely to be the object,
-      // other words more likely to be in description.
-      // Therefore put matches for earlier words first.
-      // (Results are eventually used in reverse order).
-      objectResults = results[0].concat(objectResults);
-      importantResults = results[1].concat(importantResults);
-      unimportantResults = results[2].concat(unimportantResults);
+    // search for explicit entries in index directives
+    for (const [entry, foundEntries] of Object.entries(indexEntries)) {
+      if (entry.includes(queryLower) && (queryLower.length >= entry.length/2)) {
+        for (const [file, id] of foundEntries) {
+          let score = Math.round(100 * queryLower.length / entry.length)
+          results.push([
+            docNames[file],
+            titles[file],
+            id ? "#" + id : "",
+            null,
+            score,
+            filenames[file],
+          ]);
+        }
+      }
     }
 
-    // perform the search on the required terms
-    for (var i = 0; i < searchterms.length; i++) {
-      var word = searchterms[i];
-      // no match but word was a required one
-      if ((files = terms[word]) == null)
-        break;
-      if (files.length == undefined) {
-        files = [files];
+    // lookup as object
+    objectTerms.forEach((term) =>
+      results.push(...Search.performObjectSearch(term, objectTerms))
+    );
+
+    // lookup as search terms in fulltext
+    results.push(...Search.performTermsSearch(searchTerms, excludedTerms));
+
+    // let the scorer override scores with a custom scoring function
+    if (Scorer.score) results.forEach((item) => (item[4] = Scorer.score(item)));
+
+    // now sort the results by score (in opposite order of appearance, since the
+    // display function below uses pop() to retrieve items) and then
+    // alphabetically
+    results.sort((a, b) => {
+      const leftScore = a[4];
+      const rightScore = b[4];
+      if (leftScore === rightScore) {
+        // same score: sort alphabetically
+        const leftTitle = a[1].toLowerCase();
+        const rightTitle = b[1].toLowerCase();
+        if (leftTitle === rightTitle) return 0;
+        return leftTitle > rightTitle ? -1 : 1; // inverted is intentional
       }
-      // create the mapping
-      for (var j = 0; j < files.length; j++) {
-        var file = files[j];
-        if (file in fileMap)
-          fileMap[file].push(word);
-        else
-          fileMap[file] = [word];
+      return leftScore > rightScore ? 1 : -1;
+    });
+
+    // remove duplicate search results
+    // note the reversing of results, so that in the case of duplicates, the highest-scoring entry is kept
+    let seen = new Set();
+    results = results.reverse().reduce((acc, result) => {
+      let resultStr = result.slice(0, 4).concat([result[5]]).map(v => String(v)).join(',');
+      if (!seen.has(resultStr)) {
+        acc.push(result);
+        seen.add(resultStr);
       }
-    }
+      return acc;
+    }, []);
 
-    // now check if the files don't contain excluded terms
-    for (var file in fileMap) {
-      var valid = true;
+    results = results.reverse();
 
-      // check if all requirements are matched
-      if (fileMap[file].length != searchterms.length)
-        continue;
+    // for debugging
+    //Search.lastresults = results.slice();  // a copy
+    // console.info("search results:", Search.lastresults);
 
-      // ensure that none of the excluded terms is in the
-      // search result.
-      for (var i = 0; i < excluded.length; i++) {
-        if (terms[excluded[i]] == file ||
-            $.contains(terms[excluded[i]] || [], file)) {
-          valid = false;
-          break;
-        }
+    // print the results
+    _displayNextItem(results, results.length, searchTerms);
+  },
+
+  /**
+   * search for object names
+   */
+  performObjectSearch: (object, objectTerms) => {
+    const filenames = Search._index.filenames;
+    const docNames = Search._index.docnames;
+    const objects = Search._index.objects;
+    const objNames = Search._index.objnames;
+    const titles = Search._index.titles;
+
+    const results = [];
+
+    const objectSearchCallback = (prefix, match) => {
+      const name = match[4]
+      const fullname = (prefix ? prefix + "." : "") + name;
+      const fullnameLower = fullname.toLowerCase();
+      if (fullnameLower.indexOf(object) < 0) return;
+
+      let score = 0;
+      const parts = fullnameLower.split(".");
+
+      // check for different match types: exact matches of full name or
+      // "last name" (i.e. last dotted part)
+      if (fullnameLower === object || parts.slice(-1)[0] === object)
+        score += Scorer.objNameMatch;
+      else if (parts.slice(-1)[0].indexOf(object) > -1)
+        score += Scorer.objPartialMatch; // matches in last name
+
+      const objName = objNames[match[1]][2];
+      const title = titles[match[0]];
+
+      // If more than one term searched for, we require other words to be
+      // found in the name/title/description
+      const otherTerms = new Set(objectTerms);
+      otherTerms.delete(object);
+      if (otherTerms.size > 0) {
+        const haystack = `${prefix} ${name} ${objName} ${title}`.toLowerCase();
+        if (
+          [...otherTerms].some((otherTerm) => haystack.indexOf(otherTerm) < 0)
+        )
+          return;
       }
 
-      // if we have still a valid result we can add it
-      // to the result list
-      if (valid)
-        regularResults.push([filenames[file], titles[file], '', null]);
-    }
+      let anchor = match[3];
+      if (anchor === "") anchor = fullname;
+      else if (anchor === "-") anchor = objNames[match[1]][1] + "-" + fullname;
+
+      const descr = objName + _(", in ") + title;
+
+      // add custom score for some objects according to scorer
+      if (Scorer.objPrio.hasOwnProperty(match[2]))
+        score += Scorer.objPrio[match[2]];
+      else score += Scorer.objPrioDefault;
+
+      results.push([
+        docNames[match[0]],
+        fullname,
+        "#" + anchor,
+        descr,
+        score,
+        filenames[match[0]],
+      ]);
+    };
+    Object.keys(objects).forEach((prefix) =>
+      objects[prefix].forEach((array) =>
+        objectSearchCallback(prefix, array)
+      )
+    );
+    return results;
+  },
+
+  /**
+   * search for full-text terms in the index
+   */
+  performTermsSearch: (searchTerms, excludedTerms) => {
+    // prepare search
+    const terms = Search._index.terms;
+    const titleTerms = Search._index.titleterms;
+    const filenames = Search._index.filenames;
+    const docNames = Search._index.docnames;
+    const titles = Search._index.titles;
+
+    const scoreMap = new Map();
+    const fileMap = new Map();
+
+    // perform the search on the required terms
+    searchTerms.forEach((word) => {
+      const files = [];
+      const arr = [
+        { files: terms[word], score: Scorer.term },
+        { files: titleTerms[word], score: Scorer.title },
+      ];
+      // add support for partial matches
+      if (word.length > 2) {
+        const escapedWord = _escapeRegExp(word);
+        Object.keys(terms).forEach((term) => {
+          if (term.match(escapedWord) && !terms[word])
+            arr.push({ files: terms[term], score: Scorer.partialTerm });
+        });
+        Object.keys(titleTerms).forEach((term) => {
+          if (term.match(escapedWord) && !titleTerms[word])
+            arr.push({ files: titleTerms[word], score: Scorer.partialTitle });
+        });
+      }
 
-    // delete unused variables in order to not waste
-    // memory until list is retrieved completely
-    delete filenames, titles, terms;
+      // no match but word was a required one
+      if (arr.every((record) => record.files === undefined)) return;
+
+      // found search word in contents
+      arr.forEach((record) => {
+        if (record.files === undefined) return;
+
+        let recordFiles = record.files;
+        if (recordFiles.length === undefined) recordFiles = [recordFiles];
+        files.push(...recordFiles);
+
+        // set score for the word in each file
+        recordFiles.forEach((file) => {
+          if (!scoreMap.has(file)) scoreMap.set(file, {});
+          scoreMap.get(file)[word] = record.score;
+        });
+      });
 
-    // now sort the regular results descending by title
-    regularResults.sort(function(a, b) {
-      var left = a[1].toLowerCase();
-      var right = b[1].toLowerCase();
-      return (left > right) ? -1 : ((left < right) ? 1 : 0);
+      // create the mapping
+      files.forEach((file) => {
+        if (fileMap.has(file) && fileMap.get(file).indexOf(word) === -1)
+          fileMap.get(file).push(word);
+        else fileMap.set(file, [word]);
+      });
     });
 
-    // combine all results
-    var results = unimportantResults.concat(regularResults)
-      .concat(objectResults).concat(importantResults);
+    // now check if the files don't contain excluded terms
+    const results = [];
+    for (const [file, wordList] of fileMap) {
+      // check if all requirements are matched
 
-    // print the results
-    var resultCount = results.length;
-    function displayNextItem() {
-      // results left, load the summary and display it
-      if (results.length) {
-        var item = results.pop();
-        var listItem = $('<li style="display:none"></li>');
-        if (DOCUMENTATION_OPTIONS.FILE_SUFFIX == '') {
-          // dirhtml builder
-          var dirname = item[0] + '/';
-          if (dirname.match(/\/index\/$/)) {
-            dirname = dirname.substring(0, dirname.length-6);
-          } else if (dirname == 'index/') {
-            dirname = '';
-          }
-          listItem.append($('<a/>').attr('href',
-            DOCUMENTATION_OPTIONS.URL_ROOT + dirname +
-            highlightstring + item[2]).html(item[1]));
-        } else {
-          // normal html builders
-          listItem.append($('<a/>').attr('href',
-            item[0] + DOCUMENTATION_OPTIONS.FILE_SUFFIX +
-            highlightstring + item[2]).html(item[1]));
-        }
-        if (item[3]) {
-          listItem.append($('<span> (' + item[3] + ')</span>'));
-          Search.output.append(listItem);
-          listItem.slideDown(5, function() {
-            displayNextItem();
-          });
-        } else if (DOCUMENTATION_OPTIONS.HAS_SOURCE) {
-          $.ajax({url: DOCUMENTATION_OPTIONS.URL_ROOT + '_sources/' + item[0] + '.txt',
-                  dataType: "text",
-                  complete: function(jqxhr, textstatus) {
-                    var data = jqxhr.responseText;
-                    if (data !== '') {
-                      listItem.append($.makeSearchSummary(data, searchterms, hlterms));
-                    }
-                    Search.output.append(listItem);
-                    listItem.slideDown(5, function() {
-                      displayNextItem();
-                    });
-                  }});
-        } else {
-          // no source available, just display title
-          Search.output.append(listItem);
-          listItem.slideDown(5, function() {
-            displayNextItem();
-          });
-        }
-      }
-      // search finished, update title and status message
-      else {
-        Search.stopPulse();
-        Search.title.text(_('Search Results'));
-        if (!resultCount)
-          Search.status.text(_('Your search did not match any documents. Please make sure that all words are spelled correctly and that you\'ve selected enough categories.'));
-        else
-            Search.status.text(_('Search finished, found %s page(s) matching the search query.').replace('%s', resultCount));
-        Search.status.fadeIn(500);
-      }
+      // as search terms with length < 3 are discarded
+      const filteredTermCount = [...searchTerms].filter(
+        (term) => term.length > 2
+      ).length;
+      if (
+        wordList.length !== searchTerms.size &&
+        wordList.length !== filteredTermCount
+      )
+        continue;
+
+      // ensure that none of the excluded terms is in the search result
+      if (
+        [...excludedTerms].some(
+          (term) =>
+            terms[term] === file ||
+            titleTerms[term] === file ||
+            (terms[term] || []).includes(file) ||
+            (titleTerms[term] || []).includes(file)
+        )
+      )
+        break;
+
+      // select one (max) score for the file.
+      const score = Math.max(...wordList.map((w) => scoreMap.get(file)[w]));
+      // add result to the result list
+      results.push([
+        docNames[file],
+        titles[file],
+        "",
+        null,
+        score,
+        filenames[file],
+      ]);
     }
-    displayNextItem();
+    return results;
   },
 
-  performObjectSearch : function(object, otherterms) {
-    var filenames = this._index.filenames;
-    var objects = this._index.objects;
-    var objnames = this._index.objnames;
-    var titles = this._index.titles;
-
-    var importantResults = [];
-    var objectResults = [];
-    var unimportantResults = [];
-
-    for (var prefix in objects) {
-      for (var name in objects[prefix]) {
-        var fullname = (prefix ? prefix + '.' : '') + name;
-        if (fullname.toLowerCase().indexOf(object) > -1) {
-          var match = objects[prefix][name];
-          var objname = objnames[match[1]][2];
-          var title = titles[match[0]];
-          // If more than one term searched for, we require other words to be
-          // found in the name/title/description
-          if (otherterms.length > 0) {
-            var haystack = (prefix + ' ' + name + ' ' +
-                            objname + ' ' + title).toLowerCase();
-            var allfound = true;
-            for (var i = 0; i < otherterms.length; i++) {
-              if (haystack.indexOf(otherterms[i]) == -1) {
-                allfound = false;
-                break;
-              }
-            }
-            if (!allfound) {
-              continue;
-            }
-          }
-          var descr = objname + _(', in ') + title;
-          anchor = match[3];
-          if (anchor == '')
-            anchor = fullname;
-          else if (anchor == '-')
-            anchor = objnames[match[1]][1] + '-' + fullname;
-          result = [filenames[match[0]], fullname, '#'+anchor, descr];
-          switch (match[2]) {
-          case 1: objectResults.push(result); break;
-          case 0: importantResults.push(result); break;
-          case 2: unimportantResults.push(result); break;
-          }
-        }
-      }
-    }
+  /**
+   * helper function to return a node containing the
+   * search summary for a given text. keywords is a list
+   * of stemmed words.
+   */
+  makeSearchSummary: (htmlText, keywords) => {
+    const text = Search.htmlToText(htmlText);
+    if (text === "") return null;
 
-    // sort results descending
-    objectResults.sort(function(a, b) {
-      return (a[1] > b[1]) ? -1 : ((a[1] < b[1]) ? 1 : 0);
-    });
+    const textLower = text.toLowerCase();
+    const actualStartPosition = [...keywords]
+      .map((k) => textLower.indexOf(k.toLowerCase()))
+      .filter((i) => i > -1)
+      .slice(-1)[0];
+    const startWithContext = Math.max(actualStartPosition - 120, 0);
 
-    importantResults.sort(function(a, b) {
-      return (a[1] > b[1]) ? -1 : ((a[1] < b[1]) ? 1 : 0);
-    });
+    const top = startWithContext === 0 ? "" : "...";
+    const tail = startWithContext + 240 < text.length ? "..." : "";
 
-    unimportantResults.sort(function(a, b) {
-      return (a[1] > b[1]) ? -1 : ((a[1] < b[1]) ? 1 : 0);
-    });
+    let summary = document.createElement("p");
+    summary.classList.add("context");
+    summary.textContent = top + text.substr(startWithContext, 240).trim() + tail;
 
-    return [importantResults, objectResults, unimportantResults]
-  }
-}
+    return summary;
+  },
+};
 
-$(document).ready(function() {
-  Search.init();
-});
\ No newline at end of file
+_ready(Search.init);
diff --git a/docs/saml2/_static/sidebar.js b/docs/saml2/_static/sidebar.js
deleted file mode 100644
index a45e1926..00000000
--- a/docs/saml2/_static/sidebar.js
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- * sidebar.js
- * ~~~~~~~~~~
- *
- * This script makes the Sphinx sidebar collapsible.
- *
- * .sphinxsidebar contains .sphinxsidebarwrapper.  This script adds
- * in .sphixsidebar, after .sphinxsidebarwrapper, the #sidebarbutton
- * used to collapse and expand the sidebar.
- *
- * When the sidebar is collapsed the .sphinxsidebarwrapper is hidden
- * and the width of the sidebar and the margin-left of the document
- * are decreased. When the sidebar is expanded the opposite happens.
- * This script saves a per-browser/per-session cookie used to
- * remember the position of the sidebar among the pages.
- * Once the browser is closed the cookie is deleted and the position
- * reset to the default (expanded).
- *
- * :copyright: Copyright 2007-2011 by the Sphinx team, see AUTHORS.
- * :license: BSD, see LICENSE for details.
- *
- */
-
-$(function() {
-  // global elements used by the functions.
-  // the 'sidebarbutton' element is defined as global after its
-  // creation, in the add_sidebar_button function
-  var bodywrapper = $('.bodywrapper');
-  var sidebar = $('.sphinxsidebar');
-  var sidebarwrapper = $('.sphinxsidebarwrapper');
-
-  // for some reason, the document has no sidebar; do not run into errors
-  if (!sidebar.length) return;
-
-  // original margin-left of the bodywrapper and width of the sidebar
-  // with the sidebar expanded
-  var bw_margin_expanded = bodywrapper.css('margin-left');
-  var ssb_width_expanded = sidebar.width();
-
-  // margin-left of the bodywrapper and width of the sidebar
-  // with the sidebar collapsed
-  var bw_margin_collapsed = '.8em';
-  var ssb_width_collapsed = '.8em';
-
-  // colors used by the current theme
-  var dark_color = $('.related').css('background-color');
-  var light_color = $('.document').css('background-color');
-
-  function sidebar_is_collapsed() {
-    return sidebarwrapper.is(':not(:visible)');
-  }
-
-  function toggle_sidebar() {
-    if (sidebar_is_collapsed())
-      expand_sidebar();
-    else
-      collapse_sidebar();
-  }
-
-  function collapse_sidebar() {
-    sidebarwrapper.hide();
-    sidebar.css('width', ssb_width_collapsed);
-    bodywrapper.css('margin-left', bw_margin_collapsed);
-    sidebarbutton.css({
-        'margin-left': '0',
-        'height': bodywrapper.height()
-    });
-    sidebarbutton.find('span').text('»');
-    sidebarbutton.attr('title', _('Expand sidebar'));
-    document.cookie = 'sidebar=collapsed';
-  }
-
-  function expand_sidebar() {
-    bodywrapper.css('margin-left', bw_margin_expanded);
-    sidebar.css('width', ssb_width_expanded);
-    sidebarwrapper.show();
-    sidebarbutton.css({
-        'margin-left': ssb_width_expanded-12,
-        'height': bodywrapper.height()
-    });
-    sidebarbutton.find('span').text('«');
-    sidebarbutton.attr('title', _('Collapse sidebar'));
-    document.cookie = 'sidebar=expanded';
-  }
-
-  function add_sidebar_button() {
-    sidebarwrapper.css({
-        'float': 'left',
-        'margin-right': '0',
-        'width': ssb_width_expanded - 28
-    });
-    // create the button
-    sidebar.append(
-        '<div id="sidebarbutton"><span>&laquo;</span></div>'
-    );
-    var sidebarbutton = $('#sidebarbutton');
-    light_color = sidebarbutton.css('background-color');
-    // find the height of the viewport to center the '<<' in the page
-    var viewport_height;
-    if (window.innerHeight)
- 	  viewport_height = window.innerHeight;
-    else
-	  viewport_height = $(window).height();
-    sidebarbutton.find('span').css({
-        'display': 'block',
-        'margin-top': (viewport_height - sidebar.position().top - 20) / 2
-    });
-
-    sidebarbutton.click(toggle_sidebar);
-    sidebarbutton.attr('title', _('Collapse sidebar'));
-    sidebarbutton.css({
-        'color': '#FFFFFF',
-        'border-left': '1px solid ' + dark_color,
-        'font-size': '1.2em',
-        'cursor': 'pointer',
-        'height': bodywrapper.height(),
-        'padding-top': '1px',
-        'margin-left': ssb_width_expanded - 12
-    });
-
-    sidebarbutton.hover(
-      function () {
-          $(this).css('background-color', dark_color);
-      },
-      function () {
-          $(this).css('background-color', light_color);
-      }
-    );
-  }
-
-  function set_position_from_cookie() {
-    if (!document.cookie)
-      return;
-    var items = document.cookie.split(';');
-    for(var k=0; k<items.length; k++) {
-      var key_val = items[k].split('=');
-      var key = key_val[0];
-      if (key == 'sidebar') {
-        var value = key_val[1];
-        if ((value == 'collapsed') && (!sidebar_is_collapsed()))
-          collapse_sidebar();
-        else if ((value == 'expanded') && (sidebar_is_collapsed()))
-          expand_sidebar();
-      }
-    }
-  }
-
-  add_sidebar_button();
-  var sidebarbutton = $('#sidebarbutton');
-  set_position_from_cookie();
-});
diff --git a/docs/saml2/_static/sphinx_highlight.js b/docs/saml2/_static/sphinx_highlight.js
new file mode 100644
index 00000000..aae669d7
--- /dev/null
+++ b/docs/saml2/_static/sphinx_highlight.js
@@ -0,0 +1,144 @@
+/* Highlighting utilities for Sphinx HTML documentation. */
+"use strict";
+
+const SPHINX_HIGHLIGHT_ENABLED = true
+
+/**
+ * highlight a given string on a node by wrapping it in
+ * span elements with the given class name.
+ */
+const _highlight = (node, addItems, text, className) => {
+  if (node.nodeType === Node.TEXT_NODE) {
+    const val = node.nodeValue;
+    const parent = node.parentNode;
+    const pos = val.toLowerCase().indexOf(text);
+    if (
+      pos >= 0 &&
+      !parent.classList.contains(className) &&
+      !parent.classList.contains("nohighlight")
+    ) {
+      let span;
+
+      const closestNode = parent.closest("body, svg, foreignObject");
+      const isInSVG = closestNode && closestNode.matches("svg");
+      if (isInSVG) {
+        span = document.createElementNS("http://www.w3.org/2000/svg", "tspan");
+      } else {
+        span = document.createElement("span");
+        span.classList.add(className);
+      }
+
+      span.appendChild(document.createTextNode(val.substr(pos, text.length)));
+      parent.insertBefore(
+        span,
+        parent.insertBefore(
+          document.createTextNode(val.substr(pos + text.length)),
+          node.nextSibling
+        )
+      );
+      node.nodeValue = val.substr(0, pos);
+
+      if (isInSVG) {
+        const rect = document.createElementNS(
+          "http://www.w3.org/2000/svg",
+          "rect"
+        );
+        const bbox = parent.getBBox();
+        rect.x.baseVal.value = bbox.x;
+        rect.y.baseVal.value = bbox.y;
+        rect.width.baseVal.value = bbox.width;
+        rect.height.baseVal.value = bbox.height;
+        rect.setAttribute("class", className);
+        addItems.push({ parent: parent, target: rect });
+      }
+    }
+  } else if (node.matches && !node.matches("button, select, textarea")) {
+    node.childNodes.forEach((el) => _highlight(el, addItems, text, className));
+  }
+};
+const _highlightText = (thisNode, text, className) => {
+  let addItems = [];
+  _highlight(thisNode, addItems, text, className);
+  addItems.forEach((obj) =>
+    obj.parent.insertAdjacentElement("beforebegin", obj.target)
+  );
+};
+
+/**
+ * Small JavaScript module for the documentation.
+ */
+const SphinxHighlight = {
+
+  /**
+   * highlight the search words provided in localstorage in the text
+   */
+  highlightSearchWords: () => {
+    if (!SPHINX_HIGHLIGHT_ENABLED) return;  // bail if no highlight
+
+    // get and clear terms from localstorage
+    const url = new URL(window.location);
+    const highlight =
+        localStorage.getItem("sphinx_highlight_terms")
+        || url.searchParams.get("highlight")
+        || "";
+    localStorage.removeItem("sphinx_highlight_terms")
+    url.searchParams.delete("highlight");
+    window.history.replaceState({}, "", url);
+
+    // get individual terms from highlight string
+    const terms = highlight.toLowerCase().split(/\s+/).filter(x => x);
+    if (terms.length === 0) return; // nothing to do
+
+    // There should never be more than one element matching "div.body"
+    const divBody = document.querySelectorAll("div.body");
+    const body = divBody.length ? divBody[0] : document.querySelector("body");
+    window.setTimeout(() => {
+      terms.forEach((term) => _highlightText(body, term, "highlighted"));
+    }, 10);
+
+    const searchBox = document.getElementById("searchbox");
+    if (searchBox === null) return;
+    searchBox.appendChild(
+      document
+        .createRange()
+        .createContextualFragment(
+          '<p class="highlight-link">' +
+            '<a href="javascript:SphinxHighlight.hideSearchWords()">' +
+            _("Hide Search Matches") +
+            "</a></p>"
+        )
+    );
+  },
+
+  /**
+   * helper function to hide the search marks again
+   */
+  hideSearchWords: () => {
+    document
+      .querySelectorAll("#searchbox .highlight-link")
+      .forEach((el) => el.remove());
+    document
+      .querySelectorAll("span.highlighted")
+      .forEach((el) => el.classList.remove("highlighted"));
+    localStorage.removeItem("sphinx_highlight_terms")
+  },
+
+  initEscapeListener: () => {
+    // only install a listener if it is really needed
+    if (!DOCUMENTATION_OPTIONS.ENABLE_SEARCH_SHORTCUTS) return;
+
+    document.addEventListener("keydown", (event) => {
+      // bail for input elements
+      if (BLACKLISTED_KEY_CONTROL_ELEMENTS.has(document.activeElement.tagName)) return;
+      // bail with special keys
+      if (event.shiftKey || event.altKey || event.ctrlKey || event.metaKey) return;
+      if (DOCUMENTATION_OPTIONS.ENABLE_SEARCH_SHORTCUTS && (event.key === "Escape")) {
+        SphinxHighlight.hideSearchWords();
+        event.preventDefault();
+      }
+    });
+  },
+};
+
+_ready(SphinxHighlight.highlightSearchWords);
+_ready(SphinxHighlight.initEscapeListener);
diff --git a/docs/saml2/_static/underscore.js b/docs/saml2/_static/underscore.js
deleted file mode 100644
index 130ee2a1..00000000
--- a/docs/saml2/_static/underscore.js
+++ /dev/null
@@ -1,1226 +0,0 @@
-//     Underscore.js 1.4.4
-//     http://underscorejs.org
-//     (c) 2009-2013 Jeremy Ashkenas, DocumentCloud Inc.
-//     Underscore may be freely distributed under the MIT license.
-
-(function() {
-
-  // Baseline setup
-  // --------------
-
-  // Establish the root object, `window` in the browser, or `global` on the server.
-  var root = this;
-
-  // Save the previous value of the `_` variable.
-  var previousUnderscore = root._;
-
-  // Establish the object that gets returned to break out of a loop iteration.
-  var breaker = {};
-
-  // Save bytes in the minified (but not gzipped) version:
-  var ArrayProto = Array.prototype, ObjProto = Object.prototype, FuncProto = Function.prototype;
-
-  // Create quick reference variables for speed access to core prototypes.
-  var push             = ArrayProto.push,
-      slice            = ArrayProto.slice,
-      concat           = ArrayProto.concat,
-      toString         = ObjProto.toString,
-      hasOwnProperty   = ObjProto.hasOwnProperty;
-
-  // All **ECMAScript 5** native function implementations that we hope to use
-  // are declared here.
-  var
-    nativeForEach      = ArrayProto.forEach,
-    nativeMap          = ArrayProto.map,
-    nativeReduce       = ArrayProto.reduce,
-    nativeReduceRight  = ArrayProto.reduceRight,
-    nativeFilter       = ArrayProto.filter,
-    nativeEvery        = ArrayProto.every,
-    nativeSome         = ArrayProto.some,
-    nativeIndexOf      = ArrayProto.indexOf,
-    nativeLastIndexOf  = ArrayProto.lastIndexOf,
-    nativeIsArray      = Array.isArray,
-    nativeKeys         = Object.keys,
-    nativeBind         = FuncProto.bind;
-
-  // Create a safe reference to the Underscore object for use below.
-  var _ = function(obj) {
-    if (obj instanceof _) return obj;
-    if (!(this instanceof _)) return new _(obj);
-    this._wrapped = obj;
-  };
-
-  // Export the Underscore object for **Node.js**, with
-  // backwards-compatibility for the old `require()` API. If we're in
-  // the browser, add `_` as a global object via a string identifier,
-  // for Closure Compiler "advanced" mode.
-  if (typeof exports !== 'undefined') {
-    if (typeof module !== 'undefined' && module.exports) {
-      exports = module.exports = _;
-    }
-    exports._ = _;
-  } else {
-    root._ = _;
-  }
-
-  // Current version.
-  _.VERSION = '1.4.4';
-
-  // Collection Functions
-  // --------------------
-
-  // The cornerstone, an `each` implementation, aka `forEach`.
-  // Handles objects with the built-in `forEach`, arrays, and raw objects.
-  // Delegates to **ECMAScript 5**'s native `forEach` if available.
-  var each = _.each = _.forEach = function(obj, iterator, context) {
-    if (obj == null) return;
-    if (nativeForEach && obj.forEach === nativeForEach) {
-      obj.forEach(iterator, context);
-    } else if (obj.length === +obj.length) {
-      for (var i = 0, l = obj.length; i < l; i++) {
-        if (iterator.call(context, obj[i], i, obj) === breaker) return;
-      }
-    } else {
-      for (var key in obj) {
-        if (_.has(obj, key)) {
-          if (iterator.call(context, obj[key], key, obj) === breaker) return;
-        }
-      }
-    }
-  };
-
-  // Return the results of applying the iterator to each element.
-  // Delegates to **ECMAScript 5**'s native `map` if available.
-  _.map = _.collect = function(obj, iterator, context) {
-    var results = [];
-    if (obj == null) return results;
-    if (nativeMap && obj.map === nativeMap) return obj.map(iterator, context);
-    each(obj, function(value, index, list) {
-      results[results.length] = iterator.call(context, value, index, list);
-    });
-    return results;
-  };
-
-  var reduceError = 'Reduce of empty array with no initial value';
-
-  // **Reduce** builds up a single result from a list of values, aka `inject`,
-  // or `foldl`. Delegates to **ECMAScript 5**'s native `reduce` if available.
-  _.reduce = _.foldl = _.inject = function(obj, iterator, memo, context) {
-    var initial = arguments.length > 2;
-    if (obj == null) obj = [];
-    if (nativeReduce && obj.reduce === nativeReduce) {
-      if (context) iterator = _.bind(iterator, context);
-      return initial ? obj.reduce(iterator, memo) : obj.reduce(iterator);
-    }
-    each(obj, function(value, index, list) {
-      if (!initial) {
-        memo = value;
-        initial = true;
-      } else {
-        memo = iterator.call(context, memo, value, index, list);
-      }
-    });
-    if (!initial) throw new TypeError(reduceError);
-    return memo;
-  };
-
-  // The right-associative version of reduce, also known as `foldr`.
-  // Delegates to **ECMAScript 5**'s native `reduceRight` if available.
-  _.reduceRight = _.foldr = function(obj, iterator, memo, context) {
-    var initial = arguments.length > 2;
-    if (obj == null) obj = [];
-    if (nativeReduceRight && obj.reduceRight === nativeReduceRight) {
-      if (context) iterator = _.bind(iterator, context);
-      return initial ? obj.reduceRight(iterator, memo) : obj.reduceRight(iterator);
-    }
-    var length = obj.length;
-    if (length !== +length) {
-      var keys = _.keys(obj);
-      length = keys.length;
-    }
-    each(obj, function(value, index, list) {
-      index = keys ? keys[--length] : --length;
-      if (!initial) {
-        memo = obj[index];
-        initial = true;
-      } else {
-        memo = iterator.call(context, memo, obj[index], index, list);
-      }
-    });
-    if (!initial) throw new TypeError(reduceError);
-    return memo;
-  };
-
-  // Return the first value which passes a truth test. Aliased as `detect`.
-  _.find = _.detect = function(obj, iterator, context) {
-    var result;
-    any(obj, function(value, index, list) {
-      if (iterator.call(context, value, index, list)) {
-        result = value;
-        return true;
-      }
-    });
-    return result;
-  };
-
-  // Return all the elements that pass a truth test.
-  // Delegates to **ECMAScript 5**'s native `filter` if available.
-  // Aliased as `select`.
-  _.filter = _.select = function(obj, iterator, context) {
-    var results = [];
-    if (obj == null) return results;
-    if (nativeFilter && obj.filter === nativeFilter) return obj.filter(iterator, context);
-    each(obj, function(value, index, list) {
-      if (iterator.call(context, value, index, list)) results[results.length] = value;
-    });
-    return results;
-  };
-
-  // Return all the elements for which a truth test fails.
-  _.reject = function(obj, iterator, context) {
-    return _.filter(obj, function(value, index, list) {
-      return !iterator.call(context, value, index, list);
-    }, context);
-  };
-
-  // Determine whether all of the elements match a truth test.
-  // Delegates to **ECMAScript 5**'s native `every` if available.
-  // Aliased as `all`.
-  _.every = _.all = function(obj, iterator, context) {
-    iterator || (iterator = _.identity);
-    var result = true;
-    if (obj == null) return result;
-    if (nativeEvery && obj.every === nativeEvery) return obj.every(iterator, context);
-    each(obj, function(value, index, list) {
-      if (!(result = result && iterator.call(context, value, index, list))) return breaker;
-    });
-    return !!result;
-  };
-
-  // Determine if at least one element in the object matches a truth test.
-  // Delegates to **ECMAScript 5**'s native `some` if available.
-  // Aliased as `any`.
-  var any = _.some = _.any = function(obj, iterator, context) {
-    iterator || (iterator = _.identity);
-    var result = false;
-    if (obj == null) return result;
-    if (nativeSome && obj.some === nativeSome) return obj.some(iterator, context);
-    each(obj, function(value, index, list) {
-      if (result || (result = iterator.call(context, value, index, list))) return breaker;
-    });
-    return !!result;
-  };
-
-  // Determine if the array or object contains a given value (using `===`).
-  // Aliased as `include`.
-  _.contains = _.include = function(obj, target) {
-    if (obj == null) return false;
-    if (nativeIndexOf && obj.indexOf === nativeIndexOf) return obj.indexOf(target) != -1;
-    return any(obj, function(value) {
-      return value === target;
-    });
-  };
-
-  // Invoke a method (with arguments) on every item in a collection.
-  _.invoke = function(obj, method) {
-    var args = slice.call(arguments, 2);
-    var isFunc = _.isFunction(method);
-    return _.map(obj, function(value) {
-      return (isFunc ? method : value[method]).apply(value, args);
-    });
-  };
-
-  // Convenience version of a common use case of `map`: fetching a property.
-  _.pluck = function(obj, key) {
-    return _.map(obj, function(value){ return value[key]; });
-  };
-
-  // Convenience version of a common use case of `filter`: selecting only objects
-  // containing specific `key:value` pairs.
-  _.where = function(obj, attrs, first) {
-    if (_.isEmpty(attrs)) return first ? null : [];
-    return _[first ? 'find' : 'filter'](obj, function(value) {
-      for (var key in attrs) {
-        if (attrs[key] !== value[key]) return false;
-      }
-      return true;
-    });
-  };
-
-  // Convenience version of a common use case of `find`: getting the first object
-  // containing specific `key:value` pairs.
-  _.findWhere = function(obj, attrs) {
-    return _.where(obj, attrs, true);
-  };
-
-  // Return the maximum element or (element-based computation).
-  // Can't optimize arrays of integers longer than 65,535 elements.
-  // See: https://bugs.webkit.org/show_bug.cgi?id=80797
-  _.max = function(obj, iterator, context) {
-    if (!iterator && _.isArray(obj) && obj[0] === +obj[0] && obj.length < 65535) {
-      return Math.max.apply(Math, obj);
-    }
-    if (!iterator && _.isEmpty(obj)) return -Infinity;
-    var result = {computed : -Infinity, value: -Infinity};
-    each(obj, function(value, index, list) {
-      var computed = iterator ? iterator.call(context, value, index, list) : value;
-      computed >= result.computed && (result = {value : value, computed : computed});
-    });
-    return result.value;
-  };
-
-  // Return the minimum element (or element-based computation).
-  _.min = function(obj, iterator, context) {
-    if (!iterator && _.isArray(obj) && obj[0] === +obj[0] && obj.length < 65535) {
-      return Math.min.apply(Math, obj);
-    }
-    if (!iterator && _.isEmpty(obj)) return Infinity;
-    var result = {computed : Infinity, value: Infinity};
-    each(obj, function(value, index, list) {
-      var computed = iterator ? iterator.call(context, value, index, list) : value;
-      computed < result.computed && (result = {value : value, computed : computed});
-    });
-    return result.value;
-  };
-
-  // Shuffle an array.
-  _.shuffle = function(obj) {
-    var rand;
-    var index = 0;
-    var shuffled = [];
-    each(obj, function(value) {
-      rand = _.random(index++);
-      shuffled[index - 1] = shuffled[rand];
-      shuffled[rand] = value;
-    });
-    return shuffled;
-  };
-
-  // An internal function to generate lookup iterators.
-  var lookupIterator = function(value) {
-    return _.isFunction(value) ? value : function(obj){ return obj[value]; };
-  };
-
-  // Sort the object's values by a criterion produced by an iterator.
-  _.sortBy = function(obj, value, context) {
-    var iterator = lookupIterator(value);
-    return _.pluck(_.map(obj, function(value, index, list) {
-      return {
-        value : value,
-        index : index,
-        criteria : iterator.call(context, value, index, list)
-      };
-    }).sort(function(left, right) {
-      var a = left.criteria;
-      var b = right.criteria;
-      if (a !== b) {
-        if (a > b || a === void 0) return 1;
-        if (a < b || b === void 0) return -1;
-      }
-      return left.index < right.index ? -1 : 1;
-    }), 'value');
-  };
-
-  // An internal function used for aggregate "group by" operations.
-  var group = function(obj, value, context, behavior) {
-    var result = {};
-    var iterator = lookupIterator(value || _.identity);
-    each(obj, function(value, index) {
-      var key = iterator.call(context, value, index, obj);
-      behavior(result, key, value);
-    });
-    return result;
-  };
-
-  // Groups the object's values by a criterion. Pass either a string attribute
-  // to group by, or a function that returns the criterion.
-  _.groupBy = function(obj, value, context) {
-    return group(obj, value, context, function(result, key, value) {
-      (_.has(result, key) ? result[key] : (result[key] = [])).push(value);
-    });
-  };
-
-  // Counts instances of an object that group by a certain criterion. Pass
-  // either a string attribute to count by, or a function that returns the
-  // criterion.
-  _.countBy = function(obj, value, context) {
-    return group(obj, value, context, function(result, key) {
-      if (!_.has(result, key)) result[key] = 0;
-      result[key]++;
-    });
-  };
-
-  // Use a comparator function to figure out the smallest index at which
-  // an object should be inserted so as to maintain order. Uses binary search.
-  _.sortedIndex = function(array, obj, iterator, context) {
-    iterator = iterator == null ? _.identity : lookupIterator(iterator);
-    var value = iterator.call(context, obj);
-    var low = 0, high = array.length;
-    while (low < high) {
-      var mid = (low + high) >>> 1;
-      iterator.call(context, array[mid]) < value ? low = mid + 1 : high = mid;
-    }
-    return low;
-  };
-
-  // Safely convert anything iterable into a real, live array.
-  _.toArray = function(obj) {
-    if (!obj) return [];
-    if (_.isArray(obj)) return slice.call(obj);
-    if (obj.length === +obj.length) return _.map(obj, _.identity);
-    return _.values(obj);
-  };
-
-  // Return the number of elements in an object.
-  _.size = function(obj) {
-    if (obj == null) return 0;
-    return (obj.length === +obj.length) ? obj.length : _.keys(obj).length;
-  };
-
-  // Array Functions
-  // ---------------
-
-  // Get the first element of an array. Passing **n** will return the first N
-  // values in the array. Aliased as `head` and `take`. The **guard** check
-  // allows it to work with `_.map`.
-  _.first = _.head = _.take = function(array, n, guard) {
-    if (array == null) return void 0;
-    return (n != null) && !guard ? slice.call(array, 0, n) : array[0];
-  };
-
-  // Returns everything but the last entry of the array. Especially useful on
-  // the arguments object. Passing **n** will return all the values in
-  // the array, excluding the last N. The **guard** check allows it to work with
-  // `_.map`.
-  _.initial = function(array, n, guard) {
-    return slice.call(array, 0, array.length - ((n == null) || guard ? 1 : n));
-  };
-
-  // Get the last element of an array. Passing **n** will return the last N
-  // values in the array. The **guard** check allows it to work with `_.map`.
-  _.last = function(array, n, guard) {
-    if (array == null) return void 0;
-    if ((n != null) && !guard) {
-      return slice.call(array, Math.max(array.length - n, 0));
-    } else {
-      return array[array.length - 1];
-    }
-  };
-
-  // Returns everything but the first entry of the array. Aliased as `tail` and `drop`.
-  // Especially useful on the arguments object. Passing an **n** will return
-  // the rest N values in the array. The **guard**
-  // check allows it to work with `_.map`.
-  _.rest = _.tail = _.drop = function(array, n, guard) {
-    return slice.call(array, (n == null) || guard ? 1 : n);
-  };
-
-  // Trim out all falsy values from an array.
-  _.compact = function(array) {
-    return _.filter(array, _.identity);
-  };
-
-  // Internal implementation of a recursive `flatten` function.
-  var flatten = function(input, shallow, output) {
-    each(input, function(value) {
-      if (_.isArray(value)) {
-        shallow ? push.apply(output, value) : flatten(value, shallow, output);
-      } else {
-        output.push(value);
-      }
-    });
-    return output;
-  };
-
-  // Return a completely flattened version of an array.
-  _.flatten = function(array, shallow) {
-    return flatten(array, shallow, []);
-  };
-
-  // Return a version of the array that does not contain the specified value(s).
-  _.without = function(array) {
-    return _.difference(array, slice.call(arguments, 1));
-  };
-
-  // Produce a duplicate-free version of the array. If the array has already
-  // been sorted, you have the option of using a faster algorithm.
-  // Aliased as `unique`.
-  _.uniq = _.unique = function(array, isSorted, iterator, context) {
-    if (_.isFunction(isSorted)) {
-      context = iterator;
-      iterator = isSorted;
-      isSorted = false;
-    }
-    var initial = iterator ? _.map(array, iterator, context) : array;
-    var results = [];
-    var seen = [];
-    each(initial, function(value, index) {
-      if (isSorted ? (!index || seen[seen.length - 1] !== value) : !_.contains(seen, value)) {
-        seen.push(value);
-        results.push(array[index]);
-      }
-    });
-    return results;
-  };
-
-  // Produce an array that contains the union: each distinct element from all of
-  // the passed-in arrays.
-  _.union = function() {
-    return _.uniq(concat.apply(ArrayProto, arguments));
-  };
-
-  // Produce an array that contains every item shared between all the
-  // passed-in arrays.
-  _.intersection = function(array) {
-    var rest = slice.call(arguments, 1);
-    return _.filter(_.uniq(array), function(item) {
-      return _.every(rest, function(other) {
-        return _.indexOf(other, item) >= 0;
-      });
-    });
-  };
-
-  // Take the difference between one array and a number of other arrays.
-  // Only the elements present in just the first array will remain.
-  _.difference = function(array) {
-    var rest = concat.apply(ArrayProto, slice.call(arguments, 1));
-    return _.filter(array, function(value){ return !_.contains(rest, value); });
-  };
-
-  // Zip together multiple lists into a single array -- elements that share
-  // an index go together.
-  _.zip = function() {
-    var args = slice.call(arguments);
-    var length = _.max(_.pluck(args, 'length'));
-    var results = new Array(length);
-    for (var i = 0; i < length; i++) {
-      results[i] = _.pluck(args, "" + i);
-    }
-    return results;
-  };
-
-  // Converts lists into objects. Pass either a single array of `[key, value]`
-  // pairs, or two parallel arrays of the same length -- one of keys, and one of
-  // the corresponding values.
-  _.object = function(list, values) {
-    if (list == null) return {};
-    var result = {};
-    for (var i = 0, l = list.length; i < l; i++) {
-      if (values) {
-        result[list[i]] = values[i];
-      } else {
-        result[list[i][0]] = list[i][1];
-      }
-    }
-    return result;
-  };
-
-  // If the browser doesn't supply us with indexOf (I'm looking at you, **MSIE**),
-  // we need this function. Return the position of the first occurrence of an
-  // item in an array, or -1 if the item is not included in the array.
-  // Delegates to **ECMAScript 5**'s native `indexOf` if available.
-  // If the array is large and already in sort order, pass `true`
-  // for **isSorted** to use binary search.
-  _.indexOf = function(array, item, isSorted) {
-    if (array == null) return -1;
-    var i = 0, l = array.length;
-    if (isSorted) {
-      if (typeof isSorted == 'number') {
-        i = (isSorted < 0 ? Math.max(0, l + isSorted) : isSorted);
-      } else {
-        i = _.sortedIndex(array, item);
-        return array[i] === item ? i : -1;
-      }
-    }
-    if (nativeIndexOf && array.indexOf === nativeIndexOf) return array.indexOf(item, isSorted);
-    for (; i < l; i++) if (array[i] === item) return i;
-    return -1;
-  };
-
-  // Delegates to **ECMAScript 5**'s native `lastIndexOf` if available.
-  _.lastIndexOf = function(array, item, from) {
-    if (array == null) return -1;
-    var hasIndex = from != null;
-    if (nativeLastIndexOf && array.lastIndexOf === nativeLastIndexOf) {
-      return hasIndex ? array.lastIndexOf(item, from) : array.lastIndexOf(item);
-    }
-    var i = (hasIndex ? from : array.length);
-    while (i--) if (array[i] === item) return i;
-    return -1;
-  };
-
-  // Generate an integer Array containing an arithmetic progression. A port of
-  // the native Python `range()` function. See
-  // [the Python documentation](http://docs.python.org/library/functions.html#range).
-  _.range = function(start, stop, step) {
-    if (arguments.length <= 1) {
-      stop = start || 0;
-      start = 0;
-    }
-    step = arguments[2] || 1;
-
-    var len = Math.max(Math.ceil((stop - start) / step), 0);
-    var idx = 0;
-    var range = new Array(len);
-
-    while(idx < len) {
-      range[idx++] = start;
-      start += step;
-    }
-
-    return range;
-  };
-
-  // Function (ahem) Functions
-  // ------------------
-
-  // Create a function bound to a given object (assigning `this`, and arguments,
-  // optionally). Delegates to **ECMAScript 5**'s native `Function.bind` if
-  // available.
-  _.bind = function(func, context) {
-    if (func.bind === nativeBind && nativeBind) return nativeBind.apply(func, slice.call(arguments, 1));
-    var args = slice.call(arguments, 2);
-    return function() {
-      return func.apply(context, args.concat(slice.call(arguments)));
-    };
-  };
-
-  // Partially apply a function by creating a version that has had some of its
-  // arguments pre-filled, without changing its dynamic `this` context.
-  _.partial = function(func) {
-    var args = slice.call(arguments, 1);
-    return function() {
-      return func.apply(this, args.concat(slice.call(arguments)));
-    };
-  };
-
-  // Bind all of an object's methods to that object. Useful for ensuring that
-  // all callbacks defined on an object belong to it.
-  _.bindAll = function(obj) {
-    var funcs = slice.call(arguments, 1);
-    if (funcs.length === 0) funcs = _.functions(obj);
-    each(funcs, function(f) { obj[f] = _.bind(obj[f], obj); });
-    return obj;
-  };
-
-  // Memoize an expensive function by storing its results.
-  _.memoize = function(func, hasher) {
-    var memo = {};
-    hasher || (hasher = _.identity);
-    return function() {
-      var key = hasher.apply(this, arguments);
-      return _.has(memo, key) ? memo[key] : (memo[key] = func.apply(this, arguments));
-    };
-  };
-
-  // Delays a function for the given number of milliseconds, and then calls
-  // it with the arguments supplied.
-  _.delay = function(func, wait) {
-    var args = slice.call(arguments, 2);
-    return setTimeout(function(){ return func.apply(null, args); }, wait);
-  };
-
-  // Defers a function, scheduling it to run after the current call stack has
-  // cleared.
-  _.defer = function(func) {
-    return _.delay.apply(_, [func, 1].concat(slice.call(arguments, 1)));
-  };
-
-  // Returns a function, that, when invoked, will only be triggered at most once
-  // during a given window of time.
-  _.throttle = function(func, wait) {
-    var context, args, timeout, result;
-    var previous = 0;
-    var later = function() {
-      previous = new Date;
-      timeout = null;
-      result = func.apply(context, args);
-    };
-    return function() {
-      var now = new Date;
-      var remaining = wait - (now - previous);
-      context = this;
-      args = arguments;
-      if (remaining <= 0) {
-        clearTimeout(timeout);
-        timeout = null;
-        previous = now;
-        result = func.apply(context, args);
-      } else if (!timeout) {
-        timeout = setTimeout(later, remaining);
-      }
-      return result;
-    };
-  };
-
-  // Returns a function, that, as long as it continues to be invoked, will not
-  // be triggered. The function will be called after it stops being called for
-  // N milliseconds. If `immediate` is passed, trigger the function on the
-  // leading edge, instead of the trailing.
-  _.debounce = function(func, wait, immediate) {
-    var timeout, result;
-    return function() {
-      var context = this, args = arguments;
-      var later = function() {
-        timeout = null;
-        if (!immediate) result = func.apply(context, args);
-      };
-      var callNow = immediate && !timeout;
-      clearTimeout(timeout);
-      timeout = setTimeout(later, wait);
-      if (callNow) result = func.apply(context, args);
-      return result;
-    };
-  };
-
-  // Returns a function that will be executed at most one time, no matter how
-  // often you call it. Useful for lazy initialization.
-  _.once = function(func) {
-    var ran = false, memo;
-    return function() {
-      if (ran) return memo;
-      ran = true;
-      memo = func.apply(this, arguments);
-      func = null;
-      return memo;
-    };
-  };
-
-  // Returns the first function passed as an argument to the second,
-  // allowing you to adjust arguments, run code before and after, and
-  // conditionally execute the original function.
-  _.wrap = function(func, wrapper) {
-    return function() {
-      var args = [func];
-      push.apply(args, arguments);
-      return wrapper.apply(this, args);
-    };
-  };
-
-  // Returns a function that is the composition of a list of functions, each
-  // consuming the return value of the function that follows.
-  _.compose = function() {
-    var funcs = arguments;
-    return function() {
-      var args = arguments;
-      for (var i = funcs.length - 1; i >= 0; i--) {
-        args = [funcs[i].apply(this, args)];
-      }
-      return args[0];
-    };
-  };
-
-  // Returns a function that will only be executed after being called N times.
-  _.after = function(times, func) {
-    if (times <= 0) return func();
-    return function() {
-      if (--times < 1) {
-        return func.apply(this, arguments);
-      }
-    };
-  };
-
-  // Object Functions
-  // ----------------
-
-  // Retrieve the names of an object's properties.
-  // Delegates to **ECMAScript 5**'s native `Object.keys`
-  _.keys = nativeKeys || function(obj) {
-    if (obj !== Object(obj)) throw new TypeError('Invalid object');
-    var keys = [];
-    for (var key in obj) if (_.has(obj, key)) keys[keys.length] = key;
-    return keys;
-  };
-
-  // Retrieve the values of an object's properties.
-  _.values = function(obj) {
-    var values = [];
-    for (var key in obj) if (_.has(obj, key)) values.push(obj[key]);
-    return values;
-  };
-
-  // Convert an object into a list of `[key, value]` pairs.
-  _.pairs = function(obj) {
-    var pairs = [];
-    for (var key in obj) if (_.has(obj, key)) pairs.push([key, obj[key]]);
-    return pairs;
-  };
-
-  // Invert the keys and values of an object. The values must be serializable.
-  _.invert = function(obj) {
-    var result = {};
-    for (var key in obj) if (_.has(obj, key)) result[obj[key]] = key;
-    return result;
-  };
-
-  // Return a sorted list of the function names available on the object.
-  // Aliased as `methods`
-  _.functions = _.methods = function(obj) {
-    var names = [];
-    for (var key in obj) {
-      if (_.isFunction(obj[key])) names.push(key);
-    }
-    return names.sort();
-  };
-
-  // Extend a given object with all the properties in passed-in object(s).
-  _.extend = function(obj) {
-    each(slice.call(arguments, 1), function(source) {
-      if (source) {
-        for (var prop in source) {
-          obj[prop] = source[prop];
-        }
-      }
-    });
-    return obj;
-  };
-
-  // Return a copy of the object only containing the whitelisted properties.
-  _.pick = function(obj) {
-    var copy = {};
-    var keys = concat.apply(ArrayProto, slice.call(arguments, 1));
-    each(keys, function(key) {
-      if (key in obj) copy[key] = obj[key];
-    });
-    return copy;
-  };
-
-   // Return a copy of the object without the blacklisted properties.
-  _.omit = function(obj) {
-    var copy = {};
-    var keys = concat.apply(ArrayProto, slice.call(arguments, 1));
-    for (var key in obj) {
-      if (!_.contains(keys, key)) copy[key] = obj[key];
-    }
-    return copy;
-  };
-
-  // Fill in a given object with default properties.
-  _.defaults = function(obj) {
-    each(slice.call(arguments, 1), function(source) {
-      if (source) {
-        for (var prop in source) {
-          if (obj[prop] == null) obj[prop] = source[prop];
-        }
-      }
-    });
-    return obj;
-  };
-
-  // Create a (shallow-cloned) duplicate of an object.
-  _.clone = function(obj) {
-    if (!_.isObject(obj)) return obj;
-    return _.isArray(obj) ? obj.slice() : _.extend({}, obj);
-  };
-
-  // Invokes interceptor with the obj, and then returns obj.
-  // The primary purpose of this method is to "tap into" a method chain, in
-  // order to perform operations on intermediate results within the chain.
-  _.tap = function(obj, interceptor) {
-    interceptor(obj);
-    return obj;
-  };
-
-  // Internal recursive comparison function for `isEqual`.
-  var eq = function(a, b, aStack, bStack) {
-    // Identical objects are equal. `0 === -0`, but they aren't identical.
-    // See the Harmony `egal` proposal: http://wiki.ecmascript.org/doku.php?id=harmony:egal.
-    if (a === b) return a !== 0 || 1 / a == 1 / b;
-    // A strict comparison is necessary because `null == undefined`.
-    if (a == null || b == null) return a === b;
-    // Unwrap any wrapped objects.
-    if (a instanceof _) a = a._wrapped;
-    if (b instanceof _) b = b._wrapped;
-    // Compare `[[Method]]` names.
-    var className = toString.call(a);
-    if (className != toString.call(b)) return false;
-    switch (className) {
-      // Strings, numbers, dates, and booleans are compared by value.
-      case '[object String]':
-        // Primitives and their corresponding object wrappers are equivalent; thus, `"5"` is
-        // equivalent to `new String("5")`.
-        return a == String(b);
-      case '[object Number]':
-        // `NaN`s are equivalent, but non-reflexive. An `egal` comparison is performed for
-        // other numeric values.
-        return a != +a ? b != +b : (a == 0 ? 1 / a == 1 / b : a == +b);
-      case '[object Date]':
-      case '[object Boolean]':
-        // Coerce dates and booleans to numeric primitive values. Dates are compared by their
-        // millisecond representations. Note that invalid dates with millisecond representations
-        // of `NaN` are not equivalent.
-        return +a == +b;
-      // RegExps are compared by their source patterns and flags.
-      case '[object RegExp]':
-        return a.source == b.source &&
-               a.global == b.global &&
-               a.multiline == b.multiline &&
-               a.ignoreCase == b.ignoreCase;
-    }
-    if (typeof a != 'object' || typeof b != 'object') return false;
-    // Assume equality for cyclic structures. The algorithm for detecting cyclic
-    // structures is adapted from ES 5.1 section 15.12.3, abstract operation `JO`.
-    var length = aStack.length;
-    while (length--) {
-      // Linear search. Performance is inversely proportional to the number of
-      // unique nested structures.
-      if (aStack[length] == a) return bStack[length] == b;
-    }
-    // Add the first object to the stack of traversed objects.
-    aStack.push(a);
-    bStack.push(b);
-    var size = 0, result = true;
-    // Recursively compare objects and arrays.
-    if (className == '[object Array]') {
-      // Compare array lengths to determine if a deep comparison is necessary.
-      size = a.length;
-      result = size == b.length;
-      if (result) {
-        // Deep compare the contents, ignoring non-numeric properties.
-        while (size--) {
-          if (!(result = eq(a[size], b[size], aStack, bStack))) break;
-        }
-      }
-    } else {
-      // Objects with different constructors are not equivalent, but `Object`s
-      // from different frames are.
-      var aCtor = a.constructor, bCtor = b.constructor;
-      if (aCtor !== bCtor && !(_.isFunction(aCtor) && (aCtor instanceof aCtor) &&
-                               _.isFunction(bCtor) && (bCtor instanceof bCtor))) {
-        return false;
-      }
-      // Deep compare objects.
-      for (var key in a) {
-        if (_.has(a, key)) {
-          // Count the expected number of properties.
-          size++;
-          // Deep compare each member.
-          if (!(result = _.has(b, key) && eq(a[key], b[key], aStack, bStack))) break;
-        }
-      }
-      // Ensure that both objects contain the same number of properties.
-      if (result) {
-        for (key in b) {
-          if (_.has(b, key) && !(size--)) break;
-        }
-        result = !size;
-      }
-    }
-    // Remove the first object from the stack of traversed objects.
-    aStack.pop();
-    bStack.pop();
-    return result;
-  };
-
-  // Perform a deep comparison to check if two objects are equal.
-  _.isEqual = function(a, b) {
-    return eq(a, b, [], []);
-  };
-
-  // Is a given array, string, or object empty?
-  // An "empty" object has no enumerable own-properties.
-  _.isEmpty = function(obj) {
-    if (obj == null) return true;
-    if (_.isArray(obj) || _.isString(obj)) return obj.length === 0;
-    for (var key in obj) if (_.has(obj, key)) return false;
-    return true;
-  };
-
-  // Is a given value a DOM element?
-  _.isElement = function(obj) {
-    return !!(obj && obj.nodeType === 1);
-  };
-
-  // Is a given value an array?
-  // Delegates to ECMA5's native Array.isArray
-  _.isArray = nativeIsArray || function(obj) {
-    return toString.call(obj) == '[object Array]';
-  };
-
-  // Is a given variable an object?
-  _.isObject = function(obj) {
-    return obj === Object(obj);
-  };
-
-  // Add some isType methods: isArguments, isFunction, isString, isNumber, isDate, isRegExp.
-  each(['Arguments', 'Function', 'String', 'Number', 'Date', 'RegExp'], function(name) {
-    _['is' + name] = function(obj) {
-      return toString.call(obj) == '[object ' + name + ']';
-    };
-  });
-
-  // Define a fallback version of the method in browsers (ahem, IE), where
-  // there isn't any inspectable "Arguments" type.
-  if (!_.isArguments(arguments)) {
-    _.isArguments = function(obj) {
-      return !!(obj && _.has(obj, 'callee'));
-    };
-  }
-
-  // Optimize `isFunction` if appropriate.
-  if (typeof (/./) !== 'function') {
-    _.isFunction = function(obj) {
-      return typeof obj === 'function';
-    };
-  }
-
-  // Is a given object a finite number?
-  _.isFinite = function(obj) {
-    return isFinite(obj) && !isNaN(parseFloat(obj));
-  };
-
-  // Is the given value `NaN`? (NaN is the only number which does not equal itself).
-  _.isNaN = function(obj) {
-    return _.isNumber(obj) && obj != +obj;
-  };
-
-  // Is a given value a boolean?
-  _.isBoolean = function(obj) {
-    return obj === true || obj === false || toString.call(obj) == '[object Boolean]';
-  };
-
-  // Is a given value equal to null?
-  _.isNull = function(obj) {
-    return obj === null;
-  };
-
-  // Is a given variable undefined?
-  _.isUndefined = function(obj) {
-    return obj === void 0;
-  };
-
-  // Shortcut function for checking if an object has a given property directly
-  // on itself (in other words, not on a prototype).
-  _.has = function(obj, key) {
-    return hasOwnProperty.call(obj, key);
-  };
-
-  // Utility Functions
-  // -----------------
-
-  // Run Underscore.js in *noConflict* mode, returning the `_` variable to its
-  // previous owner. Returns a reference to the Underscore object.
-  _.noConflict = function() {
-    root._ = previousUnderscore;
-    return this;
-  };
-
-  // Keep the identity function around for default iterators.
-  _.identity = function(value) {
-    return value;
-  };
-
-  // Run a function **n** times.
-  _.times = function(n, iterator, context) {
-    var accum = Array(n);
-    for (var i = 0; i < n; i++) accum[i] = iterator.call(context, i);
-    return accum;
-  };
-
-  // Return a random integer between min and max (inclusive).
-  _.random = function(min, max) {
-    if (max == null) {
-      max = min;
-      min = 0;
-    }
-    return min + Math.floor(Math.random() * (max - min + 1));
-  };
-
-  // List of HTML entities for escaping.
-  var entityMap = {
-    escape: {
-      '&': '&amp;',
-      '<': '&lt;',
-      '>': '&gt;',
-      '"': '&quot;',
-      "'": '&#x27;',
-      '/': '&#x2F;'
-    }
-  };
-  entityMap.unescape = _.invert(entityMap.escape);
-
-  // Regexes containing the keys and values listed immediately above.
-  var entityRegexes = {
-    escape:   new RegExp('[' + _.keys(entityMap.escape).join('') + ']', 'g'),
-    unescape: new RegExp('(' + _.keys(entityMap.unescape).join('|') + ')', 'g')
-  };
-
-  // Functions for escaping and unescaping strings to/from HTML interpolation.
-  _.each(['escape', 'unescape'], function(method) {
-    _[method] = function(string) {
-      if (string == null) return '';
-      return ('' + string).replace(entityRegexes[method], function(match) {
-        return entityMap[method][match];
-      });
-    };
-  });
-
-  // If the value of the named property is a function then invoke it;
-  // otherwise, return it.
-  _.result = function(object, property) {
-    if (object == null) return null;
-    var value = object[property];
-    return _.isFunction(value) ? value.call(object) : value;
-  };
-
-  // Add your own custom functions to the Underscore object.
-  _.mixin = function(obj) {
-    each(_.functions(obj), function(name){
-      var func = _[name] = obj[name];
-      _.prototype[name] = function() {
-        var args = [this._wrapped];
-        push.apply(args, arguments);
-        return result.call(this, func.apply(_, args));
-      };
-    });
-  };
-
-  // Generate a unique integer id (unique within the entire client session).
-  // Useful for temporary DOM ids.
-  var idCounter = 0;
-  _.uniqueId = function(prefix) {
-    var id = ++idCounter + '';
-    return prefix ? prefix + id : id;
-  };
-
-  // By default, Underscore uses ERB-style template delimiters, change the
-  // following template settings to use alternative delimiters.
-  _.templateSettings = {
-    evaluate    : /<%([\s\S]+?)%>/g,
-    interpolate : /<%=([\s\S]+?)%>/g,
-    escape      : /<%-([\s\S]+?)%>/g
-  };
-
-  // When customizing `templateSettings`, if you don't want to define an
-  // interpolation, evaluation or escaping regex, we need one that is
-  // guaranteed not to match.
-  var noMatch = /(.)^/;
-
-  // Certain characters need to be escaped so that they can be put into a
-  // string literal.
-  var escapes = {
-    "'":      "'",
-    '\\':     '\\',
-    '\r':     'r',
-    '\n':     'n',
-    '\t':     't',
-    '\u2028': 'u2028',
-    '\u2029': 'u2029'
-  };
-
-  var escaper = /\\|'|\r|\n|\t|\u2028|\u2029/g;
-
-  // JavaScript micro-templating, similar to John Resig's implementation.
-  // Underscore templating handles arbitrary delimiters, preserves whitespace,
-  // and correctly escapes quotes within interpolated code.
-  _.template = function(text, data, settings) {
-    var render;
-    settings = _.defaults({}, settings, _.templateSettings);
-
-    // Combine delimiters into one regular expression via alternation.
-    var matcher = new RegExp([
-      (settings.escape || noMatch).source,
-      (settings.interpolate || noMatch).source,
-      (settings.evaluate || noMatch).source
-    ].join('|') + '|$', 'g');
-
-    // Compile the template source, escaping string literals appropriately.
-    var index = 0;
-    var source = "__p+='";
-    text.replace(matcher, function(match, escape, interpolate, evaluate, offset) {
-      source += text.slice(index, offset)
-        .replace(escaper, function(match) { return '\\' + escapes[match]; });
-
-      if (escape) {
-        source += "'+\n((__t=(" + escape + "))==null?'':_.escape(__t))+\n'";
-      }
-      if (interpolate) {
-        source += "'+\n((__t=(" + interpolate + "))==null?'':__t)+\n'";
-      }
-      if (evaluate) {
-        source += "';\n" + evaluate + "\n__p+='";
-      }
-      index = offset + match.length;
-      return match;
-    });
-    source += "';\n";
-
-    // If a variable is not specified, place data values in local scope.
-    if (!settings.variable) source = 'with(obj||{}){\n' + source + '}\n';
-
-    source = "var __t,__p='',__j=Array.prototype.join," +
-      "print=function(){__p+=__j.call(arguments,'');};\n" +
-      source + "return __p;\n";
-
-    try {
-      render = new Function(settings.variable || 'obj', '_', source);
-    } catch (e) {
-      e.source = source;
-      throw e;
-    }
-
-    if (data) return render(data, _);
-    var template = function(data) {
-      return render.call(this, data, _);
-    };
-
-    // Provide the compiled function source as a convenience for precompilation.
-    template.source = 'function(' + (settings.variable || 'obj') + '){\n' + source + '}';
-
-    return template;
-  };
-
-  // Add a "chain" function, which will delegate to the wrapper.
-  _.chain = function(obj) {
-    return _(obj).chain();
-  };
-
-  // OOP
-  // ---------------
-  // If Underscore is called as a function, it returns a wrapped object that
-  // can be used OO-style. This wrapper holds altered versions of all the
-  // underscore functions. Wrapped objects may be chained.
-
-  // Helper function to continue chaining intermediate results.
-  var result = function(obj) {
-    return this._chain ? _(obj).chain() : obj;
-  };
-
-  // Add all of the Underscore functions to the wrapper object.
-  _.mixin(_);
-
-  // Add all mutator Array functions to the wrapper.
-  each(['pop', 'push', 'reverse', 'shift', 'sort', 'splice', 'unshift'], function(name) {
-    var method = ArrayProto[name];
-    _.prototype[name] = function() {
-      var obj = this._wrapped;
-      method.apply(obj, arguments);
-      if ((name == 'shift' || name == 'splice') && obj.length === 0) delete obj[0];
-      return result.call(this, obj);
-    };
-  });
-
-  // Add all accessor Array functions to the wrapper.
-  each(['concat', 'join', 'slice'], function(name) {
-    var method = ArrayProto[name];
-    _.prototype[name] = function() {
-      return result.call(this, method.apply(this._wrapped, arguments));
-    };
-  });
-
-  _.extend(_.prototype, {
-
-    // Start chaining a wrapped Underscore object.
-    chain: function() {
-      this._chain = true;
-      return this;
-    },
-
-    // Extracts the result from a wrapped and chained object.
-    value: function() {
-      return this._wrapped;
-    }
-
-  });
-
-}).call(this);
diff --git a/docs/saml2/_static/up-pressed.png b/docs/saml2/_static/up-pressed.png
deleted file mode 100644
index 8bd587af..00000000
Binary files a/docs/saml2/_static/up-pressed.png and /dev/null differ
diff --git a/docs/saml2/_static/up.png b/docs/saml2/_static/up.png
deleted file mode 100644
index b9462568..00000000
Binary files a/docs/saml2/_static/up.png and /dev/null differ
diff --git a/docs/saml2/_static/websupport.js b/docs/saml2/_static/websupport.js
deleted file mode 100644
index 76d4d9cc..00000000
--- a/docs/saml2/_static/websupport.js
+++ /dev/null
@@ -1,808 +0,0 @@
-/*
- * websupport.js
- * ~~~~~~~~~~~~~
- *
- * sphinx.websupport utilties for all documentation.
- *
- * :copyright: Copyright 2007-2011 by the Sphinx team, see AUTHORS.
- * :license: BSD, see LICENSE for details.
- *
- */
-
-(function($) {
-  $.fn.autogrow = function() {
-    return this.each(function() {
-    var textarea = this;
-
-    $.fn.autogrow.resize(textarea);
-
-    $(textarea)
-      .focus(function() {
-        textarea.interval = setInterval(function() {
-          $.fn.autogrow.resize(textarea);
-        }, 500);
-      })
-      .blur(function() {
-        clearInterval(textarea.interval);
-      });
-    });
-  };
-
-  $.fn.autogrow.resize = function(textarea) {
-    var lineHeight = parseInt($(textarea).css('line-height'), 10);
-    var lines = textarea.value.split('\n');
-    var columns = textarea.cols;
-    var lineCount = 0;
-    $.each(lines, function() {
-      lineCount += Math.ceil(this.length / columns) || 1;
-    });
-    var height = lineHeight * (lineCount + 1);
-    $(textarea).css('height', height);
-  };
-})(jQuery);
-
-(function($) {
-  var comp, by;
-
-  function init() {
-    initEvents();
-    initComparator();
-  }
-
-  function initEvents() {
-    $('a.comment-close').live("click", function(event) {
-      event.preventDefault();
-      hide($(this).attr('id').substring(2));
-    });
-    $('a.vote').live("click", function(event) {
-      event.preventDefault();
-      handleVote($(this));
-    });
-    $('a.reply').live("click", function(event) {
-      event.preventDefault();
-      openReply($(this).attr('id').substring(2));
-    });
-    $('a.close-reply').live("click", function(event) {
-      event.preventDefault();
-      closeReply($(this).attr('id').substring(2));
-    });
-    $('a.sort-option').live("click", function(event) {
-      event.preventDefault();
-      handleReSort($(this));
-    });
-    $('a.show-proposal').live("click", function(event) {
-      event.preventDefault();
-      showProposal($(this).attr('id').substring(2));
-    });
-    $('a.hide-proposal').live("click", function(event) {
-      event.preventDefault();
-      hideProposal($(this).attr('id').substring(2));
-    });
-    $('a.show-propose-change').live("click", function(event) {
-      event.preventDefault();
-      showProposeChange($(this).attr('id').substring(2));
-    });
-    $('a.hide-propose-change').live("click", function(event) {
-      event.preventDefault();
-      hideProposeChange($(this).attr('id').substring(2));
-    });
-    $('a.accept-comment').live("click", function(event) {
-      event.preventDefault();
-      acceptComment($(this).attr('id').substring(2));
-    });
-    $('a.delete-comment').live("click", function(event) {
-      event.preventDefault();
-      deleteComment($(this).attr('id').substring(2));
-    });
-    $('a.comment-markup').live("click", function(event) {
-      event.preventDefault();
-      toggleCommentMarkupBox($(this).attr('id').substring(2));
-    });
-  }
-
-  /**
-   * Set comp, which is a comparator function used for sorting and
-   * inserting comments into the list.
-   */
-  function setComparator() {
-    // If the first three letters are "asc", sort in ascending order
-    // and remove the prefix.
-    if (by.substring(0,3) == 'asc') {
-      var i = by.substring(3);
-      comp = function(a, b) { return a[i] - b[i]; };
-    } else {
-      // Otherwise sort in descending order.
-      comp = function(a, b) { return b[by] - a[by]; };
-    }
-
-    // Reset link styles and format the selected sort option.
-    $('a.sel').attr('href', '#').removeMethod('sel');
-    $('a.by' + by).removeAttr('href').addMethod('sel');
-  }
-
-  /**
-   * Create a comp function. If the user has preferences stored in
-   * the sortBy cookie, use those, otherwise use the default.
-   */
-  function initComparator() {
-    by = 'rating'; // Default to sort by rating.
-    // If the sortBy cookie is set, use that instead.
-    if (document.cookie.length > 0) {
-      var start = document.cookie.indexOf('sortBy=');
-      if (start != -1) {
-        start = start + 7;
-        var end = document.cookie.indexOf(";", start);
-        if (end == -1) {
-          end = document.cookie.length;
-          by = unescape(document.cookie.substring(start, end));
-        }
-      }
-    }
-    setComparator();
-  }
-
-  /**
-   * Show a comment div.
-   */
-  function show(id) {
-    $('#ao' + id).hide();
-    $('#ah' + id).show();
-    var context = $.extend({id: id}, opts);
-    var popup = $(renderTemplate(popupTemplate, context)).hide();
-    popup.find('textarea[name="proposal"]').hide();
-    popup.find('a.by' + by).addMethod('sel');
-    var form = popup.find('#cf' + id);
-    form.submit(function(event) {
-      event.preventDefault();
-      addComment(form);
-    });
-    $('#s' + id).after(popup);
-    popup.slideDown('fast', function() {
-      getComments(id);
-    });
-  }
-
-  /**
-   * Hide a comment div.
-   */
-  function hide(id) {
-    $('#ah' + id).hide();
-    $('#ao' + id).show();
-    var div = $('#sc' + id);
-    div.slideUp('fast', function() {
-      div.remove();
-    });
-  }
-
-  /**
-   * Perform an ajax request to get comments for a node
-   * and insert the comments into the comments tree.
-   */
-  function getComments(id) {
-    $.ajax({
-     type: 'GET',
-     url: opts.getCommentsURL,
-     data: {node: id},
-     success: function(data, textStatus, request) {
-       var ul = $('#cl' + id);
-       var speed = 100;
-       $('#cf' + id)
-         .find('textarea[name="proposal"]')
-         .data('source', data.source);
-
-       if (data.comments.length === 0) {
-         ul.html('<li>No comments yet.</li>');
-         ul.data('empty', true);
-       } else {
-         // If there are comments, sort them and put them in the list.
-         var comments = sortComments(data.comments);
-         speed = data.comments.length * 100;
-         appendComments(comments, ul);
-         ul.data('empty', false);
-       }
-       $('#cn' + id).slideUp(speed + 200);
-       ul.slideDown(speed);
-     },
-     error: function(request, textStatus, error) {
-       showError('Oops, there was a problem retrieving the comments.');
-     },
-     dataType: 'json'
-    });
-  }
-
-  /**
-   * Add a comment via ajax and insert the comment into the comment tree.
-   */
-  function addComment(form) {
-    var node_id = form.find('input[name="node"]').val();
-    var parent_id = form.find('input[name="parent"]').val();
-    var text = form.find('textarea[name="comment"]').val();
-    var proposal = form.find('textarea[name="proposal"]').val();
-
-    if (text == '') {
-      showError('Please enter a comment.');
-      return;
-    }
-
-    // Disable the form that is being submitted.
-    form.find('textarea,input').attr('disabled', 'disabled');
-
-    // Send the comment to the server.
-    $.ajax({
-      type: "POST",
-      url: opts.addCommentURL,
-      dataType: 'json',
-      data: {
-        node: node_id,
-        parent: parent_id,
-        text: text,
-        proposal: proposal
-      },
-      success: function(data, textStatus, error) {
-        // Reset the form.
-        if (node_id) {
-          hideProposeChange(node_id);
-        }
-        form.find('textarea')
-          .val('')
-          .add(form.find('input'))
-          .removeAttr('disabled');
-	var ul = $('#cl' + (node_id || parent_id));
-        if (ul.data('empty')) {
-          $(ul).empty();
-          ul.data('empty', false);
-        }
-        insertComment(data.comment);
-        var ao = $('#ao' + node_id);
-        ao.find('img').attr({'src': opts.commentBrightImage});
-        if (node_id) {
-          // if this was a "root" comment, remove the commenting box
-          // (the user can get it back by reopening the comment popup)
-          $('#ca' + node_id).slideUp();
-        }
-      },
-      error: function(request, textStatus, error) {
-        form.find('textarea,input').removeAttr('disabled');
-        showError('Oops, there was a problem adding the comment.');
-      }
-    });
-  }
-
-  /**
-   * Recursively append comments to the main comment list and children
-   * lists, creating the comment tree.
-   */
-  function appendComments(comments, ul) {
-    $.each(comments, function() {
-      var div = createCommentDiv(this);
-      ul.append($(document.createElement('li')).html(div));
-      appendComments(this.children, div.find('ul.comment-children'));
-      // To avoid stagnating data, don't store the comments children in data.
-      this.children = null;
-      div.data('comment', this);
-    });
-  }
-
-  /**
-   * After adding a new comment, it must be inserted in the correct
-   * location in the comment tree.
-   */
-  function insertComment(comment) {
-    var div = createCommentDiv(comment);
-
-    // To avoid stagnating data, don't store the comments children in data.
-    comment.children = null;
-    div.data('comment', comment);
-
-    var ul = $('#cl' + (comment.node || comment.parent));
-    var siblings = getChildren(ul);
-
-    var li = $(document.createElement('li'));
-    li.hide();
-
-    // Determine where in the parents children list to insert this comment.
-    for(i=0; i < siblings.length; i++) {
-      if (comp(comment, siblings[i]) <= 0) {
-        $('#cd' + siblings[i].id)
-          .parent()
-          .before(li.html(div));
-        li.slideDown('fast');
-        return;
-      }
-    }
-
-    // If we get here, this comment rates lower than all the others,
-    // or it is the only comment in the list.
-    ul.append(li.html(div));
-    li.slideDown('fast');
-  }
-
-  function acceptComment(id) {
-    $.ajax({
-      type: 'POST',
-      url: opts.acceptCommentURL,
-      data: {id: id},
-      success: function(data, textStatus, request) {
-        $('#cm' + id).fadeOut('fast');
-        $('#cd' + id).removeMethod('moderate');
-      },
-      error: function(request, textStatus, error) {
-        showError('Oops, there was a problem accepting the comment.');
-      }
-    });
-  }
-
-  function deleteComment(id) {
-    $.ajax({
-      type: 'POST',
-      url: opts.deleteCommentURL,
-      data: {id: id},
-      success: function(data, textStatus, request) {
-        var div = $('#cd' + id);
-        if (data == 'delete') {
-          // Moderator mode: remove the comment and all children immediately
-          div.slideUp('fast', function() {
-            div.remove();
-          });
-          return;
-        }
-        // User mode: only mark the comment as deleted
-        div
-          .find('span.user-id:first')
-          .text('[deleted]').end()
-          .find('div.comment-text:first')
-          .text('[deleted]').end()
-          .find('#cm' + id + ', #dc' + id + ', #ac' + id + ', #rc' + id +
-                ', #sp' + id + ', #hp' + id + ', #cr' + id + ', #rl' + id)
-          .remove();
-        var comment = div.data('comment');
-        comment.username = '[deleted]';
-        comment.text = '[deleted]';
-        div.data('comment', comment);
-      },
-      error: function(request, textStatus, error) {
-        showError('Oops, there was a problem deleting the comment.');
-      }
-    });
-  }
-
-  function showProposal(id) {
-    $('#sp' + id).hide();
-    $('#hp' + id).show();
-    $('#pr' + id).slideDown('fast');
-  }
-
-  function hideProposal(id) {
-    $('#hp' + id).hide();
-    $('#sp' + id).show();
-    $('#pr' + id).slideUp('fast');
-  }
-
-  function showProposeChange(id) {
-    $('#pc' + id).hide();
-    $('#hc' + id).show();
-    var textarea = $('#pt' + id);
-    textarea.val(textarea.data('source'));
-    $.fn.autogrow.resize(textarea[0]);
-    textarea.slideDown('fast');
-  }
-
-  function hideProposeChange(id) {
-    $('#hc' + id).hide();
-    $('#pc' + id).show();
-    var textarea = $('#pt' + id);
-    textarea.val('').removeAttr('disabled');
-    textarea.slideUp('fast');
-  }
-
-  function toggleCommentMarkupBox(id) {
-    $('#mb' + id).toggle();
-  }
-
-  /** Handle when the user clicks on a sort by link. */
-  function handleReSort(link) {
-    var classes = link.attr('class').split(/\s+/);
-    for (var i=0; i<classes.length; i++) {
-      if (classes[i] != 'sort-option') {
-	by = classes[i].substring(2);
-      }
-    }
-    setComparator();
-    // Save/update the sortBy cookie.
-    var expiration = new Date();
-    expiration.setDate(expiration.getDate() + 365);
-    document.cookie= 'sortBy=' + escape(by) +
-                     ';expires=' + expiration.toUTCString();
-    $('ul.comment-ul').each(function(index, ul) {
-      var comments = getChildren($(ul), true);
-      comments = sortComments(comments);
-      appendComments(comments, $(ul).empty());
-    });
-  }
-
-  /**
-   * Function to process a vote when a user clicks an arrow.
-   */
-  function handleVote(link) {
-    if (!opts.voting) {
-      showError("You'll need to login to vote.");
-      return;
-    }
-
-    var id = link.attr('id');
-    if (!id) {
-      // Didn't click on one of the voting arrows.
-      return;
-    }
-    // If it is an unvote, the new vote value is 0,
-    // Otherwise it's 1 for an upvote, or -1 for a downvote.
-    var value = 0;
-    if (id.charAt(1) != 'u') {
-      value = id.charAt(0) == 'u' ? 1 : -1;
-    }
-    // The data to be sent to the server.
-    var d = {
-      comment_id: id.substring(2),
-      value: value
-    };
-
-    // Swap the vote and unvote links.
-    link.hide();
-    $('#' + id.charAt(0) + (id.charAt(1) == 'u' ? 'v' : 'u') + d.comment_id)
-      .show();
-
-    // The div the comment is displayed in.
-    var div = $('div#cd' + d.comment_id);
-    var data = div.data('comment');
-
-    // If this is not an unvote, and the other vote arrow has
-    // already been pressed, unpress it.
-    if ((d.value !== 0) && (data.vote === d.value * -1)) {
-      $('#' + (d.value == 1 ? 'd' : 'u') + 'u' + d.comment_id).hide();
-      $('#' + (d.value == 1 ? 'd' : 'u') + 'v' + d.comment_id).show();
-    }
-
-    // Update the comments rating in the local data.
-    data.rating += (data.vote === 0) ? d.value : (d.value - data.vote);
-    data.vote = d.value;
-    div.data('comment', data);
-
-    // Change the rating text.
-    div.find('.rating:first')
-      .text(data.rating + ' point' + (data.rating == 1 ? '' : 's'));
-
-    // Send the vote information to the server.
-    $.ajax({
-      type: "POST",
-      url: opts.processVoteURL,
-      data: d,
-      error: function(request, textStatus, error) {
-        showError('Oops, there was a problem casting that vote.');
-      }
-    });
-  }
-
-  /**
-   * Open a reply form used to reply to an existing comment.
-   */
-  function openReply(id) {
-    // Swap out the reply link for the hide link
-    $('#rl' + id).hide();
-    $('#cr' + id).show();
-
-    // Add the reply li to the children ul.
-    var div = $(renderTemplate(replyTemplate, {id: id})).hide();
-    $('#cl' + id)
-      .prepend(div)
-      // Setup the submit handler for the reply form.
-      .find('#rf' + id)
-      .submit(function(event) {
-        event.preventDefault();
-        addComment($('#rf' + id));
-        closeReply(id);
-      })
-      .find('input[type=button]')
-      .click(function() {
-        closeReply(id);
-      });
-    div.slideDown('fast', function() {
-      $('#rf' + id).find('textarea').focus();
-    });
-  }
-
-  /**
-   * Close the reply form opened with openReply.
-   */
-  function closeReply(id) {
-    // Remove the reply div from the DOM.
-    $('#rd' + id).slideUp('fast', function() {
-      $(this).remove();
-    });
-
-    // Swap out the hide link for the reply link
-    $('#cr' + id).hide();
-    $('#rl' + id).show();
-  }
-
-  /**
-   * Recursively sort a tree of comments using the comp comparator.
-   */
-  function sortComments(comments) {
-    comments.sort(comp);
-    $.each(comments, function() {
-      this.children = sortComments(this.children);
-    });
-    return comments;
-  }
-
-  /**
-   * Get the children comments from a ul. If recursive is true,
-   * recursively include childrens' children.
-   */
-  function getChildren(ul, recursive) {
-    var children = [];
-    ul.children().children("[id^='cd']")
-      .each(function() {
-        var comment = $(this).data('comment');
-        if (recursive)
-          comment.children = getChildren($(this).find('#cl' + comment.id), true);
-        children.push(comment);
-      });
-    return children;
-  }
-
-  /** Create a div to display a comment in. */
-  function createCommentDiv(comment) {
-    if (!comment.displayed && !opts.moderator) {
-      return $('<div class="moderate">Thank you!  Your comment will show up '
-               + 'once it is has been approved by a moderator.</div>');
-    }
-    // Prettify the comment rating.
-    comment.pretty_rating = comment.rating + ' point' +
-      (comment.rating == 1 ? '' : 's');
-    // Make a class (for displaying not yet moderated comments differently)
-    comment.css_class = comment.displayed ? '' : ' moderate';
-    // Create a div for this comment.
-    var context = $.extend({}, opts, comment);
-    var div = $(renderTemplate(commentTemplate, context));
-
-    // If the user has voted on this comment, highlight the correct arrow.
-    if (comment.vote) {
-      var direction = (comment.vote == 1) ? 'u' : 'd';
-      div.find('#' + direction + 'v' + comment.id).hide();
-      div.find('#' + direction + 'u' + comment.id).show();
-    }
-
-    if (opts.moderator || comment.text != '[deleted]') {
-      div.find('a.reply').show();
-      if (comment.proposal_diff)
-        div.find('#sp' + comment.id).show();
-      if (opts.moderator && !comment.displayed)
-        div.find('#cm' + comment.id).show();
-      if (opts.moderator || (opts.username == comment.username))
-        div.find('#dc' + comment.id).show();
-    }
-    return div;
-  }
-
-  /**
-   * A simple template renderer. Placeholders such as <%id%> are replaced
-   * by context['id'] with items being escaped. Placeholders such as <#id#>
-   * are not escaped.
-   */
-  function renderTemplate(template, context) {
-    var esc = $(document.createElement('div'));
-
-    function handle(ph, escape) {
-      var cur = context;
-      $.each(ph.split('.'), function() {
-        cur = cur[this];
-      });
-      return escape ? esc.text(cur || "").html() : cur;
-    }
-
-    return template.replace(/<([%#])([\w\.]*)\1>/g, function() {
-      return handle(arguments[2], arguments[1] == '%' ? true : false);
-    });
-  }
-
-  /** Flash an error message briefly. */
-  function showError(message) {
-    $(document.createElement('div')).attr({'class': 'popup-error'})
-      .append($(document.createElement('div'))
-               .attr({'class': 'error-message'}).text(message))
-      .appendTo('body')
-      .fadeIn("slow")
-      .delay(2000)
-      .fadeOut("slow");
-  }
-
-  /** Add a link the user uses to open the comments popup. */
-  $.fn.comment = function() {
-    return this.each(function() {
-      var id = $(this).attr('id').substring(1);
-      var count = COMMENT_METADATA[id];
-      var title = count + ' comment' + (count == 1 ? '' : 's');
-      var image = count > 0 ? opts.commentBrightImage : opts.commentImage;
-      var addcls = count == 0 ? ' nocomment' : '';
-      $(this)
-        .append(
-          $(document.createElement('a')).attr({
-            href: '#',
-            'class': 'sphinx-comment-open' + addcls,
-            id: 'ao' + id
-          })
-            .append($(document.createElement('img')).attr({
-              src: image,
-              alt: 'comment',
-              title: title
-            }))
-            .click(function(event) {
-              event.preventDefault();
-              show($(this).attr('id').substring(2));
-            })
-        )
-        .append(
-          $(document.createElement('a')).attr({
-            href: '#',
-            'class': 'sphinx-comment-close hidden',
-            id: 'ah' + id
-          })
-            .append($(document.createElement('img')).attr({
-              src: opts.closeCommentImage,
-              alt: 'close',
-              title: 'close'
-            }))
-            .click(function(event) {
-              event.preventDefault();
-              hide($(this).attr('id').substring(2));
-            })
-        );
-    });
-  };
-
-  var opts = {
-    processVoteURL: '/_process_vote',
-    addCommentURL: '/_add_comment',
-    getCommentsURL: '/_get_comments',
-    acceptCommentURL: '/_accept_comment',
-    deleteCommentURL: '/_delete_comment',
-    commentImage: '/static/_static/comment.png',
-    closeCommentImage: '/static/_static/comment-close.png',
-    loadingImage: '/static/_static/ajax-loader.gif',
-    commentBrightImage: '/static/_static/comment-bright.png',
-    upArrow: '/static/_static/up.png',
-    downArrow: '/static/_static/down.png',
-    upArrowPressed: '/static/_static/up-pressed.png',
-    downArrowPressed: '/static/_static/down-pressed.png',
-    voting: false,
-    moderator: false
-  };
-
-  if (typeof COMMENT_OPTIONS != "undefined") {
-    opts = jQuery.extend(opts, COMMENT_OPTIONS);
-  }
-
-  var popupTemplate = '\
-    <div class="sphinx-comments" id="sc<%id%>">\
-      <p class="sort-options">\
-        Sort by:\
-        <a href="#" class="sort-option byrating">best rated</a>\
-        <a href="#" class="sort-option byascage">newest</a>\
-        <a href="#" class="sort-option byage">oldest</a>\
-      </p>\
-      <div class="comment-header">Comments</div>\
-      <div class="comment-loading" id="cn<%id%>">\
-        loading comments... <img src="<%loadingImage%>" alt="" /></div>\
-      <ul id="cl<%id%>" class="comment-ul"></ul>\
-      <div id="ca<%id%>">\
-      <p class="add-a-comment">Add a comment\
-        (<a href="#" class="comment-markup" id="ab<%id%>">markup</a>):</p>\
-      <div class="comment-markup-box" id="mb<%id%>">\
-        reStructured text markup: <i>*emph*</i>, <b>**strong**</b>, \
-        <tt>``code``</tt>, \
-        code blocks: <tt>::</tt> and an indented block after blank line</div>\
-      <form method="post" id="cf<%id%>" class="comment-form" action="">\
-        <textarea name="comment" cols="80"></textarea>\
-        <p class="propose-button">\
-          <a href="#" id="pc<%id%>" class="show-propose-change">\
-            Propose a change &#9657;\
-          </a>\
-          <a href="#" id="hc<%id%>" class="hide-propose-change">\
-            Propose a change &#9663;\
-          </a>\
-        </p>\
-        <textarea name="proposal" id="pt<%id%>" cols="80"\
-                  spellcheck="false"></textarea>\
-        <input type="submit" value="Add comment" />\
-        <input type="hidden" name="node" value="<%id%>" />\
-        <input type="hidden" name="parent" value="" />\
-      </form>\
-      </div>\
-    </div>';
-
-  var commentTemplate = '\
-    <div id="cd<%id%>" class="sphinx-comment<%css_class%>">\
-      <div class="vote">\
-        <div class="arrow">\
-          <a href="#" id="uv<%id%>" class="vote" title="vote up">\
-            <img src="<%upArrow%>" />\
-          </a>\
-          <a href="#" id="uu<%id%>" class="un vote" title="vote up">\
-            <img src="<%upArrowPressed%>" />\
-          </a>\
-        </div>\
-        <div class="arrow">\
-          <a href="#" id="dv<%id%>" class="vote" title="vote down">\
-            <img src="<%downArrow%>" id="da<%id%>" />\
-          </a>\
-          <a href="#" id="du<%id%>" class="un vote" title="vote down">\
-            <img src="<%downArrowPressed%>" />\
-          </a>\
-        </div>\
-      </div>\
-      <div class="comment-content">\
-        <p class="tagline comment">\
-          <span class="user-id"><%username%></span>\
-          <span class="rating"><%pretty_rating%></span>\
-          <span class="delta"><%time.delta%></span>\
-        </p>\
-        <div class="comment-text comment"><#text#></div>\
-        <p class="comment-opts comment">\
-          <a href="#" class="reply hidden" id="rl<%id%>">reply &#9657;</a>\
-          <a href="#" class="close-reply" id="cr<%id%>">reply &#9663;</a>\
-          <a href="#" id="sp<%id%>" class="show-proposal">proposal &#9657;</a>\
-          <a href="#" id="hp<%id%>" class="hide-proposal">proposal &#9663;</a>\
-          <a href="#" id="dc<%id%>" class="delete-comment hidden">delete</a>\
-          <span id="cm<%id%>" class="moderation hidden">\
-            <a href="#" id="ac<%id%>" class="accept-comment">accept</a>\
-          </span>\
-        </p>\
-        <pre class="proposal" id="pr<%id%>">\
-<#proposal_diff#>\
-        </pre>\
-          <ul class="comment-children" id="cl<%id%>"></ul>\
-        </div>\
-        <div class="clearleft"></div>\
-      </div>\
-    </div>';
-
-  var replyTemplate = '\
-    <li>\
-      <div class="reply-div" id="rd<%id%>">\
-        <form id="rf<%id%>">\
-          <textarea name="comment" cols="80"></textarea>\
-          <input type="submit" value="Add reply" />\
-          <input type="button" value="Cancel" />\
-          <input type="hidden" name="parent" value="<%id%>" />\
-          <input type="hidden" name="node" value="" />\
-        </form>\
-      </div>\
-    </li>';
-
-  $(document).ready(function() {
-    init();
-  });
-})(jQuery);
-
-$(document).ready(function() {
-  // add comment anchors for all paragraphs that are commentable
-  $('.sphinx-has-comment').comment();
-
-  // highlight search words in search results
-  $("div.context").each(function() {
-    var params = $.getQueryParameters();
-    var terms = (params.q) ? params.q[0].split(/\s+/) : [];
-    var result = $(this);
-    $.each(terms, function() {
-      result.highlightText(this.toLowerCase(), 'highlighted');
-    });
-  });
-
-  // directly open comment window if requested
-  var anchor = document.location.hash;
-  if (anchor.substring(0, 9) == '#comment-') {
-    $('#ao' + anchor.substring(9)).click();
-    document.location.hash = '#s' + anchor.substring(9);
-  }
-});
diff --git a/docs/saml2/genindex.html b/docs/saml2/genindex.html
index 3ee2939c..f5ad18a1 100644
--- a/docs/saml2/genindex.html
+++ b/docs/saml2/genindex.html
@@ -1,53 +1,72 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>Index &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="_static/jquery.js?v=5d32c60e"></script>
+        <script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="./" id="documentation_options" src="_static/documentation_options.js?v=404a92a0"></script>
+        <script src="_static/doctools.js?v=888ff710"></script>
+        <script src="_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="#" />
+    <link rel="search" title="Search" href="search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="onelogin.html">onelogin package</a></li>
+</ul>
 
-
-
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>Index &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="_static/jquery.js"></script>
-    <script type="text/javascript" src="_static/underscore.js"></script>
-    <script type="text/javascript" src="_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="index.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="#" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li> 
-      </ul>
-    </div>  
-
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="index.html" class="icon icon-home" aria-label="Home"></a></li>
+      <li class="breadcrumb-item active">Index</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
 
 <h1 id="index">Index</h1>
 
@@ -56,9 +75,11 @@ <h1 id="index">Index</h1>
  | <a href="#B"><strong>B</strong></a>
  | <a href="#C"><strong>C</strong></a>
  | <a href="#D"><strong>D</strong></a>
+ | <a href="#E"><strong>E</strong></a>
  | <a href="#F"><strong>F</strong></a>
  | <a href="#G"><strong>G</strong></a>
  | <a href="#I"><strong>I</strong></a>
+ | <a href="#K"><strong>K</strong></a>
  | <a href="#L"><strong>L</strong></a>
  | <a href="#M"><strong>M</strong></a>
  | <a href="#N"><strong>N</strong></a>
@@ -68,874 +89,1135 @@ <h1 id="index">Index</h1>
  | <a href="#R"><strong>R</strong></a>
  | <a href="#S"><strong>S</strong></a>
  | <a href="#T"><strong>T</strong></a>
+ | <a href="#U"><strong>U</strong></a>
  | <a href="#V"><strong>V</strong></a>
  | <a href="#W"><strong>W</strong></a>
+ | <a href="#X"><strong>X</strong></a>
  
 </div>
 <h2 id="A">A</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.AC_KERBEROS">AC_KERBEROS (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.AC_PASSWORD">AC_PASSWORD (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.AC_SMARTCARD">AC_SMARTCARD (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.AC_UNSPECIFIED">AC_UNSPECIFIED (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.AC_X509">AC_X509 (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.add_sign">add_sign() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.metadata.OneLogin_Saml2_Metadata.add_x509_key_descriptors">add_x509_key_descriptors() (saml2.metadata.OneLogin_Saml2_Metadata static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.ALOWED_CLOCK_DRIFT">ALOWED_CLOCK_DRIFT (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_BASIC">ATTRNAME_FORMAT_BASIC (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_UNSPECIFIED">ATTRNAME_FORMAT_UNSPECIFIED (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_URI">ATTRNAME_FORMAT_URI (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_KERBEROS">AC_KERBEROS (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_PASSWORD">AC_PASSWORD (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_PASSWORD_PROTECTED">AC_PASSWORD_PROTECTED (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_SMARTCARD">AC_SMARTCARD (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_UNSPECIFIED">AC_UNSPECIFIED (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_X509">AC_X509 (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.add_request_signature">add_request_signature() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.add_response_signature">add_response_signature() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.add_sign">add_sign() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.add_x509_key_descriptors">add_x509_key_descriptors() (onelogin.saml2.metadata.OneLogin_Saml2_Metadata class method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AES128_CBC">AES128_CBC (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AES192_CBC">AES192_CBC (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AES256_CBC">AES256_CBC (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.ALLOWED_CLOCK_DRIFT">ALLOWED_CLOCK_DRIFT (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ASSERTION_EXPIRED">ASSERTION_EXPIRED (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.ASSERTION_SIGNATURE_XPATH">ASSERTION_SIGNATURE_XPATH (onelogin.saml2.utils.OneLogin_Saml2_Utils attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ASSERTION_TOO_EARLY">ASSERTION_TOO_EARLY (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.ATTRIBUTE">ATTRIBUTE (onelogin.saml2.xml_templates.OneLogin_Saml2_Templates attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_BASIC">ATTRNAME_FORMAT_BASIC (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_UNSPECIFIED">ATTRNAME_FORMAT_UNSPECIFIED (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_URI">ATTRNAME_FORMAT_URI (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.AUTHN_CONTEXT_MISMATCH">AUTHN_CONTEXT_MISMATCH (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.AUTHN_REQUEST">AUTHN_REQUEST (onelogin.saml2.xml_templates.OneLogin_Saml2_Templates attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.authn_request_class">authn_request_class (onelogin.saml2.auth.OneLogin_Saml2_Auth attribute)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="B">B</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.BINDING_DEFLATE">BINDING_DEFLATE (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_ARTIFACT">BINDING_HTTP_ARTIFACT (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_POST">BINDING_HTTP_POST (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT">BINDING_HTTP_REDIRECT (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.BINDING_SOAP">BINDING_SOAP (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.logout_response.OneLogin_Saml2_Logout_Response.build">build() (saml2.logout_response.OneLogin_Saml2_Logout_Response method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.build_request_signature">build_request_signature() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.build_response_signature">build_response_signature() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.metadata.OneLogin_Saml2_Metadata.builder">builder() (saml2.metadata.OneLogin_Saml2_Metadata static method)</a>
-  </dt>
-
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.b64decode">b64decode() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.b64encode">b64encode() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_DEFLATE">BINDING_DEFLATE (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_ARTIFACT">BINDING_HTTP_ARTIFACT (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_POST">BINDING_HTTP_POST (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT">BINDING_HTTP_REDIRECT (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_SOAP">BINDING_SOAP (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.blacklist">blacklist (onelogin.saml2.xmlparser.RestrictedElement attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.build">build() (onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.builder">builder() (onelogin.saml2.metadata.OneLogin_Saml2_Metadata class method)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="C">C</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.calculate_x509_fingerprint">calculate_x509_fingerprint() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.check_settings">check_settings() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.check_sp_certs">check_sp_certs() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.response.OneLogin_Saml2_Response.check_status">check_status() (saml2.response.OneLogin_Saml2_Response method)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.CM_BEARER">CM_BEARER (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.CM_HOLDER_KEY">CM_HOLDER_KEY (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.CM_SENDER_VOUCHES">CM_SENDER_VOUCHES (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.calculate_x509_fingerprint">calculate_x509_fingerprint() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.CERT_NOT_FOUND">CERT_NOT_FOUND (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.check_docinfo">check_docinfo() (in module onelogin.saml2.xmlparser)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_idp_settings">check_idp_settings() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.check_one_authnstatement">check_one_authnstatement() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.check_one_condition">check_one_condition() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_settings">check_settings() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_sp_certs">check_sp_certs() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_sp_settings">check_sp_settings() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.check_status">check_status() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.CHILDREN_NODE_NOT_FOUND_IN_KEYINFO">CHILDREN_NODE_NOT_FOUND_IN_KEYINFO (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.cleanup_namespaces">cleanup_namespaces() (onelogin.saml2.xml_utils.OneLogin_Saml2_XML static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_BEARER">CM_BEARER (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_HOLDER_KEY">CM_HOLDER_KEY (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_SENDER_VOUCHES">CM_SENDER_VOUCHES (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS.createDefaultParser">createDefaultParser() (onelogin.saml2.xmlparser.GlobalParserTLS method)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="D">D</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.decode_base64_and_inflate">decode_base64_and_inflate() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.decrypt_element">decrypt_element() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.deflate_and_base64_encode">deflate_and_base64_encode() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.delete_local_session">delete_local_session() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.decode_base64_and_inflate">decode_base64_and_inflate() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.decrypt_element">decrypt_element() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.deflate_and_base64_encode">deflate_and_base64_encode() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.delete_local_session">delete_local_session() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.DEPRECATED_ALGORITHMS">DEPRECATED_ALGORITHMS (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DEPRECATED_DIGEST_METHOD">DEPRECATED_DIGEST_METHOD (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DEPRECATED_SIGNATURE_METHOD">DEPRECATED_SIGNATURE_METHOD (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.dict_deep_merge">dict_deep_merge() (in module onelogin.saml2.idp_metadata_parser)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.DSA_SHA1">DSA_SHA1 (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.DTDForbidden">DTDForbidden</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.dump">dump() (onelogin.saml2.xml_utils.OneLogin_Saml2_XML static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_ATTRIBUTE_NAME_FOUND">DUPLICATED_ATTRIBUTE_NAME_FOUND (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_ID_IN_SIGNED_ELEMENTS">DUPLICATED_ID_IN_SIGNED_ELEMENTS (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS">DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+  </ul></td>
+</tr></table>
+
+<h2 id="E">E</h2>
+<table style="width: 100%" class="indextable genindextable"><tr>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS.element_class">element_class (onelogin.saml2.xmlparser.GlobalParserTLS attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.element_text">element_text() (onelogin.saml2.xml_utils.OneLogin_Saml2_XML static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.EMPTY_DESTINATION">EMPTY_DESTINATION (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.EMPTY_NAMEID">EMPTY_NAMEID (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ENCRYPTED_ATTRIBUTES">ENCRYPTED_ATTRIBUTES (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.EntitiesForbidden">EntitiesForbidden</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.escape_url">escape_url() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.extract_tag_text">extract_tag_text() (onelogin.saml2.xml_utils.OneLogin_Saml2_XML static method)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="F">F</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.format_cert">format_cert() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.format_finger_print">format_finger_print() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.format_idp_cert">format_idp_cert() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.format_cert">format_cert() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.format_finger_print">format_finger_print() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_idp_cert">format_idp_cert() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_idp_cert_multi">format_idp_cert_multi() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.format_private_key">format_private_key() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_cert">format_sp_cert() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_cert_new">format_sp_cert_new() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_key">format_sp_key() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.fromstring">fromstring() (in module onelogin.saml2.xmlparser)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="G">G</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.generate_name_id">generate_name_id() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.generate_unique_id">generate_unique_id() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_attribute">get_attribute() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_attributes">get_attributes() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      <dd><dl>
-        
-  <dt><a href="saml2.html#saml2.response.OneLogin_Saml2_Response.get_attributes">(saml2.response.OneLogin_Saml2_Response method)</a>
-  </dt>
-
-      </dl></dd>
-      
-  <dt><a href="saml2.html#saml2.response.OneLogin_Saml2_Response.get_audiences">get_audiences() (saml2.response.OneLogin_Saml2_Response method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_base_path">get_base_path() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_cert_path">get_cert_path() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_contacts">get_contacts() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_errors">get_errors() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      <dd><dl>
-        
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_errors">(saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      </dl></dd>
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.get_expire_time">get_expire_time() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_ext_lib_path">get_ext_lib_path() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_id">get_id() (saml2.logout_request.OneLogin_Saml2_Logout_Request static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_idp_data">get_idp_data() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_issuer">get_issuer() (saml2.logout_request.OneLogin_Saml2_Logout_Request static method)</a>
-  </dt>
-
-      <dd><dl>
-        
-  <dt><a href="saml2.html#saml2.logout_response.OneLogin_Saml2_Logout_Response.get_issuer">(saml2.logout_response.OneLogin_Saml2_Logout_Response method)</a>
-  </dt>
-
-      </dl></dd>
-      
-  <dt><a href="saml2.html#saml2.response.OneLogin_Saml2_Response.get_issuers">get_issuers() (saml2.response.OneLogin_Saml2_Response method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_lib_path">get_lib_path() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_name_id">get_name_id() (saml2.logout_request.OneLogin_Saml2_Logout_Request static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_name_id_data">get_name_id_data() (saml2.logout_request.OneLogin_Saml2_Logout_Request static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_nameid">get_nameid() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      <dd><dl>
-        
-  <dt><a href="saml2.html#saml2.response.OneLogin_Saml2_Response.get_nameid">(saml2.response.OneLogin_Saml2_Response method)</a>
-  </dt>
-
-      </dl></dd>
-      
-  <dt><a href="saml2.html#saml2.response.OneLogin_Saml2_Response.get_nameid_data">get_nameid_data() (saml2.response.OneLogin_Saml2_Response method)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_organization">get_organization() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.authn_request.OneLogin_Saml2_Authn_Request.get_request">get_request() (saml2.authn_request.OneLogin_Saml2_Authn_Request method)</a>
-  </dt>
-
-      <dd><dl>
-        
-  <dt><a href="saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_request">(saml2.logout_request.OneLogin_Saml2_Logout_Request method)</a>
-  </dt>
-
-      </dl></dd>
-      
-  <dt><a href="saml2.html#saml2.logout_response.OneLogin_Saml2_Logout_Response.get_response">get_response() (saml2.logout_response.OneLogin_Saml2_Logout_Response method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_schemas_path">get_schemas_path() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_security_data">get_security_data() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.get_self_host">get_self_host() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.get_self_url">get_self_url() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.get_self_url_host">get_self_url_host() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.get_self_url_no_query">get_self_url_no_query() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.response.OneLogin_Saml2_Response.get_session_index">get_session_index() (saml2.response.OneLogin_Saml2_Response method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_session_indexes">get_session_indexes() (saml2.logout_request.OneLogin_Saml2_Logout_Request static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.response.OneLogin_Saml2_Response.get_session_not_on_or_after">get_session_not_on_or_after() (saml2.response.OneLogin_Saml2_Response method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_settings">get_settings() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_slo_url">get_slo_url() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_sp_cert">get_sp_cert() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_sp_data">get_sp_data() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_sp_key">get_sp_key() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.get_sp_metadata">get_sp_metadata() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.get_sso_url">get_sso_url() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.logout_response.OneLogin_Saml2_Logout_Response.get_status">get_status() (saml2.logout_response.OneLogin_Saml2_Logout_Response method)</a>
-  </dt>
-
-      <dd><dl>
-        
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.get_status">(saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      </dl></dd>
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.generate_name_id">generate_name_id() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.generate_unique_id">generate_unique_id() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_id">get_assertion_id() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_issue_instant">get_assertion_issue_instant() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_not_on_or_after">get_assertion_not_on_or_after() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_attribute">get_attribute() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_attributes">get_attributes() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_attributes">(onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_audiences">get_audiences() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_authn_contexts">get_authn_contexts() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_base_path">get_base_path() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_cert_path">get_cert_path() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_contacts">get_contacts() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_error">get_error() (onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_error">(onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response method)</a>
+</li>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_error">(onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_errors">get_errors() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_errors">(onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_expire_time">get_expire_time() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_friendlyname_attribute">get_friendlyname_attribute() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_friendlyname_attributes">get_friendlyname_attributes() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_friendlyname_attributes">(onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_id">get_id() (onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_id">(onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request class method)</a>
+</li>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_id">(onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_cert">get_idp_cert() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_data">get_idp_data() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_slo_response_url">get_idp_slo_response_url() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_slo_url">get_idp_slo_url() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_sso_url">get_idp_sso_url() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_in_response_to">get_in_response_to() (onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_in_response_to">(onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_issuer">get_issuer() (onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request class method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_issuer">(onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_issuers">get_issuers() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_id">get_last_assertion_id() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_issue_instant">get_last_assertion_issue_instant() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_not_on_or_after">get_last_assertion_not_on_or_after() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_authn_contexts">get_last_authn_contexts() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_error_reason">get_last_error_reason() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_message_id">get_last_message_id() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_request_id">get_last_request_id() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_request_xml">get_last_request_xml() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_response_in_response_to">get_last_response_in_response_to() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_response_xml">get_last_response_xml() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_lib_path">get_lib_path() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.get_metadata">get_metadata() (onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser class method)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid">get_nameid() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid">(onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request class method)</a>
+</li>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid">(onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid_data">get_nameid_data() (onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request class method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_data">(onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_format">get_nameid_format() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid_format">(onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request class method)</a>
+</li>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_format">(onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_nq">get_nameid_nq() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_nq">(onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_spnq">get_nameid_spnq() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_spnq">(onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_organization">get_organization() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_request">get_request() (onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_request">(onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_response">get_response() (onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_schemas_path">get_schemas_path() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_security_data">get_security_data() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_host">get_self_host() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_routed_url_no_query">get_self_routed_url_no_query() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url">get_self_url() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_host">get_self_url_host() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_no_query">get_self_url_no_query() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_session_expiration">get_session_expiration() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_session_index">get_session_index() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_session_index">(onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_session_indexes">get_session_indexes() (onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request class method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_session_not_on_or_after">get_session_not_on_or_after() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_settings">get_settings() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_slo_response_url">get_slo_response_url() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_slo_url">get_slo_url() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_cert">get_sp_cert() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_cert_new">get_sp_cert_new() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_data">get_sp_data() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_key">get_sp_key() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_metadata">get_sp_metadata() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_sso_url">get_sso_url() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_status">get_status() (onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_status">(onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_xml">get_xml() (onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_xml">(onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request method)</a>
+</li>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_xml">(onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_xml_document">get_xml_document() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.getchildren">getchildren() (onelogin.saml2.xmlparser.RestrictedElement method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.getDefaultParser">getDefaultParser() (in module onelogin.saml2.xmlparser)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS.getDefaultParser">(onelogin.saml2.xmlparser.GlobalParserTLS method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.getiterator">getiterator() (onelogin.saml2.xmlparser.RestrictedElement method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS">GlobalParserTLS (class in onelogin.saml2.xmlparser)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="I">I</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.is_authenticated">is_authenticated() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.is_debug_active">is_debug_active() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.is_https">is_https() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.is_strict">is_strict() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request.is_valid">is_valid() (saml2.logout_request.OneLogin_Saml2_Logout_Request static method)</a>
-  </dt>
-
-      <dd><dl>
-        
-  <dt><a href="saml2.html#saml2.logout_response.OneLogin_Saml2_Logout_Response.is_valid">(saml2.logout_response.OneLogin_Saml2_Logout_Response method)</a>
-  </dt>
-
-        
-  <dt><a href="saml2.html#saml2.response.OneLogin_Saml2_Response.is_valid">(saml2.response.OneLogin_Saml2_Response method)</a>
-  </dt>
-
-      </dl></dd>
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ID_NOT_FOUND_IN_SIGNED_ELEMENT">ID_NOT_FOUND_IN_SIGNED_ELEMENT (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_SIGNATURE">INVALID_SIGNATURE (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_SIGNED_ELEMENT">INVALID_SIGNED_ELEMENT (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT">INVALID_XML_FORMAT (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.is_authenticated">is_authenticated() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.is_debug_active">is_debug_active() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.is_https">is_https() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.is_strict">is_strict() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.is_valid">is_valid() (onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request method)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.is_valid">(onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response method)</a>
+</li>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.is_valid">(onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      </ul></li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ISSUER_MULTIPLE_IN_RESPONSE">ISSUER_MULTIPLE_IN_RESPONSE (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ISSUER_NOT_FOUND_IN_ASSERTION">ISSUER_NOT_FOUND_IN_ASSERTION (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.iter">iter() (onelogin.saml2.xmlparser.RestrictedElement method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.iterchildren">iterchildren() (onelogin.saml2.xmlparser.RestrictedElement method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.iterdescendants">iterdescendants() (onelogin.saml2.xmlparser.RestrictedElement method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.iterparse">iterparse() (in module onelogin.saml2.xmlparser)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.itersiblings">itersiblings() (onelogin.saml2.xmlparser.RestrictedElement method)</a>
+</li>
+  </ul></td>
+</tr></table>
+
+<h2 id="K">K</h2>
+<table style="width: 100%" class="indextable genindextable"><tr>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA">KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="L">L</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.login">login() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.logout">logout() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.login">login() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.logout">logout() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.LOGOUT_REQUEST">LOGOUT_REQUEST (onelogin.saml2.xml_templates.OneLogin_Saml2_Templates attribute)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.logout_request_class">logout_request_class (onelogin.saml2.auth.OneLogin_Saml2_Auth attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.LOGOUT_RESPONSE">LOGOUT_RESPONSE (onelogin.saml2.xml_templates.OneLogin_Saml2_Templates attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.logout_response_class">logout_response_class (onelogin.saml2.auth.OneLogin_Saml2_Auth attribute)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="M">M</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error.METADATA_SP_INVALID">METADATA_SP_INVALID (saml2.errors.OneLogin_Saml2_Error attribute)</a>
-  </dt>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.make_child">make_child() (onelogin.saml2.xml_utils.OneLogin_Saml2_XML static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.make_root">make_root() (onelogin.saml2.xml_utils.OneLogin_Saml2_XML static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ATTR_CONSUMER_SERVICE">MD_ATTR_CONSUMER_SERVICE (onelogin.saml2.xml_templates.OneLogin_Saml2_Templates attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_CONTACT_PERSON">MD_CONTACT_PERSON (onelogin.saml2.xml_templates.OneLogin_Saml2_Templates attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ENTITY_DESCRIPTOR">MD_ENTITY_DESCRIPTOR (onelogin.saml2.xml_templates.OneLogin_Saml2_Templates attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ORGANISATION">MD_ORGANISATION (onelogin.saml2.xml_templates.OneLogin_Saml2_Templates attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_REQUESTED_ATTRIBUTE">MD_REQUESTED_ATTRIBUTE (onelogin.saml2.xml_templates.OneLogin_Saml2_Templates attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_SLS">MD_SLS (onelogin.saml2.xml_templates.OneLogin_Saml2_Templates attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.merge_settings">merge_settings() (onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.metadata_class">metadata_class (onelogin.saml2.settings.OneLogin_Saml2_Settings attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.METADATA_SP_INVALID">METADATA_SP_INVALID (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_CONDITIONS">MISSING_CONDITIONS (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_ID">MISSING_ID (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_STATUS">MISSING_STATUS (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_STATUS_CODE">MISSING_STATUS_CODE (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li>
+    module
 
-  </dl></td>
+      <ul>
+        <li><a href="onelogin.html#module-onelogin">onelogin</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2">onelogin.saml2</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.auth">onelogin.saml2.auth</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.authn_request">onelogin.saml2.authn_request</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.compat">onelogin.saml2.compat</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.constants">onelogin.saml2.constants</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.errors">onelogin.saml2.errors</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.idp_metadata_parser">onelogin.saml2.idp_metadata_parser</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.logout_request">onelogin.saml2.logout_request</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.logout_response">onelogin.saml2.logout_response</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.metadata">onelogin.saml2.metadata</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.response">onelogin.saml2.response</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.settings">onelogin.saml2.settings</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.utils">onelogin.saml2.utils</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.xml_templates">onelogin.saml2.xml_templates</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.xml_utils">onelogin.saml2.xml_utils</a>
+</li>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.xmlparser">onelogin.saml2.xmlparser</a>
+</li>
+      </ul></li>
+  </ul></td>
 </tr></table>
 
 <h2 id="N">N</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NAMEID_EMAIL_ADDRESS">NAMEID_EMAIL_ADDRESS (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENCRYPTED">NAMEID_ENCRYPTED (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENTITY">NAMEID_ENTITY (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NAMEID_KERBEROS">NAMEID_KERBEROS (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NAMEID_PERSISTENT">NAMEID_PERSISTENT (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NAMEID_TRANSIENT">NAMEID_TRANSIENT (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME">NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NAMEID_X509_SUBJECT_NAME">NAMEID_X509_SUBJECT_NAME (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NS_DS">NS_DS (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NS_MD">NS_MD (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NS_SAML">NS_SAML (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NS_SAMLP">NS_SAMLP (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NS_SOAP">NS_SOAP (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NS_XENC">NS_XENC (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NS_XS">NS_XS (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NS_XSI">NS_XSI (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.NSMAP">NSMAP (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_EMAIL_ADDRESS">NAMEID_EMAIL_ADDRESS (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENCRYPTED">NAMEID_ENCRYPTED (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENTITY">NAMEID_ENTITY (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_KERBEROS">NAMEID_KERBEROS (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_PERSISTENT">NAMEID_PERSISTENT (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_TRANSIENT">NAMEID_TRANSIENT (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_UNSPECIFIED">NAMEID_UNSPECIFIED (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME">NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_X509_SUBJECT_NAME">NAMEID_X509_SUBJECT_NAME (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ATTRIBUTESTATEMENT">NO_ATTRIBUTESTATEMENT (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ENCRYPTED_ASSERTION">NO_ENCRYPTED_ASSERTION (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ENCRYPTED_NAMEID">NO_ENCRYPTED_NAMEID (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_NAMEID">NO_NAMEID (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNATURE_FOUND">NO_SIGNATURE_FOUND (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNED_ASSERTION">NO_SIGNED_ASSERTION (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE">NO_SIGNED_MESSAGE (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.normalize_url">normalize_url() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.NotSupportedError">NotSupportedError</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.now">now() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_DS">NS_DS (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_MD">NS_MD (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_DS">NS_PREFIX_DS (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_MD">NS_PREFIX_MD (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_SAML">NS_PREFIX_SAML (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_SAMLP">NS_PREFIX_SAMLP (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XENC">NS_PREFIX_XENC (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XS">NS_PREFIX_XS (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XSD">NS_PREFIX_XSD (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XSI">NS_PREFIX_XSI (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SAML">NS_SAML (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SAMLP">NS_SAMLP (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SOAP">NS_SOAP (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XENC">NS_XENC (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XS">NS_XS (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XSI">NS_XSI (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NSMAP">NSMAP (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="O">O</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth">OneLogin_Saml2_Auth (class in saml2.auth)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.authn_request.OneLogin_Saml2_Authn_Request">OneLogin_Saml2_Authn_Request (class in saml2.authn_request)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants">OneLogin_Saml2_Constants (class in saml2.constants)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error">OneLogin_Saml2_Error</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.logout_request.OneLogin_Saml2_Logout_Request">OneLogin_Saml2_Logout_Request (class in saml2.logout_request)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.logout_response.OneLogin_Saml2_Logout_Response">OneLogin_Saml2_Logout_Response (class in saml2.logout_response)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.metadata.OneLogin_Saml2_Metadata">OneLogin_Saml2_Metadata (class in saml2.metadata)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.response.OneLogin_Saml2_Response">OneLogin_Saml2_Response (class in saml2.response)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings">OneLogin_Saml2_Settings (class in saml2.settings)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils">OneLogin_Saml2_Utils (class in saml2.utils)</a>
-  </dt>
-
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li>
+    onelogin
+
+      <ul>
+        <li><a href="onelogin.html#module-onelogin">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.auth
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.auth">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.authn_request
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.authn_request">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.compat
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.compat">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.constants
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.constants">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.errors
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.errors">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.idp_metadata_parser
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.idp_metadata_parser">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.logout_request
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.logout_request">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.logout_response
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.logout_response">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.metadata
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.metadata">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.response
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.response">module</a>
+</li>
+      </ul></li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li>
+    onelogin.saml2.settings
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.settings">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.utils
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.utils">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.xml_templates
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.xml_templates">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.xml_utils
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.xml_utils">module</a>
+</li>
+      </ul></li>
+      <li>
+    onelogin.saml2.xmlparser
+
+      <ul>
+        <li><a href="onelogin.saml2.html#module-onelogin.saml2.xmlparser">module</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth">OneLogin_Saml2_Auth (class in onelogin.saml2.auth)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request">OneLogin_Saml2_Authn_Request (class in onelogin.saml2.authn_request)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants">OneLogin_Saml2_Constants (class in onelogin.saml2.constants)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error">OneLogin_Saml2_Error</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser">OneLogin_Saml2_IdPMetadataParser (class in onelogin.saml2.idp_metadata_parser)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request">OneLogin_Saml2_Logout_Request (class in onelogin.saml2.logout_request)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response">OneLogin_Saml2_Logout_Response (class in onelogin.saml2.logout_response)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata">OneLogin_Saml2_Metadata (class in onelogin.saml2.metadata)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response">OneLogin_Saml2_Response (class in onelogin.saml2.response)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings">OneLogin_Saml2_Settings (class in onelogin.saml2.settings)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates">OneLogin_Saml2_Templates (class in onelogin.saml2.xml_templates)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils">OneLogin_Saml2_Utils (class in onelogin.saml2.utils)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError">OneLogin_Saml2_ValidationError</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML">OneLogin_Saml2_XML (class in onelogin.saml2.xml_utils)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="P">P</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.parse_duration">parse_duration() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.parse_SAML_to_time">parse_SAML_to_time() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.parse_time_to_SAML">parse_time_to_SAML() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error.PRIVATE_KEY_FILE_NOT_FOUND">PRIVATE_KEY_FILE_NOT_FOUND (saml2.errors.OneLogin_Saml2_Error attribute)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.process_response">process_response() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.process_slo">process_slo() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error.PUBLIC_CERT_FILE_NOT_FOUND">PUBLIC_CERT_FILE_NOT_FOUND (saml2.errors.OneLogin_Saml2_Error attribute)</a>
-  </dt>
-
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.parse">parse() (in module onelogin.saml2.xmlparser)</a>
+
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.parse">(onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser class method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_duration">parse_duration() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.parse_remote">parse_remote() (onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser class method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_SAML_to_time">parse_SAML_to_time() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_time_to_SAML">parse_time_to_SAML() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS.parser_config">parser_config (onelogin.saml2.xmlparser.GlobalParserTLS attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.PRIVATE_KEY_FILE_NOT_FOUND">PRIVATE_KEY_FILE_NOT_FOUND (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.PRIVATE_KEY_NOT_FOUND">PRIVATE_KEY_NOT_FOUND (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.process_response">process_response() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.process_signed_elements">process_signed_elements() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.process_slo">process_slo() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.PUBLIC_CERT_FILE_NOT_FOUND">PUBLIC_CERT_FILE_NOT_FOUND (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="Q">Q</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.query">query() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.query">query() (onelogin.saml2.xml_utils.OneLogin_Saml2_XML static method)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="R">R</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.redirect">redirect() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error.REDIRECT_INVALID_URL">REDIRECT_INVALID_URL (saml2.errors.OneLogin_Saml2_Error attribute)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.redirect_to">redirect_to() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.RSA_SHA1">RSA_SHA1 (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.redirect">redirect() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.REDIRECT_INVALID_URL">REDIRECT_INVALID_URL (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.redirect_to">redirect_to() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.RESPONSE">RESPONSE (onelogin.saml2.xml_templates.OneLogin_Saml2_Templates attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.response_class">response_class (onelogin.saml2.auth.OneLogin_Saml2_Auth attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.RESPONSE_EXPIRED">RESPONSE_EXPIRED (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.RESPONSE_SIGNATURE_XPATH">RESPONSE_SIGNATURE_XPATH (onelogin.saml2.utils.OneLogin_Saml2_Utils attribute)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement">RestrictedElement (class in onelogin.saml2.xmlparser)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.return_false_on_exception">return_false_on_exception() (in module onelogin.saml2.utils)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_1_5">RSA_1_5 (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_OAEP_MGF1P">RSA_OAEP_MGF1P (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA1">RSA_SHA1 (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA256">RSA_SHA256 (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA384">RSA_SHA384 (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA512">RSA_SHA512 (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="S">S</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#module-saml2.auth">saml2.auth (module)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#module-saml2.authn_request">saml2.authn_request (module)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#module-saml2.constants">saml2.constants (module)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#module-saml2.errors">saml2.errors (module)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#module-saml2.logout_request">saml2.logout_request (module)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#module-saml2.logout_response">saml2.logout_response (module)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#module-saml2.metadata">saml2.metadata (module)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#module-saml2.response">saml2.response (module)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#module-saml2.settings">saml2.settings (module)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#module-saml2.utils">saml2.utils (module)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTMESSAGE_NOT_FOUND">SAML_LOGOUTMESSAGE_NOT_FOUND (saml2.errors.OneLogin_Saml2_Error attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTREQUEST_INVALID">SAML_LOGOUTREQUEST_INVALID (saml2.errors.OneLogin_Saml2_Error attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTRESPONSE_INVALID">SAML_LOGOUTRESPONSE_INVALID (saml2.errors.OneLogin_Saml2_Error attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND">SAML_RESPONSE_NOT_FOUND (saml2.errors.OneLogin_Saml2_Error attribute)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error.SAML_SINGLE_LOGOUT_NOT_SUPPORTED">SAML_SINGLE_LOGOUT_NOT_SUPPORTED (saml2.errors.OneLogin_Saml2_Error attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.auth.OneLogin_Saml2_Auth.set_strict">set_strict() (saml2.auth.OneLogin_Saml2_Auth method)</a>
-  </dt>
-
-      <dd><dl>
-        
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.set_strict">(saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      </dl></dd>
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error.SETTINGS_FILE_NOT_FOUND">SETTINGS_FILE_NOT_FOUND (saml2.errors.OneLogin_Saml2_Error attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID">SETTINGS_INVALID (saml2.errors.OneLogin_Saml2_Error attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID_SYNTAX">SETTINGS_INVALID_SYNTAX (saml2.errors.OneLogin_Saml2_Error attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.metadata.OneLogin_Saml2_Metadata.sign_metadata">sign_metadata() (saml2.metadata.OneLogin_Saml2_Metadata static method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.errors.OneLogin_Saml2_Error.SP_CERTS_NOT_FOUND">SP_CERTS_NOT_FOUND (saml2.errors.OneLogin_Saml2_Error attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.STATUS_NO_PASSIVE">STATUS_NO_PASSIVE (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.STATUS_PARTIAL_LOGOUT">STATUS_PARTIAL_LOGOUT (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.STATUS_PROXY_COUNT_EXCEEDED">STATUS_PROXY_COUNT_EXCEEDED (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTMESSAGE_NOT_FOUND">SAML_LOGOUTMESSAGE_NOT_FOUND (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTREQUEST_INVALID">SAML_LOGOUTREQUEST_INVALID (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTRESPONSE_INVALID">SAML_LOGOUTRESPONSE_INVALID (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND">SAML_RESPONSE_NOT_FOUND (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_SINGLE_LOGOUT_NOT_SUPPORTED">SAML_SINGLE_LOGOUT_NOT_SUPPORTED (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.SESSION_EXPIRED">SESSION_EXPIRED (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.set_cert_path">set_cert_path() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.set_strict">set_strict() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
 
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.STATUS_REQUESTER">STATUS_REQUESTER (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.STATUS_RESPONDER">STATUS_RESPONDER (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.STATUS_SUCCESS">STATUS_SUCCESS (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.set_strict">(onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS.setDefaultParser">setDefaultParser() (onelogin.saml2.xmlparser.GlobalParserTLS method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_FILE_NOT_FOUND">SETTINGS_FILE_NOT_FOUND (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID">SETTINGS_INVALID (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID_SYNTAX">SETTINGS_INVALID_SYNTAX (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA1">SHA1 (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA256">SHA256 (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA384">SHA384 (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA512">SHA512 (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.sign_binary">sign_binary() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.sign_metadata">sign_metadata() (onelogin.saml2.metadata.OneLogin_Saml2_Metadata static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SP_CERTS_NOT_FOUND">SP_CERTS_NOT_FOUND (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.SP_NAME_QUALIFIER_NAME_MISMATCH">SP_NAME_QUALIFIER_NAME_MISMATCH (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.STATUS_CODE_IS_NOT_SUCCESS">STATUS_CODE_IS_NOT_SUCCESS (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_NO_PASSIVE">STATUS_NO_PASSIVE (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_PARTIAL_LOGOUT">STATUS_PARTIAL_LOGOUT (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_PROXY_COUNT_EXCEEDED">STATUS_PROXY_COUNT_EXCEEDED (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_REQUESTER">STATUS_REQUESTER (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_RESPONDER">STATUS_RESPONDER (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_SUCCESS">STATUS_SUCCESS (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_VERSION_MISMATCH">STATUS_VERSION_MISMATCH (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.store_valid_response">store_valid_response() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+  </ul></td>
+</tr></table>
 
-      
-  <dt><a href="saml2.html#saml2.constants.OneLogin_Saml2_Constants.STATUS_VERSION_MISMATCH">STATUS_VERSION_MISMATCH (saml2.constants.OneLogin_Saml2_Constants attribute)</a>
-  </dt>
+<h2 id="T">T</h2>
+<table style="width: 100%" class="indextable genindextable"><tr>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.TIME_CACHED">TIME_CACHED (onelogin.saml2.metadata.OneLogin_Saml2_Metadata attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT">TIME_FORMAT (onelogin.saml2.utils.OneLogin_Saml2_Utils attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT_2">TIME_FORMAT_2 (onelogin.saml2.utils.OneLogin_Saml2_Utils attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT_WITH_FRAGMENT">TIME_FORMAT_WITH_FRAGMENT (onelogin.saml2.utils.OneLogin_Saml2_Utils attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.TIME_VALID">TIME_VALID (onelogin.saml2.metadata.OneLogin_Saml2_Metadata attribute)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.compat.to_bytes">to_bytes() (in module onelogin.saml2.compat)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.to_etree">to_etree() (onelogin.saml2.xml_utils.OneLogin_Saml2_XML static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.compat.to_string">to_string() (in module onelogin.saml2.compat)</a>
 
-  </dl></td>
+      <ul>
+        <li><a href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.to_string">(onelogin.saml2.xml_utils.OneLogin_Saml2_XML static method)</a>
+</li>
+      </ul></li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.TRIPLEDES_CBC">TRIPLEDES_CBC (onelogin.saml2.constants.OneLogin_Saml2_Constants attribute)</a>
+</li>
+  </ul></td>
 </tr></table>
 
-<h2 id="T">T</h2>
+<h2 id="U">U</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.metadata.OneLogin_Saml2_Metadata.TIME_CACHED">TIME_CACHED (saml2.metadata.OneLogin_Saml2_Metadata attribute)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.metadata.OneLogin_Saml2_Metadata.TIME_VALID">TIME_VALID (saml2.metadata.OneLogin_Saml2_Metadata attribute)</a>
-  </dt>
-
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNEXPECTED_SIGNED_ELEMENTS">UNEXPECTED_SIGNED_ELEMENTS (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNSUPPORTED_RETRIEVAL_METHOD">UNSUPPORTED_RETRIEVAL_METHOD (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNSUPPORTED_SAML_VERSION">UNSUPPORTED_SAML_VERSION (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.UNSUPPORTED_SETTINGS_OBJECT">UNSUPPORTED_SETTINGS_OBJECT (onelogin.saml2.errors.OneLogin_Saml2_Error attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.compat.utf8">utf8() (in module onelogin.saml2.compat)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="V">V</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.settings.OneLogin_Saml2_Settings.validate_metadata">validate_metadata() (saml2.settings.OneLogin_Saml2_Settings method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.response.OneLogin_Saml2_Response.validate_num_assertions">validate_num_assertions() (saml2.response.OneLogin_Saml2_Response method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.validate_sign">validate_sign() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-  </dl></td>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.response.OneLogin_Saml2_Response.validate_timestamps">validate_timestamps() (saml2.response.OneLogin_Saml2_Response method)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.settings.validate_url">validate_url() (in module saml2.settings)</a>
-  </dt>
-
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.validate_xml">validate_xml() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
-
-  </dl></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_binary_sign">validate_binary_sign() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.validate_metadata">validate_metadata() (onelogin.saml2.settings.OneLogin_Saml2_Settings method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_metadata_sign">validate_metadata_sign() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_node_sign">validate_node_sign() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.validate_num_assertions">validate_num_assertions() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.validate_request_signature">validate_request_signature() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.validate_response_signature">validate_response_signature() (onelogin.saml2.auth.OneLogin_Saml2_Auth method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_sign">validate_sign() (onelogin.saml2.utils.OneLogin_Saml2_Utils static method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.validate_signed_elements">validate_signed_elements() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.validate_timestamps">validate_timestamps() (onelogin.saml2.response.OneLogin_Saml2_Response method)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.settings.validate_url">validate_url() (in module onelogin.saml2.settings)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.validate_xml">validate_xml() (onelogin.saml2.xml_utils.OneLogin_Saml2_XML static method)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 <h2 id="W">W</h2>
 <table style="width: 100%" class="indextable genindextable"><tr>
-  <td style="width: 33%" valign="top"><dl>
-      
-  <dt><a href="saml2.html#saml2.utils.OneLogin_Saml2_Utils.write_temp_file">write_temp_file() (saml2.utils.OneLogin_Saml2_Utils static method)</a>
-  </dt>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_AUDIENCE">WRONG_AUDIENCE (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_DESTINATION">WRONG_DESTINATION (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_INRESPONSETO">WRONG_INRESPONSETO (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_ISSUER">WRONG_ISSUER (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_ASSERTIONS">WRONG_NUMBER_OF_ASSERTIONS (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+  </ul></td>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_AUTHSTATEMENTS">WRONG_NUMBER_OF_AUTHSTATEMENTS (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES">WRONG_NUMBER_OF_SIGNATURES (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION">WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE">WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_SIGNED_ELEMENT">WRONG_SIGNED_ELEMENT (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_SUBJECTCONFIRMATION">WRONG_SUBJECTCONFIRMATION (onelogin.saml2.errors.OneLogin_Saml2_ValidationError attribute)</a>
+</li>
+  </ul></td>
+</tr></table>
 
-  </dl></td>
+<h2 id="X">X</h2>
+<table style="width: 100%" class="indextable genindextable"><tr>
+  <td style="width: 33%; vertical-align: top;"><ul>
+      <li><a href="onelogin.saml2.html#onelogin.saml2.xmlparser.XML">XML() (in module onelogin.saml2.xmlparser)</a>
+</li>
+  </ul></td>
 </tr></table>
 
 
 
+           </div>
           </div>
-        </div>
-      </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
+          <footer>
 
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
    
 
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
+</footer>
         </div>
       </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="#" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
 </html>
\ No newline at end of file
diff --git a/docs/saml2/index.html b/docs/saml2/index.html
index d17bd654..3fddedcd 100644
--- a/docs/saml2/index.html
+++ b/docs/saml2/index.html
@@ -1,142 +1,139 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" /><meta name="generator" content="Docutils 0.18.1: http://docutils.sourceforge.net/" />
 
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>Welcome to SAML Python2/3 Toolkit’s documentation! &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="_static/jquery.js?v=5d32c60e"></script>
+        <script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="./" id="documentation_options" src="_static/documentation_options.js?v=404a92a0"></script>
+        <script src="_static/doctools.js?v=888ff710"></script>
+        <script src="_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="genindex.html" />
+    <link rel="search" title="Search" href="search.html" />
+    <link rel="next" title="onelogin package" href="onelogin.html" /> 
+</head>
 
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
 
+          
+          
+          <a href="#" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="onelogin.html">onelogin package</a></li>
+</ul>
 
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>Welcome to OneLogin SAML Python library documentation</title>
-    
-    <link rel="stylesheet" href="_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="_static/jquery.js"></script>
-    <script type="text/javascript" src="_static/underscore.js"></script>
-    <script type="text/javascript" src="_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="#" />
-    <link rel="next" title="onelogin.saml2 Class" href="saml2.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="py-modindex.html" title="Python Class Index"
-             >classes</a> |</li>
-        <li class="right" >
-          <a href="saml2.html" title="onelogin.saml2 Class"
-             accesskey="N">next</a> |</li>
-        <li><a href="#">OneLogin SAML Python library classes and methods</a> &raquo;</li> 
-      </ul>
-    </div>  
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="#">SAML Python2/3 Toolkit</a>
+      </nav>
 
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-  <div class="section" id="welcome-to-onelogin.saml2.s-documentation">
-<h1>Welcome to OneLogin SAML Python library documentation<a class="headerlink" href="#welcome-to-onelogin.saml2.s-documentation" title="Permalink to this headline">¶</a></h1>
-<p>Contents:</p>
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="#" class="icon icon-home" aria-label="Home"></a></li>
+      <li class="breadcrumb-item active">Welcome to SAML Python2/3 Toolkit’s documentation!</li>
+      <li class="wy-breadcrumbs-aside">
+            <a href="_sources/index.rst.txt" rel="nofollow"> View page source</a>
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <section id="welcome-to-saml-python2-3-toolkit-s-documentation">
+<h1>Welcome to SAML Python2/3 Toolkit’s documentation!<a class="headerlink" href="#welcome-to-saml-python2-3-toolkit-s-documentation" title="Permalink to this heading"></a></h1>
 <div class="toctree-wrapper compound">
+<p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
 <ul>
-<li class="toctree-l1"><a class="reference internal" href="saml2.html">onelogin.saml2 Module</a><ul>
-<li class="toctree-l2"><a class="reference internal" href="saml2.html#module-saml2.auth"><tt class="docutils literal"><span class="pre">auth</span></tt> Class</a></li>
-<li class="toctree-l2"><a class="reference internal" href="saml2.html#module-saml2.authn_request"><tt class="docutils literal"><span class="pre">authn_request</span></tt> Class</a></li>
-<li class="toctree-l2"><a class="reference internal" href="saml2.html#module-saml2.constants"><tt class="docutils literal"><span class="pre">constants</span></tt> Class</a></li>
-<li class="toctree-l2"><a class="reference internal" href="saml2.html#module-saml2.errors"><tt class="docutils literal"><span class="pre">errors</span></tt> Class</a></li>
-<li class="toctree-l2"><a class="reference internal" href="saml2.html#module-saml2.logout_request"><tt class="docutils literal"><span class="pre">logout_request</span></tt> Class</a></li>
-<li class="toctree-l2"><a class="reference internal" href="saml2.html#module-saml2.logout_response"><tt class="docutils literal"><span class="pre">logout_response</span></tt> Class</a></li>
-<li class="toctree-l2"><a class="reference internal" href="saml2.html#module-saml2.metadata"><tt class="docutils literal"><span class="pre">metadata</span></tt> Class</a></li>
-<li class="toctree-l2"><a class="reference internal" href="saml2.html#module-saml2.response"><tt class="docutils literal"><span class="pre">response</span></tt> Class</a></li>
-<li class="toctree-l2"><a class="reference internal" href="saml2.html#module-saml2.settings"><tt class="docutils literal"><span class="pre">settings</span></tt> Class</a></li>
-<li class="toctree-l2"><a class="reference internal" href="saml2.html#module-saml2.utils"><tt class="docutils literal"><span class="pre">utils</span></tt> Class</a></li>
+<li class="toctree-l1"><a class="reference internal" href="onelogin.html">onelogin package</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.html#subpackages">Subpackages</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html">onelogin.saml2 package</a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#submodules">Submodules</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.auth">onelogin.saml2.auth module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.authn_request">onelogin.saml2.authn_request module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.compat">onelogin.saml2.compat module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.constants">onelogin.saml2.constants module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.errors">onelogin.saml2.errors module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.idp_metadata_parser">onelogin.saml2.idp_metadata_parser module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.logout_request">onelogin.saml2.logout_request module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.logout_response">onelogin.saml2.logout_response module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.metadata">onelogin.saml2.metadata module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.response">onelogin.saml2.response module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.settings">onelogin.saml2.settings module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.utils">onelogin.saml2.utils module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.xml_templates">onelogin.saml2.xml_templates module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.xml_utils">onelogin.saml2.xml_utils module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.xmlparser">onelogin.saml2.xmlparser module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2">Module contents</a></li>
 </ul>
 </li>
 </ul>
-</div>
-</div>
-<div class="section" id="indices-and-tables">
-<h1>Indices and tables<a class="headerlink" href="#indices-and-tables" title="Permalink to this headline">¶</a></h1>
-<ul class="simple">
-<li><a class="reference internal" href="py-modindex.html"><em>Class Index</em></a></li>
-<li><a class="reference internal" href="genindex.html"><em>Method/Constants Index</em></a></li>
-<li><a class="reference internal" href="search.html"><em>Search Page</em></a></li>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.html#module-onelogin">Module contents</a></li>
+</ul>
+</li>
 </ul>
 </div>
+</section>
 
 
+           </div>
           </div>
-        </div>
-      </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-  <h3><a href="#">Table Of Contents</a></h3>
-  <ul>
-<li><a class="reference internal" href="#">Welcome to OneLogin SAML Python library documentation</a><ul>
-</ul>
-</li>
-<li><a class="reference internal" href="#indices-and-tables">Indices and tables</a></li>
-</ul>
+          <footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
+        <a href="onelogin.html" class="btn btn-neutral float-right" title="onelogin package" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
+    </div>
 
-  <h4>Next topic</h4>
-  <p class="topless"><a href="saml2.html"
-                        title="next chapter">onelogin.saml2 Module</a></p>
-  <h3>This Page</h3>
-  <ul class="this-page-menu">
-    <li><a href="_sources/index.txt"
-           rel="nofollow">Show Source</a></li>
-  </ul>
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
         </div>
       </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" >
-          <a href="py-modindex.html" title="Class Index"
-             >classes</a> |</li>
-        <li class="right" style="margin-right: 10px">
-          <a href="genindex.html" title="Method/Constant Index"
-             >methods and constants</a></li>
-        <li class="right" >
-          <a href="saml2.html" title="onelogin.saml2 Class"
-             >next</a> |</li>
-        <li><a href="#">OneLogin SAML Python library classes and methods</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
 </html>
\ No newline at end of file
diff --git a/docs/saml2/modules.html b/docs/saml2/modules.html
new file mode 100644
index 00000000..2ba0850a
--- /dev/null
+++ b/docs/saml2/modules.html
@@ -0,0 +1,135 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" /><meta name="generator" content="Docutils 0.18.1: http://docutils.sourceforge.net/" />
+
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="_static/jquery.js?v=5d32c60e"></script>
+        <script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="./" id="documentation_options" src="_static/documentation_options.js?v=404a92a0"></script>
+        <script src="_static/doctools.js?v=888ff710"></script>
+        <script src="_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="genindex.html" />
+    <link rel="search" title="Search" href="search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="onelogin.html">onelogin package</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="index.html" class="icon icon-home" aria-label="Home"></a></li>
+      <li class="breadcrumb-item active">onelogin</li>
+      <li class="wy-breadcrumbs-aside">
+            <a href="_sources/modules.rst.txt" rel="nofollow"> View page source</a>
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <section id="onelogin">
+<h1>onelogin<a class="headerlink" href="#onelogin" title="Permalink to this heading"></a></h1>
+<div class="toctree-wrapper compound">
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="onelogin.html">onelogin package</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.html#subpackages">Subpackages</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html">onelogin.saml2 package</a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#submodules">Submodules</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.auth">onelogin.saml2.auth module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.authn_request">onelogin.saml2.authn_request module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.compat">onelogin.saml2.compat module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.constants">onelogin.saml2.constants module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.errors">onelogin.saml2.errors module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.idp_metadata_parser">onelogin.saml2.idp_metadata_parser module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.logout_request">onelogin.saml2.logout_request module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.logout_response">onelogin.saml2.logout_response module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.metadata">onelogin.saml2.metadata module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.response">onelogin.saml2.response module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.settings">onelogin.saml2.settings module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.utils">onelogin.saml2.utils module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.xml_templates">onelogin.saml2.xml_templates module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.xml_utils">onelogin.saml2.xml_utils module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.xmlparser">onelogin.saml2.xmlparser module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2">Module contents</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.html#module-onelogin">Module contents</a></li>
+</ul>
+</li>
+</ul>
+</div>
+</section>
+
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/objects.inv b/docs/saml2/objects.inv
index f4df5df0..2081e4bf 100644
Binary files a/docs/saml2/objects.inv and b/docs/saml2/objects.inv differ
diff --git a/docs/saml2/onelogin.html b/docs/saml2/onelogin.html
new file mode 100644
index 00000000..dc1317fd
--- /dev/null
+++ b/docs/saml2/onelogin.html
@@ -0,0 +1,585 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" /><meta name="generator" content="Docutils 0.18.1: http://docutils.sourceforge.net/" />
+
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin package &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="_static/jquery.js?v=5d32c60e"></script>
+        <script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="./" id="documentation_options" src="_static/documentation_options.js?v=404a92a0"></script>
+        <script src="_static/doctools.js?v=888ff710"></script>
+        <script src="_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="genindex.html" />
+    <link rel="search" title="Search" href="search.html" />
+    <link rel="next" title="onelogin.saml2 package" href="onelogin.saml2.html" />
+    <link rel="prev" title="Welcome to SAML Python2/3 Toolkit’s documentation!" href="index.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul class="current">
+<li class="toctree-l1 current"><a class="current reference internal" href="#">onelogin package</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#subpackages">Subpackages</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html">onelogin.saml2 package</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#module-onelogin">Module contents</a></li>
+</ul>
+</li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="index.html" class="icon icon-home" aria-label="Home"></a></li>
+      <li class="breadcrumb-item active">onelogin package</li>
+      <li class="wy-breadcrumbs-aside">
+            <a href="_sources/onelogin.rst.txt" rel="nofollow"> View page source</a>
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <section id="onelogin-package">
+<h1>onelogin package<a class="headerlink" href="#onelogin-package" title="Permalink to this heading"></a></h1>
+<section id="subpackages">
+<h2>Subpackages<a class="headerlink" href="#subpackages" title="Permalink to this heading"></a></h2>
+<div class="toctree-wrapper compound">
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="onelogin.saml2.html">onelogin.saml2 package</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#submodules">Submodules</a></li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.auth">onelogin.saml2.auth module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.add_request_signature"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.add_request_signature()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.add_response_signature"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.add_response_signature()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.authn_request_class"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.authn_request_class</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_attribute"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_attribute()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_attributes"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_attributes()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_errors"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_errors()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_friendlyname_attribute"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_friendlyname_attribute()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_friendlyname_attributes"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_friendlyname_attributes()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_id"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_last_assertion_id()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_issue_instant"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_last_assertion_issue_instant()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_not_on_or_after"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_last_assertion_not_on_or_after()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_authn_contexts"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_last_authn_contexts()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_error_reason"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_last_error_reason()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_message_id"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_last_message_id()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_request_id"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_last_request_id()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_request_xml"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_last_request_xml()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_response_in_response_to"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_last_response_in_response_to()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_response_xml"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_last_response_xml()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_nameid()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_format"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_nameid_format()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_nq"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_nameid_nq()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_spnq"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_nameid_spnq()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_session_expiration"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_session_expiration()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_session_index"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_session_index()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_settings"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_settings()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_slo_response_url"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_slo_response_url()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_slo_url"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_slo_url()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_sso_url"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.get_sso_url()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.is_authenticated"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.is_authenticated()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.login"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.login()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.logout"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.logout()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.logout_request_class"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.logout_request_class</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.logout_response_class"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.logout_response_class</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.process_response"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.process_response()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.process_slo"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.process_slo()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.redirect_to"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.redirect_to()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.response_class"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.response_class</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.set_strict"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.set_strict()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.store_valid_response"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.store_valid_response()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.validate_request_signature"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.validate_request_signature()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.auth.OneLogin_Saml2_Auth.validate_response_signature"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Auth.validate_response_signature()</span></code></a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.authn_request">onelogin.saml2.authn_request module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Authn_Request</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_id"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Authn_Request.get_id()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_request"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Authn_Request.get_request()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_xml"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Authn_Request.get_xml()</span></code></a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.compat">onelogin.saml2.compat module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.compat.to_bytes"><code class="docutils literal notranslate"><span class="pre">to_bytes()</span></code></a></li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.compat.to_string"><code class="docutils literal notranslate"><span class="pre">to_string()</span></code></a></li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.compat.utf8"><code class="docutils literal notranslate"><span class="pre">utf8()</span></code></a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.constants">onelogin.saml2.constants module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_KERBEROS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.AC_KERBEROS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_PASSWORD"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.AC_PASSWORD</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_PASSWORD_PROTECTED"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.AC_PASSWORD_PROTECTED</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_SMARTCARD"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.AC_SMARTCARD</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_UNSPECIFIED"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.AC_UNSPECIFIED</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_X509"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.AC_X509</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AES128_CBC"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.AES128_CBC</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AES192_CBC"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.AES192_CBC</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.AES256_CBC"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.AES256_CBC</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.ALLOWED_CLOCK_DRIFT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.ALLOWED_CLOCK_DRIFT</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_BASIC"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.ATTRNAME_FORMAT_BASIC</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_UNSPECIFIED"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.ATTRNAME_FORMAT_UNSPECIFIED</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_URI"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.ATTRNAME_FORMAT_URI</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_DEFLATE"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.BINDING_DEFLATE</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_ARTIFACT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.BINDING_HTTP_ARTIFACT</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_POST"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.BINDING_HTTP_POST</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_SOAP"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.BINDING_SOAP</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_BEARER"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.CM_BEARER</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_HOLDER_KEY"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.CM_HOLDER_KEY</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_SENDER_VOUCHES"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.CM_SENDER_VOUCHES</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.DEPRECATED_ALGORITHMS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.DEPRECATED_ALGORITHMS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.DSA_SHA1"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.DSA_SHA1</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_EMAIL_ADDRESS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NAMEID_EMAIL_ADDRESS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENCRYPTED"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NAMEID_ENCRYPTED</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENTITY"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NAMEID_ENTITY</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_KERBEROS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NAMEID_KERBEROS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_PERSISTENT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NAMEID_PERSISTENT</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_TRANSIENT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NAMEID_TRANSIENT</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_UNSPECIFIED"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NAMEID_UNSPECIFIED</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_X509_SUBJECT_NAME"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NAMEID_X509_SUBJECT_NAME</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NSMAP"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NSMAP</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_DS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_DS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_MD"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_MD</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_DS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_PREFIX_DS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_MD"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_PREFIX_MD</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_SAML"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_PREFIX_SAML</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_SAMLP"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_PREFIX_SAMLP</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XENC"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_PREFIX_XENC</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_PREFIX_XS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XSD"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_PREFIX_XSD</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XSI"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_PREFIX_XSI</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SAML"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_SAML</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SAMLP"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_SAMLP</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SOAP"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_SOAP</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XENC"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_XENC</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_XS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XSI"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.NS_XSI</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_1_5"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.RSA_1_5</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_OAEP_MGF1P"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.RSA_OAEP_MGF1P</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA1"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.RSA_SHA1</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA256"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.RSA_SHA256</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA384"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.RSA_SHA384</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA512"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.RSA_SHA512</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA1"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.SHA1</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA256"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.SHA256</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA384"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.SHA384</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA512"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.SHA512</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_NO_PASSIVE"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.STATUS_NO_PASSIVE</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_PARTIAL_LOGOUT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.STATUS_PARTIAL_LOGOUT</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_PROXY_COUNT_EXCEEDED"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.STATUS_PROXY_COUNT_EXCEEDED</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_REQUESTER"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.STATUS_REQUESTER</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_RESPONDER"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.STATUS_RESPONDER</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_SUCCESS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.STATUS_SUCCESS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_VERSION_MISMATCH"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.STATUS_VERSION_MISMATCH</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.constants.OneLogin_Saml2_Constants.TRIPLEDES_CBC"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Constants.TRIPLEDES_CBC</span></code></a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.errors">onelogin.saml2.errors module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.CERT_NOT_FOUND"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.CERT_NOT_FOUND</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.METADATA_SP_INVALID"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.METADATA_SP_INVALID</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.PRIVATE_KEY_FILE_NOT_FOUND"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.PRIVATE_KEY_FILE_NOT_FOUND</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.PRIVATE_KEY_NOT_FOUND"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.PRIVATE_KEY_NOT_FOUND</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.PUBLIC_CERT_FILE_NOT_FOUND"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.PUBLIC_CERT_FILE_NOT_FOUND</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.REDIRECT_INVALID_URL"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.REDIRECT_INVALID_URL</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTMESSAGE_NOT_FOUND"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.SAML_LOGOUTMESSAGE_NOT_FOUND</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTREQUEST_INVALID"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.SAML_LOGOUTREQUEST_INVALID</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTRESPONSE_INVALID"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.SAML_LOGOUTRESPONSE_INVALID</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_SINGLE_LOGOUT_NOT_SUPPORTED"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.SAML_SINGLE_LOGOUT_NOT_SUPPORTED</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_FILE_NOT_FOUND"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.SETTINGS_FILE_NOT_FOUND</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.SETTINGS_INVALID</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID_SYNTAX"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.SETTINGS_INVALID_SYNTAX</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.SP_CERTS_NOT_FOUND"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.SP_CERTS_NOT_FOUND</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_Error.UNSUPPORTED_SETTINGS_OBJECT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Error.UNSUPPORTED_SETTINGS_OBJECT</span></code></a></li>
+</ul>
+</li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ASSERTION_EXPIRED"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.ASSERTION_EXPIRED</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ASSERTION_TOO_EARLY"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.ASSERTION_TOO_EARLY</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.AUTHN_CONTEXT_MISMATCH"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.AUTHN_CONTEXT_MISMATCH</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.CHILDREN_NODE_NOT_FOUND_IN_KEYINFO"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.CHILDREN_NODE_NOT_FOUND_IN_KEYINFO</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DEPRECATED_DIGEST_METHOD"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.DEPRECATED_DIGEST_METHOD</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DEPRECATED_SIGNATURE_METHOD"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.DEPRECATED_SIGNATURE_METHOD</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_ATTRIBUTE_NAME_FOUND"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.DUPLICATED_ATTRIBUTE_NAME_FOUND</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_ID_IN_SIGNED_ELEMENTS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.DUPLICATED_ID_IN_SIGNED_ELEMENTS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.EMPTY_DESTINATION"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.EMPTY_DESTINATION</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.EMPTY_NAMEID"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.EMPTY_NAMEID</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ENCRYPTED_ATTRIBUTES"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.ENCRYPTED_ATTRIBUTES</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ID_NOT_FOUND_IN_SIGNED_ELEMENT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.ID_NOT_FOUND_IN_SIGNED_ELEMENT</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_SIGNATURE"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.INVALID_SIGNATURE</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_SIGNED_ELEMENT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.INVALID_SIGNED_ELEMENT</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ISSUER_MULTIPLE_IN_RESPONSE"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.ISSUER_MULTIPLE_IN_RESPONSE</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ISSUER_NOT_FOUND_IN_ASSERTION"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.ISSUER_NOT_FOUND_IN_ASSERTION</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_CONDITIONS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.MISSING_CONDITIONS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_ID"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.MISSING_ID</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_STATUS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.MISSING_STATUS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_STATUS_CODE"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.MISSING_STATUS_CODE</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ATTRIBUTESTATEMENT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.NO_ATTRIBUTESTATEMENT</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ENCRYPTED_ASSERTION"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.NO_ENCRYPTED_ASSERTION</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ENCRYPTED_NAMEID"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.NO_ENCRYPTED_NAMEID</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_NAMEID"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.NO_NAMEID</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNATURE_FOUND"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.NO_SIGNATURE_FOUND</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNED_ASSERTION"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.NO_SIGNED_ASSERTION</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.RESPONSE_EXPIRED"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.RESPONSE_EXPIRED</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.SESSION_EXPIRED"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.SESSION_EXPIRED</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.SP_NAME_QUALIFIER_NAME_MISMATCH"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.SP_NAME_QUALIFIER_NAME_MISMATCH</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.STATUS_CODE_IS_NOT_SUCCESS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.STATUS_CODE_IS_NOT_SUCCESS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNEXPECTED_SIGNED_ELEMENTS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.UNEXPECTED_SIGNED_ELEMENTS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNSUPPORTED_RETRIEVAL_METHOD"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.UNSUPPORTED_RETRIEVAL_METHOD</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNSUPPORTED_SAML_VERSION"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.UNSUPPORTED_SAML_VERSION</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_AUDIENCE"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.WRONG_AUDIENCE</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_DESTINATION"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.WRONG_DESTINATION</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_INRESPONSETO"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.WRONG_INRESPONSETO</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_ISSUER"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.WRONG_ISSUER</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_ASSERTIONS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_ASSERTIONS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_AUTHSTATEMENTS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_AUTHSTATEMENTS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_SIGNED_ELEMENT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.WRONG_SIGNED_ELEMENT</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_SUBJECTCONFIRMATION"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_ValidationError.WRONG_SUBJECTCONFIRMATION</span></code></a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.idp_metadata_parser">onelogin.saml2.idp_metadata_parser module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_IdPMetadataParser</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.get_metadata"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_IdPMetadataParser.get_metadata()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.merge_settings"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_IdPMetadataParser.merge_settings()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.parse"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_IdPMetadataParser.parse()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.parse_remote"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_IdPMetadataParser.parse_remote()</span></code></a></li>
+</ul>
+</li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.idp_metadata_parser.dict_deep_merge"><code class="docutils literal notranslate"><span class="pre">dict_deep_merge()</span></code></a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.logout_request">onelogin.saml2.logout_request module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Request</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_error"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Request.get_error()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_id"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Request.get_id()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_issuer"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Request.get_issuer()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Request.get_nameid()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid_data"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Request.get_nameid_data()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid_format"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Request.get_nameid_format()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_request"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Request.get_request()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_session_indexes"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Request.get_session_indexes()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_xml"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Request.get_xml()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.is_valid"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Request.is_valid()</span></code></a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.logout_response">onelogin.saml2.logout_response module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Response</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.build"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Response.build()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_error"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Response.get_error()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_in_response_to"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Response.get_in_response_to()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_issuer"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Response.get_issuer()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_response"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Response.get_response()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_status"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Response.get_status()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_xml"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Response.get_xml()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.is_valid"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Response.is_valid()</span></code></a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.metadata">onelogin.saml2.metadata module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Metadata</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.TIME_CACHED"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Metadata.TIME_CACHED</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.TIME_VALID"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Metadata.TIME_VALID</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.add_x509_key_descriptors"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Metadata.add_x509_key_descriptors()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.builder"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Metadata.builder()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.sign_metadata"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Metadata.sign_metadata()</span></code></a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.response">onelogin.saml2.response module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.check_one_authnstatement"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.check_one_authnstatement()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.check_one_condition"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.check_one_condition()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.check_status"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.check_status()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_id"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_assertion_id()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_issue_instant"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_assertion_issue_instant()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_not_on_or_after"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_assertion_not_on_or_after()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_attributes"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_attributes()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_audiences"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_audiences()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_authn_contexts"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_authn_contexts()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_error"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_error()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_friendlyname_attributes"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_friendlyname_attributes()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_id"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_id()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_in_response_to"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_in_response_to()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_issuers"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_issuers()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_nameid()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_data"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_nameid_data()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_format"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_nameid_format()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_nq"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_nameid_nq()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_spnq"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_nameid_spnq()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_session_index"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_session_index()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_session_not_on_or_after"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_session_not_on_or_after()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.get_xml_document"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.get_xml_document()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.is_valid"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.is_valid()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.process_signed_elements"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.process_signed_elements()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.validate_num_assertions"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.validate_num_assertions()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.validate_signed_elements"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.validate_signed_elements()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.response.OneLogin_Saml2_Response.validate_timestamps"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response.validate_timestamps()</span></code></a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.settings">onelogin.saml2.settings module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_idp_settings"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.check_idp_settings()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_settings"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.check_settings()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_sp_certs"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.check_sp_certs()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_sp_settings"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.check_sp_settings()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_idp_cert"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.format_idp_cert()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_idp_cert_multi"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.format_idp_cert_multi()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_cert"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.format_sp_cert()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_cert_new"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.format_sp_cert_new()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_key"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.format_sp_key()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_base_path"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_base_path()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_cert_path"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_cert_path()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_contacts"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_contacts()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_errors"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_errors()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_cert"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_idp_cert()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_data"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_idp_data()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_slo_response_url"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_idp_slo_response_url()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_slo_url"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_idp_slo_url()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_sso_url"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_idp_sso_url()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_lib_path"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_lib_path()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_organization"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_organization()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_schemas_path"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_schemas_path()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_security_data"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_security_data()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_cert"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_sp_cert()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_cert_new"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_sp_cert_new()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_data"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_sp_data()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_key"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_sp_key()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_metadata"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.get_sp_metadata()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.is_debug_active"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.is_debug_active()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.is_strict"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.is_strict()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.metadata_class"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.metadata_class</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.set_cert_path"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.set_cert_path()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.set_strict"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.set_strict()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.OneLogin_Saml2_Settings.validate_metadata"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Settings.validate_metadata()</span></code></a></li>
+</ul>
+</li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.settings.validate_url"><code class="docutils literal notranslate"><span class="pre">validate_url()</span></code></a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.utils">onelogin.saml2.utils module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.ASSERTION_SIGNATURE_XPATH"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.ASSERTION_SIGNATURE_XPATH</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.RESPONSE_SIGNATURE_XPATH"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.RESPONSE_SIGNATURE_XPATH</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.TIME_FORMAT</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT_2"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.TIME_FORMAT_2</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT_WITH_FRAGMENT"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.TIME_FORMAT_WITH_FRAGMENT</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.add_sign"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.add_sign()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.b64decode"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.b64decode()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.b64encode"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.b64encode()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.calculate_x509_fingerprint"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.calculate_x509_fingerprint()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.decode_base64_and_inflate"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.decode_base64_and_inflate()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.decrypt_element"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.decrypt_element()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.deflate_and_base64_encode"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.deflate_and_base64_encode()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.delete_local_session"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.delete_local_session()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.escape_url"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.escape_url()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.format_cert"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.format_cert()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.format_finger_print"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.format_finger_print()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.format_private_key"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.format_private_key()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.generate_name_id"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.generate_name_id()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.generate_unique_id"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.generate_unique_id()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_expire_time"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.get_expire_time()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_host"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.get_self_host()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_routed_url_no_query"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.get_self_routed_url_no_query()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.get_self_url()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_host"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.get_self_url_host()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_no_query"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.get_self_url_no_query()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_status"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.get_status()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.is_https"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.is_https()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.normalize_url"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.normalize_url()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.now"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.now()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_SAML_to_time"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.parse_SAML_to_time()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_duration"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.parse_duration()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_time_to_SAML"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.parse_time_to_SAML()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.redirect"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.redirect()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.sign_binary"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.sign_binary()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_binary_sign"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.validate_binary_sign()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_metadata_sign"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.validate_metadata_sign()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_node_sign"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.validate_node_sign()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_sign"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Utils.validate_sign()</span></code></a></li>
+</ul>
+</li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.utils.return_false_on_exception"><code class="docutils literal notranslate"><span class="pre">return_false_on_exception()</span></code></a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.xml_templates">onelogin.saml2.xml_templates module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Templates</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.ATTRIBUTE"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Templates.ATTRIBUTE</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.AUTHN_REQUEST"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Templates.AUTHN_REQUEST</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.LOGOUT_REQUEST"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Templates.LOGOUT_REQUEST</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.LOGOUT_RESPONSE"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Templates.LOGOUT_RESPONSE</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ATTR_CONSUMER_SERVICE"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Templates.MD_ATTR_CONSUMER_SERVICE</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_CONTACT_PERSON"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Templates.MD_CONTACT_PERSON</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ENTITY_DESCRIPTOR"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Templates.MD_ENTITY_DESCRIPTOR</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ORGANISATION"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Templates.MD_ORGANISATION</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_REQUESTED_ATTRIBUTE"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Templates.MD_REQUESTED_ATTRIBUTE</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_SLS"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Templates.MD_SLS</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.RESPONSE"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_Templates.RESPONSE</span></code></a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.xml_utils">onelogin.saml2.xml_utils module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_XML</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.cleanup_namespaces"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_XML.cleanup_namespaces()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.dump"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_XML.dump()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.element_text"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_XML.element_text()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.extract_tag_text"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_XML.extract_tag_text()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.make_child"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_XML.make_child()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.make_root"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_XML.make_root()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.query"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_XML.query()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.to_etree"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_XML.to_etree()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.to_string"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_XML.to_string()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.validate_xml"><code class="docutils literal notranslate"><span class="pre">OneLogin_Saml2_XML.validate_xml()</span></code></a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2.xmlparser">onelogin.saml2.xmlparser module</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.DTDForbidden"><code class="docutils literal notranslate"><span class="pre">DTDForbidden</span></code></a></li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.EntitiesForbidden"><code class="docutils literal notranslate"><span class="pre">EntitiesForbidden</span></code></a></li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS"><code class="docutils literal notranslate"><span class="pre">GlobalParserTLS</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS.createDefaultParser"><code class="docutils literal notranslate"><span class="pre">GlobalParserTLS.createDefaultParser()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS.element_class"><code class="docutils literal notranslate"><span class="pre">GlobalParserTLS.element_class</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS.getDefaultParser"><code class="docutils literal notranslate"><span class="pre">GlobalParserTLS.getDefaultParser()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS.parser_config"><code class="docutils literal notranslate"><span class="pre">GlobalParserTLS.parser_config</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.GlobalParserTLS.setDefaultParser"><code class="docutils literal notranslate"><span class="pre">GlobalParserTLS.setDefaultParser()</span></code></a></li>
+</ul>
+</li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.NotSupportedError"><code class="docutils literal notranslate"><span class="pre">NotSupportedError</span></code></a></li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement"><code class="docutils literal notranslate"><span class="pre">RestrictedElement</span></code></a><ul>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.blacklist"><code class="docutils literal notranslate"><span class="pre">RestrictedElement.blacklist</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.getchildren"><code class="docutils literal notranslate"><span class="pre">RestrictedElement.getchildren()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.getiterator"><code class="docutils literal notranslate"><span class="pre">RestrictedElement.getiterator()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.iter"><code class="docutils literal notranslate"><span class="pre">RestrictedElement.iter()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.iterchildren"><code class="docutils literal notranslate"><span class="pre">RestrictedElement.iterchildren()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.iterdescendants"><code class="docutils literal notranslate"><span class="pre">RestrictedElement.iterdescendants()</span></code></a></li>
+<li class="toctree-l4"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.RestrictedElement.itersiblings"><code class="docutils literal notranslate"><span class="pre">RestrictedElement.itersiblings()</span></code></a></li>
+</ul>
+</li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.XML"><code class="docutils literal notranslate"><span class="pre">XML()</span></code></a></li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.check_docinfo"><code class="docutils literal notranslate"><span class="pre">check_docinfo()</span></code></a></li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.fromstring"><code class="docutils literal notranslate"><span class="pre">fromstring()</span></code></a></li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.getDefaultParser"><code class="docutils literal notranslate"><span class="pre">getDefaultParser()</span></code></a></li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.iterparse"><code class="docutils literal notranslate"><span class="pre">iterparse()</span></code></a></li>
+<li class="toctree-l3"><a class="reference internal" href="onelogin.saml2.html#onelogin.saml2.xmlparser.parse"><code class="docutils literal notranslate"><span class="pre">parse()</span></code></a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.saml2.html#module-onelogin.saml2">Module contents</a></li>
+</ul>
+</li>
+</ul>
+</div>
+</section>
+<section id="module-onelogin">
+<span id="module-contents"></span><h2>Module contents<a class="headerlink" href="#module-onelogin" title="Permalink to this heading"></a></h2>
+<p>Add SAML support to your Python softwares using this library.</p>
+<p>SAML Python toolkit let you build a SP (Service Provider)
+over your Python application and connect it to any IdP (Identity Provider).</p>
+<p>Supports:</p>
+<ul class="simple">
+<li><p>SSO and SLO (SP-Initiated and IdP-Initiated).</p></li>
+<li><p>Assertion and nameId encryption.</p></li>
+<li><p>Assertion signature.</p></li>
+<li><p>Message signature: AuthNRequest, LogoutRequest, LogoutResponses.</p></li>
+<li><p>Enable an Assertion Consumer Service endpoint.</p></li>
+<li><p>Enable a Single Logout Service endpoint.</p></li>
+<li><p>Publish the SP metadata (which can be signed).</p></li>
+</ul>
+</section>
+</section>
+
+
+           </div>
+          </div>
+          <footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
+        <a href="index.html" class="btn btn-neutral float-left" title="Welcome to SAML Python2/3 Toolkit’s documentation!" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
+        <a href="onelogin.saml2.html" class="btn btn-neutral float-right" title="onelogin.saml2 package" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
+    </div>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/onelogin.saml2.html b/docs/saml2/onelogin.saml2.html
new file mode 100644
index 00000000..4fbbffe8
--- /dev/null
+++ b/docs/saml2/onelogin.saml2.html
@@ -0,0 +1,3780 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" /><meta name="generator" content="Docutils 0.18.1: http://docutils.sourceforge.net/" />
+
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>onelogin.saml2 package &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="_static/jquery.js?v=5d32c60e"></script>
+        <script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="./" id="documentation_options" src="_static/documentation_options.js?v=404a92a0"></script>
+        <script src="_static/doctools.js?v=888ff710"></script>
+        <script src="_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="genindex.html" />
+    <link rel="search" title="Search" href="search.html" />
+    <link rel="prev" title="onelogin package" href="onelogin.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul class="current">
+<li class="toctree-l1 current"><a class="reference internal" href="onelogin.html">onelogin package</a><ul class="current">
+<li class="toctree-l2 current"><a class="reference internal" href="onelogin.html#subpackages">Subpackages</a><ul class="current">
+<li class="toctree-l3 current"><a class="current reference internal" href="#">onelogin.saml2 package</a><ul>
+<li class="toctree-l4"><a class="reference internal" href="#submodules">Submodules</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.auth">onelogin.saml2.auth module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.authn_request">onelogin.saml2.authn_request module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.compat">onelogin.saml2.compat module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.constants">onelogin.saml2.constants module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.errors">onelogin.saml2.errors module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.idp_metadata_parser">onelogin.saml2.idp_metadata_parser module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.logout_request">onelogin.saml2.logout_request module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.logout_response">onelogin.saml2.logout_response module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.metadata">onelogin.saml2.metadata module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.response">onelogin.saml2.response module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.settings">onelogin.saml2.settings module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.utils">onelogin.saml2.utils module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.xml_templates">onelogin.saml2.xml_templates module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.xml_utils">onelogin.saml2.xml_utils module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2.xmlparser">onelogin.saml2.xmlparser module</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#module-onelogin.saml2">Module contents</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="onelogin.html#module-onelogin">Module contents</a></li>
+</ul>
+</li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="onelogin.html">onelogin package</a></li>
+      <li class="breadcrumb-item active">onelogin.saml2 package</li>
+      <li class="wy-breadcrumbs-aside">
+            <a href="_sources/onelogin.saml2.rst.txt" rel="nofollow"> View page source</a>
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <section id="onelogin-saml2-package">
+<h1>onelogin.saml2 package<a class="headerlink" href="#onelogin-saml2-package" title="Permalink to this heading"></a></h1>
+<section id="submodules">
+<h2>Submodules<a class="headerlink" href="#submodules" title="Permalink to this heading"></a></h2>
+</section>
+<section id="module-onelogin.saml2.auth">
+<span id="onelogin-saml2-auth-module"></span><h2>onelogin.saml2.auth module<a class="headerlink" href="#module-onelogin.saml2.auth" title="Permalink to this heading"></a></h2>
+<p>OneLogin_Saml2_Auth class</p>
+<p>Main class of SAML Python Toolkit.</p>
+<p>Initializes the SP SAML instance</p>
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.auth.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_Auth</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_data</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">old_settings</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">custom_base_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
+<p>This class implements the SP SAML instance.</p>
+<p>Defines the methods that you can invoke in your application in
+order to add SAML support (initiates SSO, initiates SLO, processes a
+SAML Response, a Logout Request or a Logout Response).</p>
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.add_request_signature">
+<span class="sig-name descname"><span class="pre">add_request_signature</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_data</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">sign_algorithm</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.add_request_signature"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.add_request_signature" title="Permalink to this definition"></a></dt>
+<dd><p>Builds the Signature of the SAML Request.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>request_data</strong> (<em>dict</em>) – The Request parameters</p></li>
+<li><p><strong>sign_algorithm</strong> (<em>string</em>) – Signature algorithm method</p></li>
+</ul>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.add_response_signature">
+<span class="sig-name descname"><span class="pre">add_response_signature</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">response_data</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">sign_algorithm</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.add_response_signature"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.add_response_signature" title="Permalink to this definition"></a></dt>
+<dd><p>Builds the Signature of the SAML Response.
+:param response_data: The Response parameters
+:type response_data: dict</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>sign_algorithm</strong> (<em>string</em>) – Signature algorithm method</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.authn_request_class">
+<span class="sig-name descname"><span class="pre">authn_request_class</span></span><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.authn_request_class" title="Permalink to this definition"></a></dt>
+<dd><p>alias of <a class="reference internal" href="#onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request" title="onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request"><code class="xref py py-class docutils literal notranslate"><span class="pre">OneLogin_Saml2_Authn_Request</span></code></a></p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_attribute">
+<span class="sig-name descname"><span class="pre">get_attribute</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">name</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_attribute"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_attribute" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the requested SAML attribute.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>name</strong> (<em>string</em>) – Name of the attribute</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>Attribute value(s) if exists or None</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>list</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_attributes">
+<span class="sig-name descname"><span class="pre">get_attributes</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_attributes"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_attributes" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the set of SAML attributes.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>SAML attributes</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_errors">
+<span class="sig-name descname"><span class="pre">get_errors</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_errors"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_errors" title="Permalink to this definition"></a></dt>
+<dd><p>Returns a list with code errors if something went wrong</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>List of errors</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>list</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_friendlyname_attribute">
+<span class="sig-name descname"><span class="pre">get_friendlyname_attribute</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">friendlyname</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_friendlyname_attribute"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_friendlyname_attribute" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the requested SAML attribute searched by FriendlyName.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>friendlyname</strong> (<em>string</em>) – FriendlyName of the attribute</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>Attribute value(s) if exists or None</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>list</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_friendlyname_attributes">
+<span class="sig-name descname"><span class="pre">get_friendlyname_attributes</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_friendlyname_attributes"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_friendlyname_attributes" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the set of SAML attributes indexed by FiendlyName.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>SAML attributes</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_id">
+<span class="sig-name descname"><span class="pre">get_last_assertion_id</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_last_assertion_id"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_id" title="Permalink to this definition"></a></dt>
+<dd><dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The ID of the last assertion processed.</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_issue_instant">
+<span class="sig-name descname"><span class="pre">get_last_assertion_issue_instant</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_last_assertion_issue_instant"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_issue_instant" title="Permalink to this definition"></a></dt>
+<dd><dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The IssueInstant of the last assertion processed.</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>unix/posix timestamp|None</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_not_on_or_after">
+<span class="sig-name descname"><span class="pre">get_last_assertion_not_on_or_after</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_last_assertion_not_on_or_after"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_not_on_or_after" title="Permalink to this definition"></a></dt>
+<dd><p>The NotOnOrAfter value of the valid SubjectConfirmationData node
+(if any) of the last assertion processed</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_authn_contexts">
+<span class="sig-name descname"><span class="pre">get_last_authn_contexts</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_last_authn_contexts"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_authn_contexts" title="Permalink to this definition"></a></dt>
+<dd><dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The list of authentication contexts sent in the last SAML Response.</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>list</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_error_reason">
+<span class="sig-name descname"><span class="pre">get_last_error_reason</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_last_error_reason"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_error_reason" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the reason for the last error</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Reason of the last error</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>None | string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_message_id">
+<span class="sig-name descname"><span class="pre">get_last_message_id</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_last_message_id"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_message_id" title="Permalink to this definition"></a></dt>
+<dd><dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The ID of the last Response SAML message processed.</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_request_id">
+<span class="sig-name descname"><span class="pre">get_last_request_id</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_last_request_id"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_request_id" title="Permalink to this definition"></a></dt>
+<dd><dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The ID of the last Request SAML message generated.</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_request_xml">
+<span class="sig-name descname"><span class="pre">get_last_request_xml</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_last_request_xml"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_request_xml" title="Permalink to this definition"></a></dt>
+<dd><p>Retrieves the raw XML sent in the last SAML request
+:returns: SAML request XML
+:rtype: string|None</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_response_in_response_to">
+<span class="sig-name descname"><span class="pre">get_last_response_in_response_to</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_last_response_in_response_to"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_response_in_response_to" title="Permalink to this definition"></a></dt>
+<dd><dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>InResponseTo attribute of the last Response SAML processed or None if it is not present.</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_response_xml">
+<span class="sig-name descname"><span class="pre">get_last_response_xml</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">pretty_print_if_possible</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_last_response_xml"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_response_xml" title="Permalink to this definition"></a></dt>
+<dd><p>Retrieves the raw XML (decrypted) of the last SAML response,
+or the last Logout Response generated or processed
+:returns: SAML response XML
+:rtype: string|None</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid">
+<span class="sig-name descname"><span class="pre">get_nameid</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_nameid"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the nameID.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>NameID</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string|None</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_format">
+<span class="sig-name descname"><span class="pre">get_nameid_format</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_nameid_format"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_format" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the nameID Format.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>NameID Format</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string|None</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_nq">
+<span class="sig-name descname"><span class="pre">get_nameid_nq</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_nameid_nq"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_nq" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the nameID NameQualifier of the Assertion.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>NameID NameQualifier</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string|None</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_spnq">
+<span class="sig-name descname"><span class="pre">get_nameid_spnq</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_nameid_spnq"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_spnq" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the nameID SP NameQualifier of the Assertion.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>NameID SP NameQualifier</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string|None</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_session_expiration">
+<span class="sig-name descname"><span class="pre">get_session_expiration</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_session_expiration"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_session_expiration" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the SessionNotOnOrAfter from the AuthnStatement.
+:returns: The SessionNotOnOrAfter of the assertion
+:rtype: unix/posix timestamp|None</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_session_index">
+<span class="sig-name descname"><span class="pre">get_session_index</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_session_index"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_session_index" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the SessionIndex from the AuthnStatement.
+:returns: The SessionIndex of the assertion
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_settings">
+<span class="sig-name descname"><span class="pre">get_settings</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_settings"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_settings" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the settings info
+:return: Setting info
+:rtype: OneLogin_Saml2_Setting object</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_slo_response_url">
+<span class="sig-name descname"><span class="pre">get_slo_response_url</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_slo_response_url"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_slo_response_url" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the SLO return URL for IdP-initiated logout.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>an URL, the SLO return endpoint of the IdP</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_slo_url">
+<span class="sig-name descname"><span class="pre">get_slo_url</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_slo_url"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_slo_url" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the SLO URL.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>An URL, the SLO endpoint of the IdP</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.get_sso_url">
+<span class="sig-name descname"><span class="pre">get_sso_url</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.get_sso_url"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.get_sso_url" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the SSO URL.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>An URL, the SSO endpoint of the IdP</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.is_authenticated">
+<span class="sig-name descname"><span class="pre">is_authenticated</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.is_authenticated"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.is_authenticated" title="Permalink to this definition"></a></dt>
+<dd><p>Checks if the user is authenticated or not.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>True if is authenticated, False if not</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>bool</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.login">
+<span class="sig-name descname"><span class="pre">login</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">return_to</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">force_authn</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">is_passive</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">set_nameid_policy</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">name_id_value_req</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.login"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.login" title="Permalink to this definition"></a></dt>
+<dd><p>Initiates the SSO process.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>return_to</strong> (<em>string</em>) – Optional argument. The target URL the user should be redirected to after login.</p></li>
+<li><p><strong>force_authn</strong> (<em>bool</em>) – Optional argument. When true the AuthNRequest will set the ForceAuthn=’true’.</p></li>
+<li><p><strong>is_passive</strong> (<em>bool</em>) – Optional argument. When true the AuthNRequest will set the Ispassive=’true’.</p></li>
+<li><p><strong>set_nameid_policy</strong> (<em>bool</em>) – Optional argument. When true the AuthNRequest will set a nameIdPolicy element.</p></li>
+<li><p><strong>name_id_value_req</strong> (<em>string</em>) – Optional argument. Indicates to the IdP the subject that should be authenticated</p></li>
+</ul>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>Redirection URL</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.logout">
+<span class="sig-name descname"><span class="pre">logout</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">return_to</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">name_id</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">session_index</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nq</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">name_id_format</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">spnq</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.logout"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.logout" title="Permalink to this definition"></a></dt>
+<dd><p>Initiates the SLO process.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>return_to</strong> (<em>string</em>) – Optional argument. The target URL the user should be redirected to after logout.</p></li>
+<li><p><strong>name_id</strong> (<em>string</em>) – The NameID that will be set in the LogoutRequest.</p></li>
+<li><p><strong>session_index</strong> (<em>string</em>) – SessionIndex that identifies the session of the user.</p></li>
+<li><p><strong>nq</strong> – IDP Name Qualifier</p></li>
+<li><p><strong>name_id_format</strong> – The NameID Format that will be set in the LogoutRequest.</p></li>
+<li><p><strong>spnq</strong> – SP Name Qualifier</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Redirection URL</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.logout_request_class">
+<span class="sig-name descname"><span class="pre">logout_request_class</span></span><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.logout_request_class" title="Permalink to this definition"></a></dt>
+<dd><p>alias of <a class="reference internal" href="#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request" title="onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request"><code class="xref py py-class docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Request</span></code></a></p>
+</dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.logout_response_class">
+<span class="sig-name descname"><span class="pre">logout_response_class</span></span><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.logout_response_class" title="Permalink to this definition"></a></dt>
+<dd><p>alias of <a class="reference internal" href="#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response" title="onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response"><code class="xref py py-class docutils literal notranslate"><span class="pre">OneLogin_Saml2_Logout_Response</span></code></a></p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.process_response">
+<span class="sig-name descname"><span class="pre">process_response</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_id</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.process_response"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.process_response" title="Permalink to this definition"></a></dt>
+<dd><p>Process the SAML Response sent by the IdP.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>request_id</strong> (<em>string</em>) – Is an optional argument. Is the ID of the AuthNRequest sent by this SP to the IdP.</p>
+</dd>
+<dt class="field-even">Raises<span class="colon">:</span></dt>
+<dd class="field-even"><p>OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND, when a POST with a SAMLResponse is not found</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.process_slo">
+<span class="sig-name descname"><span class="pre">process_slo</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">keep_local_session</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">request_id</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">delete_session_cb</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.process_slo"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.process_slo" title="Permalink to this definition"></a></dt>
+<dd><p>Process the SAML Logout Response / Logout Request sent by the IdP.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>keep_local_session</strong> (<em>bool</em>) – When false will destroy the local session, otherwise will destroy it</p></li>
+<li><p><strong>request_id</strong> (<em>string</em>) – The ID of the LogoutRequest sent by this SP to the IdP</p></li>
+</ul>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>Redirection url</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.redirect_to">
+<span class="sig-name descname"><span class="pre">redirect_to</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">url</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">parameters</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">{}</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.redirect_to"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.redirect_to" title="Permalink to this definition"></a></dt>
+<dd><p>Redirects the user to the URL passed by parameter or to the URL that we defined in our SSO Request.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>url</strong> (<em>string</em>) – The target URL to redirect the user</p></li>
+<li><p><strong>parameters</strong> (<em>dict</em>) – Extra parameters to be passed as part of the URL</p></li>
+</ul>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>Redirection URL</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.response_class">
+<span class="sig-name descname"><span class="pre">response_class</span></span><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.response_class" title="Permalink to this definition"></a></dt>
+<dd><p>alias of <a class="reference internal" href="#onelogin.saml2.response.OneLogin_Saml2_Response" title="onelogin.saml2.response.OneLogin_Saml2_Response"><code class="xref py py-class docutils literal notranslate"><span class="pre">OneLogin_Saml2_Response</span></code></a></p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.set_strict">
+<span class="sig-name descname"><span class="pre">set_strict</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">value</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.set_strict"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.set_strict" title="Permalink to this definition"></a></dt>
+<dd><p>Set the strict mode active/disable</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>value</strong> (<em>bool</em>) – </p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.store_valid_response">
+<span class="sig-name descname"><span class="pre">store_valid_response</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">response</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.store_valid_response"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.store_valid_response" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.validate_request_signature">
+<span class="sig-name descname"><span class="pre">validate_request_signature</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_data</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.validate_request_signature"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.validate_request_signature" title="Permalink to this definition"></a></dt>
+<dd><p>Validate Request Signature</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>request_data</strong> (<em>dict</em>) – The Request data</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.auth.OneLogin_Saml2_Auth.validate_response_signature">
+<span class="sig-name descname"><span class="pre">validate_response_signature</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_data</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/auth.html#OneLogin_Saml2_Auth.validate_response_signature"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.auth.OneLogin_Saml2_Auth.validate_response_signature" title="Permalink to this definition"></a></dt>
+<dd><p>Validate Response Signature</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>request_data</strong> (<em>dict</em>) – The Request data</p>
+</dd>
+</dl>
+</dd></dl>
+
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.authn_request">
+<span id="onelogin-saml2-authn-request-module"></span><h2>onelogin.saml2.authn_request module<a class="headerlink" href="#module-onelogin.saml2.authn_request" title="Permalink to this heading"></a></h2>
+<p>OneLogin_Saml2_Authn_Request class</p>
+<p>AuthNRequest class of SAML Python Toolkit.</p>
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.authn_request.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_Authn_Request</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">settings</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">force_authn</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">is_passive</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">set_nameid_policy</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">name_id_value_req</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/authn_request.html#OneLogin_Saml2_Authn_Request"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
+<p>This class handles an AuthNRequest. It builds an
+AuthNRequest object.</p>
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_id">
+<span class="sig-name descname"><span class="pre">get_id</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/authn_request.html#OneLogin_Saml2_Authn_Request.get_id"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_id" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the AuthNRequest ID.
+:return: AuthNRequest ID
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_request">
+<span class="sig-name descname"><span class="pre">get_request</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">deflate</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/authn_request.html#OneLogin_Saml2_Authn_Request.get_request"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_request" title="Permalink to this definition"></a></dt>
+<dd><p>Returns unsigned AuthnRequest.
+:param deflate: It makes the deflate process optional
+:type: bool
+:return: AuthnRequest maybe deflated and base64 encoded
+:rtype: str object</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_xml">
+<span class="sig-name descname"><span class="pre">get_xml</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/authn_request.html#OneLogin_Saml2_Authn_Request.get_xml"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_xml" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the XML that will be sent as part of the request
+:return: XML request body
+:rtype: string</p>
+</dd></dl>
+
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.compat">
+<span id="onelogin-saml2-compat-module"></span><h2>onelogin.saml2.compat module<a class="headerlink" href="#module-onelogin.saml2.compat" title="Permalink to this heading"></a></h2>
+<p>py3 compatibility class</p>
+<dl class="py function">
+<dt class="sig sig-object py" id="onelogin.saml2.compat.to_bytes">
+<span class="sig-prename descclassname"><span class="pre">onelogin.saml2.compat.</span></span><span class="sig-name descname"><span class="pre">to_bytes</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">data</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/compat.html#to_bytes"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.compat.to_bytes" title="Permalink to this definition"></a></dt>
+<dd><p>return bytes</p>
+</dd></dl>
+
+<dl class="py function">
+<dt class="sig sig-object py" id="onelogin.saml2.compat.to_string">
+<span class="sig-prename descclassname"><span class="pre">onelogin.saml2.compat.</span></span><span class="sig-name descname"><span class="pre">to_string</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">data</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/compat.html#to_string"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.compat.to_string" title="Permalink to this definition"></a></dt>
+<dd><p>convert to string</p>
+</dd></dl>
+
+<dl class="py function">
+<dt class="sig sig-object py" id="onelogin.saml2.compat.utf8">
+<span class="sig-prename descclassname"><span class="pre">onelogin.saml2.compat.</span></span><span class="sig-name descname"><span class="pre">utf8</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">data</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/compat.html#utf8"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.compat.utf8" title="Permalink to this definition"></a></dt>
+<dd><p>return utf8-encoded string</p>
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.constants">
+<span id="onelogin-saml2-constants-module"></span><h2>onelogin.saml2.constants module<a class="headerlink" href="#module-onelogin.saml2.constants" title="Permalink to this heading"></a></h2>
+<p>OneLogin_Saml2_Constants class</p>
+<p>Constants class of SAML Python Toolkit.</p>
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.constants.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_Constants</span></span><a class="reference internal" href="_modules/onelogin/saml2/constants.html#OneLogin_Saml2_Constants"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
+<p>This class defines all the constants that will be used
+in the SAML Python Toolkit.</p>
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_KERBEROS">
+<span class="sig-name descname"><span class="pre">AC_KERBEROS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_KERBEROS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_PASSWORD">
+<span class="sig-name descname"><span class="pre">AC_PASSWORD</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:ac:classes:Password'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_PASSWORD" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_PASSWORD_PROTECTED">
+<span class="sig-name descname"><span class="pre">AC_PASSWORD_PROTECTED</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_PASSWORD_PROTECTED" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_SMARTCARD">
+<span class="sig-name descname"><span class="pre">AC_SMARTCARD</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_SMARTCARD" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_UNSPECIFIED">
+<span class="sig-name descname"><span class="pre">AC_UNSPECIFIED</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_UNSPECIFIED" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_X509">
+<span class="sig-name descname"><span class="pre">AC_X509</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:ac:classes:X509'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_X509" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.AES128_CBC">
+<span class="sig-name descname"><span class="pre">AES128_CBC</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/04/xmlenc#aes128-cbc'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.AES128_CBC" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.AES192_CBC">
+<span class="sig-name descname"><span class="pre">AES192_CBC</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/04/xmlenc#aes192-cbc'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.AES192_CBC" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.AES256_CBC">
+<span class="sig-name descname"><span class="pre">AES256_CBC</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/04/xmlenc#aes256-cbc'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.AES256_CBC" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.ALLOWED_CLOCK_DRIFT">
+<span class="sig-name descname"><span class="pre">ALLOWED_CLOCK_DRIFT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">300</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.ALLOWED_CLOCK_DRIFT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_BASIC">
+<span class="sig-name descname"><span class="pre">ATTRNAME_FORMAT_BASIC</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:attrname-format:basic'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_BASIC" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_UNSPECIFIED">
+<span class="sig-name descname"><span class="pre">ATTRNAME_FORMAT_UNSPECIFIED</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_UNSPECIFIED" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_URI">
+<span class="sig-name descname"><span class="pre">ATTRNAME_FORMAT_URI</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_URI" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_DEFLATE">
+<span class="sig-name descname"><span class="pre">BINDING_DEFLATE</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:bindings:URL-Encoding:DEFLATE'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_DEFLATE" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_ARTIFACT">
+<span class="sig-name descname"><span class="pre">BINDING_HTTP_ARTIFACT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_ARTIFACT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_POST">
+<span class="sig-name descname"><span class="pre">BINDING_HTTP_POST</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_POST" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT">
+<span class="sig-name descname"><span class="pre">BINDING_HTTP_REDIRECT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_SOAP">
+<span class="sig-name descname"><span class="pre">BINDING_SOAP</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:bindings:SOAP'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_SOAP" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_BEARER">
+<span class="sig-name descname"><span class="pre">CM_BEARER</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:cm:bearer'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_BEARER" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_HOLDER_KEY">
+<span class="sig-name descname"><span class="pre">CM_HOLDER_KEY</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:cm:holder-of-key'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_HOLDER_KEY" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_SENDER_VOUCHES">
+<span class="sig-name descname"><span class="pre">CM_SENDER_VOUCHES</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:cm:sender-vouches'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_SENDER_VOUCHES" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.DEPRECATED_ALGORITHMS">
+<span class="sig-name descname"><span class="pre">DEPRECATED_ALGORITHMS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">['http://www.w3.org/2000/09/xmldsig#dsa-sha1',</span> <span class="pre">'http://www.w3.org/2000/09/xmldsig#rsa-sha1',</span> <span class="pre">'http://www.w3.org/2000/09/xmldsig#sha1']</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.DEPRECATED_ALGORITHMS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.DSA_SHA1">
+<span class="sig-name descname"><span class="pre">DSA_SHA1</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2000/09/xmldsig#dsa-sha1'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.DSA_SHA1" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_EMAIL_ADDRESS">
+<span class="sig-name descname"><span class="pre">NAMEID_EMAIL_ADDRESS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_EMAIL_ADDRESS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENCRYPTED">
+<span class="sig-name descname"><span class="pre">NAMEID_ENCRYPTED</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENCRYPTED" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENTITY">
+<span class="sig-name descname"><span class="pre">NAMEID_ENTITY</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:nameid-format:entity'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENTITY" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_KERBEROS">
+<span class="sig-name descname"><span class="pre">NAMEID_KERBEROS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_KERBEROS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_PERSISTENT">
+<span class="sig-name descname"><span class="pre">NAMEID_PERSISTENT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_PERSISTENT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_TRANSIENT">
+<span class="sig-name descname"><span class="pre">NAMEID_TRANSIENT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_TRANSIENT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_UNSPECIFIED">
+<span class="sig-name descname"><span class="pre">NAMEID_UNSPECIFIED</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_UNSPECIFIED" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME">
+<span class="sig-name descname"><span class="pre">NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_X509_SUBJECT_NAME">
+<span class="sig-name descname"><span class="pre">NAMEID_X509_SUBJECT_NAME</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_X509_SUBJECT_NAME" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NSMAP">
+<span class="sig-name descname"><span class="pre">NSMAP</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">{'ds':</span> <span class="pre">'http://www.w3.org/2000/09/xmldsig#',</span> <span class="pre">'md':</span> <span class="pre">'urn:oasis:names:tc:SAML:2.0:metadata',</span> <span class="pre">'saml':</span> <span class="pre">'urn:oasis:names:tc:SAML:2.0:assertion',</span> <span class="pre">'samlp':</span> <span class="pre">'urn:oasis:names:tc:SAML:2.0:protocol',</span> <span class="pre">'xenc':</span> <span class="pre">'http://www.w3.org/2001/04/xmlenc#'}</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NSMAP" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_DS">
+<span class="sig-name descname"><span class="pre">NS_DS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2000/09/xmldsig#'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_DS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_MD">
+<span class="sig-name descname"><span class="pre">NS_MD</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:metadata'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_MD" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_DS">
+<span class="sig-name descname"><span class="pre">NS_PREFIX_DS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'ds'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_DS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_MD">
+<span class="sig-name descname"><span class="pre">NS_PREFIX_MD</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'md'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_MD" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_SAML">
+<span class="sig-name descname"><span class="pre">NS_PREFIX_SAML</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'saml'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_SAML" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_SAMLP">
+<span class="sig-name descname"><span class="pre">NS_PREFIX_SAMLP</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'samlp'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_SAMLP" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XENC">
+<span class="sig-name descname"><span class="pre">NS_PREFIX_XENC</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'xenc'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XENC" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XS">
+<span class="sig-name descname"><span class="pre">NS_PREFIX_XS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'xs'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XSD">
+<span class="sig-name descname"><span class="pre">NS_PREFIX_XSD</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'xsd'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XSD" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XSI">
+<span class="sig-name descname"><span class="pre">NS_PREFIX_XSI</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'xsi'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XSI" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SAML">
+<span class="sig-name descname"><span class="pre">NS_SAML</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:assertion'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SAML" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SAMLP">
+<span class="sig-name descname"><span class="pre">NS_SAMLP</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:protocol'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SAMLP" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SOAP">
+<span class="sig-name descname"><span class="pre">NS_SOAP</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://schemas.xmlsoap.org/soap/envelope/'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SOAP" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XENC">
+<span class="sig-name descname"><span class="pre">NS_XENC</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/04/xmlenc#'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XENC" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XS">
+<span class="sig-name descname"><span class="pre">NS_XS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/XMLSchema'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XSI">
+<span class="sig-name descname"><span class="pre">NS_XSI</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/XMLSchema-instance'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XSI" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_1_5">
+<span class="sig-name descname"><span class="pre">RSA_1_5</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/04/xmlenc#rsa-1_5'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_1_5" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_OAEP_MGF1P">
+<span class="sig-name descname"><span class="pre">RSA_OAEP_MGF1P</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_OAEP_MGF1P" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA1">
+<span class="sig-name descname"><span class="pre">RSA_SHA1</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2000/09/xmldsig#rsa-sha1'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA1" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA256">
+<span class="sig-name descname"><span class="pre">RSA_SHA256</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA256" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA384">
+<span class="sig-name descname"><span class="pre">RSA_SHA384</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA384" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA512">
+<span class="sig-name descname"><span class="pre">RSA_SHA512</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA512" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA1">
+<span class="sig-name descname"><span class="pre">SHA1</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2000/09/xmldsig#sha1'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA1" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA256">
+<span class="sig-name descname"><span class="pre">SHA256</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/04/xmlenc#sha256'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA256" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA384">
+<span class="sig-name descname"><span class="pre">SHA384</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/04/xmldsig-more#sha384'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA384" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA512">
+<span class="sig-name descname"><span class="pre">SHA512</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/04/xmlenc#sha512'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA512" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_NO_PASSIVE">
+<span class="sig-name descname"><span class="pre">STATUS_NO_PASSIVE</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:status:NoPassive'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_NO_PASSIVE" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_PARTIAL_LOGOUT">
+<span class="sig-name descname"><span class="pre">STATUS_PARTIAL_LOGOUT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:status:PartialLogout'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_PARTIAL_LOGOUT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_PROXY_COUNT_EXCEEDED">
+<span class="sig-name descname"><span class="pre">STATUS_PROXY_COUNT_EXCEEDED</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_PROXY_COUNT_EXCEEDED" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_REQUESTER">
+<span class="sig-name descname"><span class="pre">STATUS_REQUESTER</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:status:Requester'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_REQUESTER" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_RESPONDER">
+<span class="sig-name descname"><span class="pre">STATUS_RESPONDER</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:status:Responder'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_RESPONDER" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_SUCCESS">
+<span class="sig-name descname"><span class="pre">STATUS_SUCCESS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:status:Success'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_SUCCESS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_VERSION_MISMATCH">
+<span class="sig-name descname"><span class="pre">STATUS_VERSION_MISMATCH</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'urn:oasis:names:tc:SAML:2.0:status:VersionMismatch'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_VERSION_MISMATCH" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.constants.OneLogin_Saml2_Constants.TRIPLEDES_CBC">
+<span class="sig-name descname"><span class="pre">TRIPLEDES_CBC</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'</span></em><a class="headerlink" href="#onelogin.saml2.constants.OneLogin_Saml2_Constants.TRIPLEDES_CBC" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.errors">
+<span id="onelogin-saml2-errors-module"></span><h2>onelogin.saml2.errors module<a class="headerlink" href="#module-onelogin.saml2.errors" title="Permalink to this heading"></a></h2>
+<p>OneLogin_Saml2_Error class</p>
+<p>Error class of SAML Python Toolkit.</p>
+<p>Defines common Error codes and has a custom initializator.</p>
+<dl class="py exception">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error">
+<em class="property"><span class="pre">exception</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.errors.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_Error</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">message</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">code</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">errors</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/errors.html#OneLogin_Saml2_Error"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">Exception</span></code></p>
+<p>This class implements a custom Exception handler.
+Defines custom error codes.</p>
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.CERT_NOT_FOUND">
+<span class="sig-name descname"><span class="pre">CERT_NOT_FOUND</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">4</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.CERT_NOT_FOUND" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.METADATA_SP_INVALID">
+<span class="sig-name descname"><span class="pre">METADATA_SP_INVALID</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">3</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.METADATA_SP_INVALID" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.PRIVATE_KEY_FILE_NOT_FOUND">
+<span class="sig-name descname"><span class="pre">PRIVATE_KEY_FILE_NOT_FOUND</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">7</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.PRIVATE_KEY_FILE_NOT_FOUND" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.PRIVATE_KEY_NOT_FOUND">
+<span class="sig-name descname"><span class="pre">PRIVATE_KEY_NOT_FOUND</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">13</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.PRIVATE_KEY_NOT_FOUND" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.PUBLIC_CERT_FILE_NOT_FOUND">
+<span class="sig-name descname"><span class="pre">PUBLIC_CERT_FILE_NOT_FOUND</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">6</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.PUBLIC_CERT_FILE_NOT_FOUND" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.REDIRECT_INVALID_URL">
+<span class="sig-name descname"><span class="pre">REDIRECT_INVALID_URL</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">5</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.REDIRECT_INVALID_URL" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTMESSAGE_NOT_FOUND">
+<span class="sig-name descname"><span class="pre">SAML_LOGOUTMESSAGE_NOT_FOUND</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">9</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTMESSAGE_NOT_FOUND" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTREQUEST_INVALID">
+<span class="sig-name descname"><span class="pre">SAML_LOGOUTREQUEST_INVALID</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">10</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTREQUEST_INVALID" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTRESPONSE_INVALID">
+<span class="sig-name descname"><span class="pre">SAML_LOGOUTRESPONSE_INVALID</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">11</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTRESPONSE_INVALID" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND">
+<span class="sig-name descname"><span class="pre">SAML_RESPONSE_NOT_FOUND</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">8</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_SINGLE_LOGOUT_NOT_SUPPORTED">
+<span class="sig-name descname"><span class="pre">SAML_SINGLE_LOGOUT_NOT_SUPPORTED</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">12</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_SINGLE_LOGOUT_NOT_SUPPORTED" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_FILE_NOT_FOUND">
+<span class="sig-name descname"><span class="pre">SETTINGS_FILE_NOT_FOUND</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">0</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_FILE_NOT_FOUND" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID">
+<span class="sig-name descname"><span class="pre">SETTINGS_INVALID</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">2</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID_SYNTAX">
+<span class="sig-name descname"><span class="pre">SETTINGS_INVALID_SYNTAX</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">1</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID_SYNTAX" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.SP_CERTS_NOT_FOUND">
+<span class="sig-name descname"><span class="pre">SP_CERTS_NOT_FOUND</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">4</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.SP_CERTS_NOT_FOUND" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_Error.UNSUPPORTED_SETTINGS_OBJECT">
+<span class="sig-name descname"><span class="pre">UNSUPPORTED_SETTINGS_OBJECT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">14</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_Error.UNSUPPORTED_SETTINGS_OBJECT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+</dd></dl>
+
+<dl class="py exception">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError">
+<em class="property"><span class="pre">exception</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.errors.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_ValidationError</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">message</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">code</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">0</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">errors</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/errors.html#OneLogin_Saml2_ValidationError"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">Exception</span></code></p>
+<p>This class implements another custom Exception handler, related
+to exceptions that happens during validation process.
+Defines custom error codes .</p>
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ASSERTION_EXPIRED">
+<span class="sig-name descname"><span class="pre">ASSERTION_EXPIRED</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">20</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ASSERTION_EXPIRED" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ASSERTION_TOO_EARLY">
+<span class="sig-name descname"><span class="pre">ASSERTION_TOO_EARLY</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">19</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ASSERTION_TOO_EARLY" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.AUTHN_CONTEXT_MISMATCH">
+<span class="sig-name descname"><span class="pre">AUTHN_CONTEXT_MISMATCH</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">45</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.AUTHN_CONTEXT_MISMATCH" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.CHILDREN_NODE_NOT_FOUND_IN_KEYINFO">
+<span class="sig-name descname"><span class="pre">CHILDREN_NODE_NOT_FOUND_IN_KEYINFO</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">36</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.CHILDREN_NODE_NOT_FOUND_IN_KEYINFO" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DEPRECATED_DIGEST_METHOD">
+<span class="sig-name descname"><span class="pre">DEPRECATED_DIGEST_METHOD</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">47</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DEPRECATED_DIGEST_METHOD" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DEPRECATED_SIGNATURE_METHOD">
+<span class="sig-name descname"><span class="pre">DEPRECATED_SIGNATURE_METHOD</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">46</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DEPRECATED_SIGNATURE_METHOD" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_ATTRIBUTE_NAME_FOUND">
+<span class="sig-name descname"><span class="pre">DUPLICATED_ATTRIBUTE_NAME_FOUND</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">41</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_ATTRIBUTE_NAME_FOUND" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_ID_IN_SIGNED_ELEMENTS">
+<span class="sig-name descname"><span class="pre">DUPLICATED_ID_IN_SIGNED_ELEMENTS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">8</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_ID_IN_SIGNED_ELEMENTS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS">
+<span class="sig-name descname"><span class="pre">DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">10</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.EMPTY_DESTINATION">
+<span class="sig-name descname"><span class="pre">EMPTY_DESTINATION</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">25</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.EMPTY_DESTINATION" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.EMPTY_NAMEID">
+<span class="sig-name descname"><span class="pre">EMPTY_NAMEID</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">39</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.EMPTY_NAMEID" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ENCRYPTED_ATTRIBUTES">
+<span class="sig-name descname"><span class="pre">ENCRYPTED_ATTRIBUTES</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">23</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ENCRYPTED_ATTRIBUTES" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ID_NOT_FOUND_IN_SIGNED_ELEMENT">
+<span class="sig-name descname"><span class="pre">ID_NOT_FOUND_IN_SIGNED_ELEMENT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">7</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ID_NOT_FOUND_IN_SIGNED_ELEMENT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_SIGNATURE">
+<span class="sig-name descname"><span class="pre">INVALID_SIGNATURE</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">42</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_SIGNATURE" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_SIGNED_ELEMENT">
+<span class="sig-name descname"><span class="pre">INVALID_SIGNED_ELEMENT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">9</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_SIGNED_ELEMENT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT">
+<span class="sig-name descname"><span class="pre">INVALID_XML_FORMAT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">14</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ISSUER_MULTIPLE_IN_RESPONSE">
+<span class="sig-name descname"><span class="pre">ISSUER_MULTIPLE_IN_RESPONSE</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">27</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ISSUER_MULTIPLE_IN_RESPONSE" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ISSUER_NOT_FOUND_IN_ASSERTION">
+<span class="sig-name descname"><span class="pre">ISSUER_NOT_FOUND_IN_ASSERTION</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">28</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ISSUER_NOT_FOUND_IN_ASSERTION" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA">
+<span class="sig-name descname"><span class="pre">KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">35</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_CONDITIONS">
+<span class="sig-name descname"><span class="pre">MISSING_CONDITIONS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">18</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_CONDITIONS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_ID">
+<span class="sig-name descname"><span class="pre">MISSING_ID</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">1</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_ID" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_STATUS">
+<span class="sig-name descname"><span class="pre">MISSING_STATUS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">3</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_STATUS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_STATUS_CODE">
+<span class="sig-name descname"><span class="pre">MISSING_STATUS_CODE</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">4</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_STATUS_CODE" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ATTRIBUTESTATEMENT">
+<span class="sig-name descname"><span class="pre">NO_ATTRIBUTESTATEMENT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">22</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ATTRIBUTESTATEMENT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ENCRYPTED_ASSERTION">
+<span class="sig-name descname"><span class="pre">NO_ENCRYPTED_ASSERTION</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">16</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ENCRYPTED_ASSERTION" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ENCRYPTED_NAMEID">
+<span class="sig-name descname"><span class="pre">NO_ENCRYPTED_NAMEID</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">17</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ENCRYPTED_NAMEID" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_NAMEID">
+<span class="sig-name descname"><span class="pre">NO_NAMEID</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">38</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_NAMEID" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNATURE_FOUND">
+<span class="sig-name descname"><span class="pre">NO_SIGNATURE_FOUND</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">34</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNATURE_FOUND" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNED_ASSERTION">
+<span class="sig-name descname"><span class="pre">NO_SIGNED_ASSERTION</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">33</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNED_ASSERTION" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE">
+<span class="sig-name descname"><span class="pre">NO_SIGNED_MESSAGE</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">32</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.RESPONSE_EXPIRED">
+<span class="sig-name descname"><span class="pre">RESPONSE_EXPIRED</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">44</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.RESPONSE_EXPIRED" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.SESSION_EXPIRED">
+<span class="sig-name descname"><span class="pre">SESSION_EXPIRED</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">30</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.SESSION_EXPIRED" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.SP_NAME_QUALIFIER_NAME_MISMATCH">
+<span class="sig-name descname"><span class="pre">SP_NAME_QUALIFIER_NAME_MISMATCH</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">40</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.SP_NAME_QUALIFIER_NAME_MISMATCH" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.STATUS_CODE_IS_NOT_SUCCESS">
+<span class="sig-name descname"><span class="pre">STATUS_CODE_IS_NOT_SUCCESS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">5</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.STATUS_CODE_IS_NOT_SUCCESS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNEXPECTED_SIGNED_ELEMENTS">
+<span class="sig-name descname"><span class="pre">UNEXPECTED_SIGNED_ELEMENTS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">11</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNEXPECTED_SIGNED_ELEMENTS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNSUPPORTED_RETRIEVAL_METHOD">
+<span class="sig-name descname"><span class="pre">UNSUPPORTED_RETRIEVAL_METHOD</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">37</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNSUPPORTED_RETRIEVAL_METHOD" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNSUPPORTED_SAML_VERSION">
+<span class="sig-name descname"><span class="pre">UNSUPPORTED_SAML_VERSION</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">0</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNSUPPORTED_SAML_VERSION" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_AUDIENCE">
+<span class="sig-name descname"><span class="pre">WRONG_AUDIENCE</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">26</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_AUDIENCE" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_DESTINATION">
+<span class="sig-name descname"><span class="pre">WRONG_DESTINATION</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">24</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_DESTINATION" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_INRESPONSETO">
+<span class="sig-name descname"><span class="pre">WRONG_INRESPONSETO</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">15</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_INRESPONSETO" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_ISSUER">
+<span class="sig-name descname"><span class="pre">WRONG_ISSUER</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">29</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_ISSUER" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_ASSERTIONS">
+<span class="sig-name descname"><span class="pre">WRONG_NUMBER_OF_ASSERTIONS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">2</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_ASSERTIONS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_AUTHSTATEMENTS">
+<span class="sig-name descname"><span class="pre">WRONG_NUMBER_OF_AUTHSTATEMENTS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">21</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_AUTHSTATEMENTS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES">
+<span class="sig-name descname"><span class="pre">WRONG_NUMBER_OF_SIGNATURES</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">43</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION">
+<span class="sig-name descname"><span class="pre">WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">13</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE">
+<span class="sig-name descname"><span class="pre">WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">12</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_SIGNED_ELEMENT">
+<span class="sig-name descname"><span class="pre">WRONG_SIGNED_ELEMENT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">6</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_SIGNED_ELEMENT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_SUBJECTCONFIRMATION">
+<span class="sig-name descname"><span class="pre">WRONG_SUBJECTCONFIRMATION</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">31</span></em><a class="headerlink" href="#onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_SUBJECTCONFIRMATION" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.idp_metadata_parser">
+<span id="onelogin-saml2-idp-metadata-parser-module"></span><h2>onelogin.saml2.idp_metadata_parser module<a class="headerlink" href="#module-onelogin.saml2.idp_metadata_parser" title="Permalink to this heading"></a></h2>
+<p>OneLogin_Saml2_IdPMetadataParser class
+Metadata class of SAML Python Toolkit.</p>
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.idp_metadata_parser.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_IdPMetadataParser</span></span><a class="reference internal" href="_modules/onelogin/saml2/idp_metadata_parser.html#OneLogin_Saml2_IdPMetadataParser"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
+<p>A class that contain methods related to obtaining and parsing metadata from IdP</p>
+<p>This class does not validate in any way the URL that is introduced,
+make sure to validate it properly before use it in a get_metadata method.</p>
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.get_metadata">
+<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_metadata</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">url</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">validate_cert</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">headers</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/idp_metadata_parser.html#OneLogin_Saml2_IdPMetadataParser.get_metadata"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.get_metadata" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the metadata XML from the provided URL
+:param url: Url where the XML of the Identity Provider Metadata is published.
+:type url: string</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>validate_cert</strong> (<em>bool</em>) – If the url uses https schema, that flag enables or not the verification of the associated certificate.</p></li>
+<li><p><strong>timeout</strong> (<em>int</em>) – Timeout in seconds to wait for metadata response</p></li>
+<li><p><strong>headers</strong> (<em>dict</em>) – Extra headers to send in the request</p></li>
+</ul>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>metadata XML</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.merge_settings">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">merge_settings</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">settings</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">new_metadata_settings</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/idp_metadata_parser.html#OneLogin_Saml2_IdPMetadataParser.merge_settings"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.merge_settings" title="Permalink to this definition"></a></dt>
+<dd><p>Will update the settings with the provided new settings data extracted from the IdP metadata
+:param settings: Current settings dict data
+:type settings: dict
+:param new_metadata_settings: Settings to be merged (extracted from IdP metadata after parsing)
+:type new_metadata_settings: dict
+:returns: merged settings
+:rtype: dict</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.parse">
+<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">parse</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">idp_metadata</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">required_sso_binding</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">required_slo_binding</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">entity_id</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/idp_metadata_parser.html#OneLogin_Saml2_IdPMetadataParser.parse"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.parse" title="Permalink to this definition"></a></dt>
+<dd><p>Parses the Identity Provider metadata and return a dict with extracted data.</p>
+<p>If there are multiple &lt;IDPSSODescriptor&gt; tags, parse only the first.</p>
+<p>Parses only those SSO endpoints with the same binding as given by
+the <cite>required_sso_binding</cite> parameter.</p>
+<p>Parses only those SLO endpoints with the same binding as given by
+the <cite>required_slo_binding</cite> parameter.</p>
+<p>If the metadata specifies multiple SSO endpoints with the required
+binding, extract only the first (the same holds true for SLO
+endpoints).</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>idp_metadata</strong> (<em>string</em>) – XML of the Identity Provider Metadata.</p></li>
+<li><p><strong>required_sso_binding</strong> (<em>one</em><em> of </em><em>OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT</em><em>
+or </em><em>OneLogin_Saml2_Constants.BINDING_HTTP_POST</em>) – Parse only POST or REDIRECT SSO endpoints.</p></li>
+<li><p><strong>required_slo_binding</strong> (<em>one</em><em> of </em><em>OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT</em><em>
+or </em><em>OneLogin_Saml2_Constants.BINDING_HTTP_POST</em>) – Parse only POST or REDIRECT SLO endpoints.</p></li>
+<li><p><strong>entity_id</strong> (<em>string</em>) – Specify the entity_id of the EntityDescriptor that you want to parse a XML
+that contains multiple EntityDescriptor.</p></li>
+</ul>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>settings dict with extracted data</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>dict</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.parse_remote">
+<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">parse_remote</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">url</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">validate_cert</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">entity_id</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">timeout</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="o"><span class="pre">**</span></span><span class="n"><span class="pre">kwargs</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/idp_metadata_parser.html#OneLogin_Saml2_IdPMetadataParser.parse_remote"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.parse_remote" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the metadata XML from the provided URL and parse it, returning a dict with extracted data
+:param url: Url where the XML of the Identity Provider Metadata is published.
+:type url: string</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>validate_cert</strong> (<em>bool</em>) – If the url uses https schema, that flag enables or not the verification of the associated certificate.</p></li>
+<li><p><strong>entity_id</strong> (<em>string</em>) – Specify the entity_id of the EntityDescriptor that you want to parse a XML
+that contains multiple EntityDescriptor.</p></li>
+<li><p><strong>timeout</strong> (<em>int</em>) – Timeout in seconds to wait for metadata response</p></li>
+</ul>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>settings dict with extracted data</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>dict</p>
+</dd>
+</dl>
+</dd></dl>
+
+</dd></dl>
+
+<dl class="py function">
+<dt class="sig sig-object py" id="onelogin.saml2.idp_metadata_parser.dict_deep_merge">
+<span class="sig-prename descclassname"><span class="pre">onelogin.saml2.idp_metadata_parser.</span></span><span class="sig-name descname"><span class="pre">dict_deep_merge</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">a</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">b</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/idp_metadata_parser.html#dict_deep_merge"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.idp_metadata_parser.dict_deep_merge" title="Permalink to this definition"></a></dt>
+<dd><p>Deep-merge dictionary <cite>b</cite> into dictionary <cite>a</cite>.</p>
+<p>Kudos to <a class="reference external" href="http://stackoverflow.com/a/7205107/145400">http://stackoverflow.com/a/7205107/145400</a></p>
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.logout_request">
+<span id="onelogin-saml2-logout-request-module"></span><h2>onelogin.saml2.logout_request module<a class="headerlink" href="#module-onelogin.saml2.logout_request" title="Permalink to this heading"></a></h2>
+<p>OneLogin_Saml2_Logout_Request class</p>
+<p>Logout Request class of SAML Python Toolkit.</p>
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.logout_request.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_Logout_Request</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">settings</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">request</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">name_id</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">session_index</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nq</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">name_id_format</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">spnq</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_request.html#OneLogin_Saml2_Logout_Request"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
+<p>This class handles a Logout Request.</p>
+<p>Builds a Logout Response object and validates it.</p>
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_error">
+<span class="sig-name descname"><span class="pre">get_error</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_error"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_error" title="Permalink to this definition"></a></dt>
+<dd><p>After executing a validation process, if it fails this method returns the cause</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_id">
+<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_id</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_id"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_id" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the ID of the Logout Request
+:param request: Logout Request Message
+:type request: string|DOMDocument
+:return: string ID
+:rtype: str object</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_issuer">
+<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_issuer</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_issuer"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_issuer" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the Issuer of the Logout Request Message
+:param request: Logout Request Message
+:type request: string|DOMDocument
+:return: The Issuer
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid">
+<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_nameid</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">key</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_nameid"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the NameID of the Logout Request Message
+:param request: Logout Request Message
+:type request: string|DOMDocument
+:param key: The SP key
+:type key: string
+:return: Name ID Value
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid_data">
+<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_nameid_data</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">key</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_nameid_data"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid_data" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the NameID Data of the the Logout Request
+:param request: Logout Request Message
+:type request: string|DOMDocument
+:param key: The SP key
+:type key: string
+:return: Name ID Data (Value, Format, NameQualifier, SPNameQualifier)
+:rtype: dict</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid_format">
+<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_nameid_format</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">key</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_nameid_format"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid_format" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the NameID Format of the Logout Request Message
+:param request: Logout Request Message
+:type request: string|DOMDocument
+:param key: The SP key
+:type key: string
+:return: Name ID Format
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_request">
+<span class="sig-name descname"><span class="pre">get_request</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">deflate</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_request"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_request" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the Logout Request deflated, base64encoded
+:param deflate: It makes the deflate process optional
+:type: bool
+:return: Logout Request maybe deflated and base64 encoded
+:rtype: str object</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_session_indexes">
+<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_session_indexes</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_session_indexes"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_session_indexes" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the SessionIndexes from the Logout Request
+:param request: Logout Request Message
+:type request: string|DOMDocument
+:return: The SessionIndex value
+:rtype: list</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_xml">
+<span class="sig-name descname"><span class="pre">get_xml</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_xml"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_xml" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the XML that will be sent as part of the request
+or that was received at the SP
+:return: XML request body
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.is_valid">
+<span class="sig-name descname"><span class="pre">is_valid</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_data</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">raise_exceptions</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.is_valid"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.is_valid" title="Permalink to this definition"></a></dt>
+<dd><p>Checks if the Logout Request received is valid
+:param request_data: Request Data
+:type request_data: dict</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>raise_exceptions</strong> (<em>Boolean</em>) – Whether to return false on failure or raise an exception</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>If the Logout Request is or not valid</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>boolean</p>
+</dd>
+</dl>
+</dd></dl>
+
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.logout_response">
+<span id="onelogin-saml2-logout-response-module"></span><h2>onelogin.saml2.logout_response module<a class="headerlink" href="#module-onelogin.saml2.logout_response" title="Permalink to this heading"></a></h2>
+<p>OneLogin_Saml2_Logout_Response class</p>
+<p>Logout Response class of SAML Python Toolkit.</p>
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.logout_response.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_Logout_Response</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">settings</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">response</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_response.html#OneLogin_Saml2_Logout_Response"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
+<p>This class  handles a Logout Response. It Builds or parses a Logout Response object
+and validates it.</p>
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.build">
+<span class="sig-name descname"><span class="pre">build</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">in_response_to</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">status</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'urn:oasis:names:tc:SAML:2.0:status:Success'</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.build"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.build" title="Permalink to this definition"></a></dt>
+<dd><p>Creates a Logout Response object.
+:param in_response_to: InResponseTo value for the Logout Response.
+:type in_response_to: string
+:param: status: The status of the response
+:type: status: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_error">
+<span class="sig-name descname"><span class="pre">get_error</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.get_error"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_error" title="Permalink to this definition"></a></dt>
+<dd><p>After executing a validation process, if it fails this method returns the cause</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_in_response_to">
+<span class="sig-name descname"><span class="pre">get_in_response_to</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.get_in_response_to"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_in_response_to" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the ID of the LogoutRequest which this response is in response to
+:returns: ID of LogoutRequest this LogoutResponse is in response to or None if it is not present
+:rtype: str</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_issuer">
+<span class="sig-name descname"><span class="pre">get_issuer</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.get_issuer"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_issuer" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the Issuer of the Logout Response Message
+:return: The Issuer
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_response">
+<span class="sig-name descname"><span class="pre">get_response</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">deflate</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.get_response"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_response" title="Permalink to this definition"></a></dt>
+<dd><p>Returns a Logout Response object.
+:param deflate: It makes the deflate process optional
+:type: bool
+:return: Logout Response maybe deflated and base64 encoded
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_status">
+<span class="sig-name descname"><span class="pre">get_status</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.get_status"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_status" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the Status
+:return: The Status
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_xml">
+<span class="sig-name descname"><span class="pre">get_xml</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.get_xml"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_xml" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the XML that will be sent as part of the response
+or that was received at the SP
+:return: XML response body
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.is_valid">
+<span class="sig-name descname"><span class="pre">is_valid</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_data</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">request_id</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">raise_exceptions</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.is_valid"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.is_valid" title="Permalink to this definition"></a></dt>
+<dd><p>Determines if the SAML LogoutResponse is valid
+:param request_id: The ID of the LogoutRequest sent by this SP to the IdP
+:type request_id: string</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>raise_exceptions</strong> (<em>Boolean</em>) – Whether to return false on failure or raise an exception</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>Returns if the SAML LogoutResponse is or not valid</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>boolean</p>
+</dd>
+</dl>
+</dd></dl>
+
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.metadata">
+<span id="onelogin-saml2-metadata-module"></span><h2>onelogin.saml2.metadata module<a class="headerlink" href="#module-onelogin.saml2.metadata" title="Permalink to this heading"></a></h2>
+<p>OneLoginSaml2Metadata class</p>
+<p>Metadata class of SAML Python Toolkit.</p>
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.metadata.OneLogin_Saml2_Metadata">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.metadata.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_Metadata</span></span><a class="reference internal" href="_modules/onelogin/saml2/metadata.html#OneLogin_Saml2_Metadata"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.metadata.OneLogin_Saml2_Metadata" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
+<p>A class that contains methods related to the metadata of the SP</p>
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.metadata.OneLogin_Saml2_Metadata.TIME_CACHED">
+<span class="sig-name descname"><span class="pre">TIME_CACHED</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">604800</span></em><a class="headerlink" href="#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.TIME_CACHED" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.metadata.OneLogin_Saml2_Metadata.TIME_VALID">
+<span class="sig-name descname"><span class="pre">TIME_VALID</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">172800</span></em><a class="headerlink" href="#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.TIME_VALID" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.metadata.OneLogin_Saml2_Metadata.add_x509_key_descriptors">
+<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">add_x509_key_descriptors</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">metadata</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">cert</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">add_encryption</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/metadata.html#OneLogin_Saml2_Metadata.add_x509_key_descriptors"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.add_x509_key_descriptors" title="Permalink to this definition"></a></dt>
+<dd><p>Adds the x509 descriptors (sign/encryption) to the metadata
+The same cert will be used for sign/encrypt</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>metadata</strong> (<em>string</em>) – SAML Metadata XML</p></li>
+<li><p><strong>cert</strong> (<em>string</em>) – x509 cert</p></li>
+<li><p><strong>add_encryption</strong> (<em>boolean</em>) – Determines if the KeyDescriptor[use=”encryption”] should be added.</p></li>
+</ul>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>Metadata with KeyDescriptors</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.metadata.OneLogin_Saml2_Metadata.builder">
+<em class="property"><span class="pre">classmethod</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">builder</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">sp</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">authnsign</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">wsign</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">valid_until</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">cache_duration</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">contacts</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">organization</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/metadata.html#OneLogin_Saml2_Metadata.builder"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.builder" title="Permalink to this definition"></a></dt>
+<dd><p>Builds the metadata of the SP</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>sp</strong> (<em>string</em>) – The SP data</p></li>
+<li><p><strong>authnsign</strong> (<em>string</em>) – authnRequestsSigned attribute</p></li>
+<li><p><strong>wsign</strong> (<em>string</em>) – wantAssertionsSigned attribute</p></li>
+<li><p><strong>valid_until</strong> (<em>string</em><em>|</em><em>DateTime</em><em>|</em><em>Timestamp</em>) – Metadata’s expiry date</p></li>
+<li><p><strong>cache_duration</strong> (<em>int</em><em>|</em><em>string</em>) – Duration of the cache in seconds</p></li>
+<li><p><strong>contacts</strong> (<em>dict</em>) – Contacts info</p></li>
+<li><p><strong>organization</strong> (<em>dict</em>) – Organization info</p></li>
+</ul>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.metadata.OneLogin_Saml2_Metadata.sign_metadata">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">sign_metadata</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">metadata</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">key</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">cert</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">sign_algorithm</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">digest_algorithm</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'http://www.w3.org/2001/04/xmlenc#sha256'</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/metadata.html#OneLogin_Saml2_Metadata.sign_metadata"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.metadata.OneLogin_Saml2_Metadata.sign_metadata" title="Permalink to this definition"></a></dt>
+<dd><p>Signs the metadata with the key/cert provided</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>metadata</strong> (<em>string</em>) – SAML Metadata XML</p></li>
+<li><p><strong>key</strong> (<em>string</em>) – x509 key</p></li>
+<li><p><strong>cert</strong> (<em>string</em>) – x509 cert</p></li>
+<li><p><strong>sign_algorithm</strong> (<em>string</em>) – Signature algorithm method</p></li>
+<li><p><strong>digest_algorithm</strong> (<em>string</em>) – Digest algorithm method</p></li>
+</ul>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>Signed Metadata</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.response">
+<span id="onelogin-saml2-response-module"></span><h2>onelogin.saml2.response module<a class="headerlink" href="#module-onelogin.saml2.response" title="Permalink to this heading"></a></h2>
+<p>OneLogin_Saml2_Response class</p>
+<p>SAML Response class of SAML Python Toolkit.</p>
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.response.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_Response</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">settings</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">response</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
+<p>This class handles a SAML Response. It parses or validates
+a Logout Response object.</p>
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.check_one_authnstatement">
+<span class="sig-name descname"><span class="pre">check_one_authnstatement</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.check_one_authnstatement"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.check_one_authnstatement" title="Permalink to this definition"></a></dt>
+<dd><p>Checks that the samlp:Response/saml:Assertion/saml:AuthnStatement element exists and is unique.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.check_one_condition">
+<span class="sig-name descname"><span class="pre">check_one_condition</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.check_one_condition"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.check_one_condition" title="Permalink to this definition"></a></dt>
+<dd><p>Checks that the samlp:Response/saml:Assertion/saml:Conditions element exists and is unique.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.check_status">
+<span class="sig-name descname"><span class="pre">check_status</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.check_status"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.check_status" title="Permalink to this definition"></a></dt>
+<dd><p>Check if the status of the response is success or not</p>
+<dl class="field-list simple">
+<dt class="field-odd">Raises<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Exception. If the status is not success</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_id">
+<span class="sig-name descname"><span class="pre">get_assertion_id</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_assertion_id"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_id" title="Permalink to this definition"></a></dt>
+<dd><dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>the ID of the assertion in the response</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_issue_instant">
+<span class="sig-name descname"><span class="pre">get_assertion_issue_instant</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_assertion_issue_instant"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_issue_instant" title="Permalink to this definition"></a></dt>
+<dd><dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>the IssueInstant of the assertion in the response</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>unix/posix timestamp|None</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_not_on_or_after">
+<span class="sig-name descname"><span class="pre">get_assertion_not_on_or_after</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_assertion_not_on_or_after"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_not_on_or_after" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the NotOnOrAfter value of the valid SubjectConfirmationData node if any</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_attributes">
+<span class="sig-name descname"><span class="pre">get_attributes</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_attributes"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_attributes" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the Attributes from the AttributeStatement element.
+EncryptedAttributes are not supported</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_audiences">
+<span class="sig-name descname"><span class="pre">get_audiences</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_audiences"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_audiences" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the audiences</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The valid audiences for the SAML Response</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>list</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_authn_contexts">
+<span class="sig-name descname"><span class="pre">get_authn_contexts</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_authn_contexts"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_authn_contexts" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the authentication contexts</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The authentication classes for the SAML Response</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>list</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_error">
+<span class="sig-name descname"><span class="pre">get_error</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_error"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_error" title="Permalink to this definition"></a></dt>
+<dd><p>After executing a validation process, if it fails this method returns the cause</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_friendlyname_attributes">
+<span class="sig-name descname"><span class="pre">get_friendlyname_attributes</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_friendlyname_attributes"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_friendlyname_attributes" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the Attributes from the AttributeStatement element indexed by FiendlyName.
+EncryptedAttributes are not supported</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_id">
+<span class="sig-name descname"><span class="pre">get_id</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_id"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_id" title="Permalink to this definition"></a></dt>
+<dd><dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>the ID of the response</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_in_response_to">
+<span class="sig-name descname"><span class="pre">get_in_response_to</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_in_response_to"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_in_response_to" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the ID of the request which this response is in response to
+:returns: ID of AuthNRequest this Response is in response to or None if it is not present
+:rtype: str</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_issuers">
+<span class="sig-name descname"><span class="pre">get_issuers</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_issuers"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_issuers" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the issuers (from message and from assertion)</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The issuers</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>list</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid">
+<span class="sig-name descname"><span class="pre">get_nameid</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_nameid"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the NameID provided by the SAML Response from the IdP</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>NameID (value)</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string|None</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_data">
+<span class="sig-name descname"><span class="pre">get_nameid_data</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_nameid_data"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_data" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the NameID Data provided by the SAML Response from the IdP</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Name ID Data (Value, Format, NameQualifier, SPNameQualifier)</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_format">
+<span class="sig-name descname"><span class="pre">get_nameid_format</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_nameid_format"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_format" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the NameID Format provided by the SAML Response from the IdP</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>NameID Format</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string|None</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_nq">
+<span class="sig-name descname"><span class="pre">get_nameid_nq</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_nameid_nq"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_nq" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the NameID NameQualifier provided by the SAML Response from the IdP</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>NameID NameQualifier</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string|None</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_spnq">
+<span class="sig-name descname"><span class="pre">get_nameid_spnq</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_nameid_spnq"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_spnq" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the NameID SP NameQualifier provided by the SAML response from the IdP.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>NameID SP NameQualifier</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string|None</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_session_index">
+<span class="sig-name descname"><span class="pre">get_session_index</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_session_index"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_session_index" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the SessionIndex from the AuthnStatement
+Could be used to be stored in the local session in order
+to be used in a future Logout Request that the SP could
+send to the SP, to set what specific session must be deleted</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The SessionIndex value</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string|None</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_session_not_on_or_after">
+<span class="sig-name descname"><span class="pre">get_session_not_on_or_after</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_session_not_on_or_after"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_session_not_on_or_after" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the SessionNotOnOrAfter from the AuthnStatement
+Could be used to set the local session expiration</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The SessionNotOnOrAfter value</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>time|None</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.get_xml_document">
+<span class="sig-name descname"><span class="pre">get_xml_document</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.get_xml_document"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.get_xml_document" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the SAML Response document (If contains an encrypted assertion, decrypts it)</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Decrypted XML response document</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>DOMDocument</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.is_valid">
+<span class="sig-name descname"><span class="pre">is_valid</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_data</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">request_id</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">raise_exceptions</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.is_valid"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.is_valid" title="Permalink to this definition"></a></dt>
+<dd><p>Validates the response object.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>request_data</strong> (<em>dict</em>) – Request Data</p></li>
+<li><p><strong>request_id</strong> (<em>string</em>) – Optional argument. The ID of the AuthNRequest sent by this SP to the IdP</p></li>
+<li><p><strong>raise_exceptions</strong> (<em>Boolean</em>) – Whether to return false on failure or raise an exception</p></li>
+</ul>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>True if the SAML Response is valid, False if not</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>bool</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.process_signed_elements">
+<span class="sig-name descname"><span class="pre">process_signed_elements</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.process_signed_elements"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.process_signed_elements" title="Permalink to this definition"></a></dt>
+<dd><dl class="simple">
+<dt>Verifies the signature nodes:</dt><dd><ul class="simple">
+<li><p>Checks that are Response or Assertion</p></li>
+<li><p>Check that IDs and reference URI are unique and consistent.</p></li>
+</ul>
+</dd>
+</dl>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The signed elements tag names</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>list</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.validate_num_assertions">
+<span class="sig-name descname"><span class="pre">validate_num_assertions</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.validate_num_assertions"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.validate_num_assertions" title="Permalink to this definition"></a></dt>
+<dd><p>Verifies that the document only contains a single Assertion (encrypted or not)</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>True if only 1 assertion encrypted or not</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>bool</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.validate_signed_elements">
+<span class="sig-name descname"><span class="pre">validate_signed_elements</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">signed_elements</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.validate_signed_elements"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.validate_signed_elements" title="Permalink to this definition"></a></dt>
+<dd><p>Verifies that the document has the expected signed nodes.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>signed_elements</strong> (<em>list</em>) – The signed elements to be checked</p></li>
+<li><p><strong>raise_exceptions</strong> (<em>Boolean</em>) – Whether to return false on failure or raise an exception</p></li>
+</ul>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.response.OneLogin_Saml2_Response.validate_timestamps">
+<span class="sig-name descname"><span class="pre">validate_timestamps</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/response.html#OneLogin_Saml2_Response.validate_timestamps"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.response.OneLogin_Saml2_Response.validate_timestamps" title="Permalink to this definition"></a></dt>
+<dd><p>Verifies that the document is valid according to Conditions Element</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>True if the condition is valid, False otherwise</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>bool</p>
+</dd>
+</dl>
+</dd></dl>
+
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.settings">
+<span id="onelogin-saml2-settings-module"></span><h2>onelogin.saml2.settings module<a class="headerlink" href="#module-onelogin.saml2.settings" title="Permalink to this heading"></a></h2>
+<p>OneLogin_Saml2_Settings class</p>
+<p>Copyright (c) 2010-2021 OneLogin, Inc.
+MIT License</p>
+<p>Setting class of OneLogin’s Python Toolkit.</p>
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.settings.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_Settings</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">settings</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">custom_base_path</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">sp_validation_only</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
+<p>Handles the settings of the Python toolkits.</p>
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.check_idp_settings">
+<span class="sig-name descname"><span class="pre">check_idp_settings</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">settings</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.check_idp_settings"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_idp_settings" title="Permalink to this definition"></a></dt>
+<dd><p>Checks the IdP settings info.
+:param settings: Dict with settings data
+:type settings: dict
+:returns: Errors found on the IdP settings data
+:rtype: list</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.check_settings">
+<span class="sig-name descname"><span class="pre">check_settings</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">settings</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.check_settings"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_settings" title="Permalink to this definition"></a></dt>
+<dd><p>Checks the settings info.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>settings</strong> (<em>dict</em>) – Dict with settings data</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>Errors found on the settings data</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>list</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.check_sp_certs">
+<span class="sig-name descname"><span class="pre">check_sp_certs</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.check_sp_certs"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_sp_certs" title="Permalink to this definition"></a></dt>
+<dd><p>Checks if the x509 certs of the SP exists and are valid.
+:returns: If the x509 certs of the SP exists and are valid
+:rtype: boolean</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.check_sp_settings">
+<span class="sig-name descname"><span class="pre">check_sp_settings</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">settings</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.check_sp_settings"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.check_sp_settings" title="Permalink to this definition"></a></dt>
+<dd><p>Checks the SP settings info.
+:param settings: Dict with settings data
+:type settings: dict
+:returns: Errors found on the SP settings data
+:rtype: list</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.format_idp_cert">
+<span class="sig-name descname"><span class="pre">format_idp_cert</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.format_idp_cert"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_idp_cert" title="Permalink to this definition"></a></dt>
+<dd><p>Formats the IdP cert.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.format_idp_cert_multi">
+<span class="sig-name descname"><span class="pre">format_idp_cert_multi</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.format_idp_cert_multi"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_idp_cert_multi" title="Permalink to this definition"></a></dt>
+<dd><p>Formats the Multple IdP certs.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_cert">
+<span class="sig-name descname"><span class="pre">format_sp_cert</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.format_sp_cert"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_cert" title="Permalink to this definition"></a></dt>
+<dd><p>Formats the SP cert.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_cert_new">
+<span class="sig-name descname"><span class="pre">format_sp_cert_new</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.format_sp_cert_new"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_cert_new" title="Permalink to this definition"></a></dt>
+<dd><p>Formats the SP cert.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_key">
+<span class="sig-name descname"><span class="pre">format_sp_key</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.format_sp_key"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_key" title="Permalink to this definition"></a></dt>
+<dd><p>Formats the private key.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_base_path">
+<span class="sig-name descname"><span class="pre">get_base_path</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_base_path"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_base_path" title="Permalink to this definition"></a></dt>
+<dd><p>Returns base path</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The base toolkit folder path</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_cert_path">
+<span class="sig-name descname"><span class="pre">get_cert_path</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_cert_path"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_cert_path" title="Permalink to this definition"></a></dt>
+<dd><p>Returns cert path</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The cert folder path</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_contacts">
+<span class="sig-name descname"><span class="pre">get_contacts</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_contacts"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_contacts" title="Permalink to this definition"></a></dt>
+<dd><p>Gets contact data.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Contacts info</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_errors">
+<span class="sig-name descname"><span class="pre">get_errors</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_errors"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_errors" title="Permalink to this definition"></a></dt>
+<dd><p>Returns an array with the errors, the array is empty when the settings is ok.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Errors</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>list</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_cert">
+<span class="sig-name descname"><span class="pre">get_idp_cert</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_idp_cert"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_cert" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the x509 public cert of the IdP.
+:returns: IdP public cert
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_data">
+<span class="sig-name descname"><span class="pre">get_idp_data</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_idp_data"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_data" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the IdP data.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>IdP info</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_slo_response_url">
+<span class="sig-name descname"><span class="pre">get_idp_slo_response_url</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_idp_slo_response_url"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_slo_response_url" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the IdP SLO return URL for IdP-initiated logout.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>an URL, the SLO return endpoint of the IdP</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_slo_url">
+<span class="sig-name descname"><span class="pre">get_idp_slo_url</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_idp_slo_url"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_slo_url" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the IdP SLO URL.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>An URL, the SLO endpoint of the IdP</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_sso_url">
+<span class="sig-name descname"><span class="pre">get_idp_sso_url</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_idp_sso_url"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_sso_url" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the IdP SSO URL.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>An URL, the SSO endpoint of the IdP</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_lib_path">
+<span class="sig-name descname"><span class="pre">get_lib_path</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_lib_path"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_lib_path" title="Permalink to this definition"></a></dt>
+<dd><p>Returns lib path</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The library folder path</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_organization">
+<span class="sig-name descname"><span class="pre">get_organization</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_organization"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_organization" title="Permalink to this definition"></a></dt>
+<dd><p>Gets organization data.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Organization info</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_schemas_path">
+<span class="sig-name descname"><span class="pre">get_schemas_path</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_schemas_path"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_schemas_path" title="Permalink to this definition"></a></dt>
+<dd><p>Returns schema path</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The schema folder path</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_security_data">
+<span class="sig-name descname"><span class="pre">get_security_data</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_security_data"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_security_data" title="Permalink to this definition"></a></dt>
+<dd><p>Gets security data.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Security info</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_cert">
+<span class="sig-name descname"><span class="pre">get_sp_cert</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_sp_cert"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_cert" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the x509 public cert of the SP.
+:returns: SP public cert
+:rtype: string or None</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_cert_new">
+<span class="sig-name descname"><span class="pre">get_sp_cert_new</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_sp_cert_new"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_cert_new" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the x509 public of the SP planned
+to be used soon instead the other public cert
+:returns: SP public cert new
+:rtype: string or None</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_data">
+<span class="sig-name descname"><span class="pre">get_sp_data</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_sp_data"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_data" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the SP data.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>SP info</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_key">
+<span class="sig-name descname"><span class="pre">get_sp_key</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_sp_key"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_key" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the x509 private key of the SP.
+:returns: SP private key
+:rtype: string or None</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_metadata">
+<span class="sig-name descname"><span class="pre">get_sp_metadata</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.get_sp_metadata"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_metadata" title="Permalink to this definition"></a></dt>
+<dd><p>Gets the SP metadata. The XML representation.
+:returns: SP metadata (xml)
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.is_debug_active">
+<span class="sig-name descname"><span class="pre">is_debug_active</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.is_debug_active"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.is_debug_active" title="Permalink to this definition"></a></dt>
+<dd><p>Returns if the debug is active.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Debug parameter</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>boolean</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.is_strict">
+<span class="sig-name descname"><span class="pre">is_strict</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.is_strict"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.is_strict" title="Permalink to this definition"></a></dt>
+<dd><p>Returns if the ‘strict’ mode is active.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Strict parameter</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>boolean</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.metadata_class">
+<span class="sig-name descname"><span class="pre">metadata_class</span></span><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.metadata_class" title="Permalink to this definition"></a></dt>
+<dd><p>alias of <a class="reference internal" href="#onelogin.saml2.metadata.OneLogin_Saml2_Metadata" title="onelogin.saml2.metadata.OneLogin_Saml2_Metadata"><code class="xref py py-class docutils literal notranslate"><span class="pre">OneLogin_Saml2_Metadata</span></code></a></p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.set_cert_path">
+<span class="sig-name descname"><span class="pre">set_cert_path</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">path</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.set_cert_path"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.set_cert_path" title="Permalink to this definition"></a></dt>
+<dd><p>Set a new cert path</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.set_strict">
+<span class="sig-name descname"><span class="pre">set_strict</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">value</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.set_strict"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.set_strict" title="Permalink to this definition"></a></dt>
+<dd><p>Activates or deactivates the strict mode.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>value</strong> (<em>boolean</em>) – Strict parameter</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.OneLogin_Saml2_Settings.validate_metadata">
+<span class="sig-name descname"><span class="pre">validate_metadata</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">xml</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#OneLogin_Saml2_Settings.validate_metadata"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.OneLogin_Saml2_Settings.validate_metadata" title="Permalink to this definition"></a></dt>
+<dd><p>Validates an XML SP Metadata.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>xml</strong> (<em>string</em>) – Metadata’s XML that will be validate</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>The list of found errors</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>list</p>
+</dd>
+</dl>
+</dd></dl>
+
+</dd></dl>
+
+<dl class="py function">
+<dt class="sig sig-object py" id="onelogin.saml2.settings.validate_url">
+<span class="sig-prename descclassname"><span class="pre">onelogin.saml2.settings.</span></span><span class="sig-name descname"><span class="pre">validate_url</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">url</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">allow_single_label_domain</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/settings.html#validate_url"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.settings.validate_url" title="Permalink to this definition"></a></dt>
+<dd><p>Auxiliary method to validate an urllib
+:param url: An url to be validated
+:type url: string
+:param allow_single_label_domain: In order to allow or not single label domain
+:type url: bool
+:returns: True if the url is valid
+:rtype: bool</p>
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.utils">
+<span id="onelogin-saml2-utils-module"></span><h2>onelogin.saml2.utils module<a class="headerlink" href="#module-onelogin.saml2.utils" title="Permalink to this heading"></a></h2>
+<p>OneLogin_Saml2_Utils class</p>
+<p>Auxiliary class of SAML Python Toolkit.</p>
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.utils.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_Utils</span></span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
+<p>Auxiliary class that contains several utility methods to parse time,
+urls, add sign, encrypt, decrypt, sign validation, handle xml …</p>
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.ASSERTION_SIGNATURE_XPATH">
+<span class="sig-name descname"><span class="pre">ASSERTION_SIGNATURE_XPATH</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'/samlp:Response/saml:Assertion/ds:Signature'</span></em><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.ASSERTION_SIGNATURE_XPATH" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.RESPONSE_SIGNATURE_XPATH">
+<span class="sig-name descname"><span class="pre">RESPONSE_SIGNATURE_XPATH</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'/samlp:Response/ds:Signature'</span></em><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.RESPONSE_SIGNATURE_XPATH" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT">
+<span class="sig-name descname"><span class="pre">TIME_FORMAT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'%Y-%m-%dT%H:%M:%SZ'</span></em><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT_2">
+<span class="sig-name descname"><span class="pre">TIME_FORMAT_2</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'%Y-%m-%dT%H:%M:%S.%fZ'</span></em><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT_2" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT_WITH_FRAGMENT">
+<span class="sig-name descname"><span class="pre">TIME_FORMAT_WITH_FRAGMENT</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">re.compile('^(\\d{4,4}-\\d{2,2}-\\d{2,2}T\\d{2,2}:\\d{2,2}:\\d{2,2})(\\.\\d*)?Z?$')</span></em><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT_WITH_FRAGMENT" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.add_sign">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">add_sign</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">xml</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">key</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">cert</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">debug</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">sign_algorithm</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">digest_algorithm</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'http://www.w3.org/2001/04/xmlenc#sha256'</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.add_sign"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.add_sign" title="Permalink to this definition"></a></dt>
+<dd><p>Adds signature key and senders certificate to an element (Message or
+Assertion).</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>xml</strong> – The element we should sign</p></li>
+<li><p><strong>key</strong> – The private key</p></li>
+<li><p><strong>cert</strong> – The public</p></li>
+<li><p><strong>debug</strong> – Activate the xmlsec debug</p></li>
+<li><p><strong>sign_algorithm</strong> (<em>string</em>) – Signature algorithm method</p></li>
+<li><p><strong>digest_algorithm</strong> (<em>string</em>) – Digest algorithm method</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string | Document</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>bool</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>Signed XML</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.b64decode">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">b64decode</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">data</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.b64decode"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.b64decode" title="Permalink to this definition"></a></dt>
+<dd><p>base64 decode</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.b64encode">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">b64encode</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">data</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.b64encode"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.b64encode" title="Permalink to this definition"></a></dt>
+<dd><p>base64 encode</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.calculate_x509_fingerprint">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">calculate_x509_fingerprint</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">x509_cert</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">alg</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'sha1'</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.calculate_x509_fingerprint"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.calculate_x509_fingerprint" title="Permalink to this definition"></a></dt>
+<dd><p>Calculates the fingerprint of a formatted x509cert.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>x509_cert</strong> – x509 cert formatted</p></li>
+<li><p><strong>alg</strong> – The algorithm to build the fingerprint</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>fingerprint</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.decode_base64_and_inflate">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">decode_base64_and_inflate</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">value</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ignore_zip</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.decode_base64_and_inflate"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.decode_base64_and_inflate" title="Permalink to this definition"></a></dt>
+<dd><p>base64 decodes and then inflates according to RFC1951
+:param value: a deflated and encoded string
+:type value: string
+:param ignore_zip: ignore zip errors
+:returns: the string after decoding and inflating
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.decrypt_element">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">decrypt_element</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">encrypted_data</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">key</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">debug</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">inplace</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.decrypt_element"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.decrypt_element" title="Permalink to this definition"></a></dt>
+<dd><p>Decrypts an encrypted element.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>encrypted_data</strong> – The encrypted data.</p></li>
+<li><p><strong>key</strong> – The key.</p></li>
+<li><p><strong>debug</strong> – Activate the xmlsec debug</p></li>
+<li><p><strong>inplace</strong> – update passed data with decrypted result</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>lxml.etree.Element | DOMElement | basestring</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>bool</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>bool</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>The decrypted element.</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>lxml.etree.Element</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.deflate_and_base64_encode">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">deflate_and_base64_encode</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">value</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.deflate_and_base64_encode"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.deflate_and_base64_encode" title="Permalink to this definition"></a></dt>
+<dd><p>Deflates and then base64 encodes a string
+:param value: The string to deflate and encode
+:type value: string
+:returns: The deflated and encoded string
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.delete_local_session">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">delete_local_session</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">callback</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.delete_local_session"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.delete_local_session" title="Permalink to this definition"></a></dt>
+<dd><p>Deletes the local session.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.escape_url">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">escape_url</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">url</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">lowercase_urlencoding</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.escape_url"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.escape_url" title="Permalink to this definition"></a></dt>
+<dd><p>escape the non-safe symbols in url
+The encoding used by ADFS 3.0 is not compatible with
+python’s quote_plus (ADFS produces lower case hex numbers and quote_plus produces
+upper case hex numbers)
+:param url: the url to escape
+:type url: str</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>lowercase_urlencoding</strong> (<em>boolean</em>) – lowercase or no</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>the escaped url</p>
+</dd>
+</dl>
+<p>:rtype str</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.format_cert">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">format_cert</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">cert</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">heads</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.format_cert"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.format_cert" title="Permalink to this definition"></a></dt>
+<dd><p>Returns a x509 cert (adding header &amp; footer if required).</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>cert</strong> – A x509 unformatted cert</p></li>
+<li><p><strong>heads</strong> – True if we want to include head and footer</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>boolean</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>Formatted cert</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.format_finger_print">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">format_finger_print</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">fingerprint</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.format_finger_print"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.format_finger_print" title="Permalink to this definition"></a></dt>
+<dd><p>Formats a fingerprint.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>fingerprint</strong> – fingerprint</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Formatted fingerprint</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.format_private_key">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">format_private_key</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">key</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">heads</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.format_private_key"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.format_private_key" title="Permalink to this definition"></a></dt>
+<dd><p>Returns a private key (adding header &amp; footer if required).</p>
+<p>:param key A private key
+:type: string</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>heads</strong> – True if we want to include head and footer</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>boolean</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Formated private key</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.generate_name_id">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">generate_name_id</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">value</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">sp_nq</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">sp_format</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">cert</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">debug</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nq</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.generate_name_id"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.generate_name_id" title="Permalink to this definition"></a></dt>
+<dd><p>Generates a nameID.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>value</strong> – fingerprint</p></li>
+<li><p><strong>sp_nq</strong> – SP Name Qualifier</p></li>
+<li><p><strong>sp_format</strong> – SP Format</p></li>
+<li><p><strong>cert</strong> – IdP Public Cert to encrypt the nameID</p></li>
+<li><p><strong>debug</strong> – Activate the xmlsec debug</p></li>
+<li><p><strong>nq</strong> – IDP Name Qualifier</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>bool</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>DOMElement | XMLSec nameID</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.generate_unique_id">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">generate_unique_id</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.generate_unique_id"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.generate_unique_id" title="Permalink to this definition"></a></dt>
+<dd><p>Generates an unique string (used for example as ID for assertions).</p>
+<dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>A unique string</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.get_expire_time">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_expire_time</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">cache_duration</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">valid_until</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.get_expire_time"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_expire_time" title="Permalink to this definition"></a></dt>
+<dd><p>Compares 2 dates and returns the earliest.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>cache_duration</strong> – The duration, as a string.</p></li>
+<li><p><strong>valid_until</strong> – The valid until date, as a string or as a timestamp</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>The expiration time.</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>int</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_host">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_self_host</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_data</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.get_self_host"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_host" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the current host (which may include a port number part).</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>request_data</strong> – The request as a dict</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The current host</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_routed_url_no_query">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_self_routed_url_no_query</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_data</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.get_self_routed_url_no_query"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_routed_url_no_query" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the routed URL of the current host + current view.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>request_data</strong> – The request as a dict</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The url of current host + current view</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_self_url</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_data</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.get_self_url"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the URL of the current host + current view + query.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>request_data</strong> – The request as a dict</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The url of current host + current view + query</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_host">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_self_url_host</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_data</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.get_self_url_host"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_host" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the protocol + the current host + the port (if different than
+common ports).</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>request_data</strong> – The request as a dict</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Url</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_no_query">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_self_url_no_query</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_data</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.get_self_url_no_query"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_no_query" title="Permalink to this definition"></a></dt>
+<dd><p>Returns the URL of the current host + current view.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>request_data</strong> – The request as a dict</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The url of current host + current view</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.get_status">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">get_status</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">dom</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.get_status"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.get_status" title="Permalink to this definition"></a></dt>
+<dd><p>Gets Status from a Response.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>dom</strong> – The Response as XML</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>Document</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The Status, an array with the code and a message.</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.is_https">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">is_https</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request_data</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.is_https"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.is_https" title="Permalink to this definition"></a></dt>
+<dd><p>Checks if https or http.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>request_data</strong> – The request as a dict</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>False if https is not active</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>boolean</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.normalize_url">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">normalize_url</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">url</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.normalize_url"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.normalize_url" title="Permalink to this definition"></a></dt>
+<dd><p>Returns normalized URL for comparison.
+This method converts the netloc to lowercase, as it should be case-insensitive (per RFC 4343, RFC 7617)
+If standardization fails, the original URL is returned
+Python documentation indicates that URL split also normalizes query strings if empty query fields are present</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>url</strong> (<em>String</em>) – URL</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>A normalized URL, or the given URL string if parsing fails</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>String</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.now">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">now</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.now"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.now" title="Permalink to this definition"></a></dt>
+<dd><dl class="field-list simple">
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>unix timestamp of actual time.</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>int</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_SAML_to_time">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">parse_SAML_to_time</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">timestr</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.parse_SAML_to_time"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_SAML_to_time" title="Permalink to this definition"></a></dt>
+<dd><p>Converts a SAML2 timestamp on the form yyyy-mm-ddThh:mm:ss(.s+)?Z
+to a UNIX timestamp. The sub-second part is ignored.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>timestr</strong> – The time we should convert (SAML Timestamp).</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Converted to a unix timestamp.</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>int</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_duration">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">parse_duration</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">duration</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">timestamp</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.parse_duration"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_duration" title="Permalink to this definition"></a></dt>
+<dd><p>Interprets a ISO8601 duration value relative to a given timestamp.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>duration</strong> – The duration, as a string.</p></li>
+<li><p><strong>timestamp</strong> – The unix timestamp we should apply the duration to.
+Optional, default to the current time.</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Returns<span class="colon">:</span></dt>
+<dd class="field-even"><p>The new timestamp, after the duration is applied.</p>
+</dd>
+<dt class="field-odd">Return type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>int</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_time_to_SAML">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">parse_time_to_SAML</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">time</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.parse_time_to_SAML"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_time_to_SAML" title="Permalink to this definition"></a></dt>
+<dd><p>Converts a UNIX timestamp to SAML2 timestamp on the form
+yyyy-mm-ddThh:mm:ss(.s+)?Z.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><p><strong>time</strong> – The time we should convert (DateTime).</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>SAML2 timestamp.</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.redirect">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">redirect</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">url</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">parameters</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">{}</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">request_data</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">{}</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.redirect"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.redirect" title="Permalink to this definition"></a></dt>
+<dd><p>Executes a redirection to the provided url (or return the target url).</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>url</strong> – The target url</p></li>
+<li><p><strong>parameters</strong> – Extra parameters to be passed as part of the url</p></li>
+<li><p><strong>request_data</strong> – The request as a dict</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>dict</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>dict</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Url</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.sign_binary">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">sign_binary</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">msg</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">key</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">algorithm</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">__Transform('rsa-sha256',</span> <span class="pre">'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',</span> <span class="pre">8)</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">debug</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.sign_binary"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.sign_binary" title="Permalink to this definition"></a></dt>
+<dd><p>Sign binary message</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>msg</strong> – The element we should validate</p></li>
+<li><p><strong>key</strong> – The private key</p></li>
+<li><p><strong>debug</strong> – Activate the xmlsec debug</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>bytes</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>bool</p>
+</dd>
+</dl>
+<p>:return signed message
+:rtype str</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_binary_sign">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">validate_binary_sign</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">signed_query</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">signature</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">cert</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">algorithm</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">debug</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.validate_binary_sign"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_binary_sign" title="Permalink to this definition"></a></dt>
+<dd><p>Validates signed binary data (Used to validate GET Signature).</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>signed_query</strong> – The element we should validate</p></li>
+<li><p><strong>signature</strong> – The signature that will be validate</p></li>
+<li><p><strong>cert</strong> – The public cert</p></li>
+<li><p><strong>algorithm</strong> – Signature algorithm</p></li>
+<li><p><strong>debug</strong> – Activate the xmlsec debug</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>bool</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_metadata_sign">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">validate_metadata_sign</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">xml</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">cert</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">fingerprint</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">fingerprintalg</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'sha1'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">validatecert</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">debug</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.validate_metadata_sign"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_metadata_sign" title="Permalink to this definition"></a></dt>
+<dd><p>Validates a signature of a EntityDescriptor.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>xml</strong> – The element we should validate</p></li>
+<li><p><strong>cert</strong> – The public cert</p></li>
+<li><p><strong>fingerprint</strong> – The fingerprint of the public cert</p></li>
+<li><p><strong>fingerprintalg</strong> – The algorithm used to build the fingerprint</p></li>
+<li><p><strong>validatecert</strong> – If true, will verify the signature and if the cert is valid.</p></li>
+<li><p><strong>debug</strong> – Activate the xmlsec debug</p></li>
+<li><p><strong>raise_exceptions</strong> (<em>Boolean</em>) – Whether to return false on failure or raise an exception</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string | Document</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>bool</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>bool</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_node_sign">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">validate_node_sign</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">signature_node</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">elem</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">cert</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">fingerprint</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">fingerprintalg</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'sha1'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">validatecert</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">debug</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.validate_node_sign"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_node_sign" title="Permalink to this definition"></a></dt>
+<dd><p>Validates a signature node.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>signature_node</strong> – The signature node</p></li>
+<li><p><strong>xml</strong> – The element we should validate</p></li>
+<li><p><strong>cert</strong> – The public cert</p></li>
+<li><p><strong>fingerprint</strong> – The fingerprint of the public cert</p></li>
+<li><p><strong>fingerprintalg</strong> – The algorithm used to build the fingerprint</p></li>
+<li><p><strong>validatecert</strong> – If true, will verify the signature and if the cert is valid.</p></li>
+<li><p><strong>debug</strong> – Activate the xmlsec debug</p></li>
+<li><p><strong>raise_exceptions</strong> (<em>Boolean</em>) – Whether to return false on failure or raise an exception</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>Node</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Document</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>bool</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>bool</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_sign">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">validate_sign</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">xml</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">cert</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">fingerprint</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">fingerprintalg</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">'sha1'</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">validatecert</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">debug</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">xpath</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">multicerts</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#OneLogin_Saml2_Utils.validate_sign"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_sign" title="Permalink to this definition"></a></dt>
+<dd><p>Validates a signature (Message or Assertion).</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>xml</strong> – The element we should validate</p></li>
+<li><p><strong>cert</strong> – The public cert</p></li>
+<li><p><strong>fingerprint</strong> – The fingerprint of the public cert</p></li>
+<li><p><strong>fingerprintalg</strong> – The algorithm used to build the fingerprint</p></li>
+<li><p><strong>validatecert</strong> – If true, will verify the signature and if the cert is valid.</p></li>
+<li><p><strong>debug</strong> – Activate the xmlsec debug</p></li>
+<li><p><strong>xpath</strong> – The xpath of the signed element</p></li>
+<li><p><strong>multicerts</strong> – Multiple public certs</p></li>
+<li><p><strong>raise_exceptions</strong> (<em>Boolean</em>) – Whether to return false on failure or raise an exception</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string | Document</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>bool</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>bool</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>string</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>list</p>
+</dd>
+</dl>
+</dd></dl>
+
+</dd></dl>
+
+<dl class="py function">
+<dt class="sig sig-object py" id="onelogin.saml2.utils.return_false_on_exception">
+<span class="sig-prename descclassname"><span class="pre">onelogin.saml2.utils.</span></span><span class="sig-name descname"><span class="pre">return_false_on_exception</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">func</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/utils.html#return_false_on_exception"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.utils.return_false_on_exception" title="Permalink to this definition"></a></dt>
+<dd><p>Decorator. When applied to a function, it will, by default, suppress any exceptions
+raised by that function and return False. It may be overridden by passing a
+“raise_exceptions” keyword argument when calling the wrapped function.</p>
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.xml_templates">
+<span id="onelogin-saml2-xml-templates-module"></span><h2>onelogin.saml2.xml_templates module<a class="headerlink" href="#module-onelogin.saml2.xml_templates" title="Permalink to this heading"></a></h2>
+<p>OneLogin_Saml2_Auth class</p>
+<p>Main class of SAML Python Toolkit.</p>
+<p>Initializes the SP SAML instance</p>
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_templates.OneLogin_Saml2_Templates">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.xml_templates.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_Templates</span></span><a class="reference internal" href="_modules/onelogin/saml2/xml_templates.html#OneLogin_Saml2_Templates"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.ATTRIBUTE">
+<span class="sig-name descname"><span class="pre">ATTRIBUTE</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;saml:Attribute</span> <span class="pre">Name=&quot;%s&quot;</span> <span class="pre">NameFormat=&quot;urn:oasis:names:tc:SAML:2.0:attrname-format:basic&quot;&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;saml:AttributeValue</span> <span class="pre">xsi:type=&quot;xs:string&quot;&gt;%s&lt;/saml:AttributeValue&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;/saml:Attribute&gt;'</span></em><a class="headerlink" href="#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.ATTRIBUTE" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.AUTHN_REQUEST">
+<span class="sig-name descname"><span class="pre">AUTHN_REQUEST</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'&lt;samlp:AuthnRequest\n</span>&#160; <span class="pre">xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;\n</span>&#160; <span class="pre">xmlns:saml=&quot;urn:oasis:names:tc:SAML:2.0:assertion&quot;\n</span>&#160; <span class="pre">ID=&quot;%(id)s&quot;\n</span>&#160; <span class="pre">Version=&quot;2.0&quot;%(provider_name)s%(force_authn_str)s%(is_passive_str)s\n</span>&#160; <span class="pre">IssueInstant=&quot;%(issue_instant)s&quot;\n</span>&#160; <span class="pre">Destination=&quot;%(destination)s&quot;\n</span>&#160; <span class="pre">ProtocolBinding=&quot;%(acs_binding)s&quot;\n</span>&#160; <span class="pre">AssertionConsumerServiceURL=&quot;%(assertion_url)s&quot;%(attr_consuming_service_str)s&gt;\n</span>&#160;&#160;&#160; <span class="pre">&lt;saml:Issuer&gt;%(entity_id)s&lt;/saml:Issuer&gt;%(subject_str)s%(nameid_policy_str)s\n%(requested_authn_context_str)s\n&lt;/samlp:AuthnRequest&gt;'</span></em><a class="headerlink" href="#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.AUTHN_REQUEST" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.LOGOUT_REQUEST">
+<span class="sig-name descname"><span class="pre">LOGOUT_REQUEST</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'&lt;samlp:LogoutRequest\n</span>&#160; <span class="pre">xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;\n</span>&#160; <span class="pre">xmlns:saml=&quot;urn:oasis:names:tc:SAML:2.0:assertion&quot;\n</span>&#160; <span class="pre">ID=&quot;%(id)s&quot;\n</span>&#160; <span class="pre">Version=&quot;2.0&quot;\n</span>&#160; <span class="pre">IssueInstant=&quot;%(issue_instant)s&quot;\n</span>&#160; <span class="pre">Destination=&quot;%(single_logout_url)s&quot;&gt;\n</span>&#160;&#160;&#160; <span class="pre">&lt;saml:Issuer&gt;%(entity_id)s&lt;/saml:Issuer&gt;\n</span>&#160;&#160;&#160; <span class="pre">%(name_id)s\n</span>&#160;&#160;&#160; <span class="pre">%(session_index)s\n&lt;/samlp:LogoutRequest&gt;'</span></em><a class="headerlink" href="#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.LOGOUT_REQUEST" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.LOGOUT_RESPONSE">
+<span class="sig-name descname"><span class="pre">LOGOUT_RESPONSE</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'&lt;samlp:LogoutResponse\n</span>&#160; <span class="pre">xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;\n</span>&#160; <span class="pre">xmlns:saml=&quot;urn:oasis:names:tc:SAML:2.0:assertion&quot;\n</span>&#160; <span class="pre">ID=&quot;%(id)s&quot;\n</span>&#160; <span class="pre">Version=&quot;2.0&quot;\n</span>&#160; <span class="pre">IssueInstant=&quot;%(issue_instant)s&quot;\n</span>&#160; <span class="pre">Destination=&quot;%(destination)s&quot;\n</span>&#160; <span class="pre">InResponseTo=&quot;%(in_response_to)s&quot;&gt;\n</span>&#160;&#160;&#160; <span class="pre">&lt;saml:Issuer&gt;%(entity_id)s&lt;/saml:Issuer&gt;\n</span>&#160;&#160;&#160; <span class="pre">&lt;samlp:Status&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;samlp:StatusCode</span> <span class="pre">Value=&quot;%(status)s&quot;</span> <span class="pre">/&gt;\n</span>&#160;&#160;&#160; <span class="pre">&lt;/samlp:Status&gt;\n&lt;/samlp:LogoutResponse&gt;'</span></em><a class="headerlink" href="#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.LOGOUT_RESPONSE" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ATTR_CONSUMER_SERVICE">
+<span class="sig-name descname"><span class="pre">MD_ATTR_CONSUMER_SERVICE</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;md:AttributeConsumingService</span> <span class="pre">index=&quot;1&quot;&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;md:ServiceName</span> <span class="pre">xml:lang=&quot;en&quot;&gt;%(service_name)s&lt;/md:ServiceName&gt;\n%(attr_cs_desc)s%(requested_attribute_str)s\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;/md:AttributeConsumingService&gt;\n'</span></em><a class="headerlink" href="#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ATTR_CONSUMER_SERVICE" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_CONTACT_PERSON">
+<span class="sig-name descname"><span class="pre">MD_CONTACT_PERSON</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'</span>&#160;&#160;&#160; <span class="pre">&lt;md:ContactPerson</span> <span class="pre">contactType=&quot;%(type)s&quot;&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;md:GivenName&gt;%(name)s&lt;/md:GivenName&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;md:EmailAddress&gt;%(email)s&lt;/md:EmailAddress&gt;\n</span>&#160;&#160;&#160; <span class="pre">&lt;/md:ContactPerson&gt;'</span></em><a class="headerlink" href="#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_CONTACT_PERSON" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ENTITY_DESCRIPTOR">
+<span class="sig-name descname"><span class="pre">MD_ENTITY_DESCRIPTOR</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'&lt;?xml</span> <span class="pre">version=&quot;1.0&quot;?&gt;\n&lt;md:EntityDescriptor</span> <span class="pre">xmlns:md=&quot;urn:oasis:names:tc:SAML:2.0:metadata&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">%(valid)s\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">%(cache)s\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">entityID=&quot;%(entity_id)s&quot;&gt;\n</span>&#160;&#160;&#160; <span class="pre">&lt;md:SPSSODescriptor</span> <span class="pre">AuthnRequestsSigned=&quot;%(authnsign)s&quot;</span> <span class="pre">WantAssertionsSigned=&quot;%(wsign)s&quot;</span> <span class="pre">protocolSupportEnumeration=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;&gt;\n%(sls)s</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;md:NameIDFormat&gt;%(name_id_format)s&lt;/md:NameIDFormat&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;md:AssertionConsumerService</span> <span class="pre">Binding=&quot;%(binding)s&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">Location=&quot;%(location)s&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">index=&quot;1&quot;</span> <span class="pre">/&gt;\n%(attribute_consuming_service)s</span>&#160;&#160;&#160; <span class="pre">&lt;/md:SPSSODescriptor&gt;\n%(organization)s\n%(contacts)s\n&lt;/md:EntityDescriptor&gt;'</span></em><a class="headerlink" href="#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ENTITY_DESCRIPTOR" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ORGANISATION">
+<span class="sig-name descname"><span class="pre">MD_ORGANISATION</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'</span>&#160;&#160;&#160; <span class="pre">&lt;md:Organization&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;md:OrganizationName</span> <span class="pre">xml:lang=&quot;%(lang)s&quot;&gt;%(name)s&lt;/md:OrganizationName&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;md:OrganizationDisplayName</span> <span class="pre">xml:lang=&quot;%(lang)s&quot;&gt;%(display_name)s&lt;/md:OrganizationDisplayName&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;md:OrganizationURL</span> <span class="pre">xml:lang=&quot;%(lang)s&quot;&gt;%(url)s&lt;/md:OrganizationURL&gt;\n</span>&#160;&#160;&#160; <span class="pre">&lt;/md:Organization&gt;'</span></em><a class="headerlink" href="#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ORGANISATION" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_REQUESTED_ATTRIBUTE">
+<span class="sig-name descname"><span class="pre">MD_REQUESTED_ATTRIBUTE</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;md:RequestedAttribute</span> <span class="pre">Name=&quot;%(req_attr_name)s&quot;%(req_attr_nameformat_str)s%(req_attr_isrequired_str)s%(req_attr_aux_str)s'</span></em><a class="headerlink" href="#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_REQUESTED_ATTRIBUTE" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_SLS">
+<span class="sig-name descname"><span class="pre">MD_SLS</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;md:SingleLogoutService</span> <span class="pre">Binding=&quot;%(binding)s&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">Location=&quot;%(location)s&quot;</span> <span class="pre">/&gt;\n'</span></em><a class="headerlink" href="#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_SLS" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.RESPONSE">
+<span class="sig-name descname"><span class="pre">RESPONSE</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">'&lt;samlp:Response\n</span>&#160; <span class="pre">xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;\n</span>&#160; <span class="pre">xmlns:saml=&quot;urn:oasis:names:tc:SAML:2.0:assertion&quot;\n</span>&#160; <span class="pre">ID=&quot;%(id)s&quot;\n</span>&#160; <span class="pre">InResponseTo=&quot;%(in_response_to)s&quot;\n</span>&#160; <span class="pre">Version=&quot;2.0&quot;\n</span>&#160; <span class="pre">IssueInstant=&quot;%(issue_instant)s&quot;\n</span>&#160; <span class="pre">Destination=&quot;%(destination)s&quot;&gt;\n</span>&#160;&#160;&#160; <span class="pre">&lt;saml:Issuer&gt;%(entity_id)s&lt;/saml:Issuer&gt;\n</span>&#160;&#160;&#160; <span class="pre">&lt;samlp:Status</span> <span class="pre">xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;samlp:StatusCode\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">Value=&quot;%(status)s&quot;&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;/samlp:StatusCode&gt;\n</span>&#160;&#160;&#160; <span class="pre">&lt;/samlp:Status&gt;\n</span>&#160;&#160;&#160; <span class="pre">&lt;saml:Assertion\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">xmlns:xsi=&quot;http://www.w3.org/2001/XMLSchema-instance&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">xmlns:xs=&quot;http://www.w3.org/2001/XMLSchema&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">Version=&quot;2.0&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">ID=&quot;%(assertion_id)s&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">IssueInstant=&quot;%(issue_instant)s&quot;&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;saml:Issuer&gt;%(entity_id)s&lt;/saml:Issuer&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;saml:Subject&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;saml:NameID\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">NameQualifier=&quot;%(entity_id)s&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">SPNameQualifier=&quot;%(requester)s&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">Format=&quot;%(name_id_policy)s&quot;&gt;%(name_id)s&lt;/saml:NameID&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;saml:SubjectConfirmation</span> <span class="pre">Method=&quot;%(cm)s&quot;&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;saml:SubjectConfirmationData\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">NotOnOrAfter=&quot;%(not_after)s&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">InResponseTo=&quot;%(in_response_to)s&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">Recipient=&quot;%(destination)s&quot;&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;/saml:SubjectConfirmationData&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;/saml:SubjectConfirmation&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;/saml:Subject&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;saml:Conditions</span> <span class="pre">NotBefore=&quot;%(not_before)s&quot;</span> <span class="pre">NotOnOrAfter=&quot;%(not_after)s&quot;&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;saml:AudienceRestriction&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;saml:Audience&gt;%(requester)s&lt;/saml:Audience&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;/saml:AudienceRestriction&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;/saml:Conditions&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;saml:AuthnStatement\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">AuthnInstant=&quot;%(issue_instant)s&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">SessionIndex=&quot;%(session_index)s&quot;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">SessionNotOnOrAfter=&quot;%(not_after)s&quot;&gt;\n%(authn_context)s\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;/saml:AuthnStatement&gt;\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;saml:AttributeStatement&gt;\n%(attributes)s\n</span>&#160;&#160;&#160;&#160;&#160;&#160;&#160; <span class="pre">&lt;/saml:AttributeStatement&gt;\n</span>&#160;&#160;&#160; <span class="pre">&lt;/saml:Assertion&gt;\n&lt;/samlp:Response&gt;'</span></em><a class="headerlink" href="#onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.RESPONSE" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.xml_utils">
+<span id="onelogin-saml2-xml-utils-module"></span><h2>onelogin.saml2.xml_utils module<a class="headerlink" href="#module-onelogin.saml2.xml_utils" title="Permalink to this heading"></a></h2>
+<p>OneLogin_Saml2_XML class</p>
+<p>Auxiliary class of SAML Python Toolkit.</p>
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_utils.OneLogin_Saml2_XML">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.xml_utils.</span></span><span class="sig-name descname"><span class="pre">OneLogin_Saml2_XML</span></span><a class="reference internal" href="_modules/onelogin/saml2/xml_utils.html#OneLogin_Saml2_XML"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xml_utils.OneLogin_Saml2_XML" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_utils.OneLogin_Saml2_XML.cleanup_namespaces">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">cleanup_namespaces</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">tree_or_element</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">top_nsmap</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">keep_ns_prefixes</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xml_utils.html#OneLogin_Saml2_XML.cleanup_namespaces"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.cleanup_namespaces" title="Permalink to this definition"></a></dt>
+<dd><p>Keeps the xmlns:xs namespace intact when etree.cleanup_namespaces is invoked.
+:param tree_or_element: An XML tree or element
+:type tree_or_element: etree.Element
+:param top_nsmap: A mapping from namespace prefixes to namespace URIs
+:type top_nsmap: dict
+:param keep_ns_prefixes: List of prefixes that should not be removed as part of the cleanup
+:type keep_ns_prefixes: list
+:returns: An XML tree or element
+:rtype: etree.Element</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_utils.OneLogin_Saml2_XML.dump">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">dump</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">elem</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">pretty_print</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">with_tail</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.dump" title="Permalink to this definition"></a></dt>
+<dd><p>Writes an element tree or element structure to sys.stdout. This function
+should be used for debugging only.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_utils.OneLogin_Saml2_XML.element_text">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">element_text</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">node</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xml_utils.html#OneLogin_Saml2_XML.element_text"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.element_text" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_utils.OneLogin_Saml2_XML.extract_tag_text">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">extract_tag_text</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">xml</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">tagname</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xml_utils.html#OneLogin_Saml2_XML.extract_tag_text"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.extract_tag_text" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_utils.OneLogin_Saml2_XML.make_child">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">make_child</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">_parent</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">_tag</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">attrib</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nsmap</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="o"><span class="pre">**</span></span><span class="n"><span class="pre">_extra</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.make_child" title="Permalink to this definition"></a></dt>
+<dd><p>SubElement(_parent, _tag, attrib=None, nsmap=None, <a href="#id1"><span class="problematic" id="id2">**</span></a>_extra)</p>
+<p>Subelement factory.  This function creates an element instance, and
+appends it to an existing element.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_utils.OneLogin_Saml2_XML.make_root">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">make_root</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">_tag</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">attrib</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">nsmap</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="o"><span class="pre">**</span></span><span class="n"><span class="pre">_extra</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.make_root" title="Permalink to this definition"></a></dt>
+<dd><p>Element(_tag, attrib=None, nsmap=None, <a href="#id3"><span class="problematic" id="id4">**</span></a>_extra)</p>
+<p>Element factory.  This function returns an object implementing the
+Element interface.</p>
+<p>Also look at the <cite>_Element.makeelement()</cite> and
+<cite>_BaseParser.makeelement()</cite> methods, which provide a faster way to
+create an Element within a specific document or parser context.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_utils.OneLogin_Saml2_XML.query">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">query</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">dom</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">query</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">context</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">tagid</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xml_utils.html#OneLogin_Saml2_XML.query"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.query" title="Permalink to this definition"></a></dt>
+<dd><p>Extracts nodes that match the query from the Element</p>
+<dl class="field-list simple">
+<dt class="field-odd">Parameters<span class="colon">:</span></dt>
+<dd class="field-odd"><ul class="simple">
+<li><p><strong>dom</strong> – The root of the lxml objet</p></li>
+<li><p><strong>query</strong> (<em>String</em>) – Xpath Expresion</p></li>
+<li><p><strong>context</strong> – Context Node</p></li>
+<li><p><strong>tagid</strong> – Tag ID</p></li>
+</ul>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>Element</p>
+</dd>
+<dt class="field-odd">Type<span class="colon">:</span></dt>
+<dd class="field-odd"><p>string</p>
+</dd>
+<dt class="field-even">Type<span class="colon">:</span></dt>
+<dd class="field-even"><p>DOMElement</p>
+</dd>
+<dt class="field-odd">Returns<span class="colon">:</span></dt>
+<dd class="field-odd"><p>The queried nodes</p>
+</dd>
+<dt class="field-even">Return type<span class="colon">:</span></dt>
+<dd class="field-even"><p>list</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_utils.OneLogin_Saml2_XML.to_etree">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">to_etree</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">xml</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xml_utils.html#OneLogin_Saml2_XML.to_etree"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.to_etree" title="Permalink to this definition"></a></dt>
+<dd><p>Parses an XML document or fragment from a string.
+:param xml: the string to parse
+:type xml: str|bytes|xml.dom.minidom.Document|etree.Element
+:returns: the root node
+:rtype: OneLogin_Saml2_XML._element_class</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_utils.OneLogin_Saml2_XML.to_string">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">to_string</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">xml</span></span></em>, <em class="sig-param"><span class="o"><span class="pre">**</span></span><span class="n"><span class="pre">kwargs</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xml_utils.html#OneLogin_Saml2_XML.to_string"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.to_string" title="Permalink to this definition"></a></dt>
+<dd><p>Serialize an element to an encoded string representation of its XML tree.
+:param xml: The root node
+:type xml: str|bytes|xml.dom.minidom.Document|etree.Element
+:returns: string representation of xml
+:rtype: string</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xml_utils.OneLogin_Saml2_XML.validate_xml">
+<em class="property"><span class="pre">static</span><span class="w"> </span></em><span class="sig-name descname"><span class="pre">validate_xml</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">xml</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">schema</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">debug</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xml_utils.html#OneLogin_Saml2_XML.validate_xml"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xml_utils.OneLogin_Saml2_XML.validate_xml" title="Permalink to this definition"></a></dt>
+<dd><p>Validates a xml against a schema
+:param xml: The xml that will be validated
+:type xml: str|bytes|xml.dom.minidom.Document|etree.Element
+:param schema: The schema
+:type schema: string
+:param debug: If debug is active, the parse-errors will be showed
+:type debug: bool
+:returns: Error code or the DomDocument of the xml
+:rtype: xml.dom.minidom.Document</p>
+</dd></dl>
+
+</dd></dl>
+
+</section>
+<section id="module-onelogin.saml2.xmlparser">
+<span id="onelogin-saml2-xmlparser-module"></span><h2>onelogin.saml2.xmlparser module<a class="headerlink" href="#module-onelogin.saml2.xmlparser" title="Permalink to this heading"></a></h2>
+<p>lxml.etree protection</p>
+<dl class="py exception">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.DTDForbidden">
+<em class="property"><span class="pre">exception</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.xmlparser.</span></span><span class="sig-name descname"><span class="pre">DTDForbidden</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">name</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">sysid</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">pubid</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#DTDForbidden"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.DTDForbidden" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">ValueError</span></code></p>
+<p>Document type definition is forbidden</p>
+</dd></dl>
+
+<dl class="py exception">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.EntitiesForbidden">
+<em class="property"><span class="pre">exception</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.xmlparser.</span></span><span class="sig-name descname"><span class="pre">EntitiesForbidden</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">name</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">value</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">base</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">sysid</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">pubid</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">notation_name</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#EntitiesForbidden"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.EntitiesForbidden" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">ValueError</span></code></p>
+<p>Entity definition is forbidden</p>
+</dd></dl>
+
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.GlobalParserTLS">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.xmlparser.</span></span><span class="sig-name descname"><span class="pre">GlobalParserTLS</span></span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#GlobalParserTLS"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.GlobalParserTLS" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">_local</span></code></p>
+<p>Thread local context for custom parser instances</p>
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.GlobalParserTLS.createDefaultParser">
+<span class="sig-name descname"><span class="pre">createDefaultParser</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#GlobalParserTLS.createDefaultParser"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.GlobalParserTLS.createDefaultParser" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.GlobalParserTLS.element_class">
+<span class="sig-name descname"><span class="pre">element_class</span></span><a class="headerlink" href="#onelogin.saml2.xmlparser.GlobalParserTLS.element_class" title="Permalink to this definition"></a></dt>
+<dd><p>alias of <a class="reference internal" href="#onelogin.saml2.xmlparser.RestrictedElement" title="onelogin.saml2.xmlparser.RestrictedElement"><code class="xref py py-class docutils literal notranslate"><span class="pre">RestrictedElement</span></code></a></p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.GlobalParserTLS.getDefaultParser">
+<span class="sig-name descname"><span class="pre">getDefaultParser</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#GlobalParserTLS.getDefaultParser"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.GlobalParserTLS.getDefaultParser" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.GlobalParserTLS.parser_config">
+<span class="sig-name descname"><span class="pre">parser_config</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">{'huge_tree':</span> <span class="pre">False,</span> <span class="pre">'no_network':</span> <span class="pre">True,</span> <span class="pre">'remove_comments':</span> <span class="pre">True,</span> <span class="pre">'remove_pis':</span> <span class="pre">True,</span> <span class="pre">'resolve_entities':</span> <span class="pre">False}</span></em><a class="headerlink" href="#onelogin.saml2.xmlparser.GlobalParserTLS.parser_config" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.GlobalParserTLS.setDefaultParser">
+<span class="sig-name descname"><span class="pre">setDefaultParser</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">parser</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#GlobalParserTLS.setDefaultParser"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.GlobalParserTLS.setDefaultParser" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+</dd></dl>
+
+<dl class="py exception">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.NotSupportedError">
+<em class="property"><span class="pre">exception</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.xmlparser.</span></span><span class="sig-name descname"><span class="pre">NotSupportedError</span></span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#NotSupportedError"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.NotSupportedError" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">ValueError</span></code></p>
+<p>The operation is not supported</p>
+</dd></dl>
+
+<dl class="py class">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.RestrictedElement">
+<em class="property"><span class="pre">class</span><span class="w"> </span></em><span class="sig-prename descclassname"><span class="pre">onelogin.saml2.xmlparser.</span></span><span class="sig-name descname"><span class="pre">RestrictedElement</span></span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#RestrictedElement"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.RestrictedElement" title="Permalink to this definition"></a></dt>
+<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">ElementBase</span></code></p>
+<p>A restricted Element class that filters out instances of some classes</p>
+<dl class="py attribute">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.RestrictedElement.blacklist">
+<span class="sig-name descname"><span class="pre">blacklist</span></span><em class="property"><span class="w"> </span><span class="p"><span class="pre">=</span></span><span class="w"> </span><span class="pre">(&lt;class</span> <span class="pre">'lxml.etree._Entity'&gt;,</span> <span class="pre">&lt;class</span> <span class="pre">'lxml.etree._ProcessingInstruction'&gt;,</span> <span class="pre">&lt;class</span> <span class="pre">'lxml.etree._Comment'&gt;)</span></em><a class="headerlink" href="#onelogin.saml2.xmlparser.RestrictedElement.blacklist" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.RestrictedElement.getchildren">
+<span class="sig-name descname"><span class="pre">getchildren</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">self</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#RestrictedElement.getchildren"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.RestrictedElement.getchildren" title="Permalink to this definition"></a></dt>
+<dd><p>Returns all direct children.  The elements are returned in document
+order.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Deprecated<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Note that this method has been deprecated as of
+ElementTree 1.3 and lxml 2.0.  New code should use
+<code class="docutils literal notranslate"><span class="pre">list(element)</span></code> or simply iterate over elements.</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.RestrictedElement.getiterator">
+<span class="sig-name descname"><span class="pre">getiterator</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">self</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">tag</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="o"><span class="pre">*</span></span><span class="n"><span class="pre">tags</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#RestrictedElement.getiterator"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.RestrictedElement.getiterator" title="Permalink to this definition"></a></dt>
+<dd><p>Returns a sequence or iterator of all elements in the subtree in
+document order (depth first pre-order), starting with this
+element.</p>
+<p>Can be restricted to find only elements with specific tags,
+see <cite>iter</cite>.</p>
+<dl class="field-list simple">
+<dt class="field-odd">Deprecated<span class="colon">:</span></dt>
+<dd class="field-odd"><p>Note that this method is deprecated as of
+ElementTree 1.3 and lxml 2.0.  It returns an iterator in
+lxml, which diverges from the original ElementTree
+behaviour.  If you want an efficient iterator, use the
+<code class="docutils literal notranslate"><span class="pre">element.iter()</span></code> method instead.  You should only use this
+method in new code if you require backwards compatibility
+with older versions of lxml or ElementTree.</p>
+</dd>
+</dl>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.RestrictedElement.iter">
+<span class="sig-name descname"><span class="pre">iter</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">self</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">tag</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="o"><span class="pre">*</span></span><span class="n"><span class="pre">tags</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#RestrictedElement.iter"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.RestrictedElement.iter" title="Permalink to this definition"></a></dt>
+<dd><p>Iterate over all elements in the subtree in document order (depth
+first pre-order), starting with this element.</p>
+<p>Can be restricted to find only elements with specific tags:
+pass <code class="docutils literal notranslate"><span class="pre">&quot;{ns}localname&quot;</span></code> as tag. Either or both of <code class="docutils literal notranslate"><span class="pre">ns</span></code> and
+<code class="docutils literal notranslate"><span class="pre">localname</span></code> can be <code class="docutils literal notranslate"><span class="pre">*</span></code> for a wildcard; <code class="docutils literal notranslate"><span class="pre">ns</span></code> can be empty
+for no namespace. <code class="docutils literal notranslate"><span class="pre">&quot;localname&quot;</span></code> is equivalent to <code class="docutils literal notranslate"><span class="pre">&quot;{}localname&quot;</span></code>
+(i.e. no namespace) but <code class="docutils literal notranslate"><span class="pre">&quot;*&quot;</span></code> is <code class="docutils literal notranslate"><span class="pre">&quot;{*}*&quot;</span></code> (any or no namespace),
+not <code class="docutils literal notranslate"><span class="pre">&quot;{}*&quot;</span></code>.</p>
+<p>You can also pass the Element, Comment, ProcessingInstruction and
+Entity factory functions to look only for the specific element type.</p>
+<p>Passing multiple tags (or a sequence of tags) instead of a single tag
+will let the iterator return all elements matching any of these tags,
+in document order.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.RestrictedElement.iterchildren">
+<span class="sig-name descname"><span class="pre">iterchildren</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">self</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">tag</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="o"><span class="pre">*</span></span><span class="n"><span class="pre">tags</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">reversed</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#RestrictedElement.iterchildren"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.RestrictedElement.iterchildren" title="Permalink to this definition"></a></dt>
+<dd><p>Iterate over the children of this element.</p>
+<p>As opposed to using normal iteration on this element, the returned
+elements can be reversed with the ‘reversed’ keyword and restricted
+to find only elements with specific tags, see <cite>iter</cite>.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.RestrictedElement.iterdescendants">
+<span class="sig-name descname"><span class="pre">iterdescendants</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">self</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">tag</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="o"><span class="pre">*</span></span><span class="n"><span class="pre">tags</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#RestrictedElement.iterdescendants"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.RestrictedElement.iterdescendants" title="Permalink to this definition"></a></dt>
+<dd><p>Iterate over the descendants of this element in document order.</p>
+<p>As opposed to <code class="docutils literal notranslate"><span class="pre">el.iter()</span></code>, this iterator does not yield the element
+itself.  The returned elements can be restricted to find only elements
+with specific tags, see <cite>iter</cite>.</p>
+</dd></dl>
+
+<dl class="py method">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.RestrictedElement.itersiblings">
+<span class="sig-name descname"><span class="pre">itersiblings</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">self</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">tag</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="o"><span class="pre">*</span></span><span class="n"><span class="pre">tags</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">preceding</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#RestrictedElement.itersiblings"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.RestrictedElement.itersiblings" title="Permalink to this definition"></a></dt>
+<dd><p>Iterate over the following or preceding siblings of this element.</p>
+<p>The direction is determined by the ‘preceding’ keyword which
+defaults to False, i.e. forward iteration over the following
+siblings.  When True, the iterator yields the preceding
+siblings in reverse document order, i.e. starting right before
+the current element and going backwards.</p>
+<p>Can be restricted to find only elements with specific tags,
+see <cite>iter</cite>.</p>
+</dd></dl>
+
+</dd></dl>
+
+<dl class="py function">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.XML">
+<span class="sig-prename descclassname"><span class="pre">onelogin.saml2.xmlparser.</span></span><span class="sig-name descname"><span class="pre">XML</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">text</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">parser</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">base_url</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">forbid_dtd</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">forbid_entities</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#onelogin.saml2.xmlparser.XML" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py function">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.check_docinfo">
+<span class="sig-prename descclassname"><span class="pre">onelogin.saml2.xmlparser.</span></span><span class="sig-name descname"><span class="pre">check_docinfo</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">elementtree</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">forbid_dtd</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">forbid_entities</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#check_docinfo"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.check_docinfo" title="Permalink to this definition"></a></dt>
+<dd><p>Check docinfo of an element tree for DTD and entity declarations
+The check for entity declarations needs lxml 3 or newer. lxml 2.x does
+not support dtd.iterentities().</p>
+</dd></dl>
+
+<dl class="py function">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.fromstring">
+<span class="sig-prename descclassname"><span class="pre">onelogin.saml2.xmlparser.</span></span><span class="sig-name descname"><span class="pre">fromstring</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">text</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">parser</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">base_url</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">forbid_dtd</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">forbid_entities</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#fromstring"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.fromstring" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py function">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.getDefaultParser">
+<span class="sig-prename descclassname"><span class="pre">onelogin.saml2.xmlparser.</span></span><span class="sig-name descname"><span class="pre">getDefaultParser</span></span><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="headerlink" href="#onelogin.saml2.xmlparser.getDefaultParser" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py function">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.iterparse">
+<span class="sig-prename descclassname"><span class="pre">onelogin.saml2.xmlparser.</span></span><span class="sig-name descname"><span class="pre">iterparse</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="o"><span class="pre">*</span></span><span class="n"><span class="pre">args</span></span></em>, <em class="sig-param"><span class="o"><span class="pre">**</span></span><span class="n"><span class="pre">kwargs</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#iterparse"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.iterparse" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+<dl class="py function">
+<dt class="sig sig-object py" id="onelogin.saml2.xmlparser.parse">
+<span class="sig-prename descclassname"><span class="pre">onelogin.saml2.xmlparser.</span></span><span class="sig-name descname"><span class="pre">parse</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">source</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">parser</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">base_url</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">forbid_dtd</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">forbid_entities</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em><span class="sig-paren">)</span><a class="reference internal" href="_modules/onelogin/saml2/xmlparser.html#parse"><span class="viewcode-link"><span class="pre">[source]</span></span></a><a class="headerlink" href="#onelogin.saml2.xmlparser.parse" title="Permalink to this definition"></a></dt>
+<dd></dd></dl>
+
+</section>
+<section id="module-onelogin.saml2">
+<span id="module-contents"></span><h2>Module contents<a class="headerlink" href="#module-onelogin.saml2" title="Permalink to this heading"></a></h2>
+<p>Add SAML support to your Python softwares using this library.</p>
+<p>SAML Python toolkit let you build a SP (Service Provider)
+over your Python application and connect it to any IdP (Identity Provider).</p>
+<p>Supports:</p>
+<ul class="simple">
+<li><p>SSO and SLO (SP-Initiated and IdP-Initiated).</p></li>
+<li><p>Assertion and nameId encryption.</p></li>
+<li><p>Assertion signature.</p></li>
+<li><p>Message signature: AuthNRequest, LogoutRequest, LogoutResponses.</p></li>
+<li><p>Enable an Assertion Consumer Service endpoint.</p></li>
+<li><p>Enable a Single Logout Service endpoint.</p></li>
+<li><p>Publish the SP metadata (which can be signed).</p></li>
+</ul>
+</section>
+</section>
+
+
+           </div>
+          </div>
+          <footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
+        <a href="onelogin.html" class="btn btn-neutral float-left" title="onelogin package" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
+    </div>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>
\ No newline at end of file
diff --git a/docs/saml2/py-modindex.html b/docs/saml2/py-modindex.html
index e7321859..fad1efc2 100644
--- a/docs/saml2/py-modindex.html
+++ b/docs/saml2/py-modindex.html
@@ -1,154 +1,200 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>Python Module Index &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="_static/jquery.js?v=5d32c60e"></script>
+        <script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="./" id="documentation_options" src="_static/documentation_options.js?v=404a92a0"></script>
+        <script src="_static/doctools.js?v=888ff710"></script>
+        <script src="_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="genindex.html" />
+    <link rel="search" title="Search" href="search.html" />
+ 
 
 
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>Python Class Index &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="_static/jquery.js"></script>
-    <script type="text/javascript" src="_static/underscore.js"></script>
-    <script type="text/javascript" src="_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="index.html" />
- 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="onelogin.html">onelogin package</a></li>
+</ul>
 
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="index.html">SAML Python2/3 Toolkit</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="index.html" class="icon icon-home" aria-label="Home"></a></li>
+      <li class="breadcrumb-item active">Python Module Index</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="#" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li> 
-      </ul>
-    </div>  
-
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-
-   <h1>Python Class Index</h1>
-
-   <table class="indextable modindextable" cellspacing="0" cellpadding="2">
+   <h1>Python Module Index</h1>
+
+   <div class="modindex-jumpbox">
+   <a href="#cap-o"><strong>o</strong></a>
+   </div>
+
+   <table class="indextable modindextable">
+     <tr class="pcap"><td></td><td>&#160;</td><td></td></tr>
+     <tr class="cap" id="cap-o"><td></td><td>
+       <strong>o</strong></td><td></td></tr>
      <tr>
        <td><img src="_static/minus.png" class="toggler"
               id="toggle-1" style="display: none" alt="-" /></td>
        <td>
-       <tt class="xref">saml2</tt></td><td>
+       <a href="onelogin.html#module-onelogin"><code class="xref">onelogin</code></a></td><td>
+       <em></em></td></tr>
+     <tr class="cg-1">
+       <td></td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2"><code class="xref">onelogin.saml2</code></a></td><td>
+       <em></em></td></tr>
+     <tr class="cg-1">
+       <td></td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.auth"><code class="xref">onelogin.saml2.auth</code></a></td><td>
+       <em></em></td></tr>
+     <tr class="cg-1">
+       <td></td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.authn_request"><code class="xref">onelogin.saml2.authn_request</code></a></td><td>
+       <em></em></td></tr>
+     <tr class="cg-1">
+       <td></td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.compat"><code class="xref">onelogin.saml2.compat</code></a></td><td>
        <em></em></td></tr>
      <tr class="cg-1">
        <td></td>
-       <td>&nbsp;&nbsp;&nbsp;
-       <a href="saml2.html#module-saml2.auth"><tt class="xref">saml2.auth</tt></a></td><td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.constants"><code class="xref">onelogin.saml2.constants</code></a></td><td>
        <em></em></td></tr>
      <tr class="cg-1">
        <td></td>
-       <td>&nbsp;&nbsp;&nbsp;
-       <a href="saml2.html#module-saml2.authn_request"><tt class="xref">saml2.authn_request</tt></a></td><td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.errors"><code class="xref">onelogin.saml2.errors</code></a></td><td>
        <em></em></td></tr>
      <tr class="cg-1">
        <td></td>
-       <td>&nbsp;&nbsp;&nbsp;
-       <a href="saml2.html#module-saml2.constants"><tt class="xref">saml2.constants</tt></a></td><td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.idp_metadata_parser"><code class="xref">onelogin.saml2.idp_metadata_parser</code></a></td><td>
        <em></em></td></tr>
      <tr class="cg-1">
        <td></td>
-       <td>&nbsp;&nbsp;&nbsp;
-       <a href="saml2.html#module-saml2.errors"><tt class="xref">saml2.errors</tt></a></td><td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.logout_request"><code class="xref">onelogin.saml2.logout_request</code></a></td><td>
        <em></em></td></tr>
      <tr class="cg-1">
        <td></td>
-       <td>&nbsp;&nbsp;&nbsp;
-       <a href="saml2.html#module-saml2.logout_request"><tt class="xref">saml2.logout_request</tt></a></td><td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.logout_response"><code class="xref">onelogin.saml2.logout_response</code></a></td><td>
        <em></em></td></tr>
      <tr class="cg-1">
        <td></td>
-       <td>&nbsp;&nbsp;&nbsp;
-       <a href="saml2.html#module-saml2.logout_response"><tt class="xref">saml2.logout_response</tt></a></td><td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.metadata"><code class="xref">onelogin.saml2.metadata</code></a></td><td>
        <em></em></td></tr>
      <tr class="cg-1">
        <td></td>
-       <td>&nbsp;&nbsp;&nbsp;
-       <a href="saml2.html#module-saml2.metadata"><tt class="xref">saml2.metadata</tt></a></td><td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.response"><code class="xref">onelogin.saml2.response</code></a></td><td>
        <em></em></td></tr>
      <tr class="cg-1">
        <td></td>
-       <td>&nbsp;&nbsp;&nbsp;
-       <a href="saml2.html#module-saml2.response"><tt class="xref">saml2.response</tt></a></td><td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.settings"><code class="xref">onelogin.saml2.settings</code></a></td><td>
        <em></em></td></tr>
      <tr class="cg-1">
        <td></td>
-       <td>&nbsp;&nbsp;&nbsp;
-       <a href="saml2.html#module-saml2.settings"><tt class="xref">saml2.settings</tt></a></td><td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.utils"><code class="xref">onelogin.saml2.utils</code></a></td><td>
        <em></em></td></tr>
      <tr class="cg-1">
        <td></td>
-       <td>&nbsp;&nbsp;&nbsp;
-       <a href="saml2.html#module-saml2.utils"><tt class="xref">saml2.utils</tt></a></td><td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.xml_templates"><code class="xref">onelogin.saml2.xml_templates</code></a></td><td>
+       <em></em></td></tr>
+     <tr class="cg-1">
+       <td></td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.xml_utils"><code class="xref">onelogin.saml2.xml_utils</code></a></td><td>
+       <em></em></td></tr>
+     <tr class="cg-1">
+       <td></td>
+       <td>&#160;&#160;&#160;
+       <a href="onelogin.saml2.html#module-onelogin.saml2.xmlparser"><code class="xref">onelogin.saml2.xmlparser</code></a></td><td>
        <em></em></td></tr>
    </table>
 
 
+           </div>
           </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
         </div>
       </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="#" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
 </html>
\ No newline at end of file
diff --git a/docs/saml2/saml2.html b/docs/saml2/saml2.html
deleted file mode 100644
index 6dd1e00a..00000000
--- a/docs/saml2/saml2.html
+++ /dev/null
@@ -1,2044 +0,0 @@
-
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>OneLogin saml2 Module &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="_static/jquery.js"></script>
-    <script type="text/javascript" src="_static/underscore.js"></script>
-    <script type="text/javascript" src="_static/doctools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="index.html" />
-    <link rel="prev" title="Welcome to OneLogin SAML Python library documentation" href="index.html" /> 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li class="right" >
-          <a href="index.html" title="Welcome to OneLogin SAML Python library documentation"
-             accesskey="P">previous</a> |</li>
-        <li><a href="index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li> 
-      </ul>
-    </div>  
-
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-  <div class="section" id="onelogin-saml2-package">
-<h1>OneLogin saml2 Module<a class="headerlink" href="#onelogin-saml2-package" title="Permalink to this headline">¶</a></h1>
-<div class="section" id="module-saml2.auth">
-<span id="auth-module"></span><h2><tt class="xref py py-mod docutils literal"><span class="pre">auth</span></tt> Class<a class="headerlink" href="#module-saml2.auth" title="Permalink to this headline">¶</a></h2>
-<dl class="class">
-<dt id="saml2.auth.OneLogin_Saml2_Auth">
-<em class="property">class </em><tt class="descclassname">onelogin.saml2.auth.</tt><tt class="descname">OneLogin_Saml2_Auth</tt><big>(</big><em>request_data</em>, <em>old_settings=None</em><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth" title="Permalink to this definition">¶</a></dt>
-<dd><p>Bases: <tt class="xref py py-class docutils literal"><span class="pre">object</span></tt></p>
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.build_request_signature">
-<tt class="descname">build_request_signature</tt><big>(</big><em>saml_request</em>, <em>relay_state</em><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.build_request_signature"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.build_request_signature" title="Permalink to this definition">¶</a></dt>
-<dd><p>Builds the Signature of the SAML Request.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first last simple">
-<li><strong>saml_request</strong> (<em>string</em>) &#8211; The SAML Request</li>
-<li><strong>relay_state</strong> (<em>string</em>) &#8211; The target URL the user should be redirected to</li>
-</ul>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.build_response_signature">
-<tt class="descname">build_response_signature</tt><big>(</big><em>saml_response</em>, <em>relay_state</em><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.build_response_signature"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.build_response_signature" title="Permalink to this definition">¶</a></dt>
-<dd><p>Builds the Signature of the SAML Response.
-:param saml_request: The SAML Response
-:type saml_request: string</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>relay_state</strong> (<em>string</em>) &#8211; The target URL the user should be redirected to</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.get_attribute">
-<tt class="descname">get_attribute</tt><big>(</big><em>name</em><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.get_attribute"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.get_attribute" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns the requested SAML attribute.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>name</strong> (<em>string</em>) &#8211; Name of the attribute</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body">Attribute value if exists or None</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.get_attributes">
-<tt class="descname">get_attributes</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.get_attributes"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.get_attributes" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns the set of SAML attributes.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">SAML attributes</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">dict</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.get_errors">
-<tt class="descname">get_errors</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.get_errors"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.get_errors" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns a list with code errors if something went wrong</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">List of errors</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">list</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.get_last_error_reason">
-<tt class="descname">get_last_error_reason</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.get_last_error_reason"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.get_last_error_reason" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns the reason for the last error</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Error</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.get_nameid">
-<tt class="descname">get_nameid</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.get_nameid"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.get_nameid" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns the nameID.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">NameID</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.get_settings">
-<tt class="descname">get_settings</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.get_settings"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.get_settings" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns the settings info
-:return: Setting info
-:rtype: OneLogin_Saml2_Setting object</p>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.get_slo_url">
-<tt class="descname">get_slo_url</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.get_slo_url"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.get_slo_url" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the SLO url.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">An URL, the SLO endpoint of the IdP</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.get_sso_url">
-<tt class="descname">get_sso_url</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.get_sso_url"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.get_sso_url" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the SSO url.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">An URL, the SSO endpoint of the IdP</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.is_authenticated">
-<tt class="descname">is_authenticated</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.is_authenticated"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.is_authenticated" title="Permalink to this definition">¶</a></dt>
-<dd><p>Checks if the user is authenticated or not.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">True if is authenticated, False if not</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">bool</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.login">
-<tt class="descname">login</tt><big>(</big><em>return_to=None</em>, <em>force_authn=False</em>, <em>is_passive=False</em><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.login"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.login" title="Permalink to this definition">¶</a></dt>
-<dd><p>Initiates the SSO process.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>return_to</strong> (<em>string</em>) &#8211; Optional argument. The target URL the user should be redirected to after login.</li>
-<li><strong>force_authn</strong> (<em>bool</em>) &#8211; Optional argument. When true the AuthNReuqest will set the ForceAuthn='true'.</li>
-<li><strong>is_passive</strong> (<em>bool</em>) &#8211; Optional argument. When true the AuthNReuqest will set the Ispassive='true'.</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body">Redirection url</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.logout">
-<tt class="descname">logout</tt><big>(</big><em>return_to=None</em>, <em>name_id=None</em>, <em>session_index=None</em><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.logout"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.logout" title="Permalink to this definition">¶</a></dt>
-<dd><p>Initiates the SLO process.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th>
-  <td class="field-body"><ul class="first simple">
-<li><strong>return_to</strong> (<em>string</em>) &#8211; Optional argument. The target URL the user should be redirected to after logout.</li>
-<li><strong>name_id</strong> (<em>string</em>) &#8211; Optional argument. The NameID that will be set in the LogoutRequest.</li>
-<li><strong>session_index</strong> (<em>string</em>) &#8211; Optional argument. SessionIndex that identifies the session of the user.</li>
-</ul></td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body">Redirection url</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.process_response">
-<tt class="descname">process_response</tt><big>(</big><em>request_id=None</em><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.process_response"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.process_response" title="Permalink to this definition">¶</a></dt>
-<dd><p>Process the SAML Response sent by the IdP.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>request_id</strong> (<em>string</em>) &#8211; Is an optional argumen. Is the ID of the AuthNRequest sent by this SP to the IdP.</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Raises :</th><td class="field-body">OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND, when a POST with a SAMLResponse is not found</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.process_slo">
-<tt class="descname">process_slo</tt><big>(</big><em>keep_local_session=False</em>, <em>request_id=None</em>, <em>delete_session_cb=None</em><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.process_slo"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.process_slo" title="Permalink to this definition">¶</a></dt>
-<dd><p>Process the SAML Logout Response / Logout Request sent by the IdP.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>keep_local_session</strong> (<em>bool</em>) &#8211; When false will destroy the local session, otherwise will destroy it</li>
-<li><strong>request_id</strong> (<em>string</em>) &#8211; The ID of the LogoutRequest sent by this SP to the IdP</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first last">Redirection url</p>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.redirect_to">
-<tt class="descname">redirect_to</tt><big>(</big><em>url=None</em>, <em>parameters={}</em><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.redirect_to"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.redirect_to" title="Permalink to this definition">¶</a></dt>
-<dd><p>Redirects the user to the url past by parameter or to the url that we defined in our SSO Request.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>url</strong> (<em>string</em>) &#8211; The target URL to redirect the user</li>
-<li><strong>parameters</strong> (<em>dict</em>) &#8211; Extra parameters to be passed as part of the url</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first last">Redirection url</p>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.auth.OneLogin_Saml2_Auth.set_strict">
-<tt class="descname">set_strict</tt><big>(</big><em>value</em><big>)</big><a class="reference internal" href="_modules/saml2/auth.html#OneLogin_Saml2_Auth.set_strict"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.auth.OneLogin_Saml2_Auth.set_strict" title="Permalink to this definition">¶</a></dt>
-<dd><p>Set the strict mode active/disable</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>value</strong> (<em>bool</em>) &#8211; </td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-</dd></dl>
-
-</div>
-<div class="section" id="module-saml2.authn_request">
-<span id="authn-request-module"></span><h2><tt class="xref py py-mod docutils literal"><span class="pre">authn_request</span></tt> Class<a class="headerlink" href="#module-saml2.authn_request" title="Permalink to this headline">¶</a></h2>
-<dl class="class">
-<dt id="saml2.authn_request.OneLogin_Saml2_Authn_Request">
-<em class="property">class </em><tt class="descclassname">onelogin.saml2.authn_request.</tt><tt class="descname">OneLogin_Saml2_Authn_Request</tt><big>(</big><em>settings</em>, <em>force_authn=False</em>, <em>is_passive=False</em><big>)</big><a class="reference internal" href="_modules/saml2/authn_request.html#OneLogin_Saml2_Authn_Request"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.authn_request.OneLogin_Saml2_Authn_Request" title="Permalink to this definition">¶</a></dt>
-<dd><dl class="method">
-<dt id="saml2.authn_request.OneLogin_Saml2_Authn_Request.get_request">
-<tt class="descname">get_request</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/authn_request.html#OneLogin_Saml2_Authn_Request.get_request"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.authn_request.OneLogin_Saml2_Authn_Request.get_request" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns unsigned AuthnRequest.
-:return: Unsigned AuthnRequest
-:rtype: str object</p>
-</dd></dl>
-
-</dd></dl>
-
-</div>
-<div class="section" id="module-saml2.constants">
-<span id="constants-module"></span><h2><tt class="xref py py-mod docutils literal"><span class="pre">constants</span></tt> Class<a class="headerlink" href="#module-saml2.constants" title="Permalink to this headline">¶</a></h2>
-<dl class="class">
-<dt id="saml2.constants.OneLogin_Saml2_Constants">
-<em class="property">class </em><tt class="descclassname">onelogin.saml2.constants.</tt><tt class="descname">OneLogin_Saml2_Constants</tt><a class="reference internal" href="_modules/saml2/constants.html#OneLogin_Saml2_Constants"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants" title="Permalink to this definition">¶</a></dt>
-<dd><dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.AC_KERBEROS">
-<tt class="descname">AC_KERBEROS</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.AC_KERBEROS" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.AC_PASSWORD">
-<tt class="descname">AC_PASSWORD</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Password'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.AC_PASSWORD" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.AC_SMARTCARD">
-<tt class="descname">AC_SMARTCARD</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.AC_SMARTCARD" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.AC_UNSPECIFIED">
-<tt class="descname">AC_UNSPECIFIED</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.AC_UNSPECIFIED" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.AC_X509">
-<tt class="descname">AC_X509</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:ac:classes:X509'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.AC_X509" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.ALOWED_CLOCK_DRIFT">
-<tt class="descname">ALOWED_CLOCK_DRIFT</tt><em class="property"> = 180</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.ALOWED_CLOCK_DRIFT" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_BASIC">
-<tt class="descname">ATTRNAME_FORMAT_BASIC</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_BASIC" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_UNSPECIFIED">
-<tt class="descname">ATTRNAME_FORMAT_UNSPECIFIED</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_UNSPECIFIED" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_URI">
-<tt class="descname">ATTRNAME_FORMAT_URI</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_URI" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.BINDING_DEFLATE">
-<tt class="descname">BINDING_DEFLATE</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:bindings:URL-Encoding:DEFLATE'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.BINDING_DEFLATE" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_ARTIFACT">
-<tt class="descname">BINDING_HTTP_ARTIFACT</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_ARTIFACT" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_POST">
-<tt class="descname">BINDING_HTTP_POST</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_POST" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT">
-<tt class="descname">BINDING_HTTP_REDIRECT</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.BINDING_SOAP">
-<tt class="descname">BINDING_SOAP</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.BINDING_SOAP" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.CM_BEARER">
-<tt class="descname">CM_BEARER</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:cm:bearer'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.CM_BEARER" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.CM_HOLDER_KEY">
-<tt class="descname">CM_HOLDER_KEY</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:cm:holder-of-key'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.CM_HOLDER_KEY" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.CM_SENDER_VOUCHES">
-<tt class="descname">CM_SENDER_VOUCHES</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:cm:sender-vouches'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.CM_SENDER_VOUCHES" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NAMEID_EMAIL_ADDRESS">
-<tt class="descname">NAMEID_EMAIL_ADDRESS</tt><em class="property"> = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NAMEID_EMAIL_ADDRESS" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENCRYPTED">
-<tt class="descname">NAMEID_ENCRYPTED</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENCRYPTED" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENTITY">
-<tt class="descname">NAMEID_ENTITY</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:nameid-format:entity'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENTITY" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NAMEID_KERBEROS">
-<tt class="descname">NAMEID_KERBEROS</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NAMEID_KERBEROS" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NAMEID_PERSISTENT">
-<tt class="descname">NAMEID_PERSISTENT</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NAMEID_PERSISTENT" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NAMEID_TRANSIENT">
-<tt class="descname">NAMEID_TRANSIENT</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NAMEID_TRANSIENT" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME">
-<tt class="descname">NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME</tt><em class="property"> = 'urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NAMEID_X509_SUBJECT_NAME">
-<tt class="descname">NAMEID_X509_SUBJECT_NAME</tt><em class="property"> = 'urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NAMEID_X509_SUBJECT_NAME" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NSMAP">
-<tt class="descname">NSMAP</tt><em class="property"> = {'xenc': 'http://www.w3.org/2001/04/xmlenc#', 'samlp': 'urn:oasis:names:tc:SAML:2.0:protocol', 'ds': 'http://www.w3.org/2000/09/xmldsig#', 'saml': 'urn:oasis:names:tc:SAML:2.0:assertion'}</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NSMAP" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NS_DS">
-<tt class="descname">NS_DS</tt><em class="property"> = 'http://www.w3.org/2000/09/xmldsig#'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NS_DS" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NS_MD">
-<tt class="descname">NS_MD</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:metadata'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NS_MD" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NS_SAML">
-<tt class="descname">NS_SAML</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:assertion'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NS_SAML" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NS_SAMLP">
-<tt class="descname">NS_SAMLP</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:protocol'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NS_SAMLP" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NS_SOAP">
-<tt class="descname">NS_SOAP</tt><em class="property"> = 'http://schemas.xmlsoap.org/soap/envelope/'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NS_SOAP" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NS_XENC">
-<tt class="descname">NS_XENC</tt><em class="property"> = 'http://www.w3.org/2001/04/xmlenc#'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NS_XENC" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NS_XS">
-<tt class="descname">NS_XS</tt><em class="property"> = 'http://www.w3.org/2001/XMLSchema'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NS_XS" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.NS_XSI">
-<tt class="descname">NS_XSI</tt><em class="property"> = 'http://www.w3.org/2001/XMLSchema-instance'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.NS_XSI" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.RSA_SHA1">
-<tt class="descname">RSA_SHA1</tt><em class="property"> = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.RSA_SHA1" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.STATUS_NO_PASSIVE">
-<tt class="descname">STATUS_NO_PASSIVE</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:status:NoPassive'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.STATUS_NO_PASSIVE" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.STATUS_PARTIAL_LOGOUT">
-<tt class="descname">STATUS_PARTIAL_LOGOUT</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:status:PartialLogout'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.STATUS_PARTIAL_LOGOUT" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.STATUS_PROXY_COUNT_EXCEEDED">
-<tt class="descname">STATUS_PROXY_COUNT_EXCEEDED</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.STATUS_PROXY_COUNT_EXCEEDED" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.STATUS_REQUESTER">
-<tt class="descname">STATUS_REQUESTER</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:status:Requester'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.STATUS_REQUESTER" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.STATUS_RESPONDER">
-<tt class="descname">STATUS_RESPONDER</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:status:Responder'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.STATUS_RESPONDER" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.STATUS_SUCCESS">
-<tt class="descname">STATUS_SUCCESS</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:status:Success'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.STATUS_SUCCESS" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.constants.OneLogin_Saml2_Constants.STATUS_VERSION_MISMATCH">
-<tt class="descname">STATUS_VERSION_MISMATCH</tt><em class="property"> = 'urn:oasis:names:tc:SAML:2.0:status:VersionMismatch'</em><a class="headerlink" href="#saml2.constants.OneLogin_Saml2_Constants.STATUS_VERSION_MISMATCH" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-</dd></dl>
-
-</div>
-<div class="section" id="module-saml2.errors">
-<span id="errors-module"></span><h2><tt class="xref py py-mod docutils literal"><span class="pre">errors</span></tt> Class<a class="headerlink" href="#module-saml2.errors" title="Permalink to this headline">¶</a></h2>
-<dl class="exception">
-<dt id="saml2.errors.OneLogin_Saml2_Error">
-<em class="property">exception </em><tt class="descclassname">onelogin.saml2.errors.</tt><tt class="descname">OneLogin_Saml2_Error</tt><big>(</big><em>message</em>, <em>code=0</em>, <em>errors=None</em><big>)</big><a class="reference internal" href="_modules/saml2/errors.html#OneLogin_Saml2_Error"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error" title="Permalink to this definition">¶</a></dt>
-<dd><p>Bases: <tt class="xref py py-class docutils literal"><span class="pre">exceptions.Exception</span></tt></p>
-<dl class="attribute">
-<dt id="saml2.errors.OneLogin_Saml2_Error.METADATA_SP_INVALID">
-<tt class="descname">METADATA_SP_INVALID</tt><em class="property"> = 3</em><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error.METADATA_SP_INVALID" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.errors.OneLogin_Saml2_Error.PRIVATE_KEY_FILE_NOT_FOUND">
-<tt class="descname">PRIVATE_KEY_FILE_NOT_FOUND</tt><em class="property"> = 7</em><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error.PRIVATE_KEY_FILE_NOT_FOUND" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.errors.OneLogin_Saml2_Error.PUBLIC_CERT_FILE_NOT_FOUND">
-<tt class="descname">PUBLIC_CERT_FILE_NOT_FOUND</tt><em class="property"> = 6</em><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error.PUBLIC_CERT_FILE_NOT_FOUND" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.errors.OneLogin_Saml2_Error.REDIRECT_INVALID_URL">
-<tt class="descname">REDIRECT_INVALID_URL</tt><em class="property"> = 5</em><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error.REDIRECT_INVALID_URL" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTMESSAGE_NOT_FOUND">
-<tt class="descname">SAML_LOGOUTMESSAGE_NOT_FOUND</tt><em class="property"> = 9</em><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTMESSAGE_NOT_FOUND" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTREQUEST_INVALID">
-<tt class="descname">SAML_LOGOUTREQUEST_INVALID</tt><em class="property"> = 10</em><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTREQUEST_INVALID" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTRESPONSE_INVALID">
-<tt class="descname">SAML_LOGOUTRESPONSE_INVALID</tt><em class="property"> = 11</em><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTRESPONSE_INVALID" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.errors.OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND">
-<tt class="descname">SAML_RESPONSE_NOT_FOUND</tt><em class="property"> = 8</em><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.errors.OneLogin_Saml2_Error.SAML_SINGLE_LOGOUT_NOT_SUPPORTED">
-<tt class="descname">SAML_SINGLE_LOGOUT_NOT_SUPPORTED</tt><em class="property"> = 12</em><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error.SAML_SINGLE_LOGOUT_NOT_SUPPORTED" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.errors.OneLogin_Saml2_Error.SETTINGS_FILE_NOT_FOUND">
-<tt class="descname">SETTINGS_FILE_NOT_FOUND</tt><em class="property"> = 0</em><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error.SETTINGS_FILE_NOT_FOUND" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID">
-<tt class="descname">SETTINGS_INVALID</tt><em class="property"> = 2</em><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID_SYNTAX">
-<tt class="descname">SETTINGS_INVALID_SYNTAX</tt><em class="property"> = 1</em><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID_SYNTAX" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.errors.OneLogin_Saml2_Error.SP_CERTS_NOT_FOUND">
-<tt class="descname">SP_CERTS_NOT_FOUND</tt><em class="property"> = 4</em><a class="headerlink" href="#saml2.errors.OneLogin_Saml2_Error.SP_CERTS_NOT_FOUND" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-</dd></dl>
-
-</div>
-<div class="section" id="module-saml2.logout_request">
-<span id="logout-request-module"></span><h2><tt class="xref py py-mod docutils literal"><span class="pre">logout_request</span></tt> Class<a class="headerlink" href="#module-saml2.logout_request" title="Permalink to this headline">¶</a></h2>
-<dl class="class">
-<dt id="saml2.logout_request.OneLogin_Saml2_Logout_Request">
-<em class="property">class </em><tt class="descclassname">onelogin.saml2.logout_request.</tt><tt class="descname">OneLogin_Saml2_Logout_Request</tt><big>(</big><em>settings</em>, <em>request=None</em>, <em>name_id=None</em>, <em>session_index=None</em><big>)</big><a class="reference internal" href="_modules/saml2/logout_request.html#OneLogin_Saml2_Logout_Request"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_request.OneLogin_Saml2_Logout_Request" title="Permalink to this definition">¶</a></dt>
-<dd><dl class="staticmethod">
-<dt id="saml2.logout_request.OneLogin_Saml2_Logout_Request.get_id">
-<em class="property">static </em><tt class="descname">get_id</tt><big>(</big><em>request</em><big>)</big><a class="reference internal" href="_modules/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_id"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_id" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns the ID of the Logout Request
-:param request: Logout Request Message
-:type request: string|DOMDocument
-:return: string ID
-:rtype: str object</p>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.logout_request.OneLogin_Saml2_Logout_Request.get_issuer">
-<em class="property">static </em><tt class="descname">get_issuer</tt><big>(</big><em>request</em><big>)</big><a class="reference internal" href="_modules/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_issuer"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_issuer" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the Issuer of the Logout Request Message
-:param request: Logout Request Message
-:type request: string|DOMDocument
-:return: The Issuer
-:rtype: string</p>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.logout_request.OneLogin_Saml2_Logout_Request.get_name_id">
-<em class="property">static </em><tt class="descname">get_name_id</tt><big>(</big><em>request</em>, <em>key=None</em><big>)</big><a class="reference internal" href="_modules/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_name_id"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_name_id" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the NameID of the Logout Request Message
-:param request: Logout Request Message
-:type request: string|DOMDocument
-:param key: The SP key
-:type key: string
-:return: Name ID Value
-:rtype: string</p>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.logout_request.OneLogin_Saml2_Logout_Request.get_name_id_data">
-<em class="property">static </em><tt class="descname">get_name_id_data</tt><big>(</big><em>request</em>, <em>key=None</em><big>)</big><a class="reference internal" href="_modules/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_name_id_data"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_name_id_data" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the NameID Data of the the Logout Request
-:param request: Logout Request Message
-:type request: string|DOMDocument
-:param key: The SP key
-:type key: string
-:return: Name ID Data (Value, Format, NameQualifier, SPNameQualifier)
-:rtype: dict</p>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.logout_request.OneLogin_Saml2_Logout_Request.get_request">
-<tt class="descname">get_request</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_request"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_request" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns the Logout Request defated, base64encoded
-:return: Deflated base64 encoded Logout Request
-:rtype: str object</p>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.logout_request.OneLogin_Saml2_Logout_Request.get_session_indexes">
-<em class="property">static </em><tt class="descname">get_session_indexes</tt><big>(</big><em>request</em><big>)</big><a class="reference internal" href="_modules/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_session_indexes"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_session_indexes" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the SessionIndexes from the Logout Request
-:param request: Logout Request Message
-:type request: string|DOMDocument
-:return: The SessionIndex value
-:rtype: list</p>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.logout_request.OneLogin_Saml2_Logout_Request.is_valid">
-<em class="property">static </em><tt class="descname">is_valid</tt><big>(</big><em>settings</em>, <em>request</em>, <em>get_data</em>, <em>debug=False</em><big>)</big><a class="reference internal" href="_modules/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.is_valid"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_request.OneLogin_Saml2_Logout_Request.is_valid" title="Permalink to this definition">¶</a></dt>
-<dd><p>Checks if the Logout Request recieved is valid
-:param settings: Settings
-:type settings: OneLogin_Saml2_Settings
-:param request: Logout Request Message
-:type request: string|DOMDocument
-:return: If the Logout Request is or not valid
-:rtype: boolean</p>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.logout_request.OneLogin_Saml2_Logout_Request.get_error">
-<tt class="descname">get_error</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/logout_request.html#OneLogin_Saml2_Logout_Request.get_request"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_request.OneLogin_Saml2_Logout_Request.get_error" title="Permalink to this definition">¶</a></dt>
-<dd><p>After execute a validation process, if fails this method returns the cause
-:rtype: str object</p>
-</dd></dl>
-
-</dd></dl>
-
-</div>
-<div class="section" id="module-saml2.logout_response">
-<span id="logout-response-module"></span><h2><tt class="xref py py-mod docutils literal"><span class="pre">logout_response</span></tt> Class<a class="headerlink" href="#module-saml2.logout_response" title="Permalink to this headline">¶</a></h2>
-<dl class="class">
-<dt id="saml2.logout_response.OneLogin_Saml2_Logout_Response">
-<em class="property">class </em><tt class="descclassname">onelogin.saml2.logout_response.</tt><tt class="descname">OneLogin_Saml2_Logout_Response</tt><big>(</big><em>settings</em>, <em>response=None</em><big>)</big><a class="reference internal" href="_modules/saml2/logout_response.html#OneLogin_Saml2_Logout_Response"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_response.OneLogin_Saml2_Logout_Response" title="Permalink to this definition">¶</a></dt>
-<dd><dl class="method">
-<dt id="saml2.logout_response.OneLogin_Saml2_Logout_Response.build">
-<tt class="descname">build</tt><big>(</big><em>in_response_to</em><big>)</big><a class="reference internal" href="_modules/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.build"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_response.OneLogin_Saml2_Logout_Response.build" title="Permalink to this definition">¶</a></dt>
-<dd><p>Creates a Logout Response object.
-:param in_response_to: InResponseTo value for the Logout Response.
-:type in_response_to: string</p>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.logout_response.OneLogin_Saml2_Logout_Response.get_issuer">
-<tt class="descname">get_issuer</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.get_issuer"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_response.OneLogin_Saml2_Logout_Response.get_issuer" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the Issuer of the Logout Response Message
-:return: The Issuer
-:rtype: string</p>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.logout_response.OneLogin_Saml2_Logout_Response.get_response">
-<tt class="descname">get_response</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.get_response"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_response.OneLogin_Saml2_Logout_Response.get_response" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns a Logout Response object.
-:return: Logout Response deflated and base64 encoded
-:rtype: string</p>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.logout_response.OneLogin_Saml2_Logout_Response.get_status">
-<tt class="descname">get_status</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.get_status"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_response.OneLogin_Saml2_Logout_Response.get_status" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the Status
-:return: The Status
-:rtype: string</p>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.logout_response.OneLogin_Saml2_Logout_Response.is_valid">
-<tt class="descname">is_valid</tt><big>(</big><em>request_data</em>, <em>request_id=None</em><big>)</big><a class="reference internal" href="_modules/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.is_valid"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_response.OneLogin_Saml2_Logout_Response.is_valid" title="Permalink to this definition">¶</a></dt>
-<dd><p>Determines if the SAML LogoutResponse is valid
-:param request_id: The ID of the LogoutRequest sent by this SP to the IdP
-:type request_id: string
-:return: Returns if the SAML LogoutResponse is or not valid
-:rtype: boolean</p>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.logout_response.OneLogin_Saml2_Logout_Response.get_error">
-<tt class="descname">get_error</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/logout_response.html#OneLogin_Saml2_Logout_Response.get_request"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.logout_response.OneLogin_Saml2_Logout_Response.get_error" title="Permalink to this definition">¶</a></dt>
-<dd><p>After execute a validation process, if fails this method returns the cause
-:rtype: str object</p>
-</dd></dl>
-
-</dd></dl>
-
-</div>
-<div class="section" id="module-saml2.metadata">
-<span id="metadata-module"></span><h2><tt class="xref py py-mod docutils literal"><span class="pre">metadata</span></tt> Class<a class="headerlink" href="#module-saml2.metadata" title="Permalink to this headline">¶</a></h2>
-<dl class="class">
-<dt id="saml2.metadata.OneLogin_Saml2_Metadata">
-<em class="property">class </em><tt class="descclassname">onelogin.saml2.metadata.</tt><tt class="descname">OneLogin_Saml2_Metadata</tt><a class="reference internal" href="_modules/saml2/metadata.html#OneLogin_Saml2_Metadata"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.metadata.OneLogin_Saml2_Metadata" title="Permalink to this definition">¶</a></dt>
-<dd><dl class="attribute">
-<dt id="saml2.metadata.OneLogin_Saml2_Metadata.TIME_CACHED">
-<tt class="descname">TIME_CACHED</tt><em class="property"> = 604800</em><a class="headerlink" href="#saml2.metadata.OneLogin_Saml2_Metadata.TIME_CACHED" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="attribute">
-<dt id="saml2.metadata.OneLogin_Saml2_Metadata.TIME_VALID">
-<tt class="descname">TIME_VALID</tt><em class="property"> = 172800</em><a class="headerlink" href="#saml2.metadata.OneLogin_Saml2_Metadata.TIME_VALID" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.metadata.OneLogin_Saml2_Metadata.add_x509_key_descriptors">
-<em class="property">static </em><tt class="descname">add_x509_key_descriptors</tt><big>(</big><em>metadata</em>, <em>cert</em><big>)</big><a class="reference internal" href="_modules/saml2/metadata.html#OneLogin_Saml2_Metadata.add_x509_key_descriptors"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.metadata.OneLogin_Saml2_Metadata.add_x509_key_descriptors" title="Permalink to this definition">¶</a></dt>
-<dd><p>Add the x509 descriptors (sign/encriptation to the metadata
-The same cert will be used for sign/encrypt</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>metadata</strong> (<em>string</em>) &#8211; SAML Metadata XML</li>
-<li><strong>cert</strong> (<em>string</em>) &#8211; x509 cert</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first">Metadata with KeyDescriptors</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body"><p class="first last">string</p>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.metadata.OneLogin_Saml2_Metadata.builder">
-<em class="property">static </em><tt class="descname">builder</tt><big>(</big><em>sp</em>, <em>authnsign=False</em>, <em>wsign=False</em>, <em>valid_until=None</em>, <em>cache_duration=None</em>, <em>contacts=None</em>, <em>organization=None</em><big>)</big><a class="reference internal" href="_modules/saml2/metadata.html#OneLogin_Saml2_Metadata.builder"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.metadata.OneLogin_Saml2_Metadata.builder" title="Permalink to this definition">¶</a></dt>
-<dd><p>Build the metadata of the SP</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first last simple">
-<li><strong>sp</strong> (<em>string</em>) &#8211; The SP data</li>
-<li><strong>authnsign</strong> (<em>string</em>) &#8211; authnRequestsSigned attribute</li>
-<li><strong>wsign</strong> (<em>string</em>) &#8211; wantAssertionsSigned attribute</li>
-<li><strong>valid_until</strong> (<em>DateTime</em>) &#8211; Metadata&#8217;s valid time</li>
-<li><strong>cache_duration</strong> (<em>Timestamp</em>) &#8211; Duration of the cache in seconds</li>
-<li><strong>contacts</strong> (<em>dict</em>) &#8211; Contacts info</li>
-<li><strong>organization</strong> (<em>dict</em>) &#8211; Organization ingo</li>
-</ul>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.metadata.OneLogin_Saml2_Metadata.sign_metadata">
-<em class="property">static </em><tt class="descname">sign_metadata</tt><big>(</big><em>metadata</em>, <em>key</em>, <em>cert</em><big>)</big><a class="reference internal" href="_modules/saml2/metadata.html#OneLogin_Saml2_Metadata.sign_metadata"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.metadata.OneLogin_Saml2_Metadata.sign_metadata" title="Permalink to this definition">¶</a></dt>
-<dd><p>Sign the metadata with the key/cert provided</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>metadata</strong> (<em>string</em>) &#8211; SAML Metadata XML</li>
-<li><strong>key</strong> (<em>string</em>) &#8211; x509 key</li>
-<li><strong>cert</strong> (<em>string</em>) &#8211; x509 cert</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first">Signed Metadata</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body"><p class="first last">string</p>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-</dd></dl>
-
-</div>
-<div class="section" id="module-saml2.response">
-<span id="response-module"></span><h2><tt class="xref py py-mod docutils literal"><span class="pre">response</span></tt> Class<a class="headerlink" href="#module-saml2.response" title="Permalink to this headline">¶</a></h2>
-<dl class="class">
-<dt id="saml2.response.OneLogin_Saml2_Response">
-<em class="property">class </em><tt class="descclassname">onelogin.saml2.response.</tt><tt class="descname">OneLogin_Saml2_Response</tt><big>(</big><em>settings</em>, <em>response</em><big>)</big><a class="reference internal" href="_modules/saml2/response.html#OneLogin_Saml2_Response"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.response.OneLogin_Saml2_Response" title="Permalink to this definition">¶</a></dt>
-<dd><p>Bases: <tt class="xref py py-class docutils literal"><span class="pre">object</span></tt></p>
-<dl class="method">
-<dt id="saml2.response.OneLogin_Saml2_Response.check_status">
-<tt class="descname">check_status</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/response.html#OneLogin_Saml2_Response.check_status"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.response.OneLogin_Saml2_Response.check_status" title="Permalink to this definition">¶</a></dt>
-<dd><p>Check if the status of the response is success or not</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Raises :</th><td class="field-body">Exception. If the status is not success</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.response.OneLogin_Saml2_Response.get_attributes">
-<tt class="descname">get_attributes</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/response.html#OneLogin_Saml2_Response.get_attributes"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.response.OneLogin_Saml2_Response.get_attributes" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the Attributes from the AttributeStatement element.
-EncryptedAttributes are not supported</p>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.response.OneLogin_Saml2_Response.get_audiences">
-<tt class="descname">get_audiences</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/response.html#OneLogin_Saml2_Response.get_audiences"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.response.OneLogin_Saml2_Response.get_audiences" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the audiences</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The valid audiences for the SAML Response</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">list</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.response.OneLogin_Saml2_Response.get_issuers">
-<tt class="descname">get_issuers</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/response.html#OneLogin_Saml2_Response.get_issuers"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.response.OneLogin_Saml2_Response.get_issuers" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the issuers (from message and from assertion)</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The issuers</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">list</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.response.OneLogin_Saml2_Response.get_nameid">
-<tt class="descname">get_nameid</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/response.html#OneLogin_Saml2_Response.get_nameid"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.response.OneLogin_Saml2_Response.get_nameid" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the NameID provided by the SAML Response from the IdP</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">NameID (value)</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.response.OneLogin_Saml2_Response.get_nameid_data">
-<tt class="descname">get_nameid_data</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/response.html#OneLogin_Saml2_Response.get_nameid_data"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.response.OneLogin_Saml2_Response.get_nameid_data" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the NameID Data provided by the SAML Response from the IdP</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Name ID Data (Value, Format, NameQualifier, SPNameQualifier)</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">dict</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.response.OneLogin_Saml2_Response.get_session_index">
-<tt class="descname">get_session_index</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/response.html#OneLogin_Saml2_Response.get_session_index"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.response.OneLogin_Saml2_Response.get_session_index" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the SessionIndex from the AuthnStatement
-Could be used to be stored in the local session in order
-to be used in a future Logout Request that the SP could
-send to the SP, to set what specific session must be deleted</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The SessionIndex value</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string|None</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.response.OneLogin_Saml2_Response.get_session_not_on_or_after">
-<tt class="descname">get_session_not_on_or_after</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/response.html#OneLogin_Saml2_Response.get_session_not_on_or_after"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.response.OneLogin_Saml2_Response.get_session_not_on_or_after" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the SessionNotOnOrAfter from the AuthnStatement
-Could be used to set the local session expiration</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The SessionNotOnOrAfter value</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">time|None</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.response.OneLogin_Saml2_Response.is_valid">
-<tt class="descname">is_valid</tt><big>(</big><em>request_data</em>, <em>request_id=None</em><big>)</big><a class="reference internal" href="_modules/saml2/response.html#OneLogin_Saml2_Response.is_valid"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.response.OneLogin_Saml2_Response.is_valid" title="Permalink to this definition">¶</a></dt>
-<dd><p>Constructs the response object.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>request_id</strong> (<em>string</em>) &#8211; Optional argument. The ID of the AuthNRequest sent by this SP to the IdP</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body">True if the SAML Response is valid, False if not</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body">bool</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.response.OneLogin_Saml2_Response.validate_num_assertions">
-<tt class="descname">validate_num_assertions</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/response.html#OneLogin_Saml2_Response.validate_num_assertions"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.response.OneLogin_Saml2_Response.validate_num_assertions" title="Permalink to this definition">¶</a></dt>
-<dd><p>Verifies that the document only contains a single Assertion (encrypted or not)</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">True if only 1 assertion encrypted or not</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">bool</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.response.OneLogin_Saml2_Response.validate_timestamps">
-<tt class="descname">validate_timestamps</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/response.html#OneLogin_Saml2_Response.validate_timestamps"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.response.OneLogin_Saml2_Response.validate_timestamps" title="Permalink to this definition">¶</a></dt>
-<dd><p>Verifies that the document is valid according to Conditions Element</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">True if the condition is valid, False otherwise</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">bool</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-</dd></dl>
-
-</div>
-<div class="section" id="module-saml2.settings">
-<span id="settings-module"></span><h2><tt class="xref py py-mod docutils literal"><span class="pre">settings</span></tt> Class<a class="headerlink" href="#module-saml2.settings" title="Permalink to this headline">¶</a></h2>
-<dl class="class">
-<dt id="saml2.settings.OneLogin_Saml2_Settings">
-<em class="property">class </em><tt class="descclassname">onelogin.saml2.settings.</tt><tt class="descname">OneLogin_Saml2_Settings</tt><big>(</big><em>settings=None</em>, <em>custom_base_path=None</em><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings" title="Permalink to this definition">¶</a></dt>
-<dd><dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.check_settings">
-<tt class="descname">check_settings</tt><big>(</big><em>settings</em><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.check_settings"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.check_settings" title="Permalink to this definition">¶</a></dt>
-<dd><p>Checks the settings info.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>settings</strong> (<em>dict</em>) &#8211; Dict with settings data</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body">Errors found on the settings data</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body">list</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.check_sp_certs">
-<tt class="descname">check_sp_certs</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.check_sp_certs"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.check_sp_certs" title="Permalink to this definition">¶</a></dt>
-<dd><p>Checks if the x509 certs of the SP exists and are valid.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">If the x509 certs of the SP exists and are valid</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">boolean</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.format_idp_cert">
-<tt class="descname">format_idp_cert</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.format_idp_cert"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.format_idp_cert" title="Permalink to this definition">¶</a></dt>
-<dd><p>Formats the IdP cert.</p>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_base_path">
-<tt class="descname">get_base_path</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_base_path"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_base_path" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns base path</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The base toolkit folder path</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_cert_path">
-<tt class="descname">get_cert_path</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_cert_path"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_cert_path" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns cert path</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The cert folder path</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_contacts">
-<tt class="descname">get_contacts</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_contacts"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_contacts" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets contact data.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Contacts info</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">dict</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_errors">
-<tt class="descname">get_errors</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_errors"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_errors" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns an array with the errors, the array is empty when the settings is ok.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Errors</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">list</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_ext_lib_path">
-<tt class="descname">get_ext_lib_path</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_ext_lib_path"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_ext_lib_path" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns external lib path</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The external library folder path</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_idp_data">
-<tt class="descname">get_idp_data</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_idp_data"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_idp_data" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the IdP data.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">IdP info</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">dict</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_lib_path">
-<tt class="descname">get_lib_path</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_lib_path"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_lib_path" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns lib path</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The library folder path</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_organization">
-<tt class="descname">get_organization</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_organization"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_organization" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets organization data.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Organization info</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">dict</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_schemas_path">
-<tt class="descname">get_schemas_path</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_schemas_path"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_schemas_path" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns schema path</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The schema folder path</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_security_data">
-<tt class="descname">get_security_data</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_security_data"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_security_data" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets security data.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Security info</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">dict</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_sp_cert">
-<tt class="descname">get_sp_cert</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_sp_cert"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_sp_cert" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns the x509 public cert of the SP.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">SP public cert</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_sp_data">
-<tt class="descname">get_sp_data</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_sp_data"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_sp_data" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the SP data.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">SP info</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">dict</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_sp_key">
-<tt class="descname">get_sp_key</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_sp_key"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_sp_key" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns the x509 private key of the SP.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">SP private key</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.get_sp_metadata">
-<tt class="descname">get_sp_metadata</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.get_sp_metadata"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.get_sp_metadata" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets the SP metadata. The XML representation.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">SP metadata (xml)</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.is_debug_active">
-<tt class="descname">is_debug_active</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.is_debug_active"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.is_debug_active" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns if the debug is active.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Debug parameter</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">boolean</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.is_strict">
-<tt class="descname">is_strict</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.is_strict"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.is_strict" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns if the &#8216;strict&#8217; mode is active.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Strict parameter</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">boolean</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.set_strict">
-<tt class="descname">set_strict</tt><big>(</big><em>value</em><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.set_strict"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.set_strict" title="Permalink to this definition">¶</a></dt>
-<dd><p>Activates or deactivates the strict mode.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>xml</strong> (<em>boolean</em>) &#8211; Strict parameter</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="method">
-<dt id="saml2.settings.OneLogin_Saml2_Settings.validate_metadata">
-<tt class="descname">validate_metadata</tt><big>(</big><em>xml</em><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#OneLogin_Saml2_Settings.validate_metadata"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.OneLogin_Saml2_Settings.validate_metadata" title="Permalink to this definition">¶</a></dt>
-<dd><p>Validates an XML SP Metadata.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>xml</strong> (<em>string</em>) &#8211; Metadata&#8217;s XML that will be validate</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body">The list of found errors</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body">list</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-</dd></dl>
-
-<dl class="function">
-<dt id="saml2.settings.validate_url">
-<tt class="descclassname">onelogin.saml2.settings.</tt><tt class="descname">validate_url</tt><big>(</big><em>url</em><big>)</big><a class="reference internal" href="_modules/saml2/settings.html#validate_url"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.settings.validate_url" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-</div>
-<div class="section" id="module-saml2.utils">
-<span id="utils-module"></span><h2><tt class="xref py py-mod docutils literal"><span class="pre">utils</span></tt> Class<a class="headerlink" href="#module-saml2.utils" title="Permalink to this headline">¶</a></h2>
-<dl class="class">
-<dt id="saml2.utils.OneLogin_Saml2_Utils">
-<em class="property">class </em><tt class="descclassname">onelogin.saml2.utils.</tt><tt class="descname">OneLogin_Saml2_Utils</tt><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils" title="Permalink to this definition">¶</a></dt>
-<dd><dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.add_sign">
-<em class="property">static </em><tt class="descname">add_sign</tt><big>(</big><em>xml</em>, <em>key</em>, <em>cert</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.add_sign"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.add_sign" title="Permalink to this definition">¶</a></dt>
-<dd><p>Adds signature key and senders certificate to an element (Message or
-Assertion).</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>xml</strong> &#8211; The element we should sign</li>
-<li><strong>key</strong> &#8211; The private key</li>
-<li><strong>cert</strong> &#8211; The public</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string | Document</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string</p>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first last">string</p>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.calculate_x509_fingerprint">
-<em class="property">static </em><tt class="descname">calculate_x509_fingerprint</tt><big>(</big><em>x509_cert</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.calculate_x509_fingerprint"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.calculate_x509_fingerprint" title="Permalink to this definition">¶</a></dt>
-<dd><p>Calculates the fingerprint of a x509cert.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>x509_cert</strong> &#8211; x509 cert</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body">string</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Formated fingerprint</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.decode_base64_and_inflate">
-<em class="property">static </em><tt class="descname">decode_base64_and_inflate</tt><big>(</big><em>value</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.decode_base64_and_inflate"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.decode_base64_and_inflate" title="Permalink to this definition">¶</a></dt>
-<dd><p>base64 decodes and then inflates according to RFC1951
-:param value: a deflated and encoded string
-:return: the string after decoding and inflating</p>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.decrypt_element">
-<em class="property">static </em><tt class="descname">decrypt_element</tt><big>(</big><em>encrypted_data</em>, <em>enc_ctx</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.decrypt_element"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.decrypt_element" title="Permalink to this definition">¶</a></dt>
-<dd><p>Decrypts an encrypted element.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>encrypted_data</strong> &#8211; The encrypted data.</li>
-<li><strong>enc_ctx</strong> &#8211; The encryption context.</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first">DOMElement</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Type :</th><td class="field-body"><p class="first">Encryption Context</p>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first">The decrypted element.</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body"><p class="first last">DOMElement</p>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.deflate_and_base64_encode">
-<em class="property">static </em><tt class="descname">deflate_and_base64_encode</tt><big>(</big><em>value</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.deflate_and_base64_encode"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.deflate_and_base64_encode" title="Permalink to this definition">¶</a></dt>
-<dd><p>Deflates and the base64 encodes a string
-:param value: The string to deflate and encode
-:return: The deflated and encoded string</p>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.delete_local_session">
-<em class="property">static </em><tt class="descname">delete_local_session</tt><big>(</big><em>callback=None</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.delete_local_session"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.delete_local_session" title="Permalink to this definition">¶</a></dt>
-<dd><p>Deletes the local session.</p>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.format_cert">
-<em class="property">static </em><tt class="descname">format_cert</tt><big>(</big><em>cert</em>, <em>heads=True</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.format_cert"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.format_cert" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns a x509 cert (adding header &amp; footer if required).</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>cert</strong> &#8211; A x509 unformated cert</li>
-<li><strong>heads</strong> &#8211; True if we want to include head and footer</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Type :</th><td class="field-body"><p class="first">boolean</p>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first">Formated cert</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body"><p class="first last">string</p>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.format_finger_print">
-<em class="property">static </em><tt class="descname">format_finger_print</tt><big>(</big><em>fingerprint</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.format_finger_print"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.format_finger_print" title="Permalink to this definition">¶</a></dt>
-<dd><p>Formates a fingerprint.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>fingerprint</strong> &#8211; fingerprint</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body">string</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Formated fingerprint</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.generate_name_id">
-<em class="property">static </em><tt class="descname">generate_name_id</tt><big>(</big><em>value</em>, <em>sp_nq</em>, <em>sp_format</em>, <em>key=None</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.generate_name_id"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.generate_name_id" title="Permalink to this definition">¶</a></dt>
-<dd><p>Generates a nameID.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>value</strong> &#8211; fingerprint</li>
-<li><strong>sp_nq</strong> &#8211; SP Name Qualifier</li>
-<li><strong>sp_format</strong> &#8211; SP Format</li>
-<li><strong>key</strong> &#8211; SP Key to encrypt the nameID</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string</p>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string</p>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first">DOMElement | XMLSec nameID</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body"><p class="first last">string</p>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.generate_unique_id">
-<em class="property">static </em><tt class="descname">generate_unique_id</tt><big>(</big><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.generate_unique_id"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.generate_unique_id" title="Permalink to this definition">¶</a></dt>
-<dd><p>Generates an unique string (used for example as ID for assertions).</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">A unique string</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.get_expire_time">
-<em class="property">static </em><tt class="descname">get_expire_time</tt><big>(</big><em>cache_duration=None</em>, <em>valid_until=None</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.get_expire_time"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.get_expire_time" title="Permalink to this definition">¶</a></dt>
-<dd><p>Compares 2 dates and returns the earliest.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>cache_duration</strong> &#8211; The duration, as a string.</li>
-<li><strong>valid_until</strong> &#8211; The valid until date, as a string or as a timestamp</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string</p>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first">The expiration time.</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body"><p class="first last">int</p>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.get_self_host">
-<em class="property">static </em><tt class="descname">get_self_host</tt><big>(</big><em>request_data</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.get_self_host"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.get_self_host" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns the current host.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>request_data</strong> &#8211; The request as a dict</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body">dict</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The current host</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.get_self_url">
-<em class="property">static </em><tt class="descname">get_self_url</tt><big>(</big><em>request_data</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.get_self_url"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.get_self_url" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns the URL of the current host + current view + query.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>request_data</strong> &#8211; The request as a dict</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body">dict</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The url of current host + current view + query</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.get_self_url_host">
-<em class="property">static </em><tt class="descname">get_self_url_host</tt><big>(</big><em>request_data</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.get_self_url_host"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.get_self_url_host" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns the protocol + the current host + the port (if different than
-common ports).</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>request_data</strong> &#8211; The request as a dict</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body">dict</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Url</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.get_self_url_no_query">
-<em class="property">static </em><tt class="descname">get_self_url_no_query</tt><big>(</big><em>request_data</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.get_self_url_no_query"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.get_self_url_no_query" title="Permalink to this definition">¶</a></dt>
-<dd><p>Returns the URL of the current host + current view.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>request_data</strong> &#8211; The request as a dict</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body">dict</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The url of current host + current view</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.get_status">
-<em class="property">static </em><tt class="descname">get_status</tt><big>(</big><em>dom</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.get_status"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.get_status" title="Permalink to this definition">¶</a></dt>
-<dd><p>Gets Status from a Response.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>dom</strong> &#8211; The Response as XML</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body">Document</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The Status, an array with the code and a message.</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">dict</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.is_https">
-<em class="property">static </em><tt class="descname">is_https</tt><big>(</big><em>request_data</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.is_https"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.is_https" title="Permalink to this definition">¶</a></dt>
-<dd><p>Checks if https or http.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>request_data</strong> &#8211; The request as a dict</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body">dict</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">False if https is not active</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">boolean</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.parse_SAML_to_time">
-<em class="property">static </em><tt class="descname">parse_SAML_to_time</tt><big>(</big><em>timestr</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.parse_SAML_to_time"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.parse_SAML_to_time" title="Permalink to this definition">¶</a></dt>
-<dd><p>Converts a SAML2 timestamp on the form yyyy-mm-ddThh:mm:ss(.s+)?Z
-to a UNIX timestamp. The sub-second part is ignored.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>time</strong> &#8211; The time we should convert (SAML Timestamp).</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body">string</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Converted to a unix timestamp.</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">int</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.parse_duration">
-<em class="property">static </em><tt class="descname">parse_duration</tt><big>(</big><em>duration</em>, <em>timestamp=None</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.parse_duration"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.parse_duration" title="Permalink to this definition">¶</a></dt>
-<dd><p>Interprets a ISO8601 duration value relative to a given timestamp.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>duration</strong> &#8211; The duration, as a string.</li>
-<li><strong>timestamp</strong> &#8211; The unix timestamp we should apply the duration to.
-Optional, default to the current time.</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string</p>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Returns:</th><td class="field-body"><p class="first">The new timestamp, after the duration is applied.</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Return type:</th><td class="field-body"><p class="first last">int</p>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.parse_time_to_SAML">
-<em class="property">static </em><tt class="descname">parse_time_to_SAML</tt><big>(</big><em>time</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.parse_time_to_SAML"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.parse_time_to_SAML" title="Permalink to this definition">¶</a></dt>
-<dd><p>Converts a UNIX timestamp to SAML2 timestamp on the form
-yyyy-mm-ddThh:mm:ss(.s+)?Z.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>time</strong> &#8211; The time we should convert (DateTime).</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body">string</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">SAML2 timestamp.</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">string</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.query">
-<em class="property">static </em><tt class="descname">query</tt><big>(</big><em>dom</em>, <em>query</em>, <em>context=None</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.query"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.query" title="Permalink to this definition">¶</a></dt>
-<dd><p>Extracts nodes that match the query from the Element</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>dom</strong> &#8211; The root of the lxml objet</li>
-<li><strong>query</strong> &#8211; Xpath Expresion</li>
-<li><strong>context</strong> &#8211; Context Node</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first">Element</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string</p>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first">DOMElement</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body"><p class="first">The queried nodes</p>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body"><p class="first last">list</p>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.redirect">
-<em class="property">static </em><tt class="descname">redirect</tt><big>(</big><em>url</em>, <em>parameters={}</em>, <em>request_data={}</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.redirect"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.redirect" title="Permalink to this definition">¶</a></dt>
-<dd><p>Executes a redirection to the provided url (or return the target url).</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>url</strong> &#8211; The target url</li>
-<li><strong>parameters</strong> &#8211; Extra parameters to be passed as part of the url</li>
-<li><strong>request_data</strong> &#8211; The request as a dict</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Type :</th><td class="field-body"><p class="first">dict</p>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first">dict</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body"><p class="first">Url</p>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body"><p class="first last">string</p>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.validate_sign">
-<em class="property">static </em><tt class="descname">validate_sign</tt><big>(</big><em>xml</em>, <em>cert=None</em>, <em>fingerprint=None</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.validate_sign"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.validate_sign" title="Permalink to this definition">¶</a></dt>
-<dd><p>Validates a signature (Message or Assertion).</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
-<li><strong>xml</strong> &#8211; The element we should validate</li>
-<li><strong>cert</strong> &#8211; The pubic cert</li>
-<li><strong>fingerprint</strong> &#8211; The fingerprint of the public cert</li>
-</ul>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string | Document</p>
-</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Type :</th><td class="field-body"><p class="first">string</p>
-</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body"><p class="first last">string</p>
-</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.validate_xml">
-<em class="property">static </em><tt class="descname">validate_xml</tt><big>(</big><em>xml</em>, <em>schema</em>, <em>debug=False</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.validate_xml"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.validate_xml" title="Permalink to this definition">¶</a></dt>
-<dd></dd></dl>
-
-<dl class="staticmethod">
-<dt id="saml2.utils.OneLogin_Saml2_Utils.write_temp_file">
-<em class="property">static </em><tt class="descname">write_temp_file</tt><big>(</big><em>content</em><big>)</big><a class="reference internal" href="_modules/saml2/utils.html#OneLogin_Saml2_Utils.write_temp_file"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#saml2.utils.OneLogin_Saml2_Utils.write_temp_file" title="Permalink to this definition">¶</a></dt>
-<dd><p>Writes some content into a temporary file and returns it.</p>
-<table class="docutils field-list" frame="void" rules="none">
-<col class="field-name" />
-<col class="field-body" />
-<tbody valign="top">
-<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>content</strong> &#8211; The file content</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Type :</th><td class="field-body">string</td>
-</tr>
-<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">The temporary file</td>
-</tr>
-<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body">file-like object</td>
-</tr>
-</tbody>
-</table>
-</dd></dl>
-
-</dd></dl>
-
-</div>
-</div>
-
-
-          </div>
-        </div>
-      </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-  <h3><a href="index.html">Table Of Contents</a></h3>
-  <ul>
-<li><a class="reference internal" href="#">OneLogin saml2 Module</a><ul>
-<li><a class="reference internal" href="#module-saml2.auth"><tt class="docutils literal"><span class="pre">auth</span></tt> Class</a></li>
-<li><a class="reference internal" href="#module-saml2.authn_request"><tt class="docutils literal"><span class="pre">authn_request</span></tt> Class</a></li>
-<li><a class="reference internal" href="#module-saml2.constants"><tt class="docutils literal"><span class="pre">constants</span></tt> Class</a></li>
-<li><a class="reference internal" href="#module-saml2.errors"><tt class="docutils literal"><span class="pre">errors</span></tt> Class</a></li>
-<li><a class="reference internal" href="#module-saml2.logout_request"><tt class="docutils literal"><span class="pre">logout_request</span></tt> Class</a></li>
-<li><a class="reference internal" href="#module-saml2.logout_response"><tt class="docutils literal"><span class="pre">logout_response</span></tt> Class</a></li>
-<li><a class="reference internal" href="#module-saml2.metadata"><tt class="docutils literal"><span class="pre">metadata</span></tt> Class</a></li>
-<li><a class="reference internal" href="#module-saml2.response"><tt class="docutils literal"><span class="pre">response</span></tt> Class</a></li>
-<li><a class="reference internal" href="#module-saml2.settings"><tt class="docutils literal"><span class="pre">settings</span></tt> Class</a></li>
-<li><a class="reference internal" href="#module-saml2.utils"><tt class="docutils literal"><span class="pre">utils</span></tt> Class</a></li>
-</ul>
-</li>
-</ul>
-
-  <h4>Previous topic</h4>
-  <p class="topless"><a href="index.html"
-                        title="previous chapter">Welcome to OneLogin SAML Python library documentation</a></p>
-  <h3>This Page</h3>
-  <ul class="this-page-menu">
-    <li><a href="_sources/saml2.txt"
-           rel="nofollow">Show Source</a></li>
-  </ul>
-<div id="searchbox" style="display: none">
-  <h3>Quick search</h3>
-    <form class="search" action="search.html" method="get">
-      <input type="text" name="q" />
-      <input type="submit" value="Go" />
-      <input type="hidden" name="check_keywords" value="yes" />
-      <input type="hidden" name="area" value="default" />
-    </form>
-    <p class="searchtip" style="font-size: 90%">
-    Enter search terms or a module, class or function name.
-    </p>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li class="right" >
-          <a href="index.html" title="Welcome to OneLogin SAML Python library documentation"
-             >previous</a> |</li>
-        <li><a href="index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
-</html>
\ No newline at end of file
diff --git a/docs/saml2/search.html b/docs/saml2/search.html
index 531d00de..4adb787b 100644
--- a/docs/saml2/search.html
+++ b/docs/saml2/search.html
@@ -1,107 +1,120 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>Search &mdash; SAML Python2/3 Toolkit 1 documentation</title>
+      <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
+    
+  <!--[if lt IE 9]>
+    <script src="_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script src="_static/jquery.js?v=5d32c60e"></script>
+        <script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
+        <script data-url_root="./" id="documentation_options" src="_static/documentation_options.js?v=404a92a0"></script>
+        <script src="_static/doctools.js?v=888ff710"></script>
+        <script src="_static/sphinx_highlight.js?v=4825356b"></script>
+    <script src="_static/js/theme.js"></script>
+    <script src="_static/searchtools.js"></script>
+    <script src="_static/language_data.js"></script>
+    <link rel="index" title="Index" href="genindex.html" />
+    <link rel="search" title="Search" href="#" /> 
+</head>
 
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
 
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
+          
+          
+          <a href="index.html" class="icon icon-home">
+            SAML Python2/3 Toolkit
+          </a>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="#" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="onelogin.html">onelogin package</a></li>
+</ul>
 
-<html xmlns="http://www.w3.org/1999/xhtml">
-  <head>
-    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    
-    <title>Search &mdash; OneLogin SAML Python library classes and methods</title>
-    
-    <link rel="stylesheet" href="_static/default.css" type="text/css" />
-    <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
-    
-    <script type="text/javascript">
-      var DOCUMENTATION_OPTIONS = {
-        URL_ROOT:    '',
-        VERSION:     '',
-        COLLAPSE_INDEX: false,
-        FILE_SUFFIX: '.html',
-        HAS_SOURCE:  true
-      };
-    </script>
-    <script type="text/javascript" src="_static/jquery.js"></script>
-    <script type="text/javascript" src="_static/underscore.js"></script>
-    <script type="text/javascript" src="_static/doctools.js"></script>
-    <script type="text/javascript" src="_static/searchtools.js"></script>
-    <link rel="top" title="OneLogin SAML Python library classes and methods" href="index.html" />
-  <script type="text/javascript">
-    jQuery(function() { Search.loadIndex("searchindex.js"); });
-  </script>
-  
-  <script type="text/javascript" id="searchindexloader"></script>
-   
+        </div>
+      </div>
+    </nav>
 
-  </head>
-  <body>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="genindex.html" title="General Index"
-             accesskey="I">index</a></li>
-        <li class="right" >
-          <a href="py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li> 
-      </ul>
-    </div>  
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="index.html">SAML Python2/3 Toolkit</a>
+      </nav>
 
-    <div class="document">
-      <div class="documentwrapper">
-        <div class="bodywrapper">
-          <div class="body">
-            
-  <h1 id="search-documentation">Search</h1>
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="index.html" class="icon icon-home" aria-label="Home"></a></li>
+      <li class="breadcrumb-item active">Search</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <noscript>
   <div id="fallback" class="admonition warning">
-  <script type="text/javascript">$('#fallback').hide();</script>
-  <p>
-    Please activate JavaScript to enable the search
-    functionality.
-  </p>
+    <p class="last">
+      Please activate JavaScript to enable the search functionality.
+    </p>
   </div>
-  <p>
-    From here you can search these documents. Enter your search
-    words into the box below and click "search". Note that the search
-    function will automatically search for all of the words. Pages
-    containing fewer words won't appear in the result list.
-  </p>
-  <form action="" method="get">
-    <input type="text" name="q" value="" />
-    <input type="submit" value="search" />
-    <span id="search-progress" style="padding-left: 10px"></span>
-  </form>
+  </noscript>
+
   
   <div id="search-results">
   
   </div>
 
+           </div>
           </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2023, Sixto Martin.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
         </div>
       </div>
-      <div class="sphinxsidebar">
-        <div class="sphinxsidebarwrapper">
-        </div>
-      </div>
-      <div class="clearer"></div>
-    </div>
-    <div class="related">
-      <h3>Navigation</h3>
-      <ul>
-        <li class="right" style="margin-right: 10px">
-          <a href="genindex.html" title="General Index"
-             >index</a></li>
-        <li class="right" >
-          <a href="py-modindex.html" title="Python Class Index"
-             >modules</a> |</li>
-        <li><a href="index.html">OneLogin SAML Python library classes and methods</a> &raquo;</li> 
-      </ul>
-    </div>
-    <div class="footer">
-        &copy; Copyright 2014, OneLogin Inc..
-      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
-    </div>
-  </body>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script>
+  <script>
+    jQuery(function() { Search.loadIndex("searchindex.js"); });
+  </script>
+  
+  <script id="searchindexloader"></script>
+   
+
+
+</body>
 </html>
\ No newline at end of file
diff --git a/docs/saml2/searchindex.js b/docs/saml2/searchindex.js
index cf3c42ca..2107afb9 100644
--- a/docs/saml2/searchindex.js
+++ b/docs/saml2/searchindex.js
@@ -1 +1 @@
-Search.setIndex({objects:{"saml2.logout_response.OneLogin_Saml2_Logout_Response":{is_valid:[1,2,1,""],get_response:[1,2,1,""],get_status:[1,2,1,""],get_issuer:[1,2,1,""],build:[1,2,1,""]},"saml2.response.OneLogin_Saml2_Response":{get_audiences:[1,2,1,""],validate_num_assertions:[1,2,1,""],get_nameid_data:[1,2,1,""],get_session_index:[1,2,1,""],get_issuers:[1,2,1,""],is_valid:[1,2,1,""],check_status:[1,2,1,""],validate_timestamps:[1,2,1,""],get_nameid:[1,2,1,""],get_attributes:[1,2,1,""],get_session_not_on_or_after:[1,2,1,""]},"saml2.errors.OneLogin_Saml2_Error":{PUBLIC_CERT_FILE_NOT_FOUND:[1,1,1,""],SETTINGS_FILE_NOT_FOUND:[1,1,1,""],SAML_LOGOUTREQUEST_INVALID:[1,1,1,""],REDIRECT_INVALID_URL:[1,1,1,""],PRIVATE_KEY_FILE_NOT_FOUND:[1,1,1,""],SAML_LOGOUTMESSAGE_NOT_FOUND:[1,1,1,""],SAML_RESPONSE_NOT_FOUND:[1,1,1,""],METADATA_SP_INVALID:[1,1,1,""],SAML_LOGOUTRESPONSE_INVALID:[1,1,1,""],SETTINGS_INVALID:[1,1,1,""],SP_CERTS_NOT_FOUND:[1,1,1,""],SETTINGS_INVALID_SYNTAX:[1,1,1,""],SAML_SINGLE_LOGOUT_NOT_SUPPORTED:[1,1,1,""]},"saml2.errors":{OneLogin_Saml2_Error:[1,6,1,""]},"saml2.metadata.OneLogin_Saml2_Metadata":{sign_metadata:[1,3,1,""],builder:[1,3,1,""],add_x509_key_descriptors:[1,3,1,""],TIME_VALID:[1,1,1,""],TIME_CACHED:[1,1,1,""]},"saml2.response":{OneLogin_Saml2_Response:[1,4,1,""]},"saml2.settings.OneLogin_Saml2_Settings":{get_contacts:[1,2,1,""],get_security_data:[1,2,1,""],validate_metadata:[1,2,1,""],get_errors:[1,2,1,""],check_settings:[1,2,1,""],get_sp_data:[1,2,1,""],get_idp_data:[1,2,1,""],get_cert_path:[1,2,1,""],get_schemas_path:[1,2,1,""],set_strict:[1,2,1,""],get_base_path:[1,2,1,""],is_strict:[1,2,1,""],get_lib_path:[1,2,1,""],get_sp_key:[1,2,1,""],get_sp_metadata:[1,2,1,""],is_debug_active:[1,2,1,""],get_ext_lib_path:[1,2,1,""],get_sp_cert:[1,2,1,""],get_organization:[1,2,1,""],check_sp_certs:[1,2,1,""],format_idp_cert:[1,2,1,""]},"saml2.settings":{OneLogin_Saml2_Settings:[1,4,1,""],validate_url:[1,5,1,""]},"saml2.logout_response":{OneLogin_Saml2_Logout_Response:[1,4,1,""]},"saml2.authn_request.OneLogin_Saml2_Authn_Request":{get_request:[1,2,1,""]},"saml2.constants.OneLogin_Saml2_Constants":{NAMEID_EMAIL_ADDRESS:[1,1,1,""],CM_SENDER_VOUCHES:[1,1,1,""],CM_HOLDER_KEY:[1,1,1,""],NS_SAML:[1,1,1,""],RSA_SHA1:[1,1,1,""],NS_XS:[1,1,1,""],STATUS_PROXY_COUNT_EXCEEDED:[1,1,1,""],NS_SOAP:[1,1,1,""],NAMEID_ENCRYPTED:[1,1,1,""],STATUS_REQUESTER:[1,1,1,""],STATUS_NO_PASSIVE:[1,1,1,""],STATUS_PARTIAL_LOGOUT:[1,1,1,""],BINDING_HTTP_REDIRECT:[1,1,1,""],NAMEID_X509_SUBJECT_NAME:[1,1,1,""],AC_KERBEROS:[1,1,1,""],NAMEID_KERBEROS:[1,1,1,""],BINDING_HTTP_ARTIFACT:[1,1,1,""],NS_XENC:[1,1,1,""],BINDING_HTTP_POST:[1,1,1,""],CM_BEARER:[1,1,1,""],ALOWED_CLOCK_DRIFT:[1,1,1,""],BINDING_DEFLATE:[1,1,1,""],NAMEID_ENTITY:[1,1,1,""],AC_SMARTCARD:[1,1,1,""],AC_UNSPECIFIED:[1,1,1,""],NS_XSI:[1,1,1,""],NSMAP:[1,1,1,""],STATUS_RESPONDER:[1,1,1,""],AC_PASSWORD:[1,1,1,""],NS_SAMLP:[1,1,1,""],NS_DS:[1,1,1,""],STATUS_SUCCESS:[1,1,1,""],AC_X509:[1,1,1,""],NAMEID_TRANSIENT:[1,1,1,""],BINDING_SOAP:[1,1,1,""],ATTRNAME_FORMAT_UNSPECIFIED:[1,1,1,""],ATTRNAME_FORMAT_BASIC:[1,1,1,""],NS_MD:[1,1,1,""],ATTRNAME_FORMAT_URI:[1,1,1,""],NAMEID_PERSISTENT:[1,1,1,""],STATUS_VERSION_MISMATCH:[1,1,1,""],NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME:[1,1,1,""]},"saml2.authn_request":{OneLogin_Saml2_Authn_Request:[1,4,1,""]},"saml2.metadata":{OneLogin_Saml2_Metadata:[1,4,1,""]},"saml2.utils.OneLogin_Saml2_Utils":{generate_unique_id:[1,3,1,""],add_sign:[1,3,1,""],deflate_and_base64_encode:[1,3,1,""],get_status:[1,3,1,""],query:[1,3,1,""],redirect:[1,3,1,""],get_expire_time:[1,3,1,""],decode_base64_and_inflate:[1,3,1,""],parse_SAML_to_time:[1,3,1,""],parse_duration:[1,3,1,""],generate_name_id:[1,3,1,""],validate_xml:[1,3,1,""],get_self_host:[1,3,1,""],parse_time_to_SAML:[1,3,1,""],format_finger_print:[1,3,1,""],decrypt_element:[1,3,1,""],get_self_url_host:[1,3,1,""],get_self_url:[1,3,1,""],delete_local_session:[1,3,1,""],format_cert:[1,3,1,""],is_https:[1,3,1,""],calculate_x509_fingerprint:[1,3,1,""],get_self_url_no_query:[1,3,1,""],write_temp_file:[1,3,1,""],validate_sign:[1,3,1,""]},"saml2.logout_request.OneLogin_Saml2_Logout_Request":{get_issuer:[1,3,1,""],get_name_id:[1,3,1,""],get_request:[1,2,1,""],get_id:[1,3,1,""],is_valid:[1,3,1,""],get_session_indexes:[1,3,1,""],get_name_id_data:[1,3,1,""]},"saml2.utils":{OneLogin_Saml2_Utils:[1,4,1,""]},"saml2.constants":{OneLogin_Saml2_Constants:[1,4,1,""]},"saml2.auth.OneLogin_Saml2_Auth":{get_settings:[1,2,1,""],process_response:[1,2,1,""],get_errors:[1,2,1,""],build_request_signature:[1,2,1,""],redirect_to:[1,2,1,""],is_authenticated:[1,2,1,""],get_attribute:[1,2,1,""],build_response_signature:[1,2,1,""],set_strict:[1,2,1,""],process_slo:[1,2,1,""],get_sso_url:[1,2,1,""],logout:[1,2,1,""],login:[1,2,1,""],get_slo_url:[1,2,1,""],get_attributes:[1,2,1,""],get_nameid:[1,2,1,""]},"saml2.auth":{OneLogin_Saml2_Auth:[1,4,1,""]},saml2:{errors:[1,0,1,""],settings:[1,0,1,""],utils:[1,0,1,""],auth:[1,0,1,""],logout_request:[1,0,1,""],authn_request:[1,0,1,""],logout_response:[1,0,1,""],response:[1,0,1,""],constants:[1,0,1,""],metadata:[1,0,1,""]},"saml2.logout_request":{OneLogin_Saml2_Logout_Request:[1,4,1,""]}},terms:{represent:1,code:1,queri:1,issuer:1,privat:1,encryptedattribut:1,base64:1,ac_smartcard:1,specif:1,send:1,binding_defl:1,must:1,sent:1,deactiv:1,sourc:1,string:1,fals:1,parse_saml_to_tim:1,util:[0,1],xmlschema:1,public_cert_file_not_found:1,get_self_url_no_queri:1,settings_file_not_found:1,list:1,onelogin_saml2_util:1,sign_metadata:1,pubic:1,sign:1,past:1,second:1,pass:1,port:1,index:0,what:1,get_name_id:1,compar:1,get_idp_data:1,sp_nq:1,current:1,delet:1,x509subjectnam:1,"new":1,status_no_pass:1,"public":1,metadata:[0,1],redirect:1,keep_local_sess:1,gener:1,windowsdomainqualifiednam:1,logout:1,path:1,valu:1,search:0,sender:1,datetim:1,cert:1,is_debug_act:1,redirect_invalid_url:1,extra:1,appli:1,modul:[0,1],metadata_sp_invalid:1,is_authent:1,unix:1,"boolean":1,onelogin_saml2_respons:1,org:1,post:1,authnstat:1,from:1,ddthh:1,nameid_persist:1,emailaddress:1,status_request:1,type:1,until:1,keydescriptor:1,attrname_format_bas:1,iso8601:1,"transient":1,get_sp_cert:1,cach:1,status_proxy_count_exceed:1,none:1,endpoint:1,redirect_to:1,uniqu:1,descriptor:1,time_valid:1,root:1,status_success:1,request_data:1,objet:1,process:1,onelogin_saml2_auth:1,unform:1,indic:0,ac_unspecifi:1,want:1,unsign:1,lxml:1,secur:1,check_statu:1,status_respond:1,write:1,verifi:1,decrypt_el:1,ns_samlp:1,ac_x509:1,x509:1,after:1,validate_xml:1,nameid_x509_subject_nam:1,callback:1,date:1,data:1,domdocu:1,footer:1,bind:1,element:1,onelogin_saml2_logout_request:1,authn_request:[0,1],nameid:1,order:1,alowed_clock_drift:1,deflate_and_base64_encod:1,process_respons:1,paramet:1,settings_invalid_syntax:1,persist:1,get_slo_url:1,"return":1,timestamp:1,auth:[0,1],authnrequest:1,get_respons:1,get_self_url:1,format_idp_cert:1,namequalifi:1,authent:1,onelogin_saml2_authn_request:1,mode:1,request_id:1,debug:1,found:1,went:1,oasi:1,authnsign:1,"static":1,rsa_sha1:1,our:1,extract:1,check_sp_cert:1,content:[0,1],validate_metadata:1,rel:1,qualifi:1,generate_name_id:1,envelop:1,given:1,base:1,get_lib_path:1,format_finger_print:1,get_session_index:1,earliest:1,get_name_id_data:1,ns_x:1,could:1,wrong:1,domel:1,ns_d:1,time_cach:1,validate_sign:1,smartcard:1,arrai:1,messag:1,attrname_format_uri:1,kerbero:1,saml_single_logout_not_support:1,differ:1,construct:1,ns_xsi:1,parse_time_to_saml:1,store:1,schema:1,option:1,sessionnotonoraft:1,rsa:1,artifact:1,wantassertionssign:1,encrypted_data:1,vouch:1,part:1,is_strict:1,holder:1,than:1,target:1,provid:1,defat:1,str:1,get_nameid:1,initi:1,argument:1,packag:[0,1],expir:1,onelogin_saml2_error:1,tabl:0,onelogin_saml2_set:1,lib:1,build_response_signatur:1,destroi:1,contact:1,build:1,soap:1,singl:1,validate_timestamp:1,decode_base64_and_infl:1,object:1,nameid_kerbero:1,logout_request:[0,1],return_to:1,"class":1,sub:1,ns_saml:1,saml_logoutrequest_invalid:1,dom:1,url:1,urn:1,nsmap:1,uri:1,determin:1,saml_response_not_found:1,add_sign:1,session:1,nameid_ent:1,onelogin_saml2_const:1,xml:1,onli:1,get_sp_kei:1,timestr:1,activ:1,set_strict:1,should:1,get_sso_url:1,dict:1,folder:1,local:1,valid_until:1,nameid_transi:1,get:1,authnrequestssign:1,sso:1,expres:1,get_nameid_data:1,requir:1,organ:1,onelogin:[0,1],binding_http_redirect:1,common:1,contain:1,xmlenc:1,view:1,respond:1,certif:1,set:[0,1],get_set:1,respons:[0,1],statu:1,ingo:1,logoutrequest:1,check_set:1,someth:1,get_organ:1,saml_logoutresponse_invalid:1,entiti:1,attribut:1,signatur:1,accord:1,kei:1,samlrespons:1,old_set:1,wsign:1,sp_format:1,delete_session_cb:1,rtype:1,get_cert_path:1,format_cert:1,audienc:1,instanc:1,get_error:1,attrnam:1,login:1,validate_num_assert:1,generate_unique_id:1,settings_invalid:1,write_temp_fil:1,status_partial_logout:1,header:1,rfc1951:1,reciev:1,empti:1,interpret:1,basic:1,nameid_email_address:1,partiallogout:1,convert:1,assert:1,get_id:1,versionmismatch:1,saml_request:1,durat:1,defin:1,calcul:1,slo:1,error:[0,1],ns_xenc:1,cm_holder_kei:1,get_attribut:1,binding_soap:1,toolkit:1,sessionindex:1,cache_dur:1,sp_certs_not_found:1,get_statu:1,status_version_mismatch:1,welcom:0,saml:1,inresponseto:1,process_slo:1,same:1,decod:1,document:[0,1],get_security_data:1,http:1,context:1,inflat:1,onelogin_saml2_logout_respons:1,rais:1,temporari:1,user:1,binding_http_artifact:1,extern:1,get_self_url_host:1,sha1:1,builder:1,relay_st:1,calculate_x509_fingerprint:1,exampl:1,thi:1,get_contact:1,protocol:1,bearer:1,execut:1,private_key_file_not_found:1,fingerprint:1,ac_kerbero:1,get_audi:1,get_sp_data:1,except:1,param:1,proxycountexceed:1,add:1,is_valid:1,xenc:1,match:1,logoutrespons:1,nameid_encrypt:1,format:1,add_x509_key_descriptor:1,cm_sender_vouch:1,get_sp_metadata:1,password:1,enc_ctx:1,name:1,like:1,success:1,xmlsoap:1,nameid_windows_domain_qualified_nam:1,page:0,yyyi:1,is_http:1,www:1,some:1,unspecifi:1,librari:1,xmldsig:1,condit:1,get_ext_lib_path:1,get_expire_tim:1,cm_bearer:1,build_request_signatur:1,logout_respons:[0,1],host:1,get_base_path:1,x509cert:1,deflat:1,idp:1,get_request:1,disabl:1,encod:1,get_issu:1,validate_url:1,samlp:1,support:1,strict:1,encript:1,includ:1,delete_local_sess:1,xpath:1,head:1,form:1,spnamequalifi:1,saml_logoutmessage_not_found:1,parse_dur:1,ac_password:1,"true":1,info:1,binding_http_post:1,get_session_not_on_or_aft:1,"default":1,ns_md:1,otherwis:1,constant:[0,1],creat:1,"int":1,request:1,decrypt:1,onelogin_saml2_metadata:1,exist:1,file:1,check:1,saml2:[0,1],encrypt:1,attrname_format_unspecifi:1,get_schemas_path:1,get_data:1,when:1,valid:1,bool:1,futur:1,saml_respons:1,argumen:1,node:1,attributestat:1,get_self_host:1,x509_cert:1,nopass:1,ns_soap:1,xmlsec:1,ignor:1,base64encod:1,time:1,custom_base_path:1,in_response_to:1},objtypes:{"0":"py:module","1":"py:attribute","2":"py:method","3":"py:staticmethod","4":"py:class","5":"py:function","6":"py:exception"},titles:["Welcome to saml2&#8217;s documentation!","OneLogin saml2 Module"],objnames:{"0":["py","module","Python module"],"1":["py","attribute","Python attribute"],"2":["py","method","Python method"],"3":["py","staticmethod","Python static method"],"4":["py","class","Python class"],"5":["py","function","Python function"],"6":["py","exception","Python exception"]},filenames:["index","saml2"]})
\ No newline at end of file
+Search.setIndex({"docnames": ["index", "modules", "onelogin", "onelogin.saml2"], "filenames": ["index.rst", "modules.rst", "onelogin.rst", "onelogin.saml2.rst"], "titles": ["Welcome to SAML Python2/3 Toolkit\u2019s documentation!", "onelogin", "onelogin package", "onelogin.saml2 package"], "terms": {"onelogin": 0, "packag": [0, 1], "subpackag": [0, 1], "saml2": [0, 1, 2], "submodul": [0, 1, 2], "auth": [0, 1, 2], "modul": [0, 1], "authn_request": [0, 1, 2], "compat": [0, 1, 2], "constant": [0, 1, 2], "error": [0, 1, 2], "idp_metadata_pars": [0, 1, 2], "logout_request": [0, 1, 2], "logout_respons": [0, 1, 2], "metadata": [0, 1, 2], "respons": [0, 1, 2], "set": [0, 1, 2], "util": [0, 1, 2], "xml_templat": [0, 1, 2], "xml_util": [0, 1, 2], "xmlparser": [0, 1, 2], "content": 1, "onelogin_saml2_auth": [2, 3], "add_request_signatur": [2, 3], "add_response_signatur": [2, 3], "authn_request_class": [2, 3], "get_attribut": [2, 3], "get_error": [2, 3], "get_friendlyname_attribut": [2, 3], "get_last_assertion_id": [2, 3], "get_last_assertion_issue_inst": [2, 3], "get_last_assertion_not_on_or_aft": [2, 3], "get_last_authn_context": [2, 3], "get_last_error_reason": [2, 3], "get_last_message_id": [2, 3], "get_last_request_id": [2, 3], "get_last_request_xml": [2, 3], "get_last_response_in_response_to": [2, 3], "get_last_response_xml": [2, 3], "get_nameid": [2, 3], "get_nameid_format": [2, 3], "get_nameid_nq": [2, 3], "get_nameid_spnq": [2, 3], "get_session_expir": [2, 3], "get_session_index": [2, 3], "get_set": [2, 3], "get_slo_response_url": [2, 3], "get_slo_url": [2, 3], "get_sso_url": [2, 3], "is_authent": [2, 3], "login": [2, 3], "logout": [2, 3], "logout_request_class": [2, 3], "logout_response_class": [2, 3], "process_respons": [2, 3], "process_slo": [2, 3], "redirect_to": [2, 3], "response_class": [2, 3], "set_strict": [2, 3], "store_valid_respons": [2, 3], "validate_request_signatur": [2, 3], "validate_response_signatur": [2, 3], "onelogin_saml2_authn_request": [2, 3], "get_id": [2, 3], "get_request": [2, 3], "get_xml": [2, 3], "to_byt": [2, 3], "to_str": [2, 3], "utf8": [2, 3], "onelogin_saml2_const": [2, 3], "ac_kerbero": [2, 3], "ac_password": [2, 3], "ac_password_protect": [2, 3], "ac_smartcard": [2, 3], "ac_unspecifi": [2, 3], "ac_x509": [2, 3], "aes128_cbc": [2, 3], "aes192_cbc": [2, 3], "aes256_cbc": [2, 3], "allowed_clock_drift": [2, 3], "attrname_format_bas": [2, 3], "attrname_format_unspecifi": [2, 3], "attrname_format_uri": [2, 3], "binding_defl": [2, 3], "binding_http_artifact": [2, 3], "binding_http_post": [2, 3], "binding_http_redirect": [2, 3], "binding_soap": [2, 3], "cm_bearer": [2, 3], "cm_holder_kei": [2, 3], "cm_sender_vouch": [2, 3], "deprecated_algorithm": [2, 3], "dsa_sha1": [2, 3], "nameid_email_address": [2, 3], "nameid_encrypt": [2, 3], "nameid_ent": [2, 3], "nameid_kerbero": [2, 3], "nameid_persist": [2, 3], "nameid_transi": [2, 3], "nameid_unspecifi": [2, 3], "nameid_windows_domain_qualified_nam": [2, 3], "nameid_x509_subject_nam": [2, 3], "nsmap": [2, 3], "ns_d": [2, 3], "ns_md": [2, 3], "ns_prefix_d": [2, 3], "ns_prefix_md": [2, 3], "ns_prefix_saml": [2, 3], "ns_prefix_samlp": [2, 3], "ns_prefix_xenc": [2, 3], "ns_prefix_x": [2, 3], "ns_prefix_xsd": [2, 3], "ns_prefix_xsi": [2, 3], "ns_saml": [2, 3], "ns_samlp": [2, 3], "ns_soap": [2, 3], "ns_xenc": [2, 3], "ns_x": [2, 3], "ns_xsi": [2, 3], "rsa_1_5": [2, 3], "rsa_oaep_mgf1p": [2, 3], "rsa_sha1": [2, 3], "rsa_sha256": [2, 3], "rsa_sha384": [2, 3], "rsa_sha512": [2, 3], "sha1": [2, 3], "sha256": [2, 3], "sha384": [2, 3], "sha512": [2, 3], "status_no_pass": [2, 3], "status_partial_logout": [2, 3], "status_proxy_count_exceed": [2, 3], "status_request": [2, 3], "status_respond": [2, 3], "status_success": [2, 3], "status_version_mismatch": [2, 3], "tripledes_cbc": [2, 3], "onelogin_saml2_error": [2, 3], "cert_not_found": [2, 3], "metadata_sp_invalid": [2, 3], "private_key_file_not_found": [2, 3], "private_key_not_found": [2, 3], "public_cert_file_not_found": [2, 3], "redirect_invalid_url": [2, 3], "saml_logoutmessage_not_found": [2, 3], "saml_logoutrequest_invalid": [2, 3], "saml_logoutresponse_invalid": [2, 3], "saml_response_not_found": [2, 3], "saml_single_logout_not_support": [2, 3], "settings_file_not_found": [2, 3], "settings_invalid": [2, 3], "settings_invalid_syntax": [2, 3], "sp_certs_not_found": [2, 3], "unsupported_settings_object": [2, 3], "onelogin_saml2_validationerror": [2, 3], "assertion_expir": [2, 3], "assertion_too_earli": [2, 3], "authn_context_mismatch": [2, 3], "children_node_not_found_in_keyinfo": [2, 3], "deprecated_digest_method": [2, 3], "deprecated_signature_method": [2, 3], "duplicated_attribute_name_found": [2, 3], "duplicated_id_in_signed_el": [2, 3], "duplicated_reference_in_signed_el": [2, 3], "empty_destin": [2, 3], "empty_nameid": [2, 3], "encrypted_attribut": [2, 3], "id_not_found_in_signed_el": [2, 3], "invalid_signatur": [2, 3], "invalid_signed_el": [2, 3], "invalid_xml_format": [2, 3], "issuer_multiple_in_respons": [2, 3], "issuer_not_found_in_assert": [2, 3], "keyinfo_not_found_in_encrypted_data": [2, 3], "missing_condit": [2, 3], "missing_id": [2, 3], "missing_statu": [2, 3], "missing_status_cod": [2, 3], "no_attributestat": [2, 3], "no_encrypted_assert": [2, 3], "no_encrypted_nameid": [2, 3], "no_nameid": [2, 3], "no_signature_found": [2, 3], "no_signed_assert": [2, 3], "no_signed_messag": [2, 3], "response_expir": [2, 3], "session_expir": [2, 3], "sp_name_qualifier_name_mismatch": [2, 3], "status_code_is_not_success": [2, 3], "unexpected_signed_el": [2, 3], "unsupported_retrieval_method": [2, 3], "unsupported_saml_vers": [2, 3], "wrong_audi": [2, 3], "wrong_destin": [2, 3], "wrong_inresponseto": [2, 3], "wrong_issu": [2, 3], "wrong_number_of_assert": [2, 3], "wrong_number_of_authstat": [2, 3], "wrong_number_of_signatur": [2, 3], "wrong_number_of_signatures_in_assert": [2, 3], "wrong_number_of_signatures_in_respons": [2, 3], "wrong_signed_el": [2, 3], "wrong_subjectconfirm": [2, 3], "onelogin_saml2_idpmetadatapars": [2, 3], "get_metadata": [2, 3], "merge_set": [2, 3], "pars": [2, 3], "parse_remot": [2, 3], "dict_deep_merg": [2, 3], "onelogin_saml2_logout_request": [2, 3], "get_issu": [2, 3], "get_nameid_data": [2, 3], "is_valid": [2, 3], "onelogin_saml2_logout_respons": [2, 3], "build": [2, 3], "get_in_response_to": [2, 3], "get_respons": [2, 3], "get_statu": [2, 3], "onelogin_saml2_metadata": [2, 3], "time_cach": [2, 3], "time_valid": [2, 3], "add_x509_key_descriptor": [2, 3], "builder": [2, 3], "sign_metadata": [2, 3], "onelogin_saml2_respons": [2, 3], "check_one_authnstat": [2, 3], "check_one_condit": [2, 3], "check_statu": [2, 3], "get_assertion_id": [2, 3], "get_assertion_issue_inst": [2, 3], "get_assertion_not_on_or_aft": [2, 3], "get_audi": [2, 3], "get_authn_context": [2, 3], "get_session_not_on_or_aft": [2, 3], "get_xml_docu": [2, 3], "process_signed_el": [2, 3], "validate_num_assert": [2, 3], "validate_signed_el": [2, 3], "validate_timestamp": [2, 3], "onelogin_saml2_set": [2, 3], "check_idp_set": [2, 3], "check_set": [2, 3], "check_sp_cert": [2, 3], "check_sp_set": [2, 3], "format_idp_cert": [2, 3], "format_idp_cert_multi": [2, 3], "format_sp_cert": [2, 3], "format_sp_cert_new": [2, 3], "format_sp_kei": [2, 3], "get_base_path": [2, 3], "get_cert_path": [2, 3], "get_contact": [2, 3], "get_idp_cert": [2, 3], "get_idp_data": [2, 3], "get_idp_slo_response_url": [2, 3], "get_idp_slo_url": [2, 3], "get_idp_sso_url": [2, 3], "get_lib_path": [2, 3], "get_organ": [2, 3], "get_schemas_path": [2, 3], "get_security_data": [2, 3], "get_sp_cert": [2, 3], "get_sp_cert_new": [2, 3], "get_sp_data": [2, 3], "get_sp_kei": [2, 3], "get_sp_metadata": [2, 3], "is_debug_act": [2, 3], "is_strict": [2, 3], "metadata_class": [2, 3], "set_cert_path": [2, 3], "validate_metadata": [2, 3], "validate_url": [2, 3], "onelogin_saml2_util": [2, 3], "assertion_signature_xpath": [2, 3], "response_signature_xpath": [2, 3], "time_format": [2, 3], "time_format_2": [2, 3], "time_format_with_frag": [2, 3], "add_sign": [2, 3], "b64decod": [2, 3], "b64encod": [2, 3], "calculate_x509_fingerprint": [2, 3], "decode_base64_and_infl": [2, 3], "decrypt_el": [2, 3], "deflate_and_base64_encod": [2, 3], "delete_local_sess": [2, 3], "escape_url": [2, 3], "format_cert": [2, 3], "format_finger_print": [2, 3], "format_private_kei": [2, 3], "generate_name_id": [2, 3], "generate_unique_id": [2, 3], "get_expire_tim": [2, 3], "get_self_host": [2, 3], "get_self_routed_url_no_queri": [2, 3], "get_self_url": [2, 3], "get_self_url_host": [2, 3], "get_self_url_no_queri": [2, 3], "is_http": [2, 3], "normalize_url": [2, 3], "now": [2, 3], "parse_saml_to_tim": [2, 3], "parse_dur": [2, 3], "parse_time_to_saml": [2, 3], "redirect": [2, 3], "sign_binari": [2, 3], "validate_binary_sign": [2, 3], "validate_metadata_sign": [2, 3], "validate_node_sign": [2, 3], "validate_sign": [2, 3], "return_false_on_except": [2, 3], "onelogin_saml2_templ": [2, 3], "attribut": [2, 3], "md_attr_consumer_servic": [2, 3], "md_contact_person": [2, 3], "md_entity_descriptor": [2, 3], "md_organis": [2, 3], "md_requested_attribut": [2, 3], "md_sl": [2, 3], "onelogin_saml2_xml": [2, 3], "cleanup_namespac": [2, 3], "dump": [2, 3], "element_text": [2, 3], "extract_tag_text": [2, 3], "make_child": [2, 3], "make_root": [2, 3], "queri": [2, 3], "to_etre": [2, 3], "validate_xml": [2, 3], "dtdforbidden": [2, 3], "entitiesforbidden": [2, 3], "globalparsertl": [2, 3], "createdefaultpars": [2, 3], "element_class": [2, 3], "getdefaultpars": [2, 3], "parser_config": [2, 3], "setdefaultpars": [2, 3], "notsupportederror": [2, 3], "restrictedel": [2, 3], "blacklist": [2, 3], "getchildren": [2, 3], "getiter": [2, 3], "iter": [2, 3], "iterchildren": [2, 3], "iterdescend": [2, 3], "iters": [2, 3], "xml": [2, 3], "check_docinfo": [2, 3], "fromstr": [2, 3], "iterpars": [2, 3], "add": [2, 3], "saml": [2, 3], "support": [2, 3], "your": [2, 3], "python": [2, 3], "softwar": [2, 3], "us": [2, 3], "thi": [2, 3], "librari": [2, 3], "toolkit": [2, 3], "let": [2, 3], "you": [2, 3], "sp": [2, 3], "servic": [2, 3], "provid": [2, 3], "over": [2, 3], "applic": [2, 3], "connect": [2, 3], "ani": [2, 3], "idp": [2, 3], "ident": [2, 3], "sso": [2, 3], "slo": [2, 3], "initi": [2, 3], "assert": [2, 3], "nameid": [2, 3], "encrypt": [2, 3], "signatur": [2, 3], "messag": [2, 3], "authnrequest": [2, 3], "logoutrequest": [2, 3], "logoutrespons": [2, 3], "enabl": [2, 3], "an": [2, 3], "consum": [2, 3], "endpoint": [2, 3], "singl": [2, 3], "publish": [2, 3], "which": [2, 3], "can": [2, 3], "sign": [2, 3], "class": 3, "main": 3, "instanc": 3, "request_data": 3, "old_set": 3, "none": 3, "custom_base_path": 3, "sourc": 3, "base": 3, "object": 3, "implement": 3, "defin": 3, "method": 3, "invok": 3, "order": 3, "process": 3, "request": 3, "sign_algorithm": 3, "http": 3, "www": 3, "w3": 3, "org": 3, "2001": 3, "04": 3, "xmldsig": 3, "more": 3, "rsa": 3, "paramet": 3, "dict": 3, "The": 3, "string": 3, "algorithm": 3, "response_data": 3, "param": 3, "type": 3, "alia": 3, "name": 3, "return": 3, "valu": 3, "": 3, "exist": 3, "list": 3, "code": 3, "someth": 3, "went": 3, "wrong": 3, "friendlynam": 3, "search": 3, "index": 3, "fiendlynam": 3, "id": 3, "last": 3, "issueinst": 3, "unix": 3, "posix": 3, "timestamp": 3, "notonoraft": 3, "valid": 3, "subjectconfirmationdata": 3, "node": 3, "authent": 3, "context": 3, "sent": 3, "reason": 3, "gener": 3, "retriev": 3, "raw": 3, "rtype": 3, "inresponseto": 3, "i": 3, "present": 3, "pretty_print_if_poss": 3, "fals": 3, "decrypt": 3, "format": 3, "namequalifi": 3, "sessionnotonoraft": 3, "from": 3, "authnstat": 3, "sessionindex": 3, "info": 3, "get": 3, "url": 3, "check": 3, "user": 3, "true": 3, "bool": 3, "return_to": 3, "force_authn": 3, "is_pass": 3, "set_nameid_polici": 3, "name_id_value_req": 3, "option": 3, "argument": 3, "target": 3, "should": 3, "after": 3, "when": 3, "forceauthn": 3, "ispass": 3, "nameidpolici": 3, "element": 3, "indic": 3, "subject": 3, "name_id": 3, "session_index": 3, "nq": 3, "name_id_format": 3, "spnq": 3, "identifi": 3, "session": 3, "qualifi": 3, "request_id": 3, "rais": 3, "post": 3, "samlrespons": 3, "found": 3, "keep_local_sess": 3, "delete_session_cb": 3, "destroi": 3, "local": 3, "otherwis": 3, "pass": 3, "we": 3, "our": 3, "extra": 3, "part": 3, "strict": 3, "mode": 3, "activ": 3, "disabl": 3, "data": 3, "handl": 3, "It": 3, "deflat": 3, "unsign": 3, "make": 3, "mayb": 3, "base64": 3, "encod": 3, "str": 3, "bodi": 3, "py3": 3, "byte": 3, "convert": 3, "all": 3, "urn": 3, "oasi": 3, "tc": 3, "2": 3, "0": 3, "ac": 3, "kerbero": 3, "password": 3, "passwordprotectedtransport": 3, "smartcard": 3, "unspecifi": 3, "x509": 3, "xmlenc": 3, "aes128": 3, "cbc": 3, "aes192": 3, "aes256": 3, "300": 3, "attrnam": 3, "basic": 3, "uri": 3, "bind": 3, "artifact": 3, "soap": 3, "cm": 3, "bearer": 3, "holder": 3, "kei": 3, "sender": 3, "vouch": 3, "2000": 3, "09": 3, "dsa": 3, "1": 3, "emailaddress": 3, "entiti": 3, "persist": 3, "transient": 3, "windowsdomainqualifiednam": 3, "x509subjectnam": 3, "d": 3, "md": 3, "samlp": 3, "protocol": 3, "xenc": 3, "x": 3, "xsd": 3, "xsi": 3, "schema": 3, "xmlsoap": 3, "envelop": 3, "xmlschema": 3, "1_5": 3, "oaep": 3, "mgf1p": 3, "statu": 3, "nopass": 3, "partiallogout": 3, "proxycountexceed": 3, "respond": 3, "success": 3, "versionmismatch": 3, "tripled": 3, "common": 3, "ha": 3, "custom": 3, "initializ": 3, "except": 3, "handler": 3, "4": 3, "3": 3, "7": 3, "13": 3, "6": 3, "5": 3, "9": 3, "10": 3, "11": 3, "8": 3, "12": 3, "14": 3, "anoth": 3, "relat": 3, "happen": 3, "dure": 3, "20": 3, "19": 3, "45": 3, "36": 3, "47": 3, "46": 3, "41": 3, "25": 3, "39": 3, "23": 3, "42": 3, "27": 3, "28": 3, "35": 3, "18": 3, "22": 3, "16": 3, "17": 3, "38": 3, "34": 3, "33": 3, "32": 3, "44": 3, "30": 3, "40": 3, "37": 3, "26": 3, "24": 3, "15": 3, "29": 3, "21": 3, "43": 3, "31": 3, "A": 3, "contain": 3, "obtain": 3, "doe": 3, "wai": 3, "introduc": 3, "sure": 3, "properli": 3, "befor": 3, "classmethod": 3, "validate_cert": 3, "timeout": 3, "header": 3, "where": 3, "If": 3, "flag": 3, "verif": 3, "associ": 3, "certif": 3, "int": 3, "second": 3, "wait": 3, "send": 3, "static": 3, "new_metadata_set": 3, "Will": 3, "updat": 3, "new": 3, "extract": 3, "current": 3, "merg": 3, "idp_metadata": 3, "required_sso_bind": 3, "required_slo_bind": 3, "entity_id": 3, "ar": 3, "multipl": 3, "idpssodescriptor": 3, "tag": 3, "onli": 3, "first": 3, "those": 3, "same": 3, "given": 3, "specifi": 3, "requir": 3, "hold": 3, "one": 3, "entitydescriptor": 3, "want": 3, "kwarg": 3, "b": 3, "path": 3, "deep": 3, "dictionari": 3, "kudo": 3, "stackoverflow": 3, "com": 3, "7205107": 3, "145400": 3, "execut": 3, "fail": 3, "caus": 3, "domdocu": 3, "issuer": 3, "spnamequalifi": 3, "base64encod": 3, "wa": 3, "receiv": 3, "raise_except": 3, "boolean": 3, "whether": 3, "failur": 3, "in_response_to": 3, "creat": 3, "determin": 3, "oneloginsaml2metadata": 3, "604800": 3, "172800": 3, "cert": 3, "add_encrypt": 3, "descriptor": 3, "keydescriptor": 3, "ad": 3, "authnsign": 3, "wsign": 3, "valid_until": 3, "cache_dur": 3, "contact": 3, "organ": 3, "authnrequestssign": 3, "wantassertionssign": 3, "datetim": 3, "expiri": 3, "date": 3, "durat": 3, "cach": 3, "digest_algorithm": 3, "digest": 3, "uniqu": 3, "condit": 3, "attributestat": 3, "encryptedattribut": 3, "audienc": 3, "could": 3, "store": 3, "futur": 3, "what": 3, "specif": 3, "must": 3, "delet": 3, "expir": 3, "time": 3, "document": 3, "verifi": 3, "refer": 3, "consist": 3, "signed_el": 3, "expect": 3, "accord": 3, "copyright": 3, "c": 3, "2010": 3, "2021": 3, "inc": 3, "mit": 3, "licens": 3, "sp_validation_onli": 3, "multpl": 3, "privat": 3, "folder": 3, "arrai": 3, "empti": 3, "ok": 3, "public": 3, "lib": 3, "secur": 3, "plan": 3, "soon": 3, "instead": 3, "other": 3, "represent": 3, "debug": 3, "deactiv": 3, "allow_single_label_domain": 3, "auxiliari": 3, "urllib": 3, "In": 3, "allow": 3, "label": 3, "domain": 3, "sever": 3, "y": 3, "m": 3, "dt": 3, "h": 3, "sz": 3, "fz": 3, "re": 3, "compil": 3, "t": 3, "z": 3, "xmlsec": 3, "decod": 3, "x509_cert": 3, "alg": 3, "calcul": 3, "fingerprint": 3, "x509cert": 3, "ignore_zip": 3, "inflat": 3, "rfc1951": 3, "ignor": 3, "zip": 3, "encrypted_data": 3, "inplac": 3, "result": 3, "lxml": 3, "etre": 3, "domel": 3, "basestr": 3, "callback": 3, "lowercase_urlencod": 3, "escap": 3, "non": 3, "safe": 3, "symbol": 3, "adf": 3, "quote_plu": 3, "produc": 3, "lower": 3, "case": 3, "hex": 3, "number": 3, "upper": 3, "lowercas": 3, "head": 3, "footer": 3, "unformat": 3, "includ": 3, "sp_nq": 3, "sp_format": 3, "exampl": 3, "compar": 3, "earliest": 3, "until": 3, "host": 3, "mai": 3, "port": 3, "rout": 3, "view": 3, "differ": 3, "than": 3, "dom": 3, "normal": 3, "comparison": 3, "netloc": 3, "insensit": 3, "per": 3, "rfc": 3, "4343": 3, "7617": 3, "standard": 3, "origin": 3, "split": 3, "also": 3, "field": 3, "actual": 3, "timestr": 3, "form": 3, "yyyi": 3, "mm": 3, "ddthh": 3, "ss": 3, "sub": 3, "interpret": 3, "iso8601": 3, "rel": 3, "appli": 3, "default": 3, "msg": 3, "__transform": 3, "binari": 3, "signed_queri": 3, "fingerprintalg": 3, "validatecert": 3, "signature_nod": 3, "elem": 3, "xpath": 3, "multicert": 3, "func": 3, "decor": 3, "function": 3, "suppress": 3, "overridden": 3, "keyword": 3, "call": 3, "wrap": 3, "n": 3, "nameformat": 3, "attributevalu": 3, "xmln": 3, "version": 3, "provider_nam": 3, "force_authn_str": 3, "is_passive_str": 3, "issue_inst": 3, "destin": 3, "protocolbind": 3, "acs_bind": 3, "assertionconsumerserviceurl": 3, "assertion_url": 3, "attr_consuming_service_str": 3, "subject_str": 3, "nameid_policy_str": 3, "requested_authn_context_str": 3, "single_logout_url": 3, "statuscod": 3, "attributeconsumingservic": 3, "servicenam": 3, "lang": 3, "en": 3, "service_nam": 3, "attr_cs_desc": 3, "requested_attribute_str": 3, "contactperson": 3, "contacttyp": 3, "givennam": 3, "email": 3, "entityid": 3, "spssodescriptor": 3, "protocolsupportenumer": 3, "sl": 3, "nameidformat": 3, "assertionconsumerservic": 3, "locat": 3, "attribute_consuming_servic": 3, "organizationnam": 3, "organizationdisplaynam": 3, "display_nam": 3, "organizationurl": 3, "requestedattribut": 3, "req_attr_nam": 3, "req_attr_nameformat_str": 3, "req_attr_isrequired_str": 3, "req_attr_aux_str": 3, "singlelogoutservic": 3, "assertion_id": 3, "name_id_polici": 3, "subjectconfirm": 3, "not_aft": 3, "recipi": 3, "notbefor": 3, "not_befor": 3, "audiencerestrict": 3, "authninst": 3, "authn_context": 3, "tree_or_el": 3, "top_nsmap": 3, "keep_ns_prefix": 3, "keep": 3, "namespac": 3, "intact": 3, "tree": 3, "map": 3, "prefix": 3, "remov": 3, "cleanup": 3, "pretty_print": 3, "with_tail": 3, "write": 3, "structur": 3, "sy": 3, "stdout": 3, "tagnam": 3, "_parent": 3, "_tag": 3, "attrib": 3, "_extra": 3, "subel": 3, "factori": 3, "append": 3, "interfac": 3, "look": 3, "_element": 3, "makeel": 3, "_basepars": 3, "faster": 3, "within": 3, "parser": 3, "tagid": 3, "match": 3, "root": 3, "objet": 3, "expres": 3, "fragment": 3, "minidom": 3, "_element_class": 3, "serial": 3, "its": 3, "against": 3, "show": 3, "protect": 3, "sysid": 3, "pubid": 3, "valueerror": 3, "definit": 3, "forbidden": 3, "notation_nam": 3, "_local": 3, "thread": 3, "huge_tre": 3, "no_network": 3, "remove_com": 3, "remove_pi": 3, "resolve_ent": 3, "oper": 3, "elementbas": 3, "restrict": 3, "filter": 3, "out": 3, "some": 3, "_entiti": 3, "_processinginstruct": 3, "_comment": 3, "self": 3, "direct": 3, "children": 3, "deprec": 3, "note": 3, "been": 3, "elementtre": 3, "simpli": 3, "sequenc": 3, "subtre": 3, "depth": 3, "pre": 3, "start": 3, "find": 3, "see": 3, "diverg": 3, "behaviour": 3, "effici": 3, "backward": 3, "older": 3, "localnam": 3, "either": 3, "both": 3, "wildcard": 3, "equival": 3, "e": 3, "comment": 3, "processinginstruct": 3, "revers": 3, "As": 3, "oppos": 3, "descend": 3, "el": 3, "yield": 3, "itself": 3, "preced": 3, "follow": 3, "sibl": 3, "forward": 3, "right": 3, "go": 3, "text": 3, "base_url": 3, "forbid_dtd": 3, "forbid_ent": 3, "docinfo": 3, "dtd": 3, "declar": 3, "need": 3, "newer": 3, "iterent": 3, "arg": 3}, "objects": {"": [[2, 0, 0, "-", "onelogin"]], "onelogin": [[3, 0, 0, "-", "saml2"]], "onelogin.saml2": [[3, 0, 0, "-", "auth"], [3, 0, 0, "-", "authn_request"], [3, 0, 0, "-", "compat"], [3, 0, 0, "-", "constants"], [3, 0, 0, "-", "errors"], [3, 0, 0, "-", "idp_metadata_parser"], [3, 0, 0, "-", "logout_request"], [3, 0, 0, "-", "logout_response"], [3, 0, 0, "-", "metadata"], [3, 0, 0, "-", "response"], [3, 0, 0, "-", "settings"], [3, 0, 0, "-", "utils"], [3, 0, 0, "-", "xml_templates"], [3, 0, 0, "-", "xml_utils"], [3, 0, 0, "-", "xmlparser"]], "onelogin.saml2.auth": [[3, 1, 1, "", "OneLogin_Saml2_Auth"]], "onelogin.saml2.auth.OneLogin_Saml2_Auth": [[3, 2, 1, "", "add_request_signature"], [3, 2, 1, "", "add_response_signature"], [3, 3, 1, "", "authn_request_class"], [3, 2, 1, "", "get_attribute"], [3, 2, 1, "", "get_attributes"], [3, 2, 1, "", "get_errors"], [3, 2, 1, "", "get_friendlyname_attribute"], [3, 2, 1, "", "get_friendlyname_attributes"], [3, 2, 1, "", "get_last_assertion_id"], [3, 2, 1, "", "get_last_assertion_issue_instant"], [3, 2, 1, "", "get_last_assertion_not_on_or_after"], [3, 2, 1, "", "get_last_authn_contexts"], [3, 2, 1, "", "get_last_error_reason"], [3, 2, 1, "", "get_last_message_id"], [3, 2, 1, "", "get_last_request_id"], [3, 2, 1, "", "get_last_request_xml"], [3, 2, 1, "", "get_last_response_in_response_to"], [3, 2, 1, "", "get_last_response_xml"], [3, 2, 1, "", "get_nameid"], [3, 2, 1, "", "get_nameid_format"], [3, 2, 1, "", "get_nameid_nq"], [3, 2, 1, "", "get_nameid_spnq"], [3, 2, 1, "", "get_session_expiration"], [3, 2, 1, "", "get_session_index"], [3, 2, 1, "", "get_settings"], [3, 2, 1, "", "get_slo_response_url"], [3, 2, 1, "", "get_slo_url"], [3, 2, 1, "", "get_sso_url"], [3, 2, 1, "", "is_authenticated"], [3, 2, 1, "", "login"], [3, 2, 1, "", "logout"], [3, 3, 1, "", "logout_request_class"], [3, 3, 1, "", "logout_response_class"], [3, 2, 1, "", "process_response"], [3, 2, 1, "", "process_slo"], [3, 2, 1, "", "redirect_to"], [3, 3, 1, "", "response_class"], [3, 2, 1, "", "set_strict"], [3, 2, 1, "", "store_valid_response"], [3, 2, 1, "", "validate_request_signature"], [3, 2, 1, "", "validate_response_signature"]], "onelogin.saml2.authn_request": [[3, 1, 1, "", "OneLogin_Saml2_Authn_Request"]], "onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request": [[3, 2, 1, "", "get_id"], [3, 2, 1, "", "get_request"], [3, 2, 1, "", "get_xml"]], "onelogin.saml2.compat": [[3, 4, 1, "", "to_bytes"], [3, 4, 1, "", "to_string"], [3, 4, 1, "", "utf8"]], "onelogin.saml2.constants": [[3, 1, 1, "", "OneLogin_Saml2_Constants"]], "onelogin.saml2.constants.OneLogin_Saml2_Constants": [[3, 3, 1, "", "AC_KERBEROS"], [3, 3, 1, "", "AC_PASSWORD"], [3, 3, 1, "", "AC_PASSWORD_PROTECTED"], [3, 3, 1, "", "AC_SMARTCARD"], [3, 3, 1, "", "AC_UNSPECIFIED"], [3, 3, 1, "", "AC_X509"], [3, 3, 1, "", "AES128_CBC"], [3, 3, 1, "", "AES192_CBC"], [3, 3, 1, "", "AES256_CBC"], [3, 3, 1, "", "ALLOWED_CLOCK_DRIFT"], [3, 3, 1, "", "ATTRNAME_FORMAT_BASIC"], [3, 3, 1, "", "ATTRNAME_FORMAT_UNSPECIFIED"], [3, 3, 1, "", "ATTRNAME_FORMAT_URI"], [3, 3, 1, "", "BINDING_DEFLATE"], [3, 3, 1, "", "BINDING_HTTP_ARTIFACT"], [3, 3, 1, "", "BINDING_HTTP_POST"], [3, 3, 1, "", "BINDING_HTTP_REDIRECT"], [3, 3, 1, "", "BINDING_SOAP"], [3, 3, 1, "", "CM_BEARER"], [3, 3, 1, "", "CM_HOLDER_KEY"], [3, 3, 1, "", "CM_SENDER_VOUCHES"], [3, 3, 1, "", "DEPRECATED_ALGORITHMS"], [3, 3, 1, "", "DSA_SHA1"], [3, 3, 1, "", "NAMEID_EMAIL_ADDRESS"], [3, 3, 1, "", "NAMEID_ENCRYPTED"], [3, 3, 1, "", "NAMEID_ENTITY"], [3, 3, 1, "", "NAMEID_KERBEROS"], [3, 3, 1, "", "NAMEID_PERSISTENT"], [3, 3, 1, "", "NAMEID_TRANSIENT"], [3, 3, 1, "", "NAMEID_UNSPECIFIED"], [3, 3, 1, "", "NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME"], [3, 3, 1, "", "NAMEID_X509_SUBJECT_NAME"], [3, 3, 1, "", "NSMAP"], [3, 3, 1, "", "NS_DS"], [3, 3, 1, "", "NS_MD"], [3, 3, 1, "", "NS_PREFIX_DS"], [3, 3, 1, "", "NS_PREFIX_MD"], [3, 3, 1, "", "NS_PREFIX_SAML"], [3, 3, 1, "", "NS_PREFIX_SAMLP"], [3, 3, 1, "", "NS_PREFIX_XENC"], [3, 3, 1, "", "NS_PREFIX_XS"], [3, 3, 1, "", "NS_PREFIX_XSD"], [3, 3, 1, "", "NS_PREFIX_XSI"], [3, 3, 1, "", "NS_SAML"], [3, 3, 1, "", "NS_SAMLP"], [3, 3, 1, "", "NS_SOAP"], [3, 3, 1, "", "NS_XENC"], [3, 3, 1, "", "NS_XS"], [3, 3, 1, "", "NS_XSI"], [3, 3, 1, "", "RSA_1_5"], [3, 3, 1, "", "RSA_OAEP_MGF1P"], [3, 3, 1, "", "RSA_SHA1"], [3, 3, 1, "", "RSA_SHA256"], [3, 3, 1, "", "RSA_SHA384"], [3, 3, 1, "", "RSA_SHA512"], [3, 3, 1, "", "SHA1"], [3, 3, 1, "", "SHA256"], [3, 3, 1, "", "SHA384"], [3, 3, 1, "", "SHA512"], [3, 3, 1, "", "STATUS_NO_PASSIVE"], [3, 3, 1, "", "STATUS_PARTIAL_LOGOUT"], [3, 3, 1, "", "STATUS_PROXY_COUNT_EXCEEDED"], [3, 3, 1, "", "STATUS_REQUESTER"], [3, 3, 1, "", "STATUS_RESPONDER"], [3, 3, 1, "", "STATUS_SUCCESS"], [3, 3, 1, "", "STATUS_VERSION_MISMATCH"], [3, 3, 1, "", "TRIPLEDES_CBC"]], "onelogin.saml2.errors": [[3, 5, 1, "", "OneLogin_Saml2_Error"], [3, 5, 1, "", "OneLogin_Saml2_ValidationError"]], "onelogin.saml2.errors.OneLogin_Saml2_Error": [[3, 3, 1, "", "CERT_NOT_FOUND"], [3, 3, 1, "", "METADATA_SP_INVALID"], [3, 3, 1, "", "PRIVATE_KEY_FILE_NOT_FOUND"], [3, 3, 1, "", "PRIVATE_KEY_NOT_FOUND"], [3, 3, 1, "", "PUBLIC_CERT_FILE_NOT_FOUND"], [3, 3, 1, "", "REDIRECT_INVALID_URL"], [3, 3, 1, "", "SAML_LOGOUTMESSAGE_NOT_FOUND"], [3, 3, 1, "", "SAML_LOGOUTREQUEST_INVALID"], [3, 3, 1, "", "SAML_LOGOUTRESPONSE_INVALID"], [3, 3, 1, "", "SAML_RESPONSE_NOT_FOUND"], [3, 3, 1, "", "SAML_SINGLE_LOGOUT_NOT_SUPPORTED"], [3, 3, 1, "", "SETTINGS_FILE_NOT_FOUND"], [3, 3, 1, "", "SETTINGS_INVALID"], [3, 3, 1, "", "SETTINGS_INVALID_SYNTAX"], [3, 3, 1, "", "SP_CERTS_NOT_FOUND"], [3, 3, 1, "", "UNSUPPORTED_SETTINGS_OBJECT"]], "onelogin.saml2.errors.OneLogin_Saml2_ValidationError": [[3, 3, 1, "", "ASSERTION_EXPIRED"], [3, 3, 1, "", "ASSERTION_TOO_EARLY"], [3, 3, 1, "", "AUTHN_CONTEXT_MISMATCH"], [3, 3, 1, "", "CHILDREN_NODE_NOT_FOUND_IN_KEYINFO"], [3, 3, 1, "", "DEPRECATED_DIGEST_METHOD"], [3, 3, 1, "", "DEPRECATED_SIGNATURE_METHOD"], [3, 3, 1, "", "DUPLICATED_ATTRIBUTE_NAME_FOUND"], [3, 3, 1, "", "DUPLICATED_ID_IN_SIGNED_ELEMENTS"], [3, 3, 1, "", "DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS"], [3, 3, 1, "", "EMPTY_DESTINATION"], [3, 3, 1, "", "EMPTY_NAMEID"], [3, 3, 1, "", "ENCRYPTED_ATTRIBUTES"], [3, 3, 1, "", "ID_NOT_FOUND_IN_SIGNED_ELEMENT"], [3, 3, 1, "", "INVALID_SIGNATURE"], [3, 3, 1, "", "INVALID_SIGNED_ELEMENT"], [3, 3, 1, "", "INVALID_XML_FORMAT"], [3, 3, 1, "", "ISSUER_MULTIPLE_IN_RESPONSE"], [3, 3, 1, "", "ISSUER_NOT_FOUND_IN_ASSERTION"], [3, 3, 1, "", "KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA"], [3, 3, 1, "", "MISSING_CONDITIONS"], [3, 3, 1, "", "MISSING_ID"], [3, 3, 1, "", "MISSING_STATUS"], [3, 3, 1, "", "MISSING_STATUS_CODE"], [3, 3, 1, "", "NO_ATTRIBUTESTATEMENT"], [3, 3, 1, "", "NO_ENCRYPTED_ASSERTION"], [3, 3, 1, "", "NO_ENCRYPTED_NAMEID"], [3, 3, 1, "", "NO_NAMEID"], [3, 3, 1, "", "NO_SIGNATURE_FOUND"], [3, 3, 1, "", "NO_SIGNED_ASSERTION"], [3, 3, 1, "", "NO_SIGNED_MESSAGE"], [3, 3, 1, "", "RESPONSE_EXPIRED"], [3, 3, 1, "", "SESSION_EXPIRED"], [3, 3, 1, "", "SP_NAME_QUALIFIER_NAME_MISMATCH"], [3, 3, 1, "", "STATUS_CODE_IS_NOT_SUCCESS"], [3, 3, 1, "", "UNEXPECTED_SIGNED_ELEMENTS"], [3, 3, 1, "", "UNSUPPORTED_RETRIEVAL_METHOD"], [3, 3, 1, "", "UNSUPPORTED_SAML_VERSION"], [3, 3, 1, "", "WRONG_AUDIENCE"], [3, 3, 1, "", "WRONG_DESTINATION"], [3, 3, 1, "", "WRONG_INRESPONSETO"], [3, 3, 1, "", "WRONG_ISSUER"], [3, 3, 1, "", "WRONG_NUMBER_OF_ASSERTIONS"], [3, 3, 1, "", "WRONG_NUMBER_OF_AUTHSTATEMENTS"], [3, 3, 1, "", "WRONG_NUMBER_OF_SIGNATURES"], [3, 3, 1, "", "WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION"], [3, 3, 1, "", "WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE"], [3, 3, 1, "", "WRONG_SIGNED_ELEMENT"], [3, 3, 1, "", "WRONG_SUBJECTCONFIRMATION"]], "onelogin.saml2.idp_metadata_parser": [[3, 1, 1, "", "OneLogin_Saml2_IdPMetadataParser"], [3, 4, 1, "", "dict_deep_merge"]], "onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser": [[3, 2, 1, "", "get_metadata"], [3, 2, 1, "", "merge_settings"], [3, 2, 1, "", "parse"], [3, 2, 1, "", "parse_remote"]], "onelogin.saml2.logout_request": [[3, 1, 1, "", "OneLogin_Saml2_Logout_Request"]], "onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request": [[3, 2, 1, "", "get_error"], [3, 2, 1, "", "get_id"], [3, 2, 1, "", "get_issuer"], [3, 2, 1, "", "get_nameid"], [3, 2, 1, "", "get_nameid_data"], [3, 2, 1, "", "get_nameid_format"], [3, 2, 1, "", "get_request"], [3, 2, 1, "", "get_session_indexes"], [3, 2, 1, "", "get_xml"], [3, 2, 1, "", "is_valid"]], "onelogin.saml2.logout_response": [[3, 1, 1, "", "OneLogin_Saml2_Logout_Response"]], "onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response": [[3, 2, 1, "", "build"], [3, 2, 1, "", "get_error"], [3, 2, 1, "", "get_in_response_to"], [3, 2, 1, "", "get_issuer"], [3, 2, 1, "", "get_response"], [3, 2, 1, "", "get_status"], [3, 2, 1, "", "get_xml"], [3, 2, 1, "", "is_valid"]], "onelogin.saml2.metadata": [[3, 1, 1, "", "OneLogin_Saml2_Metadata"]], "onelogin.saml2.metadata.OneLogin_Saml2_Metadata": [[3, 3, 1, "", "TIME_CACHED"], [3, 3, 1, "", "TIME_VALID"], [3, 2, 1, "", "add_x509_key_descriptors"], [3, 2, 1, "", "builder"], [3, 2, 1, "", "sign_metadata"]], "onelogin.saml2.response": [[3, 1, 1, "", "OneLogin_Saml2_Response"]], "onelogin.saml2.response.OneLogin_Saml2_Response": [[3, 2, 1, "", "check_one_authnstatement"], [3, 2, 1, "", "check_one_condition"], [3, 2, 1, "", "check_status"], [3, 2, 1, "", "get_assertion_id"], [3, 2, 1, "", "get_assertion_issue_instant"], [3, 2, 1, "", "get_assertion_not_on_or_after"], [3, 2, 1, "", "get_attributes"], [3, 2, 1, "", "get_audiences"], [3, 2, 1, "", "get_authn_contexts"], [3, 2, 1, "", "get_error"], [3, 2, 1, "", "get_friendlyname_attributes"], [3, 2, 1, "", "get_id"], [3, 2, 1, "", "get_in_response_to"], [3, 2, 1, "", "get_issuers"], [3, 2, 1, "", "get_nameid"], [3, 2, 1, "", "get_nameid_data"], [3, 2, 1, "", "get_nameid_format"], [3, 2, 1, "", "get_nameid_nq"], [3, 2, 1, "", "get_nameid_spnq"], [3, 2, 1, "", "get_session_index"], [3, 2, 1, "", "get_session_not_on_or_after"], [3, 2, 1, "", "get_xml_document"], [3, 2, 1, "", "is_valid"], [3, 2, 1, "", "process_signed_elements"], [3, 2, 1, "", "validate_num_assertions"], [3, 2, 1, "", "validate_signed_elements"], [3, 2, 1, "", "validate_timestamps"]], "onelogin.saml2.settings": [[3, 1, 1, "", "OneLogin_Saml2_Settings"], [3, 4, 1, "", "validate_url"]], "onelogin.saml2.settings.OneLogin_Saml2_Settings": [[3, 2, 1, "", "check_idp_settings"], [3, 2, 1, "", "check_settings"], [3, 2, 1, "", "check_sp_certs"], [3, 2, 1, "", "check_sp_settings"], [3, 2, 1, "", "format_idp_cert"], [3, 2, 1, "", "format_idp_cert_multi"], [3, 2, 1, "", "format_sp_cert"], [3, 2, 1, "", "format_sp_cert_new"], [3, 2, 1, "", "format_sp_key"], [3, 2, 1, "", "get_base_path"], [3, 2, 1, "", "get_cert_path"], [3, 2, 1, "", "get_contacts"], [3, 2, 1, "", "get_errors"], [3, 2, 1, "", "get_idp_cert"], [3, 2, 1, "", "get_idp_data"], [3, 2, 1, "", "get_idp_slo_response_url"], [3, 2, 1, "", "get_idp_slo_url"], [3, 2, 1, "", "get_idp_sso_url"], [3, 2, 1, "", "get_lib_path"], [3, 2, 1, "", "get_organization"], [3, 2, 1, "", "get_schemas_path"], [3, 2, 1, "", "get_security_data"], [3, 2, 1, "", "get_sp_cert"], [3, 2, 1, "", "get_sp_cert_new"], [3, 2, 1, "", "get_sp_data"], [3, 2, 1, "", "get_sp_key"], [3, 2, 1, "", "get_sp_metadata"], [3, 2, 1, "", "is_debug_active"], [3, 2, 1, "", "is_strict"], [3, 3, 1, "", "metadata_class"], [3, 2, 1, "", "set_cert_path"], [3, 2, 1, "", "set_strict"], [3, 2, 1, "", "validate_metadata"]], "onelogin.saml2.utils": [[3, 1, 1, "", "OneLogin_Saml2_Utils"], [3, 4, 1, "", "return_false_on_exception"]], "onelogin.saml2.utils.OneLogin_Saml2_Utils": [[3, 3, 1, "", "ASSERTION_SIGNATURE_XPATH"], [3, 3, 1, "", "RESPONSE_SIGNATURE_XPATH"], [3, 3, 1, "", "TIME_FORMAT"], [3, 3, 1, "", "TIME_FORMAT_2"], [3, 3, 1, "", "TIME_FORMAT_WITH_FRAGMENT"], [3, 2, 1, "", "add_sign"], [3, 2, 1, "", "b64decode"], [3, 2, 1, "", "b64encode"], [3, 2, 1, "", "calculate_x509_fingerprint"], [3, 2, 1, "", "decode_base64_and_inflate"], [3, 2, 1, "", "decrypt_element"], [3, 2, 1, "", "deflate_and_base64_encode"], [3, 2, 1, "", "delete_local_session"], [3, 2, 1, "", "escape_url"], [3, 2, 1, "", "format_cert"], [3, 2, 1, "", "format_finger_print"], [3, 2, 1, "", "format_private_key"], [3, 2, 1, "", "generate_name_id"], [3, 2, 1, "", "generate_unique_id"], [3, 2, 1, "", "get_expire_time"], [3, 2, 1, "", "get_self_host"], [3, 2, 1, "", "get_self_routed_url_no_query"], [3, 2, 1, "", "get_self_url"], [3, 2, 1, "", "get_self_url_host"], [3, 2, 1, "", "get_self_url_no_query"], [3, 2, 1, "", "get_status"], [3, 2, 1, "", "is_https"], [3, 2, 1, "", "normalize_url"], [3, 2, 1, "", "now"], [3, 2, 1, "", "parse_SAML_to_time"], [3, 2, 1, "", "parse_duration"], [3, 2, 1, "", "parse_time_to_SAML"], [3, 2, 1, "", "redirect"], [3, 2, 1, "", "sign_binary"], [3, 2, 1, "", "validate_binary_sign"], [3, 2, 1, "", "validate_metadata_sign"], [3, 2, 1, "", "validate_node_sign"], [3, 2, 1, "", "validate_sign"]], "onelogin.saml2.xml_templates": [[3, 1, 1, "", "OneLogin_Saml2_Templates"]], "onelogin.saml2.xml_templates.OneLogin_Saml2_Templates": [[3, 3, 1, "", "ATTRIBUTE"], [3, 3, 1, "", "AUTHN_REQUEST"], [3, 3, 1, "", "LOGOUT_REQUEST"], [3, 3, 1, "", "LOGOUT_RESPONSE"], [3, 3, 1, "", "MD_ATTR_CONSUMER_SERVICE"], [3, 3, 1, "", "MD_CONTACT_PERSON"], [3, 3, 1, "", "MD_ENTITY_DESCRIPTOR"], [3, 3, 1, "", "MD_ORGANISATION"], [3, 3, 1, "", "MD_REQUESTED_ATTRIBUTE"], [3, 3, 1, "", "MD_SLS"], [3, 3, 1, "", "RESPONSE"]], "onelogin.saml2.xml_utils": [[3, 1, 1, "", "OneLogin_Saml2_XML"]], "onelogin.saml2.xml_utils.OneLogin_Saml2_XML": [[3, 2, 1, "", "cleanup_namespaces"], [3, 2, 1, "", "dump"], [3, 2, 1, "", "element_text"], [3, 2, 1, "", "extract_tag_text"], [3, 2, 1, "", "make_child"], [3, 2, 1, "", "make_root"], [3, 2, 1, "", "query"], [3, 2, 1, "", "to_etree"], [3, 2, 1, "", "to_string"], [3, 2, 1, "", "validate_xml"]], "onelogin.saml2.xmlparser": [[3, 5, 1, "", "DTDForbidden"], [3, 5, 1, "", "EntitiesForbidden"], [3, 1, 1, "", "GlobalParserTLS"], [3, 5, 1, "", "NotSupportedError"], [3, 1, 1, "", "RestrictedElement"], [3, 4, 1, "", "XML"], [3, 4, 1, "", "check_docinfo"], [3, 4, 1, "", "fromstring"], [3, 4, 1, "", "getDefaultParser"], [3, 4, 1, "", "iterparse"], [3, 4, 1, "", "parse"]], "onelogin.saml2.xmlparser.GlobalParserTLS": [[3, 2, 1, "", "createDefaultParser"], [3, 3, 1, "", "element_class"], [3, 2, 1, "", "getDefaultParser"], [3, 3, 1, "", "parser_config"], [3, 2, 1, "", "setDefaultParser"]], "onelogin.saml2.xmlparser.RestrictedElement": [[3, 3, 1, "", "blacklist"], [3, 2, 1, "", "getchildren"], [3, 2, 1, "", "getiterator"], [3, 2, 1, "", "iter"], [3, 2, 1, "", "iterchildren"], [3, 2, 1, "", "iterdescendants"], [3, 2, 1, "", "itersiblings"]]}, "objtypes": {"0": "py:module", "1": "py:class", "2": "py:method", "3": "py:attribute", "4": "py:function", "5": "py:exception"}, "objnames": {"0": ["py", "module", "Python module"], "1": ["py", "class", "Python class"], "2": ["py", "method", "Python method"], "3": ["py", "attribute", "Python attribute"], "4": ["py", "function", "Python function"], "5": ["py", "exception", "Python exception"]}, "titleterms": {"welcom": 0, "saml": 0, "python2": 0, "3": 0, "toolkit": 0, "": 0, "document": 0, "content": [0, 2, 3], "onelogin": [1, 2, 3], "packag": [2, 3], "subpackag": 2, "modul": [2, 3], "saml2": 3, "submodul": 3, "auth": 3, "authn_request": 3, "compat": 3, "constant": 3, "error": 3, "idp_metadata_pars": 3, "logout_request": 3, "logout_respons": 3, "metadata": 3, "respons": 3, "set": 3, "util": 3, "xml_templat": 3, "xml_util": 3, "xmlparser": 3}, "envversion": {"sphinx.domains.c": 3, "sphinx.domains.changeset": 1, "sphinx.domains.citation": 1, "sphinx.domains.cpp": 9, "sphinx.domains.index": 1, "sphinx.domains.javascript": 3, "sphinx.domains.math": 2, "sphinx.domains.python": 4, "sphinx.domains.rst": 2, "sphinx.domains.std": 2, "sphinx.ext.viewcode": 1, "sphinx": 58}, "alltitles": {"Welcome to SAML Python2/3 Toolkit\u2019s documentation!": [[0, "welcome-to-saml-python2-3-toolkit-s-documentation"]], "Contents:": [[0, null]], "onelogin": [[1, "onelogin"]], "onelogin package": [[2, "onelogin-package"]], "Subpackages": [[2, "subpackages"]], "Module contents": [[2, "module-onelogin"], [3, "module-onelogin.saml2"]], "onelogin.saml2 package": [[3, "onelogin-saml2-package"]], "Submodules": [[3, "submodules"]], "onelogin.saml2.auth module": [[3, "module-onelogin.saml2.auth"]], "onelogin.saml2.authn_request module": [[3, "module-onelogin.saml2.authn_request"]], "onelogin.saml2.compat module": [[3, "module-onelogin.saml2.compat"]], "onelogin.saml2.constants module": [[3, "module-onelogin.saml2.constants"]], "onelogin.saml2.errors module": [[3, "module-onelogin.saml2.errors"]], "onelogin.saml2.idp_metadata_parser module": [[3, "module-onelogin.saml2.idp_metadata_parser"]], "onelogin.saml2.logout_request module": [[3, "module-onelogin.saml2.logout_request"]], "onelogin.saml2.logout_response module": [[3, "module-onelogin.saml2.logout_response"]], "onelogin.saml2.metadata module": [[3, "module-onelogin.saml2.metadata"]], "onelogin.saml2.response module": [[3, "module-onelogin.saml2.response"]], "onelogin.saml2.settings module": [[3, "module-onelogin.saml2.settings"]], "onelogin.saml2.utils module": [[3, "module-onelogin.saml2.utils"]], "onelogin.saml2.xml_templates module": [[3, "module-onelogin.saml2.xml_templates"]], "onelogin.saml2.xml_utils module": [[3, "module-onelogin.saml2.xml_utils"]], "onelogin.saml2.xmlparser module": [[3, "module-onelogin.saml2.xmlparser"]]}, "indexentries": {"module": [[2, "module-onelogin"], [3, "module-onelogin.saml2"], [3, "module-onelogin.saml2.auth"], [3, "module-onelogin.saml2.authn_request"], [3, "module-onelogin.saml2.compat"], [3, "module-onelogin.saml2.constants"], [3, "module-onelogin.saml2.errors"], [3, "module-onelogin.saml2.idp_metadata_parser"], [3, "module-onelogin.saml2.logout_request"], [3, "module-onelogin.saml2.logout_response"], [3, "module-onelogin.saml2.metadata"], [3, "module-onelogin.saml2.response"], [3, "module-onelogin.saml2.settings"], [3, "module-onelogin.saml2.utils"], [3, "module-onelogin.saml2.xml_templates"], [3, "module-onelogin.saml2.xml_utils"], [3, "module-onelogin.saml2.xmlparser"]], "onelogin": [[2, "module-onelogin"]], "ac_kerberos (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_KERBEROS"]], "ac_password (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_PASSWORD"]], "ac_password_protected (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_PASSWORD_PROTECTED"]], "ac_smartcard (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_SMARTCARD"]], "ac_unspecified (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_UNSPECIFIED"]], "ac_x509 (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.AC_X509"]], "aes128_cbc (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.AES128_CBC"]], "aes192_cbc (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.AES192_CBC"]], "aes256_cbc (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.AES256_CBC"]], "allowed_clock_drift (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.ALLOWED_CLOCK_DRIFT"]], "assertion_expired (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ASSERTION_EXPIRED"]], "assertion_signature_xpath (onelogin.saml2.utils.onelogin_saml2_utils attribute)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.ASSERTION_SIGNATURE_XPATH"]], "assertion_too_early (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ASSERTION_TOO_EARLY"]], "attribute (onelogin.saml2.xml_templates.onelogin_saml2_templates attribute)": [[3, "onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.ATTRIBUTE"]], "attrname_format_basic (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_BASIC"]], "attrname_format_unspecified (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_UNSPECIFIED"]], "attrname_format_uri (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.ATTRNAME_FORMAT_URI"]], "authn_context_mismatch (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.AUTHN_CONTEXT_MISMATCH"]], "authn_request (onelogin.saml2.xml_templates.onelogin_saml2_templates attribute)": [[3, "onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.AUTHN_REQUEST"]], "binding_deflate (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_DEFLATE"]], "binding_http_artifact (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_ARTIFACT"]], "binding_http_post (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_POST"]], "binding_http_redirect (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT"]], "binding_soap (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.BINDING_SOAP"]], "cert_not_found (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.CERT_NOT_FOUND"]], "children_node_not_found_in_keyinfo (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.CHILDREN_NODE_NOT_FOUND_IN_KEYINFO"]], "cm_bearer (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_BEARER"]], "cm_holder_key (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_HOLDER_KEY"]], "cm_sender_vouches (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.CM_SENDER_VOUCHES"]], "deprecated_algorithms (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.DEPRECATED_ALGORITHMS"]], "deprecated_digest_method (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DEPRECATED_DIGEST_METHOD"]], "deprecated_signature_method (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DEPRECATED_SIGNATURE_METHOD"]], "dsa_sha1 (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.DSA_SHA1"]], "dtdforbidden": [[3, "onelogin.saml2.xmlparser.DTDForbidden"]], "duplicated_attribute_name_found (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_ATTRIBUTE_NAME_FOUND"]], "duplicated_id_in_signed_elements (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_ID_IN_SIGNED_ELEMENTS"]], "duplicated_reference_in_signed_elements (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS"]], "empty_destination (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.EMPTY_DESTINATION"]], "empty_nameid (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.EMPTY_NAMEID"]], "encrypted_attributes (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ENCRYPTED_ATTRIBUTES"]], "entitiesforbidden": [[3, "onelogin.saml2.xmlparser.EntitiesForbidden"]], "globalparsertls (class in onelogin.saml2.xmlparser)": [[3, "onelogin.saml2.xmlparser.GlobalParserTLS"]], "id_not_found_in_signed_element (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ID_NOT_FOUND_IN_SIGNED_ELEMENT"]], "invalid_signature (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_SIGNATURE"]], "invalid_signed_element (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_SIGNED_ELEMENT"]], "invalid_xml_format (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT"]], "issuer_multiple_in_response (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ISSUER_MULTIPLE_IN_RESPONSE"]], "issuer_not_found_in_assertion (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.ISSUER_NOT_FOUND_IN_ASSERTION"]], "keyinfo_not_found_in_encrypted_data (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA"]], "logout_request (onelogin.saml2.xml_templates.onelogin_saml2_templates attribute)": [[3, "onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.LOGOUT_REQUEST"]], "logout_response (onelogin.saml2.xml_templates.onelogin_saml2_templates attribute)": [[3, "onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.LOGOUT_RESPONSE"]], "md_attr_consumer_service (onelogin.saml2.xml_templates.onelogin_saml2_templates attribute)": [[3, "onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ATTR_CONSUMER_SERVICE"]], "md_contact_person (onelogin.saml2.xml_templates.onelogin_saml2_templates attribute)": [[3, "onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_CONTACT_PERSON"]], "md_entity_descriptor (onelogin.saml2.xml_templates.onelogin_saml2_templates attribute)": [[3, "onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ENTITY_DESCRIPTOR"]], "md_organisation (onelogin.saml2.xml_templates.onelogin_saml2_templates attribute)": [[3, "onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_ORGANISATION"]], "md_requested_attribute (onelogin.saml2.xml_templates.onelogin_saml2_templates attribute)": [[3, "onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_REQUESTED_ATTRIBUTE"]], "md_sls (onelogin.saml2.xml_templates.onelogin_saml2_templates attribute)": [[3, "onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.MD_SLS"]], "metadata_sp_invalid (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.METADATA_SP_INVALID"]], "missing_conditions (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_CONDITIONS"]], "missing_id (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_ID"]], "missing_status (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_STATUS"]], "missing_status_code (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.MISSING_STATUS_CODE"]], "nameid_email_address (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_EMAIL_ADDRESS"]], "nameid_encrypted (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENCRYPTED"]], "nameid_entity (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_ENTITY"]], "nameid_kerberos (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_KERBEROS"]], "nameid_persistent (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_PERSISTENT"]], "nameid_transient (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_TRANSIENT"]], "nameid_unspecified (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_UNSPECIFIED"]], "nameid_windows_domain_qualified_name (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME"]], "nameid_x509_subject_name (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NAMEID_X509_SUBJECT_NAME"]], "no_attributestatement (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ATTRIBUTESTATEMENT"]], "no_encrypted_assertion (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ENCRYPTED_ASSERTION"]], "no_encrypted_nameid (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_ENCRYPTED_NAMEID"]], "no_nameid (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_NAMEID"]], "no_signature_found (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNATURE_FOUND"]], "no_signed_assertion (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNED_ASSERTION"]], "no_signed_message (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE"]], "nsmap (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NSMAP"]], "ns_ds (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_DS"]], "ns_md (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_MD"]], "ns_prefix_ds (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_DS"]], "ns_prefix_md (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_MD"]], "ns_prefix_saml (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_SAML"]], "ns_prefix_samlp (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_SAMLP"]], "ns_prefix_xenc (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XENC"]], "ns_prefix_xs (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XS"]], "ns_prefix_xsd (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XSD"]], "ns_prefix_xsi (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_PREFIX_XSI"]], "ns_saml (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SAML"]], "ns_samlp (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SAMLP"]], "ns_soap (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_SOAP"]], "ns_xenc (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XENC"]], "ns_xs (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XS"]], "ns_xsi (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.NS_XSI"]], "notsupportederror": [[3, "onelogin.saml2.xmlparser.NotSupportedError"]], "onelogin_saml2_auth (class in onelogin.saml2.auth)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth"]], "onelogin_saml2_authn_request (class in onelogin.saml2.authn_request)": [[3, "onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request"]], "onelogin_saml2_constants (class in onelogin.saml2.constants)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants"]], "onelogin_saml2_error": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error"]], "onelogin_saml2_idpmetadataparser (class in onelogin.saml2.idp_metadata_parser)": [[3, "onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser"]], "onelogin_saml2_logout_request (class in onelogin.saml2.logout_request)": [[3, "onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request"]], "onelogin_saml2_logout_response (class in onelogin.saml2.logout_response)": [[3, "onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response"]], "onelogin_saml2_metadata (class in onelogin.saml2.metadata)": [[3, "onelogin.saml2.metadata.OneLogin_Saml2_Metadata"]], "onelogin_saml2_response (class in onelogin.saml2.response)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response"]], "onelogin_saml2_settings (class in onelogin.saml2.settings)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings"]], "onelogin_saml2_templates (class in onelogin.saml2.xml_templates)": [[3, "onelogin.saml2.xml_templates.OneLogin_Saml2_Templates"]], "onelogin_saml2_utils (class in onelogin.saml2.utils)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils"]], "onelogin_saml2_validationerror": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError"]], "onelogin_saml2_xml (class in onelogin.saml2.xml_utils)": [[3, "onelogin.saml2.xml_utils.OneLogin_Saml2_XML"]], "private_key_file_not_found (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.PRIVATE_KEY_FILE_NOT_FOUND"]], "private_key_not_found (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.PRIVATE_KEY_NOT_FOUND"]], "public_cert_file_not_found (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.PUBLIC_CERT_FILE_NOT_FOUND"]], "redirect_invalid_url (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.REDIRECT_INVALID_URL"]], "response (onelogin.saml2.xml_templates.onelogin_saml2_templates attribute)": [[3, "onelogin.saml2.xml_templates.OneLogin_Saml2_Templates.RESPONSE"]], "response_expired (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.RESPONSE_EXPIRED"]], "response_signature_xpath (onelogin.saml2.utils.onelogin_saml2_utils attribute)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.RESPONSE_SIGNATURE_XPATH"]], "rsa_1_5 (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_1_5"]], "rsa_oaep_mgf1p (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_OAEP_MGF1P"]], "rsa_sha1 (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA1"]], "rsa_sha256 (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA256"]], "rsa_sha384 (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA384"]], "rsa_sha512 (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA512"]], "restrictedelement (class in onelogin.saml2.xmlparser)": [[3, "onelogin.saml2.xmlparser.RestrictedElement"]], "saml_logoutmessage_not_found (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTMESSAGE_NOT_FOUND"]], "saml_logoutrequest_invalid (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTREQUEST_INVALID"]], "saml_logoutresponse_invalid (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_LOGOUTRESPONSE_INVALID"]], "saml_response_not_found (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND"]], "saml_single_logout_not_supported (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.SAML_SINGLE_LOGOUT_NOT_SUPPORTED"]], "session_expired (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.SESSION_EXPIRED"]], "settings_file_not_found (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_FILE_NOT_FOUND"]], "settings_invalid (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID"]], "settings_invalid_syntax (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.SETTINGS_INVALID_SYNTAX"]], "sha1 (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA1"]], "sha256 (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA256"]], "sha384 (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA384"]], "sha512 (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.SHA512"]], "sp_certs_not_found (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.SP_CERTS_NOT_FOUND"]], "sp_name_qualifier_name_mismatch (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.SP_NAME_QUALIFIER_NAME_MISMATCH"]], "status_code_is_not_success (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.STATUS_CODE_IS_NOT_SUCCESS"]], "status_no_passive (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_NO_PASSIVE"]], "status_partial_logout (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_PARTIAL_LOGOUT"]], "status_proxy_count_exceeded (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_PROXY_COUNT_EXCEEDED"]], "status_requester (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_REQUESTER"]], "status_responder (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_RESPONDER"]], "status_success (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_SUCCESS"]], "status_version_mismatch (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.STATUS_VERSION_MISMATCH"]], "time_cached (onelogin.saml2.metadata.onelogin_saml2_metadata attribute)": [[3, "onelogin.saml2.metadata.OneLogin_Saml2_Metadata.TIME_CACHED"]], "time_format (onelogin.saml2.utils.onelogin_saml2_utils attribute)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT"]], "time_format_2 (onelogin.saml2.utils.onelogin_saml2_utils attribute)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT_2"]], "time_format_with_fragment (onelogin.saml2.utils.onelogin_saml2_utils attribute)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.TIME_FORMAT_WITH_FRAGMENT"]], "time_valid (onelogin.saml2.metadata.onelogin_saml2_metadata attribute)": [[3, "onelogin.saml2.metadata.OneLogin_Saml2_Metadata.TIME_VALID"]], "tripledes_cbc (onelogin.saml2.constants.onelogin_saml2_constants attribute)": [[3, "onelogin.saml2.constants.OneLogin_Saml2_Constants.TRIPLEDES_CBC"]], "unexpected_signed_elements (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNEXPECTED_SIGNED_ELEMENTS"]], "unsupported_retrieval_method (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNSUPPORTED_RETRIEVAL_METHOD"]], "unsupported_saml_version (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.UNSUPPORTED_SAML_VERSION"]], "unsupported_settings_object (onelogin.saml2.errors.onelogin_saml2_error attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_Error.UNSUPPORTED_SETTINGS_OBJECT"]], "wrong_audience (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_AUDIENCE"]], "wrong_destination (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_DESTINATION"]], "wrong_inresponseto (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_INRESPONSETO"]], "wrong_issuer (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_ISSUER"]], "wrong_number_of_assertions (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_ASSERTIONS"]], "wrong_number_of_authstatements (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_AUTHSTATEMENTS"]], "wrong_number_of_signatures (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES"]], "wrong_number_of_signatures_in_assertion (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION"]], "wrong_number_of_signatures_in_response (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE"]], "wrong_signed_element (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_SIGNED_ELEMENT"]], "wrong_subjectconfirmation (onelogin.saml2.errors.onelogin_saml2_validationerror attribute)": [[3, "onelogin.saml2.errors.OneLogin_Saml2_ValidationError.WRONG_SUBJECTCONFIRMATION"]], "xml() (in module onelogin.saml2.xmlparser)": [[3, "onelogin.saml2.xmlparser.XML"]], "add_request_signature() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.add_request_signature"]], "add_response_signature() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.add_response_signature"]], "add_sign() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.add_sign"]], "add_x509_key_descriptors() (onelogin.saml2.metadata.onelogin_saml2_metadata class method)": [[3, "onelogin.saml2.metadata.OneLogin_Saml2_Metadata.add_x509_key_descriptors"]], "authn_request_class (onelogin.saml2.auth.onelogin_saml2_auth attribute)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.authn_request_class"]], "b64decode() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.b64decode"]], "b64encode() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.b64encode"]], "blacklist (onelogin.saml2.xmlparser.restrictedelement attribute)": [[3, "onelogin.saml2.xmlparser.RestrictedElement.blacklist"]], "build() (onelogin.saml2.logout_response.onelogin_saml2_logout_response method)": [[3, "onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.build"]], "builder() (onelogin.saml2.metadata.onelogin_saml2_metadata class method)": [[3, "onelogin.saml2.metadata.OneLogin_Saml2_Metadata.builder"]], "calculate_x509_fingerprint() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.calculate_x509_fingerprint"]], "check_docinfo() (in module onelogin.saml2.xmlparser)": [[3, "onelogin.saml2.xmlparser.check_docinfo"]], "check_idp_settings() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.check_idp_settings"]], "check_one_authnstatement() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.check_one_authnstatement"]], "check_one_condition() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.check_one_condition"]], "check_settings() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.check_settings"]], "check_sp_certs() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.check_sp_certs"]], "check_sp_settings() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.check_sp_settings"]], "check_status() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.check_status"]], "cleanup_namespaces() (onelogin.saml2.xml_utils.onelogin_saml2_xml static method)": [[3, "onelogin.saml2.xml_utils.OneLogin_Saml2_XML.cleanup_namespaces"]], "createdefaultparser() (onelogin.saml2.xmlparser.globalparsertls method)": [[3, "onelogin.saml2.xmlparser.GlobalParserTLS.createDefaultParser"]], "decode_base64_and_inflate() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.decode_base64_and_inflate"]], "decrypt_element() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.decrypt_element"]], "deflate_and_base64_encode() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.deflate_and_base64_encode"]], "delete_local_session() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.delete_local_session"]], "dict_deep_merge() (in module onelogin.saml2.idp_metadata_parser)": [[3, "onelogin.saml2.idp_metadata_parser.dict_deep_merge"]], "dump() (onelogin.saml2.xml_utils.onelogin_saml2_xml static method)": [[3, "onelogin.saml2.xml_utils.OneLogin_Saml2_XML.dump"]], "element_class (onelogin.saml2.xmlparser.globalparsertls attribute)": [[3, "onelogin.saml2.xmlparser.GlobalParserTLS.element_class"]], "element_text() (onelogin.saml2.xml_utils.onelogin_saml2_xml static method)": [[3, "onelogin.saml2.xml_utils.OneLogin_Saml2_XML.element_text"]], "escape_url() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.escape_url"]], "extract_tag_text() (onelogin.saml2.xml_utils.onelogin_saml2_xml static method)": [[3, "onelogin.saml2.xml_utils.OneLogin_Saml2_XML.extract_tag_text"]], "format_cert() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.format_cert"]], "format_finger_print() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.format_finger_print"]], "format_idp_cert() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.format_idp_cert"]], "format_idp_cert_multi() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.format_idp_cert_multi"]], "format_private_key() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.format_private_key"]], "format_sp_cert() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_cert"]], "format_sp_cert_new() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_cert_new"]], "format_sp_key() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.format_sp_key"]], "fromstring() (in module onelogin.saml2.xmlparser)": [[3, "onelogin.saml2.xmlparser.fromstring"]], "generate_name_id() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.generate_name_id"]], "generate_unique_id() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.generate_unique_id"]], "getdefaultparser() (in module onelogin.saml2.xmlparser)": [[3, "onelogin.saml2.xmlparser.getDefaultParser"]], "getdefaultparser() (onelogin.saml2.xmlparser.globalparsertls method)": [[3, "onelogin.saml2.xmlparser.GlobalParserTLS.getDefaultParser"]], "get_assertion_id() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_id"]], "get_assertion_issue_instant() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_issue_instant"]], "get_assertion_not_on_or_after() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_assertion_not_on_or_after"]], "get_attribute() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_attribute"]], "get_attributes() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_attributes"]], "get_attributes() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_attributes"]], "get_audiences() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_audiences"]], "get_authn_contexts() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_authn_contexts"]], "get_base_path() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_base_path"]], "get_cert_path() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_cert_path"]], "get_contacts() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_contacts"]], "get_error() (onelogin.saml2.logout_request.onelogin_saml2_logout_request method)": [[3, "onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_error"]], "get_error() (onelogin.saml2.logout_response.onelogin_saml2_logout_response method)": [[3, "onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_error"]], "get_error() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_error"]], "get_errors() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_errors"]], "get_errors() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_errors"]], "get_expire_time() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.get_expire_time"]], "get_friendlyname_attribute() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_friendlyname_attribute"]], "get_friendlyname_attributes() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_friendlyname_attributes"]], "get_friendlyname_attributes() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_friendlyname_attributes"]], "get_id() (onelogin.saml2.authn_request.onelogin_saml2_authn_request method)": [[3, "onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_id"]], "get_id() (onelogin.saml2.logout_request.onelogin_saml2_logout_request class method)": [[3, "onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_id"]], "get_id() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_id"]], "get_idp_cert() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_cert"]], "get_idp_data() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_data"]], "get_idp_slo_response_url() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_slo_response_url"]], "get_idp_slo_url() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_slo_url"]], "get_idp_sso_url() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_idp_sso_url"]], "get_in_response_to() (onelogin.saml2.logout_response.onelogin_saml2_logout_response method)": [[3, "onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_in_response_to"]], "get_in_response_to() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_in_response_to"]], "get_issuer() (onelogin.saml2.logout_request.onelogin_saml2_logout_request class method)": [[3, "onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_issuer"]], "get_issuer() (onelogin.saml2.logout_response.onelogin_saml2_logout_response method)": [[3, "onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_issuer"]], "get_issuers() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_issuers"]], "get_last_assertion_id() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_id"]], "get_last_assertion_issue_instant() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_issue_instant"]], "get_last_assertion_not_on_or_after() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_assertion_not_on_or_after"]], "get_last_authn_contexts() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_authn_contexts"]], "get_last_error_reason() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_error_reason"]], "get_last_message_id() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_message_id"]], "get_last_request_id() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_request_id"]], "get_last_request_xml() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_request_xml"]], "get_last_response_in_response_to() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_response_in_response_to"]], "get_last_response_xml() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_last_response_xml"]], "get_lib_path() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_lib_path"]], "get_metadata() (onelogin.saml2.idp_metadata_parser.onelogin_saml2_idpmetadataparser class method)": [[3, "onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.get_metadata"]], "get_nameid() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid"]], "get_nameid() (onelogin.saml2.logout_request.onelogin_saml2_logout_request class method)": [[3, "onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid"]], "get_nameid() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid"]], "get_nameid_data() (onelogin.saml2.logout_request.onelogin_saml2_logout_request class method)": [[3, "onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid_data"]], "get_nameid_data() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_data"]], "get_nameid_format() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_format"]], "get_nameid_format() (onelogin.saml2.logout_request.onelogin_saml2_logout_request class method)": [[3, "onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_nameid_format"]], "get_nameid_format() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_format"]], "get_nameid_nq() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_nq"]], "get_nameid_nq() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_nq"]], "get_nameid_spnq() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_nameid_spnq"]], "get_nameid_spnq() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_nameid_spnq"]], "get_organization() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_organization"]], "get_request() (onelogin.saml2.authn_request.onelogin_saml2_authn_request method)": [[3, "onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_request"]], "get_request() (onelogin.saml2.logout_request.onelogin_saml2_logout_request method)": [[3, "onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_request"]], "get_response() (onelogin.saml2.logout_response.onelogin_saml2_logout_response method)": [[3, "onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_response"]], "get_schemas_path() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_schemas_path"]], "get_security_data() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_security_data"]], "get_self_host() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_host"]], "get_self_routed_url_no_query() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_routed_url_no_query"]], "get_self_url() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url"]], "get_self_url_host() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_host"]], "get_self_url_no_query() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_no_query"]], "get_session_expiration() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_session_expiration"]], "get_session_index() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_session_index"]], "get_session_index() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_session_index"]], "get_session_indexes() (onelogin.saml2.logout_request.onelogin_saml2_logout_request class method)": [[3, "onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_session_indexes"]], "get_session_not_on_or_after() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_session_not_on_or_after"]], "get_settings() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_settings"]], "get_slo_response_url() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_slo_response_url"]], "get_slo_url() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_slo_url"]], "get_sp_cert() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_cert"]], "get_sp_cert_new() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_cert_new"]], "get_sp_data() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_data"]], "get_sp_key() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_key"]], "get_sp_metadata() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.get_sp_metadata"]], "get_sso_url() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.get_sso_url"]], "get_status() (onelogin.saml2.logout_response.onelogin_saml2_logout_response method)": [[3, "onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_status"]], "get_status() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.get_status"]], "get_xml() (onelogin.saml2.authn_request.onelogin_saml2_authn_request method)": [[3, "onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request.get_xml"]], "get_xml() (onelogin.saml2.logout_request.onelogin_saml2_logout_request method)": [[3, "onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.get_xml"]], "get_xml() (onelogin.saml2.logout_response.onelogin_saml2_logout_response method)": [[3, "onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.get_xml"]], "get_xml_document() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.get_xml_document"]], "getchildren() (onelogin.saml2.xmlparser.restrictedelement method)": [[3, "onelogin.saml2.xmlparser.RestrictedElement.getchildren"]], "getiterator() (onelogin.saml2.xmlparser.restrictedelement method)": [[3, "onelogin.saml2.xmlparser.RestrictedElement.getiterator"]], "is_authenticated() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.is_authenticated"]], "is_debug_active() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.is_debug_active"]], "is_https() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.is_https"]], "is_strict() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.is_strict"]], "is_valid() (onelogin.saml2.logout_request.onelogin_saml2_logout_request method)": [[3, "onelogin.saml2.logout_request.OneLogin_Saml2_Logout_Request.is_valid"]], "is_valid() (onelogin.saml2.logout_response.onelogin_saml2_logout_response method)": [[3, "onelogin.saml2.logout_response.OneLogin_Saml2_Logout_Response.is_valid"]], "is_valid() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.is_valid"]], "iter() (onelogin.saml2.xmlparser.restrictedelement method)": [[3, "onelogin.saml2.xmlparser.RestrictedElement.iter"]], "iterchildren() (onelogin.saml2.xmlparser.restrictedelement method)": [[3, "onelogin.saml2.xmlparser.RestrictedElement.iterchildren"]], "iterdescendants() (onelogin.saml2.xmlparser.restrictedelement method)": [[3, "onelogin.saml2.xmlparser.RestrictedElement.iterdescendants"]], "iterparse() (in module onelogin.saml2.xmlparser)": [[3, "onelogin.saml2.xmlparser.iterparse"]], "itersiblings() (onelogin.saml2.xmlparser.restrictedelement method)": [[3, "onelogin.saml2.xmlparser.RestrictedElement.itersiblings"]], "login() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.login"]], "logout() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.logout"]], "logout_request_class (onelogin.saml2.auth.onelogin_saml2_auth attribute)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.logout_request_class"]], "logout_response_class (onelogin.saml2.auth.onelogin_saml2_auth attribute)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.logout_response_class"]], "make_child() (onelogin.saml2.xml_utils.onelogin_saml2_xml static method)": [[3, "onelogin.saml2.xml_utils.OneLogin_Saml2_XML.make_child"]], "make_root() (onelogin.saml2.xml_utils.onelogin_saml2_xml static method)": [[3, "onelogin.saml2.xml_utils.OneLogin_Saml2_XML.make_root"]], "merge_settings() (onelogin.saml2.idp_metadata_parser.onelogin_saml2_idpmetadataparser static method)": [[3, "onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.merge_settings"]], "metadata_class (onelogin.saml2.settings.onelogin_saml2_settings attribute)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.metadata_class"]], "normalize_url() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.normalize_url"]], "now() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.now"]], "onelogin.saml2": [[3, "module-onelogin.saml2"]], "onelogin.saml2.auth": [[3, "module-onelogin.saml2.auth"]], "onelogin.saml2.authn_request": [[3, "module-onelogin.saml2.authn_request"]], "onelogin.saml2.compat": [[3, "module-onelogin.saml2.compat"]], "onelogin.saml2.constants": [[3, "module-onelogin.saml2.constants"]], "onelogin.saml2.errors": [[3, "module-onelogin.saml2.errors"]], "onelogin.saml2.idp_metadata_parser": [[3, "module-onelogin.saml2.idp_metadata_parser"]], "onelogin.saml2.logout_request": [[3, "module-onelogin.saml2.logout_request"]], "onelogin.saml2.logout_response": [[3, "module-onelogin.saml2.logout_response"]], "onelogin.saml2.metadata": [[3, "module-onelogin.saml2.metadata"]], "onelogin.saml2.response": [[3, "module-onelogin.saml2.response"]], "onelogin.saml2.settings": [[3, "module-onelogin.saml2.settings"]], "onelogin.saml2.utils": [[3, "module-onelogin.saml2.utils"]], "onelogin.saml2.xml_templates": [[3, "module-onelogin.saml2.xml_templates"]], "onelogin.saml2.xml_utils": [[3, "module-onelogin.saml2.xml_utils"]], "onelogin.saml2.xmlparser": [[3, "module-onelogin.saml2.xmlparser"]], "parse() (in module onelogin.saml2.xmlparser)": [[3, "onelogin.saml2.xmlparser.parse"]], "parse() (onelogin.saml2.idp_metadata_parser.onelogin_saml2_idpmetadataparser class method)": [[3, "onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.parse"]], "parse_saml_to_time() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_SAML_to_time"]], "parse_duration() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_duration"]], "parse_remote() (onelogin.saml2.idp_metadata_parser.onelogin_saml2_idpmetadataparser class method)": [[3, "onelogin.saml2.idp_metadata_parser.OneLogin_Saml2_IdPMetadataParser.parse_remote"]], "parse_time_to_saml() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_time_to_SAML"]], "parser_config (onelogin.saml2.xmlparser.globalparsertls attribute)": [[3, "onelogin.saml2.xmlparser.GlobalParserTLS.parser_config"]], "process_response() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.process_response"]], "process_signed_elements() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.process_signed_elements"]], "process_slo() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.process_slo"]], "query() (onelogin.saml2.xml_utils.onelogin_saml2_xml static method)": [[3, "onelogin.saml2.xml_utils.OneLogin_Saml2_XML.query"]], "redirect() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.redirect"]], "redirect_to() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.redirect_to"]], "response_class (onelogin.saml2.auth.onelogin_saml2_auth attribute)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.response_class"]], "return_false_on_exception() (in module onelogin.saml2.utils)": [[3, "onelogin.saml2.utils.return_false_on_exception"]], "setdefaultparser() (onelogin.saml2.xmlparser.globalparsertls method)": [[3, "onelogin.saml2.xmlparser.GlobalParserTLS.setDefaultParser"]], "set_cert_path() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.set_cert_path"]], "set_strict() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.set_strict"]], "set_strict() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.set_strict"]], "sign_binary() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.sign_binary"]], "sign_metadata() (onelogin.saml2.metadata.onelogin_saml2_metadata static method)": [[3, "onelogin.saml2.metadata.OneLogin_Saml2_Metadata.sign_metadata"]], "store_valid_response() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.store_valid_response"]], "to_bytes() (in module onelogin.saml2.compat)": [[3, "onelogin.saml2.compat.to_bytes"]], "to_etree() (onelogin.saml2.xml_utils.onelogin_saml2_xml static method)": [[3, "onelogin.saml2.xml_utils.OneLogin_Saml2_XML.to_etree"]], "to_string() (in module onelogin.saml2.compat)": [[3, "onelogin.saml2.compat.to_string"]], "to_string() (onelogin.saml2.xml_utils.onelogin_saml2_xml static method)": [[3, "onelogin.saml2.xml_utils.OneLogin_Saml2_XML.to_string"]], "utf8() (in module onelogin.saml2.compat)": [[3, "onelogin.saml2.compat.utf8"]], "validate_binary_sign() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_binary_sign"]], "validate_metadata() (onelogin.saml2.settings.onelogin_saml2_settings method)": [[3, "onelogin.saml2.settings.OneLogin_Saml2_Settings.validate_metadata"]], "validate_metadata_sign() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_metadata_sign"]], "validate_node_sign() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_node_sign"]], "validate_num_assertions() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.validate_num_assertions"]], "validate_request_signature() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.validate_request_signature"]], "validate_response_signature() (onelogin.saml2.auth.onelogin_saml2_auth method)": [[3, "onelogin.saml2.auth.OneLogin_Saml2_Auth.validate_response_signature"]], "validate_sign() (onelogin.saml2.utils.onelogin_saml2_utils static method)": [[3, "onelogin.saml2.utils.OneLogin_Saml2_Utils.validate_sign"]], "validate_signed_elements() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.validate_signed_elements"]], "validate_timestamps() (onelogin.saml2.response.onelogin_saml2_response method)": [[3, "onelogin.saml2.response.OneLogin_Saml2_Response.validate_timestamps"]], "validate_url() (in module onelogin.saml2.settings)": [[3, "onelogin.saml2.settings.validate_url"]], "validate_xml() (onelogin.saml2.xml_utils.onelogin_saml2_xml static method)": [[3, "onelogin.saml2.xml_utils.OneLogin_Saml2_XML.validate_xml"]]}})
\ No newline at end of file
diff --git a/pyproject.toml b/pyproject.toml
new file mode 100644
index 00000000..eee84f5b
--- /dev/null
+++ b/pyproject.toml
@@ -0,0 +1,122 @@
+[build-system]
+requires = ["setuptools>=61.0.0"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "python3-saml"
+version = "1.16.0"
+description = "Saml Python Toolkit. Add SAML support to your Python software using this library"
+license = {file = "LICENSE"}
+authors = [
+    {name = "SAML-Toolkits", email = "contact@iamdigitalservices.com"}
+]
+maintainers = [
+    {name = "Sixto Martin", email = "sixto.martin.garcia@gmail.com"}
+]
+readme = "README.md"
+keywords = [
+    "saml",
+    "saml2",
+    "sso",
+    "xmlsec",
+    "federation",
+    "identity",
+]
+classifiers = [
+    "Programming Language :: Python :: 3.7",
+    "Programming Language :: Python :: 3.8",
+    "Programming Language :: Python :: 3.9",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Topic :: Software Development :: Libraries :: Python Modules",
+]
+dependencies = [
+    "lxml>=4.6.5,!=4.7.0",
+    "xmlsec>=1.3.9",
+    "isodate>=0.6.1",
+]
+requires-python = ">=3.7"
+
+[project.urls]
+Homepage = "https://saml.info"
+Source = "https://github.com/SAML-Toolkits/python3-saml"
+"Bug Tracker" = "https://github.com/SAML-Toolkits/python3-saml/issues"
+Changelog = "https://github.com/SAML-Toolkits/python3-saml/blob/master/changelog.md"
+
+[project.optional-dependencies]
+test = [
+    "coverage[toml]>=4.5.2",
+    "pytest>=4.6",
+]
+lint = [
+    "black==24.4.2",
+    "flake8>=3.6.0, <=5.0.0",
+]
+
+[tool.setuptools]
+package-dir = {"" = "src"}
+
+[tool.setuptools.package-data]
+"onelogin.saml2.schemas" = ["*.xsd"]
+
+[tool.pytest.ini_options]
+minversion = "4.6.11"
+addopts = "-ra -vvv"
+testpaths = [
+    "tests",
+]
+pythonpath = [
+    "tests",
+]
+
+[tool.black]
+line-length = 200
+
+[tool.isort]
+profile = "black"
+# The 'black' profile means:
+#   multi_line_output = 3
+#   include_trailing_comma = true
+#   force_grid_wrap = 0
+#   use_parentheses = true
+#   ensure_newline_before_comments = true
+#   line_length = 88
+line_length = 200  # override black provile line_length
+force_single_line = true  # override black profile multi_line_output
+star_first = true
+group_by_package = true
+force_sort_within_sections = true
+lines_after_imports = 2
+honor_noqa = true
+atomic = true
+ignore_comments = true
+skip_gitignore = true
+src_paths = ['src']
+
+[tool.coverage.run]
+branch = true
+
+[tool.coverage.paths]
+source = [
+    "src/onelogin/saml2"
+]
+
+[tool.coverage.report]
+# Regexes for lines to exclude from consideration
+exclude_lines = [
+    "pragma: no cover",
+    "def __repr__",
+    "if self.debug",
+    "if debug",
+    "raise AssertionError",
+    "raise NotImplementedError",
+    "if 0:",
+    "if __name__ == .__main__.:"
+]
+show_missing = true
+ignore_errors = true
+
+
+[tool.coverage.html]
+directory = "coverage_html_report"
\ No newline at end of file
diff --git a/setup.cfg b/setup.cfg
deleted file mode 100644
index e9d41598..00000000
--- a/setup.cfg
+++ /dev/null
@@ -1,7 +0,0 @@
-[flake8]
-ignore = E731,W504
-max-complexity = 48
-max-line-length = 1900
-
-[wheel]
-python-tag = py27
diff --git a/setup.py b/setup.py
deleted file mode 100644
index 3a248144..00000000
--- a/setup.py
+++ /dev/null
@@ -1,54 +0,0 @@
-#! /usr/bin/env python
-# -*- coding: utf-8 -*-
-
-# Copyright (c) 2010-2018 OneLogin, Inc.
-# MIT License
-
-from setuptools import setup
-
-
-setup(
-    name='python3-saml',
-    version='1.7.0',
-    description='Onelogin Python Toolkit. Add SAML support to your Python software using this library',
-    classifiers=[
-        'Development Status :: 5 - Production/Stable',
-        'Intended Audience :: Developers',
-        'Intended Audience :: System Administrators',
-        'Operating System :: OS Independent',
-        'Programming Language :: Python :: 2.7',
-        'Programming Language :: Python :: 3.4',
-        'Programming Language :: Python :: 3.5',
-        'Programming Language :: Python :: 3.6',
-        'Programming Language :: Python :: 3.7',
-    ],
-    author='OneLogin',
-    author_email='support@onelogin.com',
-    license='MIT',
-    url='https://github.com/onelogin/python3-saml',
-    packages=['onelogin', 'onelogin/saml2'],
-    include_package_data=True,
-    package_data={
-        'onelogin/saml2/schemas': ['*.xsd'],
-    },
-    package_dir={
-        '': 'src',
-    },
-    test_suite='tests',
-    install_requires=[
-        'isodate>=0.5.0',
-        'xmlsec>=0.6.0',
-        'defusedxml>=0.5.0'
-    ],
-    dependency_links=['http://github.com/mehcode/python-xmlsec/tarball/master'],
-    extras_require={
-        'test': (
-            'coverage>=4.5.2',
-            'freezegun==0.3.11',
-            'pylint==1.9.4',
-            'flake8==3.6.0',
-            'coveralls==1.5.1',
-        ),
-    },
-    keywords='saml saml2 xmlsec django flask pyramid python3',
-)
diff --git a/src/onelogin/__init__.py b/src/onelogin/__init__.py
index ba664a65..57f87a32 100644
--- a/src/onelogin/__init__.py
+++ b/src/onelogin/__init__.py
@@ -1,14 +1,10 @@
 # -*- coding: utf-8 -*-
 
 """
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
 Add SAML support to your Python softwares using this library.
-Forget those complicated libraries and use that open source
-library provided and supported by OneLogin Inc.
 
-OneLogin's SAML Python toolkit let you build a SP (Service Provider)
+SAML Python toolkit let you build a SP (Service Provider)
 over your Python application and connect it to any IdP (Identity Provider).
 
 Supports:
diff --git a/src/onelogin/saml2/__init__.py b/src/onelogin/saml2/__init__.py
index ba664a65..57f87a32 100644
--- a/src/onelogin/saml2/__init__.py
+++ b/src/onelogin/saml2/__init__.py
@@ -1,14 +1,10 @@
 # -*- coding: utf-8 -*-
 
 """
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
 Add SAML support to your Python softwares using this library.
-Forget those complicated libraries and use that open source
-library provided and supported by OneLogin Inc.
 
-OneLogin's SAML Python toolkit let you build a SP (Service Provider)
+SAML Python toolkit let you build a SP (Service Provider)
 over your Python application and connect it to any IdP (Identity Provider).
 
 Supports:
diff --git a/src/onelogin/saml2/auth.py b/src/onelogin/saml2/auth.py
index 2a9b7cde..a55f7f8e 100644
--- a/src/onelogin/saml2/auth.py
+++ b/src/onelogin/saml2/auth.py
@@ -2,26 +2,24 @@
 
 """ OneLogin_Saml2_Auth class
 
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
-Main class of OneLogin's Python Toolkit.
+Main class of SAML Python Toolkit.
 
 Initializes the SP SAML instance
 
 """
 
 import xmlsec
-from defusedxml.lxml import tostring
 
 from onelogin.saml2 import compat
-from onelogin.saml2.settings import OneLogin_Saml2_Settings
-from onelogin.saml2.response import OneLogin_Saml2_Response
-from onelogin.saml2.logout_response import OneLogin_Saml2_Logout_Response
+from onelogin.saml2.authn_request import OneLogin_Saml2_Authn_Request
 from onelogin.saml2.constants import OneLogin_Saml2_Constants
-from onelogin.saml2.utils import OneLogin_Saml2_Utils, OneLogin_Saml2_Error, OneLogin_Saml2_ValidationError
 from onelogin.saml2.logout_request import OneLogin_Saml2_Logout_Request
-from onelogin.saml2.authn_request import OneLogin_Saml2_Authn_Request
+from onelogin.saml2.logout_response import OneLogin_Saml2_Logout_Response
+from onelogin.saml2.response import OneLogin_Saml2_Response
+from onelogin.saml2.settings import OneLogin_Saml2_Settings
+from onelogin.saml2.utils import OneLogin_Saml2_Utils, OneLogin_Saml2_Error, OneLogin_Saml2_ValidationError
+from onelogin.saml2.xmlparser import tostring
 
 
 class OneLogin_Saml2_Auth(object):
@@ -34,6 +32,11 @@ class OneLogin_Saml2_Auth(object):
     SAML Response, a Logout Request or a Logout Response).
     """
 
+    authn_request_class = OneLogin_Saml2_Authn_Request
+    logout_request_class = OneLogin_Saml2_Logout_Request
+    logout_response_class = OneLogin_Saml2_Logout_Response
+    response_class = OneLogin_Saml2_Response
+
     def __init__(self, request_data, old_settings=None, custom_base_path=None):
         """
         Initializes the SP SAML instance.
@@ -47,28 +50,31 @@ def __init__(self, request_data, old_settings=None, custom_base_path=None):
         :param custom_base_path: Optional. Path where are stored the settings file and the cert folder
         :type custom_base_path: string
         """
-        self.__request_data = request_data
+        self._request_data = request_data
         if isinstance(old_settings, OneLogin_Saml2_Settings):
-            self.__settings = old_settings
+            self._settings = old_settings
         else:
-            self.__settings = OneLogin_Saml2_Settings(old_settings, custom_base_path)
-        self.__attributes = dict()
-        self.__nameid = None
-        self.__nameid_format = None
-        self.__nameid_nq = None
-        self.__nameid_spnq = None
-        self.__session_index = None
-        self.__session_expiration = None
-        self.__authenticated = False
-        self.__errors = []
-        self.__error_reason = None
-        self.__last_request_id = None
-        self.__last_message_id = None
-        self.__last_assertion_id = None
-        self.__last_authn_contexts = []
-        self.__last_request = None
-        self.__last_response = None
-        self.__last_assertion_not_on_or_after = None
+            self._settings = OneLogin_Saml2_Settings(old_settings, custom_base_path)
+        self._attributes = dict()
+        self._friendlyname_attributes = dict()
+        self._nameid = None
+        self._nameid_format = None
+        self._nameid_nq = None
+        self._nameid_spnq = None
+        self._session_index = None
+        self._session_expiration = None
+        self._authenticated = False
+        self._errors = []
+        self._error_reason = None
+        self._last_request_id = None
+        self._last_message_id = None
+        self._last_assertion_id = None
+        self._last_assertion_issue_instant = None
+        self._last_authn_contexts = []
+        self._last_request = None
+        self._last_response = None
+        self._last_response_in_response_to = None
+        self._last_assertion_not_on_or_after = None
 
     def get_settings(self):
         """
@@ -76,7 +82,7 @@ def get_settings(self):
         :return: Setting info
         :rtype: OneLogin_Saml2_Setting object
         """
-        return self.__settings
+        return self._settings
 
     def set_strict(self, value):
         """
@@ -86,7 +92,24 @@ def set_strict(self, value):
         :type value: bool
         """
         assert isinstance(value, bool)
-        self.__settings.set_strict(value)
+        self._settings.set_strict(value)
+
+    def store_valid_response(self, response):
+        self._attributes = response.get_attributes()
+        self._friendlyname_attributes = response.get_friendlyname_attributes()
+        self._nameid = response.get_nameid()
+        self._nameid_format = response.get_nameid_format()
+        self._nameid_nq = response.get_nameid_nq()
+        self._nameid_spnq = response.get_nameid_spnq()
+        self._session_index = response.get_session_index()
+        self._session_expiration = response.get_session_not_on_or_after()
+        self._last_message_id = response.get_id()
+        self._last_assertion_id = response.get_assertion_id()
+        self._last_assertion_issue_instant = response.get_assertion_issue_instant()
+        self._last_authn_contexts = response.get_authn_contexts()
+        self._authenticated = True
+        self._last_response_in_response_to = response.get_in_response_to()
+        self._last_assertion_not_on_or_after = response.get_assertion_not_on_or_after()
 
     def process_response(self, request_id=None):
         """
@@ -97,38 +120,23 @@ def process_response(self, request_id=None):
 
         :raises: OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND, when a POST with a SAMLResponse is not found
         """
-        self.__errors = []
-        self.__error_reason = None
+        self._errors = []
+        self._error_reason = None
 
-        if 'post_data' in self.__request_data and 'SAMLResponse' in self.__request_data['post_data']:
+        if "post_data" in self._request_data and "SAMLResponse" in self._request_data["post_data"]:
             # AuthnResponse -- HTTP_POST Binding
-            response = OneLogin_Saml2_Response(self.__settings, self.__request_data['post_data']['SAMLResponse'])
-            self.__last_response = response.get_xml_document()
-
-            if response.is_valid(self.__request_data, request_id):
-                self.__attributes = response.get_attributes()
-                self.__nameid = response.get_nameid()
-                self.__nameid_format = response.get_nameid_format()
-                self.__nameid_nq = response.get_nameid_nq()
-                self.__nameid_spnq = response.get_nameid_spnq()
-                self.__session_index = response.get_session_index()
-                self.__session_expiration = response.get_session_not_on_or_after()
-                self.__last_message_id = response.get_id()
-                self.__last_assertion_id = response.get_assertion_id()
-                self.__last_authn_contexts = response.get_authn_contexts()
-                self.__authenticated = True
-                self.__last_assertion_not_on_or_after = response.get_assertion_not_on_or_after()
+            response = self.response_class(self._settings, self._request_data["post_data"]["SAMLResponse"])
+            self._last_response = response.get_xml_document()
 
+            if response.is_valid(self._request_data, request_id):
+                self.store_valid_response(response)
             else:
-                self.__errors.append('invalid_response')
-                self.__error_reason = response.get_error()
+                self._errors.append("invalid_response")
+                self._error_reason = response.get_error()
 
         else:
-            self.__errors.append('invalid_binding')
-            raise OneLogin_Saml2_Error(
-                'SAML Response not found, Only supported HTTP_POST Binding',
-                OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND
-            )
+            self._errors.append("invalid_binding")
+            raise OneLogin_Saml2_Error("SAML Response not found, Only supported HTTP_POST Binding", OneLogin_Saml2_Error.SAML_RESPONSE_NOT_FOUND)
 
     def process_slo(self, keep_local_session=False, request_id=None, delete_session_cb=None):
         """
@@ -142,61 +150,56 @@ def process_slo(self, keep_local_session=False, request_id=None, delete_session_
 
         :returns: Redirection url
         """
-        self.__errors = []
-        self.__error_reason = None
+        self._errors = []
+        self._error_reason = None
 
-        get_data = 'get_data' in self.__request_data and self.__request_data['get_data']
-        if get_data and 'SAMLResponse' in get_data:
-            logout_response = OneLogin_Saml2_Logout_Response(self.__settings, get_data['SAMLResponse'])
-            self.__last_response = logout_response.get_xml()
+        get_data = "get_data" in self._request_data and self._request_data["get_data"]
+        if get_data and "SAMLResponse" in get_data:
+            logout_response = self.logout_response_class(self._settings, get_data["SAMLResponse"])
+            self._last_response = logout_response.get_xml()
             if not self.validate_response_signature(get_data):
-                self.__errors.append('invalid_logout_response_signature')
-                self.__errors.append('Signature validation failed. Logout Response rejected')
-            elif not logout_response.is_valid(self.__request_data, request_id):
-                self.__errors.append('invalid_logout_response')
-                self.__error_reason = logout_response.get_error()
+                self._errors.append("invalid_logout_response_signature")
+                self._errors.append("Signature validation failed. Logout Response rejected")
+            elif not logout_response.is_valid(self._request_data, request_id):
+                self._errors.append("invalid_logout_response")
             elif logout_response.get_status() != OneLogin_Saml2_Constants.STATUS_SUCCESS:
-                self.__errors.append('logout_not_success')
+                self._errors.append("logout_not_success")
             else:
-                self.__last_message_id = logout_response.id
+                self._last_message_id = logout_response.id
                 if not keep_local_session:
                     OneLogin_Saml2_Utils.delete_local_session(delete_session_cb)
 
-        elif get_data and 'SAMLRequest' in get_data:
-            logout_request = OneLogin_Saml2_Logout_Request(self.__settings, get_data['SAMLRequest'])
-            self.__last_request = logout_request.get_xml()
+        elif get_data and "SAMLRequest" in get_data:
+            logout_request = self.logout_request_class(self._settings, get_data["SAMLRequest"])
+            self._last_request = logout_request.get_xml()
             if not self.validate_request_signature(get_data):
-                self.__errors.append("invalid_logout_request_signature")
-                self.__errors.append('Signature validation failed. Logout Request rejected')
-            elif not logout_request.is_valid(self.__request_data):
-                self.__errors.append('invalid_logout_request')
-                self.__error_reason = logout_request.get_error()
+                self._errors.append("invalid_logout_request_signature")
+                self._errors.append("Signature validation failed. Logout Request rejected")
+            elif not logout_request.is_valid(self._request_data):
+                self._errors.append("invalid_logout_request")
             else:
                 if not keep_local_session:
                     OneLogin_Saml2_Utils.delete_local_session(delete_session_cb)
 
                 in_response_to = logout_request.id
-                self.__last_message_id = logout_request.id
-                response_builder = OneLogin_Saml2_Logout_Response(self.__settings)
+                self._last_message_id = logout_request.id
+                response_builder = self.logout_response_class(self._settings)
                 response_builder.build(in_response_to)
-                self.__last_response = response_builder.get_xml()
+                self._last_response = response_builder.get_xml()
                 logout_response = response_builder.get_response()
 
-                parameters = {'SAMLResponse': logout_response}
-                if 'RelayState' in self.__request_data['get_data']:
-                    parameters['RelayState'] = self.__request_data['get_data']['RelayState']
+                parameters = {"SAMLResponse": logout_response}
+                if "RelayState" in self._request_data["get_data"]:
+                    parameters["RelayState"] = self._request_data["get_data"]["RelayState"]
 
-                security = self.__settings.get_security_data()
-                if security['logoutResponseSigned']:
-                    self.add_response_signature(parameters, security['signatureAlgorithm'])
+                security = self._settings.get_security_data()
+                if security["logoutResponseSigned"]:
+                    self.add_response_signature(parameters, security["signatureAlgorithm"])
 
-                return self.redirect_to(self.get_slo_url(), parameters)
+                return self.redirect_to(self.get_slo_response_url(), parameters)
         else:
-            self.__errors.append('invalid_binding')
-            raise OneLogin_Saml2_Error(
-                'SAML LogoutRequest/LogoutResponse not found. Only supported HTTP_REDIRECT Binding',
-                OneLogin_Saml2_Error.SAML_LOGOUTMESSAGE_NOT_FOUND
-            )
+            self._errors.append("invalid_binding")
+            raise OneLogin_Saml2_Error("SAML LogoutRequest/LogoutResponse not found. Only supported HTTP_REDIRECT Binding", OneLogin_Saml2_Error.SAML_LOGOUTMESSAGE_NOT_FOUND)
 
     def redirect_to(self, url=None, parameters={}):
         """
@@ -209,9 +212,9 @@ def redirect_to(self, url=None, parameters={}):
 
         :returns: Redirection URL
         """
-        if url is None and 'RelayState' in self.__request_data['get_data']:
-            url = self.__request_data['get_data']['RelayState']
-        return OneLogin_Saml2_Utils.redirect(url, parameters, request_data=self.__request_data)
+        if url is None and "RelayState" in self._request_data["get_data"]:
+            url = self._request_data["get_data"]["RelayState"]
+        return OneLogin_Saml2_Utils.redirect(url, parameters, request_data=self._request_data)
 
     def is_authenticated(self):
         """
@@ -220,7 +223,7 @@ def is_authenticated(self):
         :returns: True if is authenticated, False if not
         :rtype: bool
         """
-        return self.__authenticated
+        return self._authenticated
 
     def get_attributes(self):
         """
@@ -229,7 +232,16 @@ def get_attributes(self):
         :returns: SAML attributes
         :rtype: dict
         """
-        return self.__attributes
+        return self._attributes
+
+    def get_friendlyname_attributes(self):
+        """
+        Returns the set of SAML attributes indexed by FiendlyName.
+
+        :returns: SAML attributes
+        :rtype: dict
+        """
+        return self._friendlyname_attributes
 
     def get_nameid(self):
         """
@@ -238,7 +250,7 @@ def get_nameid(self):
         :returns: NameID
         :rtype: string|None
         """
-        return self.__nameid
+        return self._nameid
 
     def get_nameid_format(self):
         """
@@ -247,7 +259,7 @@ def get_nameid_format(self):
         :returns: NameID Format
         :rtype: string|None
         """
-        return self.__nameid_format
+        return self._nameid_format
 
     def get_nameid_nq(self):
         """
@@ -256,7 +268,7 @@ def get_nameid_nq(self):
         :returns: NameID NameQualifier
         :rtype: string|None
         """
-        return self.__nameid_nq
+        return self._nameid_nq
 
     def get_nameid_spnq(self):
         """
@@ -265,7 +277,7 @@ def get_nameid_spnq(self):
         :returns: NameID SP NameQualifier
         :rtype: string|None
         """
-        return self.__nameid_spnq
+        return self._nameid_spnq
 
     def get_session_index(self):
         """
@@ -273,22 +285,22 @@ def get_session_index(self):
         :returns: The SessionIndex of the assertion
         :rtype: string
         """
-        return self.__session_index
+        return self._session_index
 
     def get_session_expiration(self):
         """
         Returns the SessionNotOnOrAfter from the AuthnStatement.
         :returns: The SessionNotOnOrAfter of the assertion
-        :rtype: DateTime|None
+        :rtype: unix/posix timestamp|None
         """
-        return self.__session_expiration
+        return self._session_expiration
 
     def get_last_assertion_not_on_or_after(self):
         """
         The NotOnOrAfter value of the valid SubjectConfirmationData node
         (if any) of the last assertion processed
         """
-        return self.__last_assertion_not_on_or_after
+        return self._last_assertion_not_on_or_after
 
     def get_errors(self):
         """
@@ -297,7 +309,7 @@ def get_errors(self):
         :returns: List of errors
         :rtype: list
         """
-        return self.__errors
+        return self._errors
 
     def get_last_error_reason(self):
         """
@@ -306,7 +318,7 @@ def get_last_error_reason(self):
         :returns: Reason of the last error
         :rtype: None | string
         """
-        return self.__error_reason
+        return self._error_reason
 
     def get_attribute(self, name):
         """
@@ -315,39 +327,66 @@ def get_attribute(self, name):
         :param name: Name of the attribute
         :type name: string
 
-        :returns: Attribute value if exists or []
-        :rtype: string
+        :returns: Attribute value(s) if exists or None
+        :rtype: list
         """
         assert isinstance(name, compat.str_type)
-        return self.__attributes.get(name)
+        return self._attributes.get(name)
+
+    def get_friendlyname_attribute(self, friendlyname):
+        """
+        Returns the requested SAML attribute searched by FriendlyName.
+
+        :param friendlyname: FriendlyName of the attribute
+        :type friendlyname: string
+
+        :returns: Attribute value(s) if exists or None
+        :rtype: list
+        """
+        assert isinstance(friendlyname, compat.str_type)
+        return self._friendlyname_attributes.get(friendlyname)
 
     def get_last_request_id(self):
         """
         :returns: The ID of the last Request SAML message generated.
         :rtype: string
         """
-        return self.__last_request_id
+        return self._last_request_id
 
     def get_last_message_id(self):
         """
         :returns: The ID of the last Response SAML message processed.
         :rtype: string
         """
-        return self.__last_message_id
+        return self._last_message_id
 
     def get_last_assertion_id(self):
         """
         :returns: The ID of the last assertion processed.
         :rtype: string
         """
-        return self.__last_assertion_id
+        return self._last_assertion_id
+
+    def get_last_assertion_issue_instant(self):
+        """
+        :returns: The IssueInstant of the last assertion processed.
+        :rtype: unix/posix timestamp|None
+        """
+        return self._last_assertion_issue_instant
 
     def get_last_authn_contexts(self):
         """
         :returns: The list of authentication contexts sent in the last SAML Response.
         :rtype: list
         """
-        return self.__last_authn_contexts
+        return self._last_authn_contexts
+
+    def get_last_response_in_response_to(self):
+        """
+        :returns: InResponseTo attribute of the last Response SAML processed or None if it is not present.
+        :rtype: string
+        """
+        return self._last_response_in_response_to
 
     def login(self, return_to=None, force_authn=False, is_passive=False, set_nameid_policy=True, name_id_value_req=None):
         """
@@ -371,21 +410,21 @@ def login(self, return_to=None, force_authn=False, is_passive=False, set_nameid_
         :returns: Redirection URL
         :rtype: string
         """
-        authn_request = OneLogin_Saml2_Authn_Request(self.__settings, force_authn, is_passive, set_nameid_policy, name_id_value_req)
-        self.__last_request = authn_request.get_xml()
-        self.__last_request_id = authn_request.get_id()
+        authn_request = self.authn_request_class(self._settings, force_authn, is_passive, set_nameid_policy, name_id_value_req)
+        self._last_request = authn_request.get_xml()
+        self._last_request_id = authn_request.get_id()
 
         saml_request = authn_request.get_request()
-        parameters = {'SAMLRequest': saml_request}
+        parameters = {"SAMLRequest": saml_request}
 
         if return_to is not None:
-            parameters['RelayState'] = return_to
+            parameters["RelayState"] = return_to
         else:
-            parameters['RelayState'] = OneLogin_Saml2_Utils.get_self_url_no_query(self.__request_data)
+            parameters["RelayState"] = OneLogin_Saml2_Utils.get_self_url_no_query(self._request_data)
 
-        security = self.__settings.get_security_data()
-        if security.get('authnRequestsSigned', False):
-            self.add_request_signature(parameters, security['signatureAlgorithm'])
+        security = self._settings.get_security_data()
+        if security.get("authnRequestsSigned", False):
+            self.add_request_signature(parameters, security["signatureAlgorithm"])
         return self.redirect_to(self.get_sso_url(), parameters)
 
     def logout(self, return_to=None, name_id=None, session_index=None, nq=None, name_id_format=None, spnq=None):
@@ -414,37 +453,27 @@ def logout(self, return_to=None, name_id=None, session_index=None, nq=None, name
         """
         slo_url = self.get_slo_url()
         if slo_url is None:
-            raise OneLogin_Saml2_Error(
-                'The IdP does not support Single Log Out',
-                OneLogin_Saml2_Error.SAML_SINGLE_LOGOUT_NOT_SUPPORTED
-            )
-
-        if name_id is None and self.__nameid is not None:
-            name_id = self.__nameid
-
-        if name_id_format is None and self.__nameid_format is not None:
-            name_id_format = self.__nameid_format
-
-        logout_request = OneLogin_Saml2_Logout_Request(
-            self.__settings,
-            name_id=name_id,
-            session_index=session_index,
-            nq=nq,
-            name_id_format=name_id_format,
-            spnq=spnq
-        )
-        self.__last_request = logout_request.get_xml()
-        self.__last_request_id = logout_request.id
-
-        parameters = {'SAMLRequest': logout_request.get_request()}
+            raise OneLogin_Saml2_Error("The IdP does not support Single Log Out", OneLogin_Saml2_Error.SAML_SINGLE_LOGOUT_NOT_SUPPORTED)
+
+        if name_id is None and self._nameid is not None:
+            name_id = self._nameid
+
+        if name_id_format is None and self._nameid_format is not None:
+            name_id_format = self._nameid_format
+
+        logout_request = self.logout_request_class(self._settings, name_id=name_id, session_index=session_index, nq=nq, name_id_format=name_id_format, spnq=spnq)
+        self._last_request = logout_request.get_xml()
+        self._last_request_id = logout_request.id
+
+        parameters = {"SAMLRequest": logout_request.get_request()}
         if return_to is not None:
-            parameters['RelayState'] = return_to
+            parameters["RelayState"] = return_to
         else:
-            parameters['RelayState'] = OneLogin_Saml2_Utils.get_self_url_no_query(self.__request_data)
+            parameters["RelayState"] = OneLogin_Saml2_Utils.get_self_url_no_query(self._request_data)
 
-        security = self.__settings.get_security_data()
-        if security.get('logoutRequestSigned', False):
-            self.add_request_signature(parameters, security['signatureAlgorithm'])
+        security = self._settings.get_security_data()
+        if security.get("logoutRequestSigned", False):
+            self.add_request_signature(parameters, security["signatureAlgorithm"])
         return self.redirect_to(slo_url, parameters)
 
     def get_sso_url(self):
@@ -454,8 +483,7 @@ def get_sso_url(self):
         :returns: An URL, the SSO endpoint of the IdP
         :rtype: string
         """
-        idp_data = self.__settings.get_idp_data()
-        return idp_data['singleSignOnService']['url']
+        return self._settings.get_idp_sso_url()
 
     def get_slo_url(self):
         """
@@ -464,11 +492,18 @@ def get_slo_url(self):
         :returns: An URL, the SLO endpoint of the IdP
         :rtype: string
         """
-        idp_data = self.__settings.get_idp_data()
-        if 'url' in idp_data['singleLogoutService']:
-            return idp_data['singleLogoutService']['url']
+        return self._settings.get_idp_slo_url()
 
-    def add_request_signature(self, request_data, sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA1):
+    def get_slo_response_url(self):
+        """
+        Gets the SLO return URL for IdP-initiated logout.
+
+        :returns: an URL, the SLO return endpoint of the IdP
+        :rtype: string
+        """
+        return self._settings.get_idp_slo_response_url()
+
+    def add_request_signature(self, request_data, sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA256):
         """
         Builds the Signature of the SAML Request.
 
@@ -478,9 +513,9 @@ def add_request_signature(self, request_data, sign_algorithm=OneLogin_Saml2_Cons
         :param sign_algorithm: Signature algorithm method
         :type sign_algorithm: string
         """
-        return self.__build_signature(request_data, 'SAMLRequest', sign_algorithm)
+        return self._build_signature(request_data, "SAMLRequest", sign_algorithm)
 
-    def add_response_signature(self, response_data, sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA1):
+    def add_response_signature(self, response_data, sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA256):
         """
         Builds the Signature of the SAML Response.
         :param response_data: The Response parameters
@@ -489,10 +524,26 @@ def add_response_signature(self, response_data, sign_algorithm=OneLogin_Saml2_Co
         :param sign_algorithm: Signature algorithm method
         :type sign_algorithm: string
         """
-        return self.__build_signature(response_data, 'SAMLResponse', sign_algorithm)
+        return self._build_signature(response_data, "SAMLResponse", sign_algorithm)
+
+    @staticmethod
+    def _build_sign_query_from_qs(query_string, saml_type):
+        """
+        Build sign query from query string
+
+        :param query_string: The query string
+        :type query_string: str
+
+        :param saml_type: The target URL the user should be redirected to
+        :type saml_type: string SAMLRequest | SAMLResponse
+        """
+        args = ("%s=" % saml_type, "RelayState=", "SigAlg=")
+        parts = query_string.split("&")
+        # Join in the order of arguments rather than the original order of parts.
+        return "&".join(part for arg in args for part in parts if part.startswith(arg))
 
     @staticmethod
-    def __build_sign_query(saml_data, relay_state, algorithm, saml_type, lowercase_urlencoding=False):
+    def _build_sign_query(saml_data, relay_state, algorithm, saml_type, lowercase_urlencoding=False):
         """
         Build sign query
 
@@ -511,13 +562,13 @@ def __build_sign_query(saml_data, relay_state, algorithm, saml_type, lowercase_u
         :param lowercase_urlencoding: lowercase or no
         :type lowercase_urlencoding: boolean
         """
-        sign_data = ['%s=%s' % (saml_type, OneLogin_Saml2_Utils.escape_url(saml_data, lowercase_urlencoding))]
+        sign_data = ["%s=%s" % (saml_type, OneLogin_Saml2_Utils.escape_url(saml_data, lowercase_urlencoding))]
         if relay_state is not None:
-            sign_data.append('RelayState=%s' % OneLogin_Saml2_Utils.escape_url(relay_state, lowercase_urlencoding))
-        sign_data.append('SigAlg=%s' % OneLogin_Saml2_Utils.escape_url(algorithm, lowercase_urlencoding))
-        return '&'.join(sign_data)
+            sign_data.append("RelayState=%s" % OneLogin_Saml2_Utils.escape_url(relay_state, lowercase_urlencoding))
+        sign_data.append("SigAlg=%s" % OneLogin_Saml2_Utils.escape_url(algorithm, lowercase_urlencoding))
+        return "&".join(sign_data)
 
-    def __build_signature(self, data, saml_type, sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA1):
+    def _build_signature(self, data, saml_type, sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA256):
         """
         Builds the Signature
         :param data: The Request data
@@ -529,32 +580,26 @@ def __build_signature(self, data, saml_type, sign_algorithm=OneLogin_Saml2_Const
         :param sign_algorithm: Signature algorithm method
         :type sign_algorithm: string
         """
-        assert saml_type in ('SAMLRequest', 'SAMLResponse')
+        assert saml_type in ("SAMLRequest", "SAMLResponse")
         key = self.get_settings().get_sp_key()
 
         if not key:
-            raise OneLogin_Saml2_Error(
-                "Trying to sign the %s but can't load the SP private key." % saml_type,
-                OneLogin_Saml2_Error.PRIVATE_KEY_NOT_FOUND
-            )
+            raise OneLogin_Saml2_Error("Trying to sign the %s but can't load the SP private key." % saml_type, OneLogin_Saml2_Error.PRIVATE_KEY_NOT_FOUND)
 
-        msg = self.__build_sign_query(data[saml_type],
-                                      data.get('RelayState', None),
-                                      sign_algorithm,
-                                      saml_type)
+        msg = self._build_sign_query(data[saml_type], data.get("RelayState", None), sign_algorithm, saml_type)
 
         sign_algorithm_transform_map = {
             OneLogin_Saml2_Constants.DSA_SHA1: xmlsec.Transform.DSA_SHA1,
             OneLogin_Saml2_Constants.RSA_SHA1: xmlsec.Transform.RSA_SHA1,
             OneLogin_Saml2_Constants.RSA_SHA256: xmlsec.Transform.RSA_SHA256,
             OneLogin_Saml2_Constants.RSA_SHA384: xmlsec.Transform.RSA_SHA384,
-            OneLogin_Saml2_Constants.RSA_SHA512: xmlsec.Transform.RSA_SHA512
+            OneLogin_Saml2_Constants.RSA_SHA512: xmlsec.Transform.RSA_SHA512,
         }
-        sign_algorithm_transform = sign_algorithm_transform_map.get(sign_algorithm, xmlsec.Transform.RSA_SHA1)
+        sign_algorithm_transform = sign_algorithm_transform_map.get(sign_algorithm, xmlsec.Transform.RSA_SHA256)
 
-        signature = OneLogin_Saml2_Utils.sign_binary(msg, key, sign_algorithm_transform, self.__settings.is_debug_active())
-        data['Signature'] = OneLogin_Saml2_Utils.b64encode(signature)
-        data['SigAlg'] = sign_algorithm
+        signature = OneLogin_Saml2_Utils.sign_binary(msg, key, sign_algorithm_transform, self._settings.is_debug_active())
+        data["Signature"] = OneLogin_Saml2_Utils.b64encode(signature)
+        data["SigAlg"] = sign_algorithm
 
     def validate_request_signature(self, request_data):
         """
@@ -565,7 +610,7 @@ def validate_request_signature(self, request_data):
 
         """
 
-        return self.__validate_signature(request_data, 'SAMLRequest')
+        return self._validate_signature(request_data, "SAMLRequest")
 
     def validate_response_signature(self, request_data):
         """
@@ -576,9 +621,9 @@ def validate_response_signature(self, request_data):
 
         """
 
-        return self.__validate_signature(request_data, 'SAMLResponse')
+        return self._validate_signature(request_data, "SAMLResponse")
 
-    def __validate_signature(self, data, saml_type, raise_exceptions=False):
+    def _validate_signature(self, data, saml_type, raise_exceptions=False):
         """
         Validate Signature
 
@@ -595,71 +640,52 @@ def __validate_signature(self, data, saml_type, raise_exceptions=False):
         :type raise_exceptions: Boolean
         """
         try:
-            signature = data.get('Signature', None)
+            signature = data.get("Signature", None)
             if signature is None:
-                if self.__settings.is_strict() and self.__settings.get_security_data().get('wantMessagesSigned', False):
-                    raise OneLogin_Saml2_ValidationError(
-                        'The %s is not signed. Rejected.' % saml_type,
-                        OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE
-                    )
+                if self._settings.is_strict() and self._settings.get_security_data().get("wantMessagesSigned", False):
+                    raise OneLogin_Saml2_ValidationError("The %s is not signed. Rejected." % saml_type, OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE)
                 return True
 
             idp_data = self.get_settings().get_idp_data()
 
-            exists_x509cert = 'x509cert' in idp_data and idp_data['x509cert']
-            exists_multix509sign = 'x509certMulti' in idp_data and \
-                'signing' in idp_data['x509certMulti'] and \
-                idp_data['x509certMulti']['signing']
+            exists_x509cert = self.get_settings().get_idp_cert() is not None
+            exists_multix509sign = "x509certMulti" in idp_data and "signing" in idp_data["x509certMulti"] and idp_data["x509certMulti"]["signing"]
 
             if not (exists_x509cert or exists_multix509sign):
-                error_msg = 'In order to validate the sign on the %s, the x509cert of the IdP is required' % saml_type
-                self.__errors.append(error_msg)
-                raise OneLogin_Saml2_Error(
-                    error_msg,
-                    OneLogin_Saml2_Error.CERT_NOT_FOUND
-                )
-
-            sign_alg = data.get('SigAlg', OneLogin_Saml2_Constants.RSA_SHA1)
+                error_msg = "In order to validate the sign on the %s, the x509cert of the IdP is required" % saml_type
+                self._errors.append(error_msg)
+                raise OneLogin_Saml2_Error(error_msg, OneLogin_Saml2_Error.CERT_NOT_FOUND)
+
+            sign_alg = data.get("SigAlg", OneLogin_Saml2_Constants.RSA_SHA1)
             if isinstance(sign_alg, bytes):
-                sign_alg = sign_alg.decode('utf8')
+                sign_alg = sign_alg.decode("utf8")
 
-            lowercase_urlencoding = False
-            if 'lowercase_urlencoding' in self.__request_data.keys():
-                lowercase_urlencoding = self.__request_data['lowercase_urlencoding']
+            security = self._settings.get_security_data()
+            reject_deprecated_alg = security.get("rejectDeprecatedAlgorithm", False)
+            if reject_deprecated_alg:
+                if sign_alg in OneLogin_Saml2_Constants.DEPRECATED_ALGORITHMS:
+                    raise OneLogin_Saml2_ValidationError("Deprecated signature algorithm found: %s" % sign_alg, OneLogin_Saml2_ValidationError.DEPRECATED_SIGNATURE_METHOD)
 
-            signed_query = self.__build_sign_query(data[saml_type],
-                                                   data.get('RelayState', None),
-                                                   sign_alg,
-                                                   saml_type,
-                                                   lowercase_urlencoding
-                                                   )
+            query_string = self._request_data.get("query_string")
+            if query_string and self._request_data.get("validate_signature_from_qs"):
+                signed_query = self._build_sign_query_from_qs(query_string, saml_type)
+            else:
+                lowercase_urlencoding = self._request_data.get("lowercase_urlencoding", False)
+                signed_query = self._build_sign_query(data[saml_type], data.get("RelayState"), sign_alg, saml_type, lowercase_urlencoding)
 
             if exists_multix509sign:
-                for cert in idp_data['x509certMulti']['signing']:
-                    if OneLogin_Saml2_Utils.validate_binary_sign(signed_query,
-                                                                 OneLogin_Saml2_Utils.b64decode(signature),
-                                                                 cert,
-                                                                 sign_alg):
+                for cert in idp_data["x509certMulti"]["signing"]:
+                    if OneLogin_Saml2_Utils.validate_binary_sign(signed_query, OneLogin_Saml2_Utils.b64decode(signature), cert, sign_alg):
                         return True
-                raise OneLogin_Saml2_ValidationError(
-                    'Signature validation failed. %s rejected' % saml_type,
-                    OneLogin_Saml2_ValidationError.INVALID_SIGNATURE
-                )
+                raise OneLogin_Saml2_ValidationError("Signature validation failed. %s rejected" % saml_type, OneLogin_Saml2_ValidationError.INVALID_SIGNATURE)
             else:
-                cert = idp_data['x509cert']
-
-                if not OneLogin_Saml2_Utils.validate_binary_sign(signed_query,
-                                                                 OneLogin_Saml2_Utils.b64decode(signature),
-                                                                 cert,
-                                                                 sign_alg,
-                                                                 self.__settings.is_debug_active()):
-                    raise OneLogin_Saml2_ValidationError(
-                        'Signature validation failed. %s rejected' % saml_type,
-                        OneLogin_Saml2_ValidationError.INVALID_SIGNATURE
-                    )
+                cert = self.get_settings().get_idp_cert()
+
+                if not OneLogin_Saml2_Utils.validate_binary_sign(signed_query, OneLogin_Saml2_Utils.b64decode(signature), cert, sign_alg, self._settings.is_debug_active()):
+                    raise OneLogin_Saml2_ValidationError("Signature validation failed. %s rejected" % saml_type, OneLogin_Saml2_ValidationError.INVALID_SIGNATURE)
             return True
         except Exception as e:
-            self.__error_reason = str(e)
+            self._error_reason = str(e)
             if raise_exceptions:
                 raise e
             return False
@@ -672,11 +698,11 @@ def get_last_response_xml(self, pretty_print_if_possible=False):
         :rtype: string|None
         """
         response = None
-        if self.__last_response is not None:
-            if isinstance(self.__last_response, compat.str_type):
-                response = self.__last_response
+        if self._last_response is not None:
+            if isinstance(self._last_response, compat.str_type):
+                response = self._last_response
             else:
-                response = tostring(self.__last_response, encoding='unicode', pretty_print=pretty_print_if_possible)
+                response = tostring(self._last_response, encoding="unicode", pretty_print=pretty_print_if_possible)
         return response
 
     def get_last_request_xml(self):
@@ -685,4 +711,4 @@ def get_last_request_xml(self):
         :returns: SAML request XML
         :rtype: string|None
         """
-        return self.__last_request or None
+        return self._last_request or None
diff --git a/src/onelogin/saml2/authn_request.py b/src/onelogin/saml2/authn_request.py
index 57da1561..42585e8b 100644
--- a/src/onelogin/saml2/authn_request.py
+++ b/src/onelogin/saml2/authn_request.py
@@ -2,10 +2,8 @@
 
 """ OneLogin_Saml2_Authn_Request class
 
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
-AuthNRequest class of OneLogin's Python Toolkit.
+AuthNRequest class of SAML Python Toolkit.
 
 """
 
@@ -41,95 +39,107 @@ def __init__(self, settings, force_authn=False, is_passive=False, set_nameid_pol
         :param name_id_value_req: Optional argument. Indicates to the IdP the subject that should be authenticated
         :type name_id_value_req: string
         """
-        self.__settings = settings
+        self._settings = settings
 
-        sp_data = self.__settings.get_sp_data()
-        idp_data = self.__settings.get_idp_data()
-        security = self.__settings.get_security_data()
+        sp_data = self._settings.get_sp_data()
+        idp_data = self._settings.get_idp_data()
+        security = self._settings.get_security_data()
 
-        uid = OneLogin_Saml2_Utils.generate_unique_id()
-        self.__id = uid
+        self._id = self._generate_request_id()
         issue_instant = OneLogin_Saml2_Utils.parse_time_to_SAML(OneLogin_Saml2_Utils.now())
 
-        destination = idp_data['singleSignOnService']['url']
+        destination = idp_data["singleSignOnService"]["url"]
 
-        provider_name_str = ''
+        provider_name_str = ""
         organization_data = settings.get_organization()
         if isinstance(organization_data, dict) and organization_data:
             langs = organization_data
-            if 'en-US' in langs:
-                lang = 'en-US'
+            if "en-US" in langs:
+                lang = "en-US"
             else:
                 lang = sorted(langs)[0]
 
-            display_name = 'displayname' in organization_data[lang] and organization_data[lang]['displayname']
+            display_name = "displayname" in organization_data[lang] and organization_data[lang]["displayname"]
             if display_name:
-                provider_name_str = "\n" + '    ProviderName="%s"' % organization_data[lang]['displayname']
+                provider_name_str = "\n" + '    ProviderName="%s"' % organization_data[lang]["displayname"]
 
-        force_authn_str = ''
+        force_authn_str = ""
         if force_authn is True:
             force_authn_str = "\n" + '    ForceAuthn="true"'
 
-        is_passive_str = ''
+        is_passive_str = ""
         if is_passive is True:
             is_passive_str = "\n" + '    IsPassive="true"'
 
-        subject_str = ''
+        subject_str = ""
         if name_id_value_req:
             subject_str = """
     <saml:Subject>
         <saml:NameID Format="%s">%s</saml:NameID>
         <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"></saml:SubjectConfirmation>
-    </saml:Subject>""" % (sp_data['NameIDFormat'], name_id_value_req)
+    </saml:Subject>""" % (
+                sp_data["NameIDFormat"],
+                name_id_value_req,
+            )
 
-        nameid_policy_str = ''
+        nameid_policy_str = ""
         if set_nameid_policy:
-            name_id_policy_format = sp_data['NameIDFormat']
-            if security['wantNameIdEncrypted']:
+            name_id_policy_format = sp_data["NameIDFormat"]
+            if security["wantNameIdEncrypted"]:
                 name_id_policy_format = OneLogin_Saml2_Constants.NAMEID_ENCRYPTED
 
-            nameid_policy_str = """
+            nameid_policy_str = (
+                """
     <samlp:NameIDPolicy
         Format="%s"
-        AllowCreate="true" />""" % name_id_policy_format
+        AllowCreate="true" />"""
+                % name_id_policy_format
+            )
 
-        requested_authn_context_str = ''
-        if security['requestedAuthnContext'] is not False:
-            authn_comparison = 'exact'
-            if 'requestedAuthnContextComparison' in security.keys():
-                authn_comparison = security['requestedAuthnContextComparison']
+        requested_authn_context_str = ""
+        if security["requestedAuthnContext"] is not False:
+            authn_comparison = security["requestedAuthnContextComparison"]
 
-            if security['requestedAuthnContext'] is True:
-                requested_authn_context_str = """    <samlp:RequestedAuthnContext Comparison="%s">
+            if security["requestedAuthnContext"] is True:
+                requested_authn_context_str = (
+                    """    <samlp:RequestedAuthnContext Comparison="%s">
         <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>
-    </samlp:RequestedAuthnContext>""" % authn_comparison
+    </samlp:RequestedAuthnContext>"""
+                    % authn_comparison
+                )
             else:
                 requested_authn_context_str = '     <samlp:RequestedAuthnContext Comparison="%s">' % authn_comparison
-                for authn_context in security['requestedAuthnContext']:
-                    requested_authn_context_str += '<saml:AuthnContextClassRef>%s</saml:AuthnContextClassRef>' % authn_context
-                requested_authn_context_str += '    </samlp:RequestedAuthnContext>'
-
-        attr_consuming_service_str = ''
-        if 'attributeConsumingService' in sp_data and sp_data['attributeConsumingService']:
-            attr_consuming_service_str = "\n    AttributeConsumingServiceIndex=\"1\""
-
-        request = OneLogin_Saml2_Templates.AUTHN_REQUEST % \
-            {
-                'id': uid,
-                'provider_name': provider_name_str,
-                'force_authn_str': force_authn_str,
-                'is_passive_str': is_passive_str,
-                'issue_instant': issue_instant,
-                'destination': destination,
-                'assertion_url': sp_data['assertionConsumerService']['url'],
-                'entity_id': sp_data['entityId'],
-                'subject_str': subject_str,
-                'nameid_policy_str': nameid_policy_str,
-                'requested_authn_context_str': requested_authn_context_str,
-                'attr_consuming_service_str': attr_consuming_service_str,
-            }
-
-        self.__authn_request = request
+                for authn_context in security["requestedAuthnContext"]:
+                    requested_authn_context_str += "<saml:AuthnContextClassRef>%s</saml:AuthnContextClassRef>" % authn_context
+                requested_authn_context_str += "    </samlp:RequestedAuthnContext>"
+
+        attr_consuming_service_str = ""
+        if "attributeConsumingService" in sp_data and sp_data["attributeConsumingService"]:
+            attr_consuming_service_str = '\n    AttributeConsumingServiceIndex="%s"' % sp_data["attributeConsumingService"].get("index", "1")
+
+        request = OneLogin_Saml2_Templates.AUTHN_REQUEST % {
+            "id": self._id,
+            "provider_name": provider_name_str,
+            "force_authn_str": force_authn_str,
+            "is_passive_str": is_passive_str,
+            "issue_instant": issue_instant,
+            "destination": destination,
+            "assertion_url": sp_data["assertionConsumerService"]["url"],
+            "entity_id": sp_data["entityId"],
+            "subject_str": subject_str,
+            "nameid_policy_str": nameid_policy_str,
+            "requested_authn_context_str": requested_authn_context_str,
+            "attr_consuming_service_str": attr_consuming_service_str,
+            "acs_binding": sp_data["assertionConsumerService"].get("binding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"),
+        }
+
+        self._authn_request = request
+
+    def _generate_request_id(self):
+        """
+        Generate an unique request ID.
+        """
+        return OneLogin_Saml2_Utils.generate_unique_id()
 
     def get_request(self, deflate=True):
         """
@@ -140,9 +150,9 @@ def get_request(self, deflate=True):
         :rtype: str object
         """
         if deflate:
-            request = OneLogin_Saml2_Utils.deflate_and_base64_encode(self.__authn_request)
+            request = OneLogin_Saml2_Utils.deflate_and_base64_encode(self._authn_request)
         else:
-            request = OneLogin_Saml2_Utils.b64encode(self.__authn_request)
+            request = OneLogin_Saml2_Utils.b64encode(self._authn_request)
         return request
 
     def get_id(self):
@@ -151,7 +161,7 @@ def get_id(self):
         :return: AuthNRequest ID
         :rtype: string
         """
-        return self.__id
+        return self._id
 
     def get_xml(self):
         """
@@ -159,4 +169,4 @@ def get_xml(self):
         :return: XML request body
         :rtype: string
         """
-        return self.__authn_request
+        return self._authn_request
diff --git a/src/onelogin/saml2/compat.py b/src/onelogin/saml2/compat.py
index b69e61e4..138e09f8 100644
--- a/src/onelogin/saml2/compat.py
+++ b/src/onelogin/saml2/compat.py
@@ -2,8 +2,6 @@
 
 """ py3 compatibility class
 
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
 """
 
@@ -20,25 +18,27 @@
     unicode = str
 
 
-if isinstance(b'', type('')):  # py 2.x
+if isinstance(b"", type("")):  # py 2.x
     text_types = (basestring,)  # noqa
     bytes_type = bytes
     str_type = basestring  # noqa
 
     def utf8(data):
-        """  return utf8-encoded string """
+        """return utf8-encoded string"""
         if isinstance(data, basestring):
             return data.decode("utf8")
         return unicode(data)
 
     def to_string(data):
-        """ return string """
+        """return string"""
         if isinstance(data, unicode):
             return data.encode("utf8")
         return str(data)
 
     def to_bytes(data):
-        """ return bytes """
+        """return bytes"""
+        if isinstance(data, unicode):
+            return data.encode("utf8")
         return str(data)
 
 else:  # py 3.x
@@ -47,7 +47,7 @@ def to_bytes(data):
     str_type = str
 
     def utf8(data):
-        """ return utf8-encoded string """
+        """return utf8-encoded string"""
         if isinstance(data, bytes):
             return data.decode("utf8")
         return str(data)
diff --git a/src/onelogin/saml2/constants.py b/src/onelogin/saml2/constants.py
index e0778bd2..51392393 100644
--- a/src/onelogin/saml2/constants.py
+++ b/src/onelogin/saml2/constants.py
@@ -2,10 +2,8 @@
 
 """ OneLogin_Saml2_Constants class
 
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
-Constants class of OneLogin's Python Toolkit.
+Constants class of SAML Python Toolkit.
 
 """
 
@@ -14,7 +12,7 @@ class OneLogin_Saml2_Constants(object):
     """
 
     This class defines all the constants that will be used
-    in the OneLogin's Python Toolkit.
+    in the SAML Python Toolkit.
 
     """
 
@@ -22,95 +20,92 @@ class OneLogin_Saml2_Constants(object):
     ALLOWED_CLOCK_DRIFT = 300
 
     # NameID Formats
-    NAMEID_EMAIL_ADDRESS = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
-    NAMEID_X509_SUBJECT_NAME = 'urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName'
-    NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME = 'urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName'
-    NAMEID_UNSPECIFIED = 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'
-    NAMEID_KERBEROS = 'urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos'
-    NAMEID_ENTITY = 'urn:oasis:names:tc:SAML:2.0:nameid-format:entity'
-    NAMEID_TRANSIENT = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
-    NAMEID_PERSISTENT = 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent'
-    NAMEID_ENCRYPTED = 'urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted'
+    NAMEID_EMAIL_ADDRESS = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+    NAMEID_X509_SUBJECT_NAME = "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName"
+    NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME = "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName"
+    NAMEID_UNSPECIFIED = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
+    NAMEID_KERBEROS = "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos"
+    NAMEID_ENTITY = "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
+    NAMEID_TRANSIENT = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
+    NAMEID_PERSISTENT = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
+    NAMEID_ENCRYPTED = "urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted"
 
     # Attribute Name Formats
-    ATTRNAME_FORMAT_UNSPECIFIED = 'urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified'
-    ATTRNAME_FORMAT_URI = 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'
-    ATTRNAME_FORMAT_BASIC = 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic'
+    ATTRNAME_FORMAT_UNSPECIFIED = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"
+    ATTRNAME_FORMAT_URI = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+    ATTRNAME_FORMAT_BASIC = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
 
     # Namespaces
-    NS_SAML = 'urn:oasis:names:tc:SAML:2.0:assertion'
-    NS_SAMLP = 'urn:oasis:names:tc:SAML:2.0:protocol'
-    NS_SOAP = 'http://schemas.xmlsoap.org/soap/envelope/'
-    NS_MD = 'urn:oasis:names:tc:SAML:2.0:metadata'
-    NS_XS = 'http://www.w3.org/2001/XMLSchema'
-    NS_XSI = 'http://www.w3.org/2001/XMLSchema-instance'
-    NS_XENC = 'http://www.w3.org/2001/04/xmlenc#'
-    NS_DS = 'http://www.w3.org/2000/09/xmldsig#'
+    NS_SAML = "urn:oasis:names:tc:SAML:2.0:assertion"
+    NS_SAMLP = "urn:oasis:names:tc:SAML:2.0:protocol"
+    NS_SOAP = "http://schemas.xmlsoap.org/soap/envelope/"
+    NS_MD = "urn:oasis:names:tc:SAML:2.0:metadata"
+    NS_XS = "http://www.w3.org/2001/XMLSchema"
+    NS_XSI = "http://www.w3.org/2001/XMLSchema-instance"
+    NS_XENC = "http://www.w3.org/2001/04/xmlenc#"
+    NS_DS = "http://www.w3.org/2000/09/xmldsig#"
 
     # Namespace Prefixes
-    NS_PREFIX_SAML = 'saml'
-    NS_PREFIX_SAMLP = 'samlp'
-    NS_PREFIX_MD = 'md'
-    NS_PREFIX_XS = 'xs'
-    NS_PREFIX_XSI = 'xsi'
-    NS_PREFIX_XSD = 'xsd'
-    NS_PREFIX_XENC = 'xenc'
-    NS_PREFIX_DS = 'ds'
+    NS_PREFIX_SAML = "saml"
+    NS_PREFIX_SAMLP = "samlp"
+    NS_PREFIX_MD = "md"
+    NS_PREFIX_XS = "xs"
+    NS_PREFIX_XSI = "xsi"
+    NS_PREFIX_XSD = "xsd"
+    NS_PREFIX_XENC = "xenc"
+    NS_PREFIX_DS = "ds"
 
     # Prefix:Namespace Mappings
-    NSMAP = {
-        NS_PREFIX_SAMLP: NS_SAMLP,
-        NS_PREFIX_SAML: NS_SAML,
-        NS_PREFIX_DS: NS_DS,
-        NS_PREFIX_XENC: NS_XENC,
-        NS_PREFIX_MD: NS_MD
-    }
+    NSMAP = {NS_PREFIX_SAMLP: NS_SAMLP, NS_PREFIX_SAML: NS_SAML, NS_PREFIX_DS: NS_DS, NS_PREFIX_XENC: NS_XENC, NS_PREFIX_MD: NS_MD}
 
     # Bindings
-    BINDING_HTTP_POST = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'
-    BINDING_HTTP_REDIRECT = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
-    BINDING_HTTP_ARTIFACT = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact'
-    BINDING_SOAP = 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP'
-    BINDING_DEFLATE = 'urn:oasis:names:tc:SAML:2.0:bindings:URL-Encoding:DEFLATE'
+    BINDING_HTTP_POST = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+    BINDING_HTTP_REDIRECT = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+    BINDING_HTTP_ARTIFACT = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+    BINDING_SOAP = "urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+    BINDING_DEFLATE = "urn:oasis:names:tc:SAML:2.0:bindings:URL-Encoding:DEFLATE"
 
     # Auth Context Class
-    AC_UNSPECIFIED = 'urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified'
-    AC_PASSWORD = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Password'
-    AC_PASSWORD_PROTECTED = 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'
-    AC_X509 = 'urn:oasis:names:tc:SAML:2.0:ac:classes:X509'
-    AC_SMARTCARD = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard'
-    AC_KERBEROS = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos'
+    AC_UNSPECIFIED = "urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified"
+    AC_PASSWORD = "urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
+    AC_PASSWORD_PROTECTED = "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
+    AC_X509 = "urn:oasis:names:tc:SAML:2.0:ac:classes:X509"
+    AC_SMARTCARD = "urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard"
+    AC_KERBEROS = "urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos"
 
     # Subject Confirmation
-    CM_BEARER = 'urn:oasis:names:tc:SAML:2.0:cm:bearer'
-    CM_HOLDER_KEY = 'urn:oasis:names:tc:SAML:2.0:cm:holder-of-key'
-    CM_SENDER_VOUCHES = 'urn:oasis:names:tc:SAML:2.0:cm:sender-vouches'
+    CM_BEARER = "urn:oasis:names:tc:SAML:2.0:cm:bearer"
+    CM_HOLDER_KEY = "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key"
+    CM_SENDER_VOUCHES = "urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"
 
     # Status Codes
-    STATUS_SUCCESS = 'urn:oasis:names:tc:SAML:2.0:status:Success'
-    STATUS_REQUESTER = 'urn:oasis:names:tc:SAML:2.0:status:Requester'
-    STATUS_RESPONDER = 'urn:oasis:names:tc:SAML:2.0:status:Responder'
-    STATUS_VERSION_MISMATCH = 'urn:oasis:names:tc:SAML:2.0:status:VersionMismatch'
-    STATUS_NO_PASSIVE = 'urn:oasis:names:tc:SAML:2.0:status:NoPassive'
-    STATUS_PARTIAL_LOGOUT = 'urn:oasis:names:tc:SAML:2.0:status:PartialLogout'
-    STATUS_PROXY_COUNT_EXCEEDED = 'urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded'
+    STATUS_SUCCESS = "urn:oasis:names:tc:SAML:2.0:status:Success"
+    STATUS_REQUESTER = "urn:oasis:names:tc:SAML:2.0:status:Requester"
+    STATUS_RESPONDER = "urn:oasis:names:tc:SAML:2.0:status:Responder"
+    STATUS_VERSION_MISMATCH = "urn:oasis:names:tc:SAML:2.0:status:VersionMismatch"
+    STATUS_NO_PASSIVE = "urn:oasis:names:tc:SAML:2.0:status:NoPassive"
+    STATUS_PARTIAL_LOGOUT = "urn:oasis:names:tc:SAML:2.0:status:PartialLogout"
+    STATUS_PROXY_COUNT_EXCEEDED = "urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded"
 
     # Sign & Crypto
-    SHA1 = 'http://www.w3.org/2000/09/xmldsig#sha1'
-    SHA256 = 'http://www.w3.org/2001/04/xmlenc#sha256'
-    SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#sha384'
-    SHA512 = 'http://www.w3.org/2001/04/xmlenc#sha512'
+    SHA1 = "http://www.w3.org/2000/09/xmldsig#sha1"
+    SHA256 = "http://www.w3.org/2001/04/xmlenc#sha256"
+    SHA384 = "http://www.w3.org/2001/04/xmldsig-more#sha384"
+    SHA512 = "http://www.w3.org/2001/04/xmlenc#sha512"
 
-    DSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#dsa-sha1'
-    RSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'
-    RSA_SHA256 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
-    RSA_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384'
-    RSA_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'
+    DSA_SHA1 = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"
+    RSA_SHA1 = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
+    RSA_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
+    RSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"
+    RSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"
 
     # Enc
-    TRIPLEDES_CBC = 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'
-    AES128_CBC = 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'
-    AES192_CBC = 'http://www.w3.org/2001/04/xmlenc#aes192-cbc'
-    AES256_CBC = 'http://www.w3.org/2001/04/xmlenc#aes256-cbc'
-    RSA_1_5 = 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'
-    RSA_OAEP_MGF1P = 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'
+    TRIPLEDES_CBC = "http://www.w3.org/2001/04/xmlenc#tripledes-cbc"
+    AES128_CBC = "http://www.w3.org/2001/04/xmlenc#aes128-cbc"
+    AES192_CBC = "http://www.w3.org/2001/04/xmlenc#aes192-cbc"
+    AES256_CBC = "http://www.w3.org/2001/04/xmlenc#aes256-cbc"
+    RSA_1_5 = "http://www.w3.org/2001/04/xmlenc#rsa-1_5"
+    RSA_OAEP_MGF1P = "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
+
+    # Define here the deprecated algorithms
+    DEPRECATED_ALGORITHMS = [DSA_SHA1, RSA_SHA1, SHA1]
diff --git a/src/onelogin/saml2/errors.py b/src/onelogin/saml2/errors.py
index 6faba2e2..bcb4890d 100644
--- a/src/onelogin/saml2/errors.py
+++ b/src/onelogin/saml2/errors.py
@@ -2,10 +2,8 @@
 
 """ OneLogin_Saml2_Error class
 
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
-Error class of OneLogin's Python Toolkit.
+Error class of SAML Python Toolkit.
 
 Defines common Error codes and has a custom initializator.
 
@@ -110,6 +108,8 @@ class OneLogin_Saml2_ValidationError(Exception):
     WRONG_NUMBER_OF_SIGNATURES = 43
     RESPONSE_EXPIRED = 44
     AUTHN_CONTEXT_MISMATCH = 45
+    DEPRECATED_SIGNATURE_METHOD = 46
+    DEPRECATED_DIGEST_METHOD = 47
 
     def __init__(self, message, code=0, errors=None):
         """
diff --git a/src/onelogin/saml2/idp_metadata_parser.py b/src/onelogin/saml2/idp_metadata_parser.py
index 036028a2..b3b3d9be 100644
--- a/src/onelogin/saml2/idp_metadata_parser.py
+++ b/src/onelogin/saml2/idp_metadata_parser.py
@@ -1,18 +1,12 @@
 # -*- coding: utf-8 -*-
 
 """ OneLogin_Saml2_IdPMetadataParser class
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
-Metadata class of OneLogin's Python Toolkit.
+Metadata class of SAML Python Toolkit.
 """
 
 
 from copy import deepcopy
-
-try:
-    import urllib.request as urllib2
-except ImportError:
-    import urllib2
+from urllib.request import Request, urlopen
 
 import ssl
 
@@ -23,10 +17,21 @@
 class OneLogin_Saml2_IdPMetadataParser(object):
     """
     A class that contain methods related to obtaining and parsing metadata from IdP
+
+    This class does not validate in any way the URL that is introduced,
+    make sure to validate it properly before use it in a get_metadata method.
     """
 
-    @staticmethod
-    def get_metadata(url, validate_cert=True):
+    @classmethod
+    def get_metadata(
+        cls,
+        url,
+        validate_cert=True,
+        cafile=None,
+        capath=None,
+        timeout=None,
+        headers=None,
+    ):
         """
         Gets the metadata XML from the provided URL
         :param url: Url where the XML of the Identity Provider Metadata is published.
@@ -35,36 +40,48 @@ def get_metadata(url, validate_cert=True):
         :param validate_cert: If the url uses https schema, that flag enables or not the verification of the associated certificate.
         :type validate_cert: bool
 
+        :param timeout: Timeout in seconds to wait for metadata response
+        :type timeout: int
+        :param headers: Extra headers to send in the request
+        :type headers: dict
+
         :returns: metadata XML
         :rtype: string
         """
         valid = False
 
-        if validate_cert:
-            response = urllib2.urlopen(url)
-        else:
+        # Respect the no-TLS-certificate validation option
+        ctx = None
+        if not validate_cert:
+            if cafile or capath:
+                raise ValueError(
+                    "Specifying 'cafile' or 'capath' while disabling certificate "
+                    "validation is contradictory."
+                )
             ctx = ssl.create_default_context()
             ctx.check_hostname = False
             ctx.verify_mode = ssl.CERT_NONE
-            response = urllib2.urlopen(url, context=ctx)
+
+        request = Request(url, headers=headers or {})
+        response = urlopen(request, timeout=timeout, cafile=cafile, capath=capath, context=ctx)
         xml = response.read()
 
         if xml:
             try:
                 dom = OneLogin_Saml2_XML.to_etree(xml)
-                idp_descriptor_nodes = OneLogin_Saml2_XML.query(dom, '//md:IDPSSODescriptor')
+                idp_descriptor_nodes = OneLogin_Saml2_XML.query(dom, "//md:IDPSSODescriptor")
                 if idp_descriptor_nodes:
                     valid = True
             except Exception:
                 pass
 
         if not valid:
-            raise Exception('Not valid IdP XML found from URL: %s' % (url))
+            raise Exception("Not valid IdP XML found from URL: %s" % (url))
 
         return xml
 
-    @staticmethod
-    def parse_remote(url, validate_cert=True, entity_id=None, **kwargs):
+    @classmethod
+    def parse_remote(cls, url, validate_cert=True, entity_id=None, timeout=None, **kwargs):
         """
         Gets the metadata XML from the provided URL and parse it, returning a dict with extracted data
         :param url: Url where the XML of the Identity Provider Metadata is published.
@@ -77,18 +94,17 @@ def parse_remote(url, validate_cert=True, entity_id=None, **kwargs):
                           that contains multiple EntityDescriptor.
         :type entity_id: string
 
+        :param timeout: Timeout in seconds to wait for metadata response
+        :type timeout: int
+
         :returns: settings dict with extracted data
         :rtype: dict
         """
-        idp_metadata = OneLogin_Saml2_IdPMetadataParser.get_metadata(url, validate_cert)
-        return OneLogin_Saml2_IdPMetadataParser.parse(idp_metadata, entity_id=entity_id, **kwargs)
+        idp_metadata = cls.get_metadata(url, validate_cert, timeout, headers=kwargs.pop("headers", None))
+        return cls.parse(idp_metadata, entity_id=entity_id, **kwargs)
 
-    @staticmethod
-    def parse(
-            idp_metadata,
-            required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT,
-            required_slo_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT,
-            entity_id=None):
+    @classmethod
+    def parse(cls, idp_metadata, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT, required_slo_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT, entity_id=None):
         """
         Parses the Identity Provider metadata and return a dict with extracted data.
 
@@ -127,40 +143,34 @@ def parse(
         dom = OneLogin_Saml2_XML.to_etree(idp_metadata)
         idp_entity_id = want_authn_requests_signed = idp_name_id_format = idp_sso_url = idp_slo_url = certs = None
 
-        entity_desc_path = '//md:EntityDescriptor'
+        entity_desc_path = "//md:EntityDescriptor"
         if entity_id:
             entity_desc_path += "[@entityID='%s']" % entity_id
         entity_descriptor_nodes = OneLogin_Saml2_XML.query(dom, entity_desc_path)
 
         if len(entity_descriptor_nodes) > 0:
             entity_descriptor_node = entity_descriptor_nodes[0]
-            idp_descriptor_nodes = OneLogin_Saml2_XML.query(entity_descriptor_node, './md:IDPSSODescriptor')
+            idp_descriptor_nodes = OneLogin_Saml2_XML.query(entity_descriptor_node, "./md:IDPSSODescriptor")
             if len(idp_descriptor_nodes) > 0:
                 idp_descriptor_node = idp_descriptor_nodes[0]
 
-                idp_entity_id = entity_descriptor_node.get('entityID', None)
+                idp_entity_id = entity_descriptor_node.get("entityID", None)
 
-                want_authn_requests_signed = entity_descriptor_node.get('WantAuthnRequestsSigned', None)
+                want_authn_requests_signed = idp_descriptor_node.get("WantAuthnRequestsSigned", None)
 
-                name_id_format_nodes = OneLogin_Saml2_XML.query(idp_descriptor_node, './md:NameIDFormat')
+                name_id_format_nodes = OneLogin_Saml2_XML.query(idp_descriptor_node, "./md:NameIDFormat")
                 if len(name_id_format_nodes) > 0:
                     idp_name_id_format = OneLogin_Saml2_XML.element_text(name_id_format_nodes[0])
 
-                sso_nodes = OneLogin_Saml2_XML.query(
-                    idp_descriptor_node,
-                    "./md:SingleSignOnService[@Binding='%s']" % required_sso_binding
-                )
+                sso_nodes = OneLogin_Saml2_XML.query(idp_descriptor_node, "./md:SingleSignOnService[@Binding='%s']" % required_sso_binding)
 
                 if len(sso_nodes) > 0:
-                    idp_sso_url = sso_nodes[0].get('Location', None)
+                    idp_sso_url = sso_nodes[0].get("Location", None)
 
-                slo_nodes = OneLogin_Saml2_XML.query(
-                    idp_descriptor_node,
-                    "./md:SingleLogoutService[@Binding='%s']" % required_slo_binding
-                )
+                slo_nodes = OneLogin_Saml2_XML.query(idp_descriptor_node, "./md:SingleLogoutService[@Binding='%s']" % required_slo_binding)
 
                 if len(slo_nodes) > 0:
-                    idp_slo_url = slo_nodes[0].get('Location', None)
+                    idp_slo_url = slo_nodes[0].get("Location", None)
 
                 signing_nodes = OneLogin_Saml2_XML.query(idp_descriptor_node, "./md:KeyDescriptor[not(contains(@use, 'encryption'))]/ds:KeyInfo/ds:X509Data/ds:X509Certificate")
                 encryption_nodes = OneLogin_Saml2_XML.query(idp_descriptor_node, "./md:KeyDescriptor[not(contains(@use, 'signing'))]/ds:KeyInfo/ds:X509Data/ds:X509Certificate")
@@ -168,50 +178,47 @@ def parse(
                 if len(signing_nodes) > 0 or len(encryption_nodes) > 0:
                     certs = {}
                     if len(signing_nodes) > 0:
-                        certs['signing'] = []
+                        certs["signing"] = []
                         for cert_node in signing_nodes:
-                            certs['signing'].append(''.join(OneLogin_Saml2_XML.element_text(cert_node).split()))
+                            certs["signing"].append("".join(OneLogin_Saml2_XML.element_text(cert_node).split()))
                     if len(encryption_nodes) > 0:
-                        certs['encryption'] = []
+                        certs["encryption"] = []
                         for cert_node in encryption_nodes:
-                            certs['encryption'].append(''.join(OneLogin_Saml2_XML.element_text(cert_node).split()))
+                            certs["encryption"].append("".join(OneLogin_Saml2_XML.element_text(cert_node).split()))
 
-                data['idp'] = {}
+                data["idp"] = {}
 
                 if idp_entity_id is not None:
-                    data['idp']['entityId'] = idp_entity_id
+                    data["idp"]["entityId"] = idp_entity_id
 
                 if idp_sso_url is not None:
-                    data['idp']['singleSignOnService'] = {}
-                    data['idp']['singleSignOnService']['url'] = idp_sso_url
-                    data['idp']['singleSignOnService']['binding'] = required_sso_binding
+                    data["idp"]["singleSignOnService"] = {}
+                    data["idp"]["singleSignOnService"]["url"] = idp_sso_url
+                    data["idp"]["singleSignOnService"]["binding"] = required_sso_binding
 
                 if idp_slo_url is not None:
-                    data['idp']['singleLogoutService'] = {}
-                    data['idp']['singleLogoutService']['url'] = idp_slo_url
-                    data['idp']['singleLogoutService']['binding'] = required_slo_binding
+                    data["idp"]["singleLogoutService"] = {}
+                    data["idp"]["singleLogoutService"]["url"] = idp_slo_url
+                    data["idp"]["singleLogoutService"]["binding"] = required_slo_binding
 
                 if want_authn_requests_signed is not None:
-                    data['security'] = {}
-                    data['security']['authnRequestsSigned'] = want_authn_requests_signed
+                    data["security"] = {}
+                    data["security"]["authnRequestsSigned"] = want_authn_requests_signed == "true"
 
                 if idp_name_id_format:
-                    data['sp'] = {}
-                    data['sp']['NameIDFormat'] = idp_name_id_format
+                    data["sp"] = {}
+                    data["sp"]["NameIDFormat"] = idp_name_id_format
 
                 if certs is not None:
-                    if (len(certs) == 1 and
-                        (('signing' in certs and len(certs['signing']) == 1) or
-                         ('encryption' in certs and len(certs['encryption']) == 1))) or \
-                        (('signing' in certs and len(certs['signing']) == 1) and
-                         ('encryption' in certs and len(certs['encryption']) == 1 and
-                         certs['signing'][0] == certs['encryption'][0])):
-                        if 'signing' in certs:
-                            data['idp']['x509cert'] = certs['signing'][0]
+                    if (len(certs) == 1 and (("signing" in certs and len(certs["signing"]) == 1) or ("encryption" in certs and len(certs["encryption"]) == 1))) or (
+                        ("signing" in certs and len(certs["signing"]) == 1) and ("encryption" in certs and len(certs["encryption"]) == 1 and certs["signing"][0] == certs["encryption"][0])
+                    ):
+                        if "signing" in certs:
+                            data["idp"]["x509cert"] = certs["signing"][0]
                         else:
-                            data['idp']['x509cert'] = certs['encryption'][0]
+                            data["idp"]["x509cert"] = certs["encryption"][0]
                     else:
-                        data['idp']['x509certMulti'] = certs
+                        data["idp"]["x509certMulti"] = certs
         return data
 
     @staticmethod
@@ -219,26 +226,26 @@ def merge_settings(settings, new_metadata_settings):
         """
         Will update the settings with the provided new settings data extracted from the IdP metadata
         :param settings: Current settings dict data
-        :type settings: string
+        :type settings: dict
         :param new_metadata_settings: Settings to be merged (extracted from IdP metadata after parsing)
-        :type new_metadata_settings: string
+        :type new_metadata_settings: dict
         :returns: merged settings
         :rtype: dict
         """
         for d in (settings, new_metadata_settings):
             if not isinstance(d, dict):
-                raise TypeError('Both arguments must be dictionaries.')
+                raise TypeError("Both arguments must be dictionaries.")
 
         # Guarantee to not modify original data (`settings.copy()` would not
         # be sufficient, as it's just a shallow copy).
         result_settings = deepcopy(settings)
 
         # previously I will take care of cert stuff
-        if 'idp' in new_metadata_settings and 'idp' in result_settings:
-            if new_metadata_settings['idp'].get('x509cert', None) and result_settings['idp'].get('x509certMulti', None):
-                del result_settings['idp']['x509certMulti']
-            if new_metadata_settings['idp'].get('x509certMulti', None) and result_settings['idp'].get('x509cert', None):
-                del result_settings['idp']['x509cert']
+        if "idp" in new_metadata_settings and "idp" in result_settings:
+            if new_metadata_settings["idp"].get("x509cert", None) and result_settings["idp"].get("x509certMulti", None):
+                del result_settings["idp"]["x509certMulti"]
+            if new_metadata_settings["idp"].get("x509certMulti", None) and result_settings["idp"].get("x509cert", None):
+                del result_settings["idp"]["x509cert"]
 
         # Merge `new_metadata_settings` into `result_settings`.
         dict_deep_merge(result_settings, new_metadata_settings)
diff --git a/src/onelogin/saml2/logout_request.py b/src/onelogin/saml2/logout_request.py
index 252726b7..dea7f806 100644
--- a/src/onelogin/saml2/logout_request.py
+++ b/src/onelogin/saml2/logout_request.py
@@ -2,10 +2,8 @@
 
 """ OneLogin_Saml2_Logout_Request class
 
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
-Logout Request class of OneLogin's Python Toolkit.
+Logout Request class of SAML Python Toolkit.
 
 """
 
@@ -50,35 +48,32 @@ def __init__(self, settings, request=None, name_id=None, session_index=None, nq=
         :param spnq: SP Name Qualifier
         :type: string
         """
-        self.__settings = settings
-        self.__error = None
+        self._settings = settings
+        self._error = None
         self.id = None
 
         if request is None:
-            sp_data = self.__settings.get_sp_data()
-            idp_data = self.__settings.get_idp_data()
-            security = self.__settings.get_security_data()
+            sp_data = self._settings.get_sp_data()
+            idp_data = self._settings.get_idp_data()
+            security = self._settings.get_security_data()
 
-            uid = OneLogin_Saml2_Utils.generate_unique_id()
-            self.id = uid
+            self.id = self._generate_request_id()
 
             issue_instant = OneLogin_Saml2_Utils.parse_time_to_SAML(OneLogin_Saml2_Utils.now())
 
             cert = None
-            if security['nameIdEncrypted']:
-                exists_multix509enc = 'x509certMulti' in idp_data and \
-                    'encryption' in idp_data['x509certMulti'] and \
-                    idp_data['x509certMulti']['encryption']
+            if security["nameIdEncrypted"]:
+                exists_multix509enc = "x509certMulti" in idp_data and "encryption" in idp_data["x509certMulti"] and idp_data["x509certMulti"]["encryption"]
                 if exists_multix509enc:
-                    cert = idp_data['x509certMulti']['encryption'][0]
+                    cert = idp_data["x509certMulti"]["encryption"][0]
                 else:
-                    cert = idp_data['x509cert']
+                    cert = self._settings.get_idp_cert()
 
             if name_id is not None:
-                if not name_id_format and sp_data['NameIDFormat'] != OneLogin_Saml2_Constants.NAMEID_UNSPECIFIED:
-                    name_id_format = sp_data['NameIDFormat']
+                if not name_id_format and sp_data["NameIDFormat"] != OneLogin_Saml2_Constants.NAMEID_UNSPECIFIED:
+                    name_id_format = sp_data["NameIDFormat"]
             else:
-                name_id = idp_data['entityId']
+                name_id = idp_data["entityId"]
                 name_id_format = OneLogin_Saml2_Constants.NAMEID_ENTITY
 
             # From saml-core-2.0-os 8.3.6, when the entity Format is used:
@@ -92,34 +87,26 @@ def __init__(self, settings, request=None, name_id=None, session_index=None, nq=
             if name_id_format and name_id_format == OneLogin_Saml2_Constants.NAMEID_UNSPECIFIED:
                 name_id_format = None
 
-            name_id_obj = OneLogin_Saml2_Utils.generate_name_id(
-                name_id,
-                spnq,
-                name_id_format,
-                cert,
-                False,
-                nq
-            )
+            name_id_obj = OneLogin_Saml2_Utils.generate_name_id(name_id, spnq, name_id_format, cert, False, nq)
 
             if session_index:
-                session_index_str = '<samlp:SessionIndex>%s</samlp:SessionIndex>' % session_index
+                session_index_str = "<samlp:SessionIndex>%s</samlp:SessionIndex>" % session_index
             else:
-                session_index_str = ''
-
-            logout_request = OneLogin_Saml2_Templates.LOGOUT_REQUEST % \
-                {
-                    'id': uid,
-                    'issue_instant': issue_instant,
-                    'single_logout_url': idp_data['singleLogoutService']['url'],
-                    'entity_id': sp_data['entityId'],
-                    'name_id': name_id_obj,
-                    'session_index': session_index_str,
-                }
+                session_index_str = ""
+
+            logout_request = OneLogin_Saml2_Templates.LOGOUT_REQUEST % {
+                "id": self.id,
+                "issue_instant": issue_instant,
+                "single_logout_url": self._settings.get_idp_slo_url(),
+                "entity_id": sp_data["entityId"],
+                "name_id": name_id_obj,
+                "session_index": session_index_str,
+            }
         else:
             logout_request = OneLogin_Saml2_Utils.decode_base64_and_inflate(request, ignore_zip=True)
             self.id = self.get_id(logout_request)
 
-        self.__logout_request = compat.to_string(logout_request)
+        self._logout_request = compat.to_string(logout_request)
 
     def get_request(self, deflate=True):
         """
@@ -130,9 +117,9 @@ def get_request(self, deflate=True):
         :rtype: str object
         """
         if deflate:
-            request = OneLogin_Saml2_Utils.deflate_and_base64_encode(self.__logout_request)
+            request = OneLogin_Saml2_Utils.deflate_and_base64_encode(self._logout_request)
         else:
-            request = OneLogin_Saml2_Utils.b64encode(self.__logout_request)
+            request = OneLogin_Saml2_Utils.b64encode(self._logout_request)
         return request
 
     def get_xml(self):
@@ -142,10 +129,10 @@ def get_xml(self):
         :return: XML request body
         :rtype: string
         """
-        return self.__logout_request
+        return self._logout_request
 
-    @staticmethod
-    def get_id(request):
+    @classmethod
+    def get_id(cls, request):
         """
         Returns the ID of the Logout Request
         :param request: Logout Request Message
@@ -155,10 +142,10 @@ def get_id(request):
         """
 
         elem = OneLogin_Saml2_XML.to_etree(request)
-        return elem.get('ID', None)
+        return elem.get("ID", None)
 
-    @staticmethod
-    def get_nameid_data(request, key=None):
+    @classmethod
+    def get_nameid_data(cls, request, key=None):
         """
         Gets the NameID Data of the the Logout Request
         :param request: Logout Request Message
@@ -170,41 +157,33 @@ def get_nameid_data(request, key=None):
         """
         elem = OneLogin_Saml2_XML.to_etree(request)
         name_id = None
-        encrypted_entries = OneLogin_Saml2_XML.query(elem, '/samlp:LogoutRequest/saml:EncryptedID')
+        encrypted_entries = OneLogin_Saml2_XML.query(elem, "/samlp:LogoutRequest/saml:EncryptedID")
 
         if len(encrypted_entries) == 1:
             if key is None:
-                raise OneLogin_Saml2_Error(
-                    'Private Key is required in order to decrypt the NameID, check settings',
-                    OneLogin_Saml2_Error.PRIVATE_KEY_NOT_FOUND
-                )
+                raise OneLogin_Saml2_Error("Private Key is required in order to decrypt the NameID, check settings", OneLogin_Saml2_Error.PRIVATE_KEY_NOT_FOUND)
 
-            encrypted_data_nodes = OneLogin_Saml2_XML.query(elem, '/samlp:LogoutRequest/saml:EncryptedID/xenc:EncryptedData')
+            encrypted_data_nodes = OneLogin_Saml2_XML.query(elem, "/samlp:LogoutRequest/saml:EncryptedID/xenc:EncryptedData")
             if len(encrypted_data_nodes) == 1:
                 encrypted_data = encrypted_data_nodes[0]
                 name_id = OneLogin_Saml2_Utils.decrypt_element(encrypted_data, key)
         else:
-            entries = OneLogin_Saml2_XML.query(elem, '/samlp:LogoutRequest/saml:NameID')
+            entries = OneLogin_Saml2_XML.query(elem, "/samlp:LogoutRequest/saml:NameID")
             if len(entries) == 1:
                 name_id = entries[0]
 
         if name_id is None:
-            raise OneLogin_Saml2_ValidationError(
-                'NameID not found in the Logout Request',
-                OneLogin_Saml2_ValidationError.NO_NAMEID
-            )
-
-        name_id_data = {
-            'Value': OneLogin_Saml2_XML.element_text(name_id)
-        }
-        for attr in ['Format', 'SPNameQualifier', 'NameQualifier']:
+            raise OneLogin_Saml2_ValidationError("NameID not found in the Logout Request", OneLogin_Saml2_ValidationError.NO_NAMEID)
+
+        name_id_data = {"Value": OneLogin_Saml2_XML.element_text(name_id)}
+        for attr in ["Format", "SPNameQualifier", "NameQualifier"]:
             if attr in name_id.attrib:
                 name_id_data[attr] = name_id.attrib[attr]
 
         return name_id_data
 
-    @staticmethod
-    def get_nameid(request, key=None):
+    @classmethod
+    def get_nameid(cls, request, key=None):
         """
         Gets the NameID of the Logout Request Message
         :param request: Logout Request Message
@@ -214,11 +193,11 @@ def get_nameid(request, key=None):
         :return: Name ID Value
         :rtype: string
         """
-        name_id = OneLogin_Saml2_Logout_Request.get_nameid_data(request, key)
-        return name_id['Value']
+        name_id = cls.get_nameid_data(request, key)
+        return name_id["Value"]
 
-    @staticmethod
-    def get_nameid_format(request, key=None):
+    @classmethod
+    def get_nameid_format(cls, request, key=None):
         """
         Gets the NameID Format of the Logout Request Message
         :param request: Logout Request Message
@@ -229,13 +208,13 @@ def get_nameid_format(request, key=None):
         :rtype: string
         """
         name_id_format = None
-        name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(request, key)
-        if name_id_data and 'Format' in name_id_data.keys():
-            name_id_format = name_id_data['Format']
+        name_id_data = cls.get_nameid_data(request, key)
+        if name_id_data and "Format" in name_id_data.keys():
+            name_id_format = name_id_data["Format"]
         return name_id_format
 
-    @staticmethod
-    def get_issuer(request):
+    @classmethod
+    def get_issuer(cls, request):
         """
         Gets the Issuer of the Logout Request Message
         :param request: Logout Request Message
@@ -246,13 +225,13 @@ def get_issuer(request):
 
         elem = OneLogin_Saml2_XML.to_etree(request)
         issuer = None
-        issuer_nodes = OneLogin_Saml2_XML.query(elem, '/samlp:LogoutRequest/saml:Issuer')
+        issuer_nodes = OneLogin_Saml2_XML.query(elem, "/samlp:LogoutRequest/saml:Issuer")
         if len(issuer_nodes) == 1:
             issuer = OneLogin_Saml2_XML.element_text(issuer_nodes[0])
         return issuer
 
-    @staticmethod
-    def get_session_indexes(request):
+    @classmethod
+    def get_session_indexes(cls, request):
         """
         Gets the SessionIndexes from the Logout Request
         :param request: Logout Request Message
@@ -263,7 +242,7 @@ def get_session_indexes(request):
 
         elem = OneLogin_Saml2_XML.to_etree(request)
         session_indexes = []
-        session_index_nodes = OneLogin_Saml2_XML.query(elem, '/samlp:LogoutRequest/samlp:SessionIndex')
+        session_index_nodes = OneLogin_Saml2_XML.query(elem, "/samlp:LogoutRequest/samlp:SessionIndex")
         for session_index_node in session_index_nodes:
             session_indexes.append(OneLogin_Saml2_XML.element_text(session_index_node))
         return session_indexes
@@ -280,75 +259,61 @@ def is_valid(self, request_data, raise_exceptions=False):
         :return: If the Logout Request is or not valid
         :rtype: boolean
         """
-        self.__error = None
+        self._error = None
         try:
-            root = OneLogin_Saml2_XML.to_etree(self.__logout_request)
+            root = OneLogin_Saml2_XML.to_etree(self._logout_request)
 
-            idp_data = self.__settings.get_idp_data()
-            idp_entity_id = idp_data['entityId']
+            idp_data = self._settings.get_idp_data()
+            idp_entity_id = idp_data["entityId"]
 
-            get_data = ('get_data' in request_data and request_data['get_data']) or dict()
+            get_data = ("get_data" in request_data and request_data["get_data"]) or dict()
 
-            if self.__settings.is_strict():
-                res = OneLogin_Saml2_XML.validate_xml(root, 'saml-schema-protocol-2.0.xsd', self.__settings.is_debug_active())
+            if self._settings.is_strict():
+                res = OneLogin_Saml2_XML.validate_xml(root, "saml-schema-protocol-2.0.xsd", self._settings.is_debug_active())
                 if isinstance(res, str):
-                    raise OneLogin_Saml2_ValidationError(
-                        'Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd',
-                        OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT
-                    )
+                    raise OneLogin_Saml2_ValidationError("Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd", OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT)
 
-                security = self.__settings.get_security_data()
+                security = self._settings.get_security_data()
 
                 current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
 
                 # Check NotOnOrAfter
-                if root.get('NotOnOrAfter', None):
-                    na = OneLogin_Saml2_Utils.parse_SAML_to_time(root.get('NotOnOrAfter'))
+                if root.get("NotOnOrAfter", None):
+                    na = OneLogin_Saml2_Utils.parse_SAML_to_time(root.get("NotOnOrAfter"))
                     if na <= OneLogin_Saml2_Utils.now():
-                        raise OneLogin_Saml2_ValidationError(
-                            'Could not validate timestamp: expired. Check system clock.)',
-                            OneLogin_Saml2_ValidationError.RESPONSE_EXPIRED
-                        )
+                        raise OneLogin_Saml2_ValidationError("Could not validate timestamp: expired. Check system clock.)", OneLogin_Saml2_ValidationError.RESPONSE_EXPIRED)
 
                 # Check destination
-                if root.get('Destination', None):
-                    destination = root.get('Destination')
-                    if destination != '':
-                        if current_url not in destination:
-                            raise OneLogin_Saml2_ValidationError(
-                                'The LogoutRequest was received at '
-                                '%(currentURL)s instead of %(destination)s' %
-                                {
-                                    'currentURL': current_url,
-                                    'destination': destination,
-                                },
-                                OneLogin_Saml2_ValidationError.WRONG_DESTINATION
-                            )
+                destination = root.get("Destination", None)
+                if destination:
+                    if not OneLogin_Saml2_Utils.normalize_url(url=destination).startswith(OneLogin_Saml2_Utils.normalize_url(url=current_url)):
+                        raise OneLogin_Saml2_ValidationError(
+                            "The LogoutRequest was received at "
+                            "%(currentURL)s instead of %(destination)s"
+                            % {
+                                "currentURL": current_url,
+                                "destination": destination,
+                            },
+                            OneLogin_Saml2_ValidationError.WRONG_DESTINATION,
+                        )
 
                 # Check issuer
-                issuer = OneLogin_Saml2_Logout_Request.get_issuer(root)
+                issuer = self.get_issuer(root)
                 if issuer is not None and issuer != idp_entity_id:
                     raise OneLogin_Saml2_ValidationError(
-                        'Invalid issuer in the Logout Request (expected %(idpEntityId)s, got %(issuer)s)' %
-                        {
-                            'idpEntityId': idp_entity_id,
-                            'issuer': issuer
-                        },
-                        OneLogin_Saml2_ValidationError.WRONG_ISSUER
+                        "Invalid issuer in the Logout Request (expected %(idpEntityId)s, got %(issuer)s)" % {"idpEntityId": idp_entity_id, "issuer": issuer},
+                        OneLogin_Saml2_ValidationError.WRONG_ISSUER,
                     )
 
-                if security['wantMessagesSigned']:
-                    if 'Signature' not in get_data:
-                        raise OneLogin_Saml2_ValidationError(
-                            'The Message of the Logout Request is not signed and the SP require it',
-                            OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE
-                        )
+                if security["wantMessagesSigned"]:
+                    if "Signature" not in get_data:
+                        raise OneLogin_Saml2_ValidationError("The Message of the Logout Request is not signed and the SP require it", OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE)
 
             return True
         except Exception as err:
             # pylint: disable=R0801
-            self.__error = str(err)
-            debug = self.__settings.is_debug_active()
+            self._error = str(err)
+            debug = self._settings.is_debug_active()
             if debug:
                 print(err)
             if raise_exceptions:
@@ -359,4 +324,10 @@ def get_error(self):
         """
         After executing a validation process, if it fails this method returns the cause
         """
-        return self.__error
+        return self._error
+
+    def _generate_request_id(self):
+        """
+        Generate an unique logout request ID.
+        """
+        return OneLogin_Saml2_Utils.generate_unique_id()
diff --git a/src/onelogin/saml2/logout_response.py b/src/onelogin/saml2/logout_response.py
index 6dd0a6d8..573a4d5d 100644
--- a/src/onelogin/saml2/logout_response.py
+++ b/src/onelogin/saml2/logout_response.py
@@ -2,14 +2,13 @@
 
 """ OneLogin_Saml2_Logout_Response class
 
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
-Logout Response class of OneLogin's Python Toolkit.
+Logout Response class of SAML Python Toolkit.
 
 """
 
 from onelogin.saml2 import compat
+from onelogin.saml2.constants import OneLogin_Saml2_Constants
 from onelogin.saml2.utils import OneLogin_Saml2_Utils, OneLogin_Saml2_ValidationError
 from onelogin.saml2.xml_templates import OneLogin_Saml2_Templates
 from onelogin.saml2.xml_utils import OneLogin_Saml2_XML
@@ -33,14 +32,14 @@ def __init__(self, settings, response=None):
             * (string)                    response. An UUEncoded SAML Logout
                                                     response from the IdP.
         """
-        self.__settings = settings
-        self.__error = None
+        self._settings = settings
+        self._error = None
         self.id = None
 
         if response is not None:
-            self.__logout_response = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(response, ignore_zip=True))
-            self.document = OneLogin_Saml2_XML.to_etree(self.__logout_response)
-            self.id = self.document.get('ID', None)
+            self._logout_response = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(response, ignore_zip=True))
+            self.document = OneLogin_Saml2_XML.to_etree(self._logout_response)
+            self.id = self.document.get("ID", None)
 
     def get_issuer(self):
         """
@@ -49,7 +48,7 @@ def get_issuer(self):
         :rtype: string
         """
         issuer = None
-        issuer_nodes = self.__query('/samlp:LogoutResponse/saml:Issuer')
+        issuer_nodes = self._query("/samlp:LogoutResponse/saml:Issuer")
         if len(issuer_nodes) == 1:
             issuer = OneLogin_Saml2_XML.element_text(issuer_nodes[0])
         return issuer
@@ -60,10 +59,10 @@ def get_status(self):
         :return: The Status
         :rtype: string
         """
-        entries = self.__query('/samlp:LogoutResponse/samlp:Status/samlp:StatusCode')
+        entries = self._query("/samlp:LogoutResponse/samlp:Status/samlp:StatusCode")
         if len(entries) == 0:
             return None
-        status = entries[0].attrib['Value']
+        status = entries[0].attrib["Value"]
         return status
 
     def is_valid(self, request_data, request_id=None, raise_exceptions=False):
@@ -78,70 +77,58 @@ def is_valid(self, request_data, request_id=None, raise_exceptions=False):
         :return: Returns if the SAML LogoutResponse is or not valid
         :rtype: boolean
         """
-        self.__error = None
+        self._error = None
         try:
-            idp_data = self.__settings.get_idp_data()
-            idp_entity_id = idp_data['entityId']
-            get_data = request_data['get_data']
+            idp_data = self._settings.get_idp_data()
+            idp_entity_id = idp_data["entityId"]
+            get_data = request_data["get_data"]
 
-            if self.__settings.is_strict():
-                res = OneLogin_Saml2_XML.validate_xml(self.document, 'saml-schema-protocol-2.0.xsd', self.__settings.is_debug_active())
+            if self._settings.is_strict():
+                res = OneLogin_Saml2_XML.validate_xml(self.document, "saml-schema-protocol-2.0.xsd", self._settings.is_debug_active())
                 if isinstance(res, str):
-                    raise OneLogin_Saml2_ValidationError(
-                        'Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd',
-                        OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT
-                    )
+                    raise OneLogin_Saml2_ValidationError("Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd", OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT)
 
-                security = self.__settings.get_security_data()
+                security = self._settings.get_security_data()
 
                 # Check if the InResponseTo of the Logout Response matches the ID of the Logout Request (requestId) if provided
                 in_response_to = self.get_in_response_to()
                 if request_id is not None and in_response_to and in_response_to != request_id:
                     raise OneLogin_Saml2_ValidationError(
-                        'The InResponseTo of the Logout Response: %s, does not match the ID of the Logout request sent by the SP: %s' % (in_response_to, request_id),
-                        OneLogin_Saml2_ValidationError.WRONG_INRESPONSETO
+                        "The InResponseTo of the Logout Response: %s, does not match the ID of the Logout request sent by the SP: %s" % (in_response_to, request_id),
+                        OneLogin_Saml2_ValidationError.WRONG_INRESPONSETO,
                     )
 
                 # Check issuer
                 issuer = self.get_issuer()
                 if issuer is not None and issuer != idp_entity_id:
                     raise OneLogin_Saml2_ValidationError(
-                        'Invalid issuer in the Logout Response (expected %(idpEntityId)s, got %(issuer)s)' %
-                        {
-                            'idpEntityId': idp_entity_id,
-                            'issuer': issuer
-                        },
-                        OneLogin_Saml2_ValidationError.WRONG_ISSUER
+                        "Invalid issuer in the Logout Response (expected %(idpEntityId)s, got %(issuer)s)" % {"idpEntityId": idp_entity_id, "issuer": issuer},
+                        OneLogin_Saml2_ValidationError.WRONG_ISSUER,
                     )
 
                 current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
 
                 # Check destination
-                destination = self.document.get('Destination', None)
-                if destination and current_url not in destination:
-                    raise OneLogin_Saml2_ValidationError(
-                        'The LogoutResponse was received at %s instead of %s' % (current_url, destination),
-                        OneLogin_Saml2_ValidationError.WRONG_DESTINATION
-                    )
-
-                if security['wantMessagesSigned']:
-                    if 'Signature' not in get_data:
-                        raise OneLogin_Saml2_ValidationError(
-                            'The Message of the Logout Response is not signed and the SP require it',
-                            OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE
-                        )
+                destination = self.document.get("Destination", None)
+                if destination:
+                    if not OneLogin_Saml2_Utils.normalize_url(url=destination).startswith(OneLogin_Saml2_Utils.normalize_url(url=current_url)):
+                        raise OneLogin_Saml2_ValidationError("The LogoutResponse was received at %s instead of %s" % (current_url, destination), OneLogin_Saml2_ValidationError.WRONG_DESTINATION)
+
+                if security["wantMessagesSigned"]:
+                    if "Signature" not in get_data:
+                        raise OneLogin_Saml2_ValidationError("The Message of the Logout Response is not signed and the SP require it", OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE)
             return True
         # pylint: disable=R0801
         except Exception as err:
-            self.__error = str(err)
-            debug = self.__settings.is_debug_active()
+            self._error = str(err)
+            debug = self._settings.is_debug_active()
             if debug:
                 print(err)
             if raise_exceptions:
                 raise
             return False
 
-    def __query(self, query):
+    def _query(self, query):
         """
         Extracts a node from the Etree (Logout Response Message)
         :param query: Xpath Expression
@@ -151,29 +138,30 @@ def __query(self, query):
         """
         return OneLogin_Saml2_XML.query(self.document, query)
 
-    def build(self, in_response_to):
+    def build(self, in_response_to, status=OneLogin_Saml2_Constants.STATUS_SUCCESS):
         """
         Creates a Logout Response object.
         :param in_response_to: InResponseTo value for the Logout Response.
         :type in_response_to: string
+        :param: status: The status of the response
+        :type: status: string
         """
-        sp_data = self.__settings.get_sp_data()
-        idp_data = self.__settings.get_idp_data()
+        sp_data = self._settings.get_sp_data()
+
+        self.id = self._generate_request_id()
 
-        uid = OneLogin_Saml2_Utils.generate_unique_id()
         issue_instant = OneLogin_Saml2_Utils.parse_time_to_SAML(OneLogin_Saml2_Utils.now())
 
-        logout_response = OneLogin_Saml2_Templates.LOGOUT_RESPONSE % \
-            {
-                'id': uid,
-                'issue_instant': issue_instant,
-                'destination': idp_data['singleLogoutService']['url'],
-                'in_response_to': in_response_to,
-                'entity_id': sp_data['entityId'],
-                'status': "urn:oasis:names:tc:SAML:2.0:status:Success"
-            }
+        logout_response = OneLogin_Saml2_Templates.LOGOUT_RESPONSE % {
+            "id": self.id,
+            "issue_instant": issue_instant,
+            "destination": self._settings.get_idp_slo_response_url(),
+            "in_response_to": in_response_to,
+            "entity_id": sp_data["entityId"],
+            "status": status,
+        }
 
-        self.__logout_response = logout_response
+        self._logout_response = logout_response
 
     def get_in_response_to(self):
         """
@@ -181,7 +169,7 @@ def get_in_response_to(self):
         :returns: ID of LogoutRequest this LogoutResponse is in response to or None if it is not present
         :rtype: str
         """
-        return self.document.get('InResponseTo')
+        return self.document.get("InResponseTo")
 
     def get_response(self, deflate=True):
         """
@@ -192,16 +180,16 @@ def get_response(self, deflate=True):
         :rtype: string
         """
         if deflate:
-            response = OneLogin_Saml2_Utils.deflate_and_base64_encode(self.__logout_response)
+            response = OneLogin_Saml2_Utils.deflate_and_base64_encode(self._logout_response)
         else:
-            response = OneLogin_Saml2_Utils.b64encode(self.__logout_response)
+            response = OneLogin_Saml2_Utils.b64encode(self._logout_response)
         return response
 
     def get_error(self):
         """
         After executing a validation process, if it fails this method returns the cause
         """
-        return self.__error
+        return self._error
 
     def get_xml(self):
         """
@@ -210,4 +198,10 @@ def get_xml(self):
         :return: XML response body
         :rtype: string
         """
-        return self.__logout_response
+        return self._logout_response
+
+    def _generate_request_id(self):
+        """
+        Generate an unique logout response ID.
+        """
+        return OneLogin_Saml2_Utils.generate_unique_id()
diff --git a/src/onelogin/saml2/metadata.py b/src/onelogin/saml2/metadata.py
index 0aab105c..d6f1d6ae 100644
--- a/src/onelogin/saml2/metadata.py
+++ b/src/onelogin/saml2/metadata.py
@@ -2,10 +2,8 @@
 
 """ OneLoginSaml2Metadata class
 
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
-Metadata class of OneLogin's Python Toolkit.
+Metadata class of SAML Python Toolkit.
 
 """
 
@@ -31,11 +29,11 @@ class OneLogin_Saml2_Metadata(object):
 
     """
 
-    TIME_VALID = 172800   # 2 days
+    TIME_VALID = 172800  # 2 days
     TIME_CACHED = 604800  # 1 week
 
-    @staticmethod
-    def builder(sp, authnsign=False, wsign=False, valid_until=None, cache_duration=None, contacts=None, organization=None):
+    @classmethod
+    def builder(cls, sp, authnsign=False, wsign=False, valid_until=None, cache_duration=None, contacts=None, organization=None):
         """
         Builds the metadata of the SP
 
@@ -61,20 +59,20 @@ def builder(sp, authnsign=False, wsign=False, valid_until=None, cache_duration=N
         :type organization: dict
         """
         if valid_until is None:
-            valid_until = int(time()) + OneLogin_Saml2_Metadata.TIME_VALID
+            valid_until = int(time()) + cls.TIME_VALID
         if not isinstance(valid_until, basestring):
             if isinstance(valid_until, datetime):
                 valid_until_time = valid_until.timetuple()
             else:
                 valid_until_time = gmtime(valid_until)
-            valid_until_str = strftime(r'%Y-%m-%dT%H:%M:%SZ', valid_until_time)
+            valid_until_str = strftime(r"%Y-%m-%dT%H:%M:%SZ", valid_until_time)
         else:
             valid_until_str = valid_until
 
         if cache_duration is None:
-            cache_duration = OneLogin_Saml2_Metadata.TIME_CACHED
+            cache_duration = cls.TIME_CACHED
         if not isinstance(cache_duration, compat.str_type):
-            cache_duration_str = 'PT%sS' % cache_duration  # Period of Time x Seconds
+            cache_duration_str = "PT%sS" % cache_duration  # Period of Time x Seconds
         else:
             cache_duration_str = cache_duration
 
@@ -83,116 +81,117 @@ def builder(sp, authnsign=False, wsign=False, valid_until=None, cache_duration=N
         if organization is None:
             organization = {}
 
-        sls = ''
-        if 'singleLogoutService' in sp and 'url' in sp['singleLogoutService']:
-            sls = OneLogin_Saml2_Templates.MD_SLS % \
-                {
-                    'binding': sp['singleLogoutService']['binding'],
-                    'location': sp['singleLogoutService']['url'],
-                }
+        sls = ""
+        if "singleLogoutService" in sp and "url" in sp["singleLogoutService"]:
+            sls = OneLogin_Saml2_Templates.MD_SLS % {
+                "binding": sp["singleLogoutService"]["binding"],
+                "location": sp["singleLogoutService"]["url"],
+            }
 
-        str_authnsign = 'true' if authnsign else 'false'
-        str_wsign = 'true' if wsign else 'false'
+        str_authnsign = "true" if authnsign else "false"
+        str_wsign = "true" if wsign else "false"
 
-        str_organization = ''
+        str_organization = ""
         if len(organization) > 0:
             organization_names = []
             organization_displaynames = []
             organization_urls = []
-            for (lang, info) in organization.items():
-                organization_names.append("""        <md:OrganizationName xml:lang="%s">%s</md:OrganizationName>""" % (lang, info['name']))
-                organization_displaynames.append("""        <md:OrganizationDisplayName xml:lang="%s">%s</md:OrganizationDisplayName>""" % (lang, info['displayname']))
-                organization_urls.append("""        <md:OrganizationURL xml:lang="%s">%s</md:OrganizationURL>""" % (lang, info['url']))
-            org_data = '\n'.join(organization_names) + '\n' + '\n'.join(organization_displaynames) + '\n' + '\n'.join(organization_urls)
-            str_organization = """    <md:Organization>\n%(org)s\n    </md:Organization>""" % {'org': org_data}
-
-        str_contacts = ''
+            for lang, info in organization.items():
+                organization_names.append("""        <md:OrganizationName xml:lang="%s">%s</md:OrganizationName>""" % (lang, info["name"]))
+                organization_displaynames.append("""        <md:OrganizationDisplayName xml:lang="%s">%s</md:OrganizationDisplayName>""" % (lang, info["displayname"]))
+                organization_urls.append("""        <md:OrganizationURL xml:lang="%s">%s</md:OrganizationURL>""" % (lang, info["url"]))
+            org_data = "\n".join(organization_names) + "\n" + "\n".join(organization_displaynames) + "\n" + "\n".join(organization_urls)
+            str_organization = """    <md:Organization>\n%(org)s\n    </md:Organization>""" % {"org": org_data}
+
+        str_contacts = ""
         if len(contacts) > 0:
             contacts_info = []
-            for (ctype, info) in contacts.items():
-                contact = OneLogin_Saml2_Templates.MD_CONTACT_PERSON % \
-                    {
-                        'type': ctype,
-                        'name': info['givenName'],
-                        'email': info['emailAddress'],
-                    }
+            for ctype, info in contacts.items():
+                contact = OneLogin_Saml2_Templates.MD_CONTACT_PERSON % {
+                    "type": ctype,
+                    "name": info["givenName"],
+                    "email": info["emailAddress"],
+                }
                 contacts_info.append(contact)
-            str_contacts = '\n'.join(contacts_info)
-
-        str_attribute_consuming_service = ''
-        if 'attributeConsumingService' in sp and len(sp['attributeConsumingService']):
-            attr_cs_desc_str = ''
-            if "serviceDescription" in sp['attributeConsumingService']:
-                attr_cs_desc_str = """            <md:ServiceDescription xml:lang="en">%s</md:ServiceDescription>
-""" % sp['attributeConsumingService']['serviceDescription']
+            str_contacts = "\n".join(contacts_info)
+
+        str_attribute_consuming_service = ""
+        if "attributeConsumingService" in sp and len(sp["attributeConsumingService"]):
+            attr_cs_desc_str = ""
+            if "serviceDescription" in sp["attributeConsumingService"]:
+                attr_cs_desc_str = (
+                    """            <md:ServiceDescription xml:lang="en">%s</md:ServiceDescription>
+"""
+                    % sp["attributeConsumingService"]["serviceDescription"]
+                )
 
             requested_attribute_data = []
-            for req_attribs in sp['attributeConsumingService']['requestedAttributes']:
-                req_attr_nameformat_str = req_attr_friendlyname_str = req_attr_isrequired_str = ''
-                req_attr_aux_str = ' />'
-
-                if 'nameFormat' in req_attribs.keys() and req_attribs['nameFormat']:
-                    req_attr_nameformat_str = " NameFormat=\"%s\"" % req_attribs['nameFormat']
-                if 'friendlyName' in req_attribs.keys() and req_attribs['friendlyName']:
-                    req_attr_friendlyname_str = " FriendlyName=\"%s\"" % req_attribs['friendlyName']
-                if 'isRequired' in req_attribs.keys() and req_attribs['isRequired']:
-                    req_attr_isrequired_str = " isRequired=\"%s\"" % 'true' if req_attribs['isRequired'] else 'false'
-                if 'attributeValue' in req_attribs.keys() and req_attribs['attributeValue']:
-                    if isinstance(req_attribs['attributeValue'], basestring):
-                        req_attribs['attributeValue'] = [req_attribs['attributeValue']]
+            for req_attribs in sp["attributeConsumingService"]["requestedAttributes"]:
+                req_attr_nameformat_str = req_attr_friendlyname_str = req_attr_isrequired_str = ""
+                req_attr_aux_str = " />"
+
+                if "nameFormat" in req_attribs.keys() and req_attribs["nameFormat"]:
+                    req_attr_nameformat_str = ' NameFormat="%s"' % req_attribs["nameFormat"]
+                if "friendlyName" in req_attribs.keys() and req_attribs["friendlyName"]:
+                    req_attr_friendlyname_str = ' FriendlyName="%s"' % req_attribs["friendlyName"]
+                if "isRequired" in req_attribs.keys() and req_attribs["isRequired"]:
+                    req_attr_isrequired_str = ' isRequired="%s"' % "true" if req_attribs["isRequired"] else "false"
+                if "attributeValue" in req_attribs.keys() and req_attribs["attributeValue"]:
+                    if isinstance(req_attribs["attributeValue"], basestring):
+                        req_attribs["attributeValue"] = [req_attribs["attributeValue"]]
 
                     req_attr_aux_str = ">"
-                    for attrValue in req_attribs['attributeValue']:
+                    for attrValue in req_attribs["attributeValue"]:
                         req_attr_aux_str += """
-                <saml:AttributeValue xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">%(attributeValue)s</saml:AttributeValue>""" % \
-                            {
-                                'attributeValue': attrValue
-                            }
+                <saml:AttributeValue xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">%(attributeValue)s</saml:AttributeValue>""" % {
+                            "attributeValue": attrValue
+                        }
                     req_attr_aux_str += """
             </md:RequestedAttribute>"""
 
-                requested_attribute = """            <md:RequestedAttribute Name="%(req_attr_name)s"%(req_attr_nameformat_str)s%(req_attr_friendlyname_str)s%(req_attr_isrequired_str)s%(req_attr_aux_str)s""" % \
-                    {
-                        'req_attr_name': req_attribs['name'],
-                        'req_attr_nameformat_str': req_attr_nameformat_str,
-                        'req_attr_friendlyname_str': req_attr_friendlyname_str,
-                        'req_attr_isrequired_str': req_attr_isrequired_str,
-                        'req_attr_aux_str': req_attr_aux_str
+                requested_attribute = (
+                    """            <md:RequestedAttribute Name="%(req_attr_name)s"%(req_attr_nameformat_str)s%(req_attr_friendlyname_str)s%(req_attr_isrequired_str)s%(req_attr_aux_str)s"""
+                    % {
+                        "req_attr_name": req_attribs["name"],
+                        "req_attr_nameformat_str": req_attr_nameformat_str,
+                        "req_attr_friendlyname_str": req_attr_friendlyname_str,
+                        "req_attr_isrequired_str": req_attr_isrequired_str,
+                        "req_attr_aux_str": req_attr_aux_str,
                     }
+                )
 
                 requested_attribute_data.append(requested_attribute)
 
-            str_attribute_consuming_service = """        <md:AttributeConsumingService index="1">
+            str_attribute_consuming_service = """        <md:AttributeConsumingService index="%(attribute_consuming_service_index)s">
             <md:ServiceName xml:lang="en">%(service_name)s</md:ServiceName>
 %(attr_cs_desc)s%(requested_attribute_str)s
         </md:AttributeConsumingService>
-""" % \
-                {
-                    'service_name': sp['attributeConsumingService']['serviceName'],
-                    'attr_cs_desc': attr_cs_desc_str,
-                    'requested_attribute_str': '\n'.join(requested_attribute_data)
-                }
-
-        metadata = OneLogin_Saml2_Templates.MD_ENTITY_DESCRIPTOR % \
-            {
-                'valid': ('validUntil="%s"' % valid_until_str) if valid_until_str else '',
-                'cache': ('cacheDuration="%s"' % cache_duration_str) if cache_duration_str else '',
-                'entity_id': sp['entityId'],
-                'authnsign': str_authnsign,
-                'wsign': str_wsign,
-                'name_id_format': sp['NameIDFormat'],
-                'binding': sp['assertionConsumerService']['binding'],
-                'location': sp['assertionConsumerService']['url'],
-                'sls': sls,
-                'organization': str_organization,
-                'contacts': str_contacts,
-                'attribute_consuming_service': str_attribute_consuming_service
+""" % {
+                "service_name": sp["attributeConsumingService"]["serviceName"],
+                "attr_cs_desc": attr_cs_desc_str,
+                "attribute_consuming_service_index": sp["attributeConsumingService"].get("index", "1"),
+                "requested_attribute_str": "\n".join(requested_attribute_data),
             }
 
+        metadata = OneLogin_Saml2_Templates.MD_ENTITY_DESCRIPTOR % {
+            "valid": ('validUntil="%s"' % valid_until_str) if valid_until_str else "",
+            "cache": ('cacheDuration="%s"' % cache_duration_str) if cache_duration_str else "",
+            "entity_id": sp["entityId"],
+            "authnsign": str_authnsign,
+            "wsign": str_wsign,
+            "name_id_format": sp["NameIDFormat"],
+            "binding": sp["assertionConsumerService"]["binding"],
+            "location": sp["assertionConsumerService"]["url"],
+            "sls": sls,
+            "organization": str_organization,
+            "contacts": str_contacts,
+            "attribute_consuming_service": str_attribute_consuming_service,
+        }
+
         return metadata
 
     @staticmethod
-    def sign_metadata(metadata, key, cert, sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA1, digest_algorithm=OneLogin_Saml2_Constants.SHA1):
+    def sign_metadata(metadata, key, cert, sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA256, digest_algorithm=OneLogin_Saml2_Constants.SHA256):
         """
         Signs the metadata with the key/cert provided
 
@@ -217,19 +216,19 @@ def sign_metadata(metadata, key, cert, sign_algorithm=OneLogin_Saml2_Constants.R
         return OneLogin_Saml2_Utils.add_sign(metadata, key, cert, False, sign_algorithm, digest_algorithm)
 
     @staticmethod
-    def __add_x509_key_descriptors(root, cert, signing):
-        key_descriptor = OneLogin_Saml2_XML.make_child(root, '{%s}KeyDescriptor' % OneLogin_Saml2_Constants.NS_MD)
+    def _add_x509_key_descriptors(root, cert, signing):
+        key_descriptor = OneLogin_Saml2_XML.make_child(root, "{%s}KeyDescriptor" % OneLogin_Saml2_Constants.NS_MD)
         root.remove(key_descriptor)
         root.insert(0, key_descriptor)
-        key_info = OneLogin_Saml2_XML.make_child(key_descriptor, '{%s}KeyInfo' % OneLogin_Saml2_Constants.NS_DS)
-        key_data = OneLogin_Saml2_XML.make_child(key_info, '{%s}X509Data' % OneLogin_Saml2_Constants.NS_DS)
+        key_info = OneLogin_Saml2_XML.make_child(key_descriptor, "{%s}KeyInfo" % OneLogin_Saml2_Constants.NS_DS)
+        key_data = OneLogin_Saml2_XML.make_child(key_info, "{%s}X509Data" % OneLogin_Saml2_Constants.NS_DS)
 
-        x509_certificate = OneLogin_Saml2_XML.make_child(key_data, '{%s}X509Certificate' % OneLogin_Saml2_Constants.NS_DS)
+        x509_certificate = OneLogin_Saml2_XML.make_child(key_data, "{%s}X509Certificate" % OneLogin_Saml2_Constants.NS_DS)
         x509_certificate.text = OneLogin_Saml2_Utils.format_cert(cert, False)
-        key_descriptor.set('use', ('encryption', 'signing')[signing])
+        key_descriptor.set("use", ("encryption", "signing")[signing])
 
-    @staticmethod
-    def add_x509_key_descriptors(metadata, cert=None, add_encryption=True):
+    @classmethod
+    def add_x509_key_descriptors(cls, metadata, cert=None, add_encryption=True):
         """
         Adds the x509 descriptors (sign/encryption) to the metadata
         The same cert will be used for sign/encrypt
@@ -246,20 +245,20 @@ def add_x509_key_descriptors(metadata, cert=None, add_encryption=True):
         :returns: Metadata with KeyDescriptors
         :rtype: string
         """
-        if cert is None or cert == '':
+        if cert is None or cert == "":
             return metadata
         try:
             root = OneLogin_Saml2_XML.to_etree(metadata)
         except Exception as e:
-            raise Exception('Error parsing metadata. ' + str(e))
+            raise Exception("Error parsing metadata. " + str(e))
 
-        assert root.tag == '{%s}EntityDescriptor' % OneLogin_Saml2_Constants.NS_MD
+        assert root.tag == "{%s}EntityDescriptor" % OneLogin_Saml2_Constants.NS_MD
         try:
-            sp_sso_descriptor = next(root.iterfind('.//md:SPSSODescriptor', namespaces=OneLogin_Saml2_Constants.NSMAP))
+            sp_sso_descriptor = next(root.iterfind(".//md:SPSSODescriptor", namespaces=OneLogin_Saml2_Constants.NSMAP))
         except StopIteration:
-            raise Exception('Malformed metadata.')
+            raise Exception("Malformed metadata.")
 
         if add_encryption:
-            OneLogin_Saml2_Metadata.__add_x509_key_descriptors(sp_sso_descriptor, cert, False)
-        OneLogin_Saml2_Metadata.__add_x509_key_descriptors(sp_sso_descriptor, cert, True)
+            cls._add_x509_key_descriptors(sp_sso_descriptor, cert, False)
+        cls._add_x509_key_descriptors(sp_sso_descriptor, cert, True)
         return OneLogin_Saml2_XML.to_string(root)
diff --git a/src/onelogin/saml2/response.py b/src/onelogin/saml2/response.py
index 8aa309c5..5677ad9e 100644
--- a/src/onelogin/saml2/response.py
+++ b/src/onelogin/saml2/response.py
@@ -2,10 +2,8 @@
 
 """ OneLogin_Saml2_Response class
 
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
-SAML Response class of OneLogin's Python Toolkit.
+SAML Response class of SAML Python Toolkit.
 
 """
 
@@ -33,8 +31,8 @@ def __init__(self, settings, response):
         :param response: The base64 encoded, XML string containing the samlp:Response
         :type response: string
         """
-        self.__settings = settings
-        self.__error = None
+        self._settings = settings
+        self._error = None
         self.response = OneLogin_Saml2_Utils.b64decode(response)
         self.document = OneLogin_Saml2_XML.to_etree(self.response)
         self.decrypted_document = None
@@ -42,11 +40,11 @@ def __init__(self, settings, response):
         self.valid_scd_not_on_or_after = None
 
         # Quick check for the presence of EncryptedAssertion
-        encrypted_assertion_nodes = self.__query('/samlp:Response/saml:EncryptedAssertion')
+        encrypted_assertion_nodes = self._query("/samlp:Response/saml:EncryptedAssertion")
         if encrypted_assertion_nodes:
             decrypted_document = deepcopy(self.document)
             self.encrypted = True
-            self.decrypted_document = self.__decrypt_assertion(decrypted_document)
+            self.decrypted_document = self._decrypt_assertion(decrypted_document)
 
     def is_valid(self, request_data, request_id=None, raise_exceptions=False):
         """
@@ -64,61 +62,46 @@ def is_valid(self, request_data, request_id=None, raise_exceptions=False):
         :returns: True if the SAML Response is valid, False if not
         :rtype: bool
         """
-        self.__error = None
+        self._error = None
         try:
             # Checks SAML version
-            if self.document.get('Version', None) != '2.0':
-                raise OneLogin_Saml2_ValidationError(
-                    'Unsupported SAML version',
-                    OneLogin_Saml2_ValidationError.UNSUPPORTED_SAML_VERSION
-                )
+            if self.document.get("Version", None) != "2.0":
+                raise OneLogin_Saml2_ValidationError("Unsupported SAML version", OneLogin_Saml2_ValidationError.UNSUPPORTED_SAML_VERSION)
 
             # Checks that ID exists
-            if self.document.get('ID', None) is None:
-                raise OneLogin_Saml2_ValidationError(
-                    'Missing ID attribute on SAML Response',
-                    OneLogin_Saml2_ValidationError.MISSING_ID
-                )
+            if self.document.get("ID", None) is None:
+                raise OneLogin_Saml2_ValidationError("Missing ID attribute on SAML Response", OneLogin_Saml2_ValidationError.MISSING_ID)
 
             # Checks that the response has the SUCCESS status
             self.check_status()
 
             # Checks that the response only has one assertion
             if not self.validate_num_assertions():
-                raise OneLogin_Saml2_ValidationError(
-                    'SAML Response must contain 1 assertion',
-                    OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_ASSERTIONS
-                )
+                raise OneLogin_Saml2_ValidationError("SAML Response must contain 1 assertion", OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_ASSERTIONS)
 
-            idp_data = self.__settings.get_idp_data()
-            idp_entity_id = idp_data['entityId']
-            sp_data = self.__settings.get_sp_data()
-            sp_entity_id = sp_data['entityId']
+            idp_data = self._settings.get_idp_data()
+            idp_entity_id = idp_data["entityId"]
+            sp_data = self._settings.get_sp_data()
+            sp_entity_id = sp_data["entityId"]
 
             signed_elements = self.process_signed_elements()
 
-            has_signed_response = '{%s}Response' % OneLogin_Saml2_Constants.NS_SAMLP in signed_elements
-            has_signed_assertion = '{%s}Assertion' % OneLogin_Saml2_Constants.NS_SAML in signed_elements
+            has_signed_response = "{%s}Response" % OneLogin_Saml2_Constants.NS_SAMLP in signed_elements
+            has_signed_assertion = "{%s}Assertion" % OneLogin_Saml2_Constants.NS_SAML in signed_elements
 
-            if self.__settings.is_strict():
-                no_valid_xml_msg = 'Invalid SAML Response. Not match the saml-schema-protocol-2.0.xsd'
-                res = OneLogin_Saml2_XML.validate_xml(self.document, 'saml-schema-protocol-2.0.xsd', self.__settings.is_debug_active())
+            if self._settings.is_strict():
+                no_valid_xml_msg = "Invalid SAML Response. Not match the saml-schema-protocol-2.0.xsd"
+                res = OneLogin_Saml2_XML.validate_xml(self.document, "saml-schema-protocol-2.0.xsd", self._settings.is_debug_active())
                 if isinstance(res, str):
-                    raise OneLogin_Saml2_ValidationError(
-                        no_valid_xml_msg,
-                        OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT
-                    )
+                    raise OneLogin_Saml2_ValidationError(no_valid_xml_msg, OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT)
 
                 # If encrypted, check also the decrypted document
                 if self.encrypted:
-                    res = OneLogin_Saml2_XML.validate_xml(self.decrypted_document, 'saml-schema-protocol-2.0.xsd', self.__settings.is_debug_active())
+                    res = OneLogin_Saml2_XML.validate_xml(self.decrypted_document, "saml-schema-protocol-2.0.xsd", self._settings.is_debug_active())
                     if isinstance(res, str):
-                        raise OneLogin_Saml2_ValidationError(
-                            no_valid_xml_msg,
-                            OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT
-                        )
+                        raise OneLogin_Saml2_ValidationError(no_valid_xml_msg, OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT)
 
-                security = self.__settings.get_security_data()
+                security = self._settings.get_security_data()
                 current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
 
                 # Check if the InResponseTo of the Response matchs the ID of the AuthNRequest (requestId) if provided
@@ -126,141 +109,109 @@ def is_valid(self, request_data, request_id=None, raise_exceptions=False):
                 if in_response_to is not None and request_id is not None:
                     if in_response_to != request_id:
                         raise OneLogin_Saml2_ValidationError(
-                            'The InResponseTo of the Response: %s, does not match the ID of the AuthNRequest sent by the SP: %s' % (in_response_to, request_id),
-                            OneLogin_Saml2_ValidationError.WRONG_INRESPONSETO
+                            "The InResponseTo of the Response: %s, does not match the ID of the AuthNRequest sent by the SP: %s" % (in_response_to, request_id),
+                            OneLogin_Saml2_ValidationError.WRONG_INRESPONSETO,
                         )
 
-                if not self.encrypted and security['wantAssertionsEncrypted']:
-                    raise OneLogin_Saml2_ValidationError(
-                        'The assertion of the Response is not encrypted and the SP require it',
-                        OneLogin_Saml2_ValidationError.NO_ENCRYPTED_ASSERTION
-                    )
+                if not self.encrypted and security["wantAssertionsEncrypted"]:
+                    raise OneLogin_Saml2_ValidationError("The assertion of the Response is not encrypted and the SP require it", OneLogin_Saml2_ValidationError.NO_ENCRYPTED_ASSERTION)
 
-                if security['wantNameIdEncrypted']:
-                    encrypted_nameid_nodes = self.__query_assertion('/saml:Subject/saml:EncryptedID/xenc:EncryptedData')
+                if security["wantNameIdEncrypted"]:
+                    encrypted_nameid_nodes = self._query_assertion("/saml:Subject/saml:EncryptedID/xenc:EncryptedData")
                     if len(encrypted_nameid_nodes) != 1:
-                        raise OneLogin_Saml2_ValidationError(
-                            'The NameID of the Response is not encrypted and the SP require it',
-                            OneLogin_Saml2_ValidationError.NO_ENCRYPTED_NAMEID
-                        )
+                        raise OneLogin_Saml2_ValidationError("The NameID of the Response is not encrypted and the SP require it", OneLogin_Saml2_ValidationError.NO_ENCRYPTED_NAMEID)
 
                 # Checks that a Conditions element exists
                 if not self.check_one_condition():
-                    raise OneLogin_Saml2_ValidationError(
-                        'The Assertion must include a Conditions element',
-                        OneLogin_Saml2_ValidationError.MISSING_CONDITIONS
-                    )
+                    raise OneLogin_Saml2_ValidationError("The Assertion must include a Conditions element", OneLogin_Saml2_ValidationError.MISSING_CONDITIONS)
 
                 # Validates Assertion timestamps
                 self.validate_timestamps(raise_exceptions=True)
 
                 # Checks that an AuthnStatement element exists and is unique
                 if not self.check_one_authnstatement():
-                    raise OneLogin_Saml2_ValidationError(
-                        'The Assertion must include an AuthnStatement element',
-                        OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_AUTHSTATEMENTS
-                    )
+                    raise OneLogin_Saml2_ValidationError("The Assertion must include an AuthnStatement element", OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_AUTHSTATEMENTS)
 
                 # Checks that the response has all of the AuthnContexts that we provided in the request.
                 # Only check if failOnAuthnContextMismatch is true and requestedAuthnContext is set to a list.
-                requested_authn_contexts = security['requestedAuthnContext']
-                if security['failOnAuthnContextMismatch'] and requested_authn_contexts and requested_authn_contexts is not True:
+                requested_authn_contexts = security["requestedAuthnContext"]
+                if security["failOnAuthnContextMismatch"] and requested_authn_contexts and requested_authn_contexts is not True:
                     authn_contexts = self.get_authn_contexts()
-                    unmatched_contexts = set(requested_authn_contexts).difference(authn_contexts)
+                    unmatched_contexts = set(authn_contexts).difference(requested_authn_contexts)
                     if unmatched_contexts:
                         raise OneLogin_Saml2_ValidationError(
-                            'The AuthnContext "%s" didn\'t include requested context "%s"' % (', '.join(authn_contexts), ', '.join(unmatched_contexts)),
-                            OneLogin_Saml2_ValidationError.AUTHN_CONTEXT_MISMATCH
+                            'The AuthnContext "%s" was not a requested context "%s"' % (", ".join(unmatched_contexts), ", ".join(requested_authn_contexts)),
+                            OneLogin_Saml2_ValidationError.AUTHN_CONTEXT_MISMATCH,
                         )
 
                 # Checks that there is at least one AttributeStatement if required
-                attribute_statement_nodes = self.__query_assertion('/saml:AttributeStatement')
-                if security.get('wantAttributeStatement', True) and not attribute_statement_nodes:
-                    raise OneLogin_Saml2_ValidationError(
-                        'There is no AttributeStatement on the Response',
-                        OneLogin_Saml2_ValidationError.NO_ATTRIBUTESTATEMENT
-                    )
+                attribute_statement_nodes = self._query_assertion("/saml:AttributeStatement")
+                if security.get("wantAttributeStatement", True) and not attribute_statement_nodes:
+                    raise OneLogin_Saml2_ValidationError("There is no AttributeStatement on the Response", OneLogin_Saml2_ValidationError.NO_ATTRIBUTESTATEMENT)
 
-                encrypted_attributes_nodes = self.__query_assertion('/saml:AttributeStatement/saml:EncryptedAttribute')
+                encrypted_attributes_nodes = self._query_assertion("/saml:AttributeStatement/saml:EncryptedAttribute")
                 if encrypted_attributes_nodes:
-                    raise OneLogin_Saml2_ValidationError(
-                        'There is an EncryptedAttribute in the Response and this SP not support them',
-                        OneLogin_Saml2_ValidationError.ENCRYPTED_ATTRIBUTES
-                    )
+                    raise OneLogin_Saml2_ValidationError("There is an EncryptedAttribute in the Response and this SP not support them", OneLogin_Saml2_ValidationError.ENCRYPTED_ATTRIBUTES)
 
                 # Checks destination
-                destination = self.document.get('Destination', None)
+                destination = self.document.get("Destination", None)
                 if destination:
-                    if not destination.startswith(current_url):
+                    if not OneLogin_Saml2_Utils.normalize_url(url=destination).startswith(OneLogin_Saml2_Utils.normalize_url(url=current_url)):
                         # TODO: Review if following lines are required, since we can control the
                         # request_data
                         #  current_url_routed = OneLogin_Saml2_Utils.get_self_routed_url_no_query(request_data)
                         #  if not destination.startswith(current_url_routed):
-                        raise OneLogin_Saml2_ValidationError(
-                            'The response was received at %s instead of %s' % (current_url, destination),
-                            OneLogin_Saml2_ValidationError.WRONG_DESTINATION
-                        )
-                elif destination == '':
-                    raise OneLogin_Saml2_ValidationError(
-                        'The response has an empty Destination value',
-                        OneLogin_Saml2_ValidationError.EMPTY_DESTINATION
-                    )
+                        raise OneLogin_Saml2_ValidationError("The response was received at %s instead of %s" % (current_url, destination), OneLogin_Saml2_ValidationError.WRONG_DESTINATION)
+                elif destination == "":
+                    raise OneLogin_Saml2_ValidationError("The response has an empty Destination value", OneLogin_Saml2_ValidationError.EMPTY_DESTINATION)
                 # Checks audience
                 valid_audiences = self.get_audiences()
                 if valid_audiences and sp_entity_id not in valid_audiences:
-                    raise OneLogin_Saml2_ValidationError(
-                        '%s is not a valid audience for this Response' % sp_entity_id,
-                        OneLogin_Saml2_ValidationError.WRONG_AUDIENCE
-                    )
+                    raise OneLogin_Saml2_ValidationError("%s is not a valid audience for this Response" % sp_entity_id, OneLogin_Saml2_ValidationError.WRONG_AUDIENCE)
 
                 # Checks the issuers
                 issuers = self.get_issuers()
                 for issuer in issuers:
                     if issuer is None or issuer != idp_entity_id:
                         raise OneLogin_Saml2_ValidationError(
-                            'Invalid issuer in the Assertion/Response (expected %(idpEntityId)s, got %(issuer)s)' %
-                            {
-                                'idpEntityId': idp_entity_id,
-                                'issuer': issuer
-                            },
-                            OneLogin_Saml2_ValidationError.WRONG_ISSUER
+                            "Invalid issuer in the Assertion/Response (expected %(idpEntityId)s, got %(issuer)s)" % {"idpEntityId": idp_entity_id, "issuer": issuer},
+                            OneLogin_Saml2_ValidationError.WRONG_ISSUER,
                         )
 
                 # Checks the session Expiration
                 session_expiration = self.get_session_not_on_or_after()
-                if session_expiration and session_expiration <= OneLogin_Saml2_Utils.now():
+                if session_expiration and session_expiration + OneLogin_Saml2_Constants.ALLOWED_CLOCK_DRIFT <= OneLogin_Saml2_Utils.now():
                     raise OneLogin_Saml2_ValidationError(
-                        'The attributes have expired, based on the SessionNotOnOrAfter of the AttributeStatement of this Response',
-                        OneLogin_Saml2_ValidationError.SESSION_EXPIRED
+                        "The attributes have expired, based on the SessionNotOnOrAfter of the AttributeStatement of this Response", OneLogin_Saml2_ValidationError.SESSION_EXPIRED
                     )
 
                 # Checks the SubjectConfirmation, at least one SubjectConfirmation must be valid
                 any_subject_confirmation = False
-                subject_confirmation_nodes = self.__query_assertion('/saml:Subject/saml:SubjectConfirmation')
+                subject_confirmation_nodes = self._query_assertion("/saml:Subject/saml:SubjectConfirmation")
 
                 for scn in subject_confirmation_nodes:
-                    method = scn.get('Method', None)
+                    method = scn.get("Method", None)
                     if method and method != OneLogin_Saml2_Constants.CM_BEARER:
                         continue
-                    sc_data = scn.find('saml:SubjectConfirmationData', namespaces=OneLogin_Saml2_Constants.NSMAP)
+                    sc_data = scn.find("saml:SubjectConfirmationData", namespaces=OneLogin_Saml2_Constants.NSMAP)
                     if sc_data is None:
                         continue
                     else:
-                        irt = sc_data.get('InResponseTo', None)
+                        irt = sc_data.get("InResponseTo", None)
                         if in_response_to and irt and irt != in_response_to:
                             continue
-                        recipient = sc_data.get('Recipient', None)
+                        recipient = sc_data.get("Recipient", None)
                         if recipient and current_url not in recipient:
                             continue
-                        nooa = sc_data.get('NotOnOrAfter', None)
+                        nooa = sc_data.get("NotOnOrAfter", None)
                         if nooa:
                             parsed_nooa = OneLogin_Saml2_Utils.parse_SAML_to_time(nooa)
-                            if parsed_nooa <= OneLogin_Saml2_Utils.now():
+                            if parsed_nooa + OneLogin_Saml2_Constants.ALLOWED_CLOCK_DRIFT <= OneLogin_Saml2_Utils.now():
                                 continue
-                        nb = sc_data.get('NotBefore', None)
+                        nb = sc_data.get("NotBefore", None)
                         if nb:
                             parsed_nb = OneLogin_Saml2_Utils.parse_SAML_to_time(nb)
-                            if parsed_nb > OneLogin_Saml2_Utils.now():
+                            if parsed_nb > OneLogin_Saml2_Utils.now() + OneLogin_Saml2_Constants.ALLOWED_CLOCK_DRIFT:
                                 continue
 
                         if nooa:
@@ -270,57 +221,43 @@ def is_valid(self, request_data, request_id=None, raise_exceptions=False):
                         break
 
                 if not any_subject_confirmation:
-                    raise OneLogin_Saml2_ValidationError(
-                        'A valid SubjectConfirmation was not found on this Response',
-                        OneLogin_Saml2_ValidationError.WRONG_SUBJECTCONFIRMATION
-                    )
+                    raise OneLogin_Saml2_ValidationError("A valid SubjectConfirmation was not found on this Response", OneLogin_Saml2_ValidationError.WRONG_SUBJECTCONFIRMATION)
 
-                if security['wantAssertionsSigned'] and not has_signed_assertion:
-                    raise OneLogin_Saml2_ValidationError(
-                        'The Assertion of the Response is not signed and the SP require it',
-                        OneLogin_Saml2_ValidationError.NO_SIGNED_ASSERTION
-                    )
+                if security["wantAssertionsSigned"] and not has_signed_assertion:
+                    raise OneLogin_Saml2_ValidationError("The Assertion of the Response is not signed and the SP require it", OneLogin_Saml2_ValidationError.NO_SIGNED_ASSERTION)
 
-                if security['wantMessagesSigned'] and not has_signed_response:
-                    raise OneLogin_Saml2_ValidationError(
-                        'The Message of the Response is not signed and the SP require it',
-                        OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE
-                    )
+                if security["wantMessagesSigned"] and not has_signed_response:
+                    raise OneLogin_Saml2_ValidationError("The Message of the Response is not signed and the SP require it", OneLogin_Saml2_ValidationError.NO_SIGNED_MESSAGE)
 
             if not signed_elements or (not has_signed_response and not has_signed_assertion):
-                raise OneLogin_Saml2_ValidationError(
-                    'No Signature found. SAML Response rejected',
-                    OneLogin_Saml2_ValidationError.NO_SIGNATURE_FOUND
-                )
+                raise OneLogin_Saml2_ValidationError("No Signature found. SAML Response rejected", OneLogin_Saml2_ValidationError.NO_SIGNATURE_FOUND)
             else:
-                cert = idp_data.get('x509cert', None)
-                fingerprint = idp_data.get('certFingerprint', None)
+                cert = self._settings.get_idp_cert()
+                fingerprint = idp_data.get("certFingerprint", None)
                 if fingerprint:
                     fingerprint = OneLogin_Saml2_Utils.format_finger_print(fingerprint)
-                fingerprintalg = idp_data.get('certFingerprintAlgorithm', None)
+                fingerprintalg = idp_data.get("certFingerprintAlgorithm", None)
 
                 multicerts = None
-                if 'x509certMulti' in idp_data and 'signing' in idp_data['x509certMulti'] and idp_data['x509certMulti']['signing']:
-                    multicerts = idp_data['x509certMulti']['signing']
+                if "x509certMulti" in idp_data and "signing" in idp_data["x509certMulti"] and idp_data["x509certMulti"]["signing"]:
+                    multicerts = idp_data["x509certMulti"]["signing"]
 
                 # If find a Signature on the Response, validates it checking the original response
-                if has_signed_response and not OneLogin_Saml2_Utils.validate_sign(self.document, cert, fingerprint, fingerprintalg, xpath=OneLogin_Saml2_Utils.RESPONSE_SIGNATURE_XPATH, multicerts=multicerts, raise_exceptions=False):
-                    raise OneLogin_Saml2_ValidationError(
-                        'Signature validation failed. SAML Response rejected',
-                        OneLogin_Saml2_ValidationError.INVALID_SIGNATURE
-                    )
+                if has_signed_response and not OneLogin_Saml2_Utils.validate_sign(
+                    self.document, cert, fingerprint, fingerprintalg, xpath=OneLogin_Saml2_Utils.RESPONSE_SIGNATURE_XPATH, multicerts=multicerts, raise_exceptions=False
+                ):
+                    raise OneLogin_Saml2_ValidationError("Signature validation failed. SAML Response rejected", OneLogin_Saml2_ValidationError.INVALID_SIGNATURE)
 
                 document_check_assertion = self.decrypted_document if self.encrypted else self.document
-                if has_signed_assertion and not OneLogin_Saml2_Utils.validate_sign(document_check_assertion, cert, fingerprint, fingerprintalg, xpath=OneLogin_Saml2_Utils.ASSERTION_SIGNATURE_XPATH, multicerts=multicerts, raise_exceptions=False):
-                    raise OneLogin_Saml2_ValidationError(
-                        'Signature validation failed. SAML Response rejected',
-                        OneLogin_Saml2_ValidationError.INVALID_SIGNATURE
-                    )
+                if has_signed_assertion and not OneLogin_Saml2_Utils.validate_sign(
+                    document_check_assertion, cert, fingerprint, fingerprintalg, xpath=OneLogin_Saml2_Utils.ASSERTION_SIGNATURE_XPATH, multicerts=multicerts, raise_exceptions=False
+                ):
+                    raise OneLogin_Saml2_ValidationError("Signature validation failed. SAML Response rejected", OneLogin_Saml2_ValidationError.INVALID_SIGNATURE)
 
             return True
         except Exception as err:
-            self.__error = str(err)
-            debug = self.__settings.is_debug_active()
+            self._error = str(err)
+            debug = self._settings.is_debug_active()
             if debug:
                 print(err)
             if raise_exceptions:
@@ -334,24 +271,21 @@ def check_status(self):
         :raises: Exception. If the status is not success
         """
         status = OneLogin_Saml2_Utils.get_status(self.document)
-        code = status.get('code', None)
+        code = status.get("code", None)
         if code and code != OneLogin_Saml2_Constants.STATUS_SUCCESS:
-            splited_code = code.split(':')
+            splited_code = code.split(":")
             printable_code = splited_code.pop()
-            status_exception_msg = 'The status code of the Response was not Success, was %s' % printable_code
-            status_msg = status.get('msg', None)
+            status_exception_msg = "The status code of the Response was not Success, was %s" % printable_code
+            status_msg = status.get("msg", None)
             if status_msg:
-                status_exception_msg += ' -> ' + status_msg
-            raise OneLogin_Saml2_ValidationError(
-                status_exception_msg,
-                OneLogin_Saml2_ValidationError.STATUS_CODE_IS_NOT_SUCCESS
-            )
+                status_exception_msg += " -> " + status_msg
+            raise OneLogin_Saml2_ValidationError(status_exception_msg, OneLogin_Saml2_ValidationError.STATUS_CODE_IS_NOT_SUCCESS)
 
     def check_one_condition(self):
         """
         Checks that the samlp:Response/saml:Assertion/saml:Conditions element exists and is unique.
         """
-        condition_nodes = self.__query_assertion('/saml:Conditions')
+        condition_nodes = self._query_assertion("/saml:Conditions")
         if len(condition_nodes) == 1:
             return True
         else:
@@ -361,7 +295,7 @@ def check_one_authnstatement(self):
         """
         Checks that the samlp:Response/saml:Assertion/saml:AuthnStatement element exists and is unique.
         """
-        authnstatement_nodes = self.__query_assertion('/saml:AuthnStatement')
+        authnstatement_nodes = self._query_assertion("/saml:AuthnStatement")
         if len(authnstatement_nodes) == 1:
             return True
         else:
@@ -374,7 +308,7 @@ def get_audiences(self):
         :returns: The valid audiences for the SAML Response
         :rtype: list
         """
-        audience_nodes = self.__query_assertion('/saml:Conditions/saml:AudienceRestriction/saml:Audience')
+        audience_nodes = self._query_assertion("/saml:Conditions/saml:AudienceRestriction/saml:Audience")
         return [OneLogin_Saml2_XML.element_text(node) for node in audience_nodes if OneLogin_Saml2_XML.element_text(node) is not None]
 
     def get_authn_contexts(self):
@@ -384,7 +318,7 @@ def get_authn_contexts(self):
         :returns: The authentication classes for the SAML Response
         :rtype: list
         """
-        authn_context_nodes = self.__query_assertion('/saml:AuthnStatement/saml:AuthnContext/saml:AuthnContextClassRef')
+        authn_context_nodes = self._query_assertion("/saml:AuthnStatement/saml:AuthnContext/saml:AuthnContextClassRef")
         return [OneLogin_Saml2_XML.element_text(node) for node in authn_context_nodes]
 
     def get_in_response_to(self):
@@ -393,7 +327,7 @@ def get_in_response_to(self):
         :returns: ID of AuthNRequest this Response is in response to or None if it is not present
         :rtype: str
         """
-        return self.document.get('InResponseTo')
+        return self.document.get("InResponseTo")
 
     def get_issuers(self):
         """
@@ -404,28 +338,22 @@ def get_issuers(self):
         """
         issuers = set()
 
-        message_issuer_nodes = OneLogin_Saml2_XML.query(self.document, '/samlp:Response/saml:Issuer')
+        message_issuer_nodes = OneLogin_Saml2_XML.query(self.document, "/samlp:Response/saml:Issuer")
         if len(message_issuer_nodes) > 0:
             if len(message_issuer_nodes) == 1:
                 issuer_value = OneLogin_Saml2_XML.element_text(message_issuer_nodes[0])
                 if issuer_value:
                     issuers.add(issuer_value)
             else:
-                raise OneLogin_Saml2_ValidationError(
-                    'Issuer of the Response is multiple.',
-                    OneLogin_Saml2_ValidationError.ISSUER_MULTIPLE_IN_RESPONSE
-                )
+                raise OneLogin_Saml2_ValidationError("Issuer of the Response is multiple.", OneLogin_Saml2_ValidationError.ISSUER_MULTIPLE_IN_RESPONSE)
 
-        assertion_issuer_nodes = self.__query_assertion('/saml:Issuer')
+        assertion_issuer_nodes = self._query_assertion("/saml:Issuer")
         if len(assertion_issuer_nodes) == 1:
             issuer_value = OneLogin_Saml2_XML.element_text(assertion_issuer_nodes[0])
             if issuer_value:
                 issuers.add(issuer_value)
         else:
-            raise OneLogin_Saml2_ValidationError(
-                'Issuer of the Assertion not found or multiple.',
-                OneLogin_Saml2_ValidationError.ISSUER_NOT_FOUND_IN_ASSERTION
-            )
+            raise OneLogin_Saml2_ValidationError("Issuer of the Assertion not found or multiple.", OneLogin_Saml2_ValidationError.ISSUER_NOT_FOUND_IN_ASSERTION)
 
         return list(set(issuers))
 
@@ -439,43 +367,34 @@ def get_nameid_data(self):
         nameid = None
         nameid_data = {}
 
-        encrypted_id_data_nodes = self.__query_assertion('/saml:Subject/saml:EncryptedID/xenc:EncryptedData')
+        encrypted_id_data_nodes = self._query_assertion("/saml:Subject/saml:EncryptedID/xenc:EncryptedData")
         if encrypted_id_data_nodes:
             encrypted_data = encrypted_id_data_nodes[0]
-            key = self.__settings.get_sp_key()
+            key = self._settings.get_sp_key()
             nameid = OneLogin_Saml2_Utils.decrypt_element(encrypted_data, key)
         else:
-            nameid_nodes = self.__query_assertion('/saml:Subject/saml:NameID')
+            nameid_nodes = self._query_assertion("/saml:Subject/saml:NameID")
             if nameid_nodes:
                 nameid = nameid_nodes[0]
 
-        is_strict = self.__settings.is_strict()
-        want_nameid = self.__settings.get_security_data().get('wantNameId', True)
+        is_strict = self._settings.is_strict()
+        want_nameid = self._settings.get_security_data().get("wantNameId", True)
         if nameid is None:
             if is_strict and want_nameid:
-                raise OneLogin_Saml2_ValidationError(
-                    'NameID not found in the assertion of the Response',
-                    OneLogin_Saml2_ValidationError.NO_NAMEID
-                )
+                raise OneLogin_Saml2_ValidationError("NameID not found in the assertion of the Response", OneLogin_Saml2_ValidationError.NO_NAMEID)
         else:
             if is_strict and want_nameid and not OneLogin_Saml2_XML.element_text(nameid):
-                raise OneLogin_Saml2_ValidationError(
-                    'An empty NameID value found',
-                    OneLogin_Saml2_ValidationError.EMPTY_NAMEID
-                )
+                raise OneLogin_Saml2_ValidationError("An empty NameID value found", OneLogin_Saml2_ValidationError.EMPTY_NAMEID)
 
-            nameid_data = {'Value': OneLogin_Saml2_XML.element_text(nameid)}
-            for attr in ['Format', 'SPNameQualifier', 'NameQualifier']:
+            nameid_data = {"Value": OneLogin_Saml2_XML.element_text(nameid)}
+            for attr in ["Format", "SPNameQualifier", "NameQualifier"]:
                 value = nameid.get(attr, None)
                 if value:
-                    if is_strict and attr == 'SPNameQualifier':
-                        sp_data = self.__settings.get_sp_data()
-                        sp_entity_id = sp_data.get('entityId', '')
+                    if is_strict and attr == "SPNameQualifier":
+                        sp_data = self._settings.get_sp_data()
+                        sp_entity_id = sp_data.get("entityId", "")
                         if sp_entity_id != value:
-                            raise OneLogin_Saml2_ValidationError(
-                                'The SPNameQualifier value mistmatch the SP entityID value.',
-                                OneLogin_Saml2_ValidationError.SP_NAME_QUALIFIER_NAME_MISMATCH
-                            )
+                            raise OneLogin_Saml2_ValidationError("The SPNameQualifier value mistmatch the SP entityID value.", OneLogin_Saml2_ValidationError.SP_NAME_QUALIFIER_NAME_MISMATCH)
 
                     nameid_data[attr] = value
         return nameid_data
@@ -489,8 +408,8 @@ def get_nameid(self):
         """
         nameid_value = None
         nameid_data = self.get_nameid_data()
-        if nameid_data and 'Value' in nameid_data.keys():
-            nameid_value = nameid_data['Value']
+        if nameid_data and "Value" in nameid_data.keys():
+            nameid_value = nameid_data["Value"]
         return nameid_value
 
     def get_nameid_format(self):
@@ -502,8 +421,8 @@ def get_nameid_format(self):
         """
         nameid_format = None
         nameid_data = self.get_nameid_data()
-        if nameid_data and 'Format' in nameid_data.keys():
-            nameid_format = nameid_data['Format']
+        if nameid_data and "Format" in nameid_data.keys():
+            nameid_format = nameid_data["Format"]
         return nameid_format
 
     def get_nameid_nq(self):
@@ -515,8 +434,8 @@ def get_nameid_nq(self):
         """
         nameid_nq = None
         nameid_data = self.get_nameid_data()
-        if nameid_data and 'NameQualifier' in nameid_data.keys():
-            nameid_nq = nameid_data['NameQualifier']
+        if nameid_data and "NameQualifier" in nameid_data.keys():
+            nameid_nq = nameid_data["NameQualifier"]
         return nameid_nq
 
     def get_nameid_spnq(self):
@@ -528,8 +447,8 @@ def get_nameid_spnq(self):
         """
         nameid_spnq = None
         nameid_data = self.get_nameid_data()
-        if nameid_data and 'SPNameQualifier' in nameid_data.keys():
-            nameid_spnq = nameid_data['SPNameQualifier']
+        if nameid_data and "SPNameQualifier" in nameid_data.keys():
+            nameid_spnq = nameid_data["SPNameQualifier"]
         return nameid_spnq
 
     def get_session_not_on_or_after(self):
@@ -541,9 +460,9 @@ def get_session_not_on_or_after(self):
         :rtype: time|None
         """
         not_on_or_after = None
-        authn_statement_nodes = self.__query_assertion('/saml:AuthnStatement[@SessionNotOnOrAfter]')
+        authn_statement_nodes = self._query_assertion("/saml:AuthnStatement[@SessionNotOnOrAfter]")
         if authn_statement_nodes:
-            not_on_or_after = OneLogin_Saml2_Utils.parse_SAML_to_time(authn_statement_nodes[0].get('SessionNotOnOrAfter'))
+            not_on_or_after = OneLogin_Saml2_Utils.parse_SAML_to_time(authn_statement_nodes[0].get("SessionNotOnOrAfter"))
         return not_on_or_after
 
     def get_assertion_not_on_or_after(self):
@@ -563,9 +482,9 @@ def get_session_index(self):
         :rtype: string|None
         """
         session_index = None
-        authn_statement_nodes = self.__query_assertion('/saml:AuthnStatement[@SessionIndex]')
+        authn_statement_nodes = self._query_assertion("/saml:AuthnStatement[@SessionIndex]")
         if authn_statement_nodes:
-            session_index = authn_statement_nodes[0].get('SessionIndex')
+            session_index = authn_statement_nodes[0].get("SessionIndex")
         return session_index
 
     def get_attributes(self):
@@ -573,34 +492,40 @@ def get_attributes(self):
         Gets the Attributes from the AttributeStatement element.
         EncryptedAttributes are not supported
         """
+        return self._get_attributes("Name")
+
+    def get_friendlyname_attributes(self):
+        """
+        Gets the Attributes from the AttributeStatement element indexed by FiendlyName.
+        EncryptedAttributes are not supported
+        """
+        return self._get_attributes("FriendlyName")
+
+    def _get_attributes(self, attr_name):
+        allow_duplicates = self._settings.get_security_data().get("allowRepeatAttributeName", False)
         attributes = {}
-        attribute_nodes = self.__query_assertion('/saml:AttributeStatement/saml:Attribute')
+        attribute_nodes = self._query_assertion("/saml:AttributeStatement/saml:Attribute")
         for attribute_node in attribute_nodes:
-            attr_name = attribute_node.get('Name')
-            if attr_name in attributes.keys():
-                raise OneLogin_Saml2_ValidationError(
-                    'Found an Attribute element with duplicated Name',
-                    OneLogin_Saml2_ValidationError.DUPLICATED_ATTRIBUTE_NAME_FOUND
-                )
-
-            values = []
-            for attr in attribute_node.iterchildren('{%s}AttributeValue' % OneLogin_Saml2_Constants.NSMAP['saml']):
-                attr_text = OneLogin_Saml2_XML.element_text(attr)
-                if attr_text:
-                    attr_text = attr_text.strip()
+            attr_key = attribute_node.get(attr_name)
+            if attr_key:
+                if not allow_duplicates and attr_key in attributes:
+                    raise OneLogin_Saml2_ValidationError("Found an Attribute element with duplicated " + attr_name, OneLogin_Saml2_ValidationError.DUPLICATED_ATTRIBUTE_NAME_FOUND)
+
+                values = []
+                for attr in attribute_node.iterchildren("{%s}AttributeValue" % OneLogin_Saml2_Constants.NSMAP["saml"]):
+                    attr_text = OneLogin_Saml2_XML.element_text(attr)
                     if attr_text:
-                        values.append(attr_text)
-
-                # Parse any nested NameID children
-                for nameid in attr.iterchildren('{%s}NameID' % OneLogin_Saml2_Constants.NSMAP['saml']):
-                    values.append({
-                        'NameID': {
-                            'Format': nameid.get('Format'),
-                            'NameQualifier': nameid.get('NameQualifier'),
-                            'value': nameid.text
-                        }
-                    })
-            attributes[attr_name] = values
+                        attr_text = attr_text.strip()
+                        if attr_text:
+                            values.append(attr_text)
+
+                    # Parse any nested NameID children
+                    for nameid in attr.iterchildren("{%s}NameID" % OneLogin_Saml2_Constants.NSMAP["saml"]):
+                        values.append({"NameID": {"Format": nameid.get("Format"), "NameQualifier": nameid.get("NameQualifier"), "value": nameid.text}})
+                if attr_key in attributes:
+                    attributes[attr_key].extend(values)
+                else:
+                    attributes[attr_key] = values
         return attributes
 
     def validate_num_assertions(self):
@@ -610,13 +535,13 @@ def validate_num_assertions(self):
         :returns: True if only 1 assertion encrypted or not
         :rtype: bool
         """
-        encrypted_assertion_nodes = OneLogin_Saml2_XML.query(self.document, '//saml:EncryptedAssertion')
-        assertion_nodes = OneLogin_Saml2_XML.query(self.document, '//saml:Assertion')
+        encrypted_assertion_nodes = OneLogin_Saml2_XML.query(self.document, "//saml:EncryptedAssertion")
+        assertion_nodes = OneLogin_Saml2_XML.query(self.document, "//saml:Assertion")
 
         valid = len(encrypted_assertion_nodes) + len(assertion_nodes) == 1
 
-        if (self.encrypted):
-            assertion_nodes = OneLogin_Saml2_XML.query(self.decrypted_document, '//saml:Assertion')
+        if self.encrypted:
+            assertion_nodes = OneLogin_Saml2_XML.query(self.decrypted_document, "//saml:Assertion")
             valid = valid and len(assertion_nodes) == 1
 
         return valid
@@ -630,64 +555,63 @@ def process_signed_elements(self):
         :returns: The signed elements tag names
         :rtype: list
         """
-        sign_nodes = self.__query('//ds:Signature')
+        sign_nodes = self._query("//ds:Signature")
 
         signed_elements = []
         verified_seis = []
         verified_ids = []
-        response_tag = '{%s}Response' % OneLogin_Saml2_Constants.NS_SAMLP
-        assertion_tag = '{%s}Assertion' % OneLogin_Saml2_Constants.NS_SAML
+        response_tag = "{%s}Response" % OneLogin_Saml2_Constants.NS_SAMLP
+        assertion_tag = "{%s}Assertion" % OneLogin_Saml2_Constants.NS_SAML
+
+        security = self._settings.get_security_data()
+        reject_deprecated_alg = security.get("rejectDeprecatedAlgorithm", False)
 
         for sign_node in sign_nodes:
             signed_element = sign_node.getparent().tag
             if signed_element != response_tag and signed_element != assertion_tag:
-                raise OneLogin_Saml2_ValidationError(
-                    'Invalid Signature Element %s SAML Response rejected' % signed_element,
-                    OneLogin_Saml2_ValidationError.WRONG_SIGNED_ELEMENT
-                )
-
-            if not sign_node.getparent().get('ID'):
-                raise OneLogin_Saml2_ValidationError(
-                    'Signed Element must contain an ID. SAML Response rejected',
-                    OneLogin_Saml2_ValidationError.ID_NOT_FOUND_IN_SIGNED_ELEMENT
-                )
-
-            id_value = sign_node.getparent().get('ID')
+                raise OneLogin_Saml2_ValidationError("Invalid Signature Element %s SAML Response rejected" % signed_element, OneLogin_Saml2_ValidationError.WRONG_SIGNED_ELEMENT)
+
+            if not sign_node.getparent().get("ID"):
+                raise OneLogin_Saml2_ValidationError("Signed Element must contain an ID. SAML Response rejected", OneLogin_Saml2_ValidationError.ID_NOT_FOUND_IN_SIGNED_ELEMENT)
+
+            id_value = sign_node.getparent().get("ID")
             if id_value in verified_ids:
-                raise OneLogin_Saml2_ValidationError(
-                    'Duplicated ID. SAML Response rejected',
-                    OneLogin_Saml2_ValidationError.DUPLICATED_ID_IN_SIGNED_ELEMENTS
-                )
+                raise OneLogin_Saml2_ValidationError("Duplicated ID. SAML Response rejected", OneLogin_Saml2_ValidationError.DUPLICATED_ID_IN_SIGNED_ELEMENTS)
             verified_ids.append(id_value)
 
             # Check that reference URI matches the parent ID and no duplicate References or IDs
-            ref = OneLogin_Saml2_XML.query(sign_node, './/ds:Reference')
+            ref = OneLogin_Saml2_XML.query(sign_node, ".//ds:Reference")
             if ref:
                 ref = ref[0]
-                if ref.get('URI'):
-                    sei = ref.get('URI')[1:]
+                if ref.get("URI"):
+                    sei = ref.get("URI")[1:]
 
                     if sei != id_value:
-                        raise OneLogin_Saml2_ValidationError(
-                            'Found an invalid Signed Element. SAML Response rejected',
-                            OneLogin_Saml2_ValidationError.INVALID_SIGNED_ELEMENT
-                        )
+                        raise OneLogin_Saml2_ValidationError("Found an invalid Signed Element. SAML Response rejected", OneLogin_Saml2_ValidationError.INVALID_SIGNED_ELEMENT)
 
                     if sei in verified_seis:
-                        raise OneLogin_Saml2_ValidationError(
-                            'Duplicated Reference URI. SAML Response rejected',
-                            OneLogin_Saml2_ValidationError.DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS
-                        )
+                        raise OneLogin_Saml2_ValidationError("Duplicated Reference URI. SAML Response rejected", OneLogin_Saml2_ValidationError.DUPLICATED_REFERENCE_IN_SIGNED_ELEMENTS)
                     verified_seis.append(sei)
 
+            # Check the signature and digest algorithm
+            if reject_deprecated_alg:
+                sig_method_node = OneLogin_Saml2_XML.query(sign_node, ".//ds:SignatureMethod")
+                if sig_method_node:
+                    sig_method = sig_method_node[0].get("Algorithm")
+                    if sig_method in OneLogin_Saml2_Constants.DEPRECATED_ALGORITHMS:
+                        raise OneLogin_Saml2_ValidationError("Deprecated signature algorithm found: %s" % sig_method, OneLogin_Saml2_ValidationError.DEPRECATED_SIGNATURE_METHOD)
+
+                dig_method_node = OneLogin_Saml2_XML.query(sign_node, ".//ds:DigestMethod")
+                if dig_method_node:
+                    dig_method = dig_method_node[0].get("Algorithm")
+                    if dig_method in OneLogin_Saml2_Constants.DEPRECATED_ALGORITHMS:
+                        raise OneLogin_Saml2_ValidationError("Deprecated digest algorithm found: %s" % dig_method, OneLogin_Saml2_ValidationError.DEPRECATED_DIGEST_METHOD)
+
             signed_elements.append(signed_element)
 
         if signed_elements:
             if not self.validate_signed_elements(signed_elements, raise_exceptions=True):
-                raise OneLogin_Saml2_ValidationError(
-                    'Found an unexpected Signature Element. SAML Response rejected',
-                    OneLogin_Saml2_ValidationError.UNEXPECTED_SIGNED_ELEMENTS
-                )
+                raise OneLogin_Saml2_ValidationError("Found an unexpected Signature Element. SAML Response rejected", OneLogin_Saml2_ValidationError.UNEXPECTED_SIGNED_ELEMENTS)
         return signed_elements
 
     @return_false_on_exception
@@ -703,12 +627,14 @@ def validate_signed_elements(self, signed_elements):
         if len(signed_elements) > 2:
             return False
 
-        response_tag = '{%s}Response' % OneLogin_Saml2_Constants.NS_SAMLP
-        assertion_tag = '{%s}Assertion' % OneLogin_Saml2_Constants.NS_SAML
+        response_tag = "{%s}Response" % OneLogin_Saml2_Constants.NS_SAMLP
+        assertion_tag = "{%s}Assertion" % OneLogin_Saml2_Constants.NS_SAML
 
-        if (response_tag in signed_elements and signed_elements.count(response_tag) > 1) or \
-           (assertion_tag in signed_elements and signed_elements.count(assertion_tag) > 1) or \
-           (response_tag not in signed_elements and assertion_tag not in signed_elements):
+        if (
+            (response_tag in signed_elements and signed_elements.count(response_tag) > 1)
+            or (assertion_tag in signed_elements and signed_elements.count(assertion_tag) > 1)
+            or (response_tag not in signed_elements and assertion_tag not in signed_elements)
+        ):
             return False
 
         # Check that the signed elements found here, are the ones that will be verified
@@ -716,18 +642,12 @@ def validate_signed_elements(self, signed_elements):
         if response_tag in signed_elements:
             expected_signature_nodes = OneLogin_Saml2_XML.query(self.document, OneLogin_Saml2_Utils.RESPONSE_SIGNATURE_XPATH)
             if len(expected_signature_nodes) != 1:
-                raise OneLogin_Saml2_ValidationError(
-                    'Unexpected number of Response signatures found. SAML Response rejected.',
-                    OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE
-                )
+                raise OneLogin_Saml2_ValidationError("Unexpected number of Response signatures found. SAML Response rejected.", OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_RESPONSE)
 
         if assertion_tag in signed_elements:
-            expected_signature_nodes = self.__query(OneLogin_Saml2_Utils.ASSERTION_SIGNATURE_XPATH)
+            expected_signature_nodes = self._query(OneLogin_Saml2_Utils.ASSERTION_SIGNATURE_XPATH)
             if len(expected_signature_nodes) != 1:
-                raise OneLogin_Saml2_ValidationError(
-                    'Unexpected number of Assertion signatures found. SAML Response rejected.',
-                    OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION
-                )
+                raise OneLogin_Saml2_ValidationError("Unexpected number of Assertion signatures found. SAML Response rejected.", OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES_IN_ASSERTION)
 
         return True
 
@@ -739,24 +659,18 @@ def validate_timestamps(self):
         :returns: True if the condition is valid, False otherwise
         :rtype: bool
         """
-        conditions_nodes = self.__query_assertion('/saml:Conditions')
+        conditions_nodes = self._query_assertion("/saml:Conditions")
 
         for conditions_node in conditions_nodes:
-            nb_attr = conditions_node.get('NotBefore')
-            nooa_attr = conditions_node.get('NotOnOrAfter')
+            nb_attr = conditions_node.get("NotBefore")
+            nooa_attr = conditions_node.get("NotOnOrAfter")
             if nb_attr and OneLogin_Saml2_Utils.parse_SAML_to_time(nb_attr) > OneLogin_Saml2_Utils.now() + OneLogin_Saml2_Constants.ALLOWED_CLOCK_DRIFT:
-                raise OneLogin_Saml2_ValidationError(
-                    'Could not validate timestamp: not yet valid. Check system clock.',
-                    OneLogin_Saml2_ValidationError.ASSERTION_TOO_EARLY
-                )
+                raise OneLogin_Saml2_ValidationError("Could not validate timestamp: not yet valid. Check system clock.", OneLogin_Saml2_ValidationError.ASSERTION_TOO_EARLY)
             if nooa_attr and OneLogin_Saml2_Utils.parse_SAML_to_time(nooa_attr) + OneLogin_Saml2_Constants.ALLOWED_CLOCK_DRIFT <= OneLogin_Saml2_Utils.now():
-                raise OneLogin_Saml2_ValidationError(
-                    'Could not validate timestamp: expired. Check system clock.',
-                    OneLogin_Saml2_ValidationError.ASSERTION_EXPIRED
-                )
+                raise OneLogin_Saml2_ValidationError("Could not validate timestamp: expired. Check system clock.", OneLogin_Saml2_ValidationError.ASSERTION_EXPIRED)
         return True
 
-    def __query_assertion(self, xpath_expr):
+    def _query_assertion(self, xpath_expr):
         """
         Extracts nodes that match the query from the Assertion
 
@@ -767,31 +681,31 @@ def __query_assertion(self, xpath_expr):
         :rtype: list
         """
 
-        assertion_expr = '/saml:Assertion'
-        signature_expr = '/ds:Signature/ds:SignedInfo/ds:Reference'
-        signed_assertion_query = '/samlp:Response' + assertion_expr + signature_expr
-        assertion_reference_nodes = self.__query(signed_assertion_query)
+        assertion_expr = "/saml:Assertion"
+        signature_expr = "/ds:Signature/ds:SignedInfo/ds:Reference"
+        signed_assertion_query = "/samlp:Response" + assertion_expr + signature_expr
+        assertion_reference_nodes = self._query(signed_assertion_query)
         tagid = None
 
         if not assertion_reference_nodes:
             # Check if the message is signed
-            signed_message_query = '/samlp:Response' + signature_expr
-            message_reference_nodes = self.__query(signed_message_query)
+            signed_message_query = "/samlp:Response" + signature_expr
+            message_reference_nodes = self._query(signed_message_query)
             if message_reference_nodes:
-                message_id = message_reference_nodes[0].get('URI')
+                message_id = message_reference_nodes[0].get("URI")
                 final_query = "/samlp:Response[@ID=$tagid]/"
                 tagid = message_id[1:]
             else:
                 final_query = "/samlp:Response"
             final_query += assertion_expr
         else:
-            assertion_id = assertion_reference_nodes[0].get('URI')
-            final_query = '/samlp:Response' + assertion_expr + "[@ID=$tagid]"
+            assertion_id = assertion_reference_nodes[0].get("URI")
+            final_query = "/samlp:Response" + assertion_expr + "[@ID=$tagid]"
             tagid = assertion_id[1:]
         final_query += xpath_expr
-        return self.__query(final_query, tagid)
+        return self._query(final_query, tagid)
 
-    def __query(self, query, tagid=None):
+    def _query(self, query, tagid=None):
         """
         Extracts nodes that match the query from the Response
 
@@ -810,7 +724,7 @@ def __query(self, query, tagid=None):
             document = self.document
         return OneLogin_Saml2_XML.query(document, query, None, tagid)
 
-    def __decrypt_assertion(self, xml):
+    def _decrypt_assertion(self, xml):
         """
         Decrypts the Assertion
 
@@ -820,44 +734,32 @@ def __decrypt_assertion(self, xml):
         :returns: Decrypted Assertion
         :rtype: Element
         """
-        key = self.__settings.get_sp_key()
-        debug = self.__settings.is_debug_active()
+        key = self._settings.get_sp_key()
+        debug = self._settings.is_debug_active()
 
         if not key:
-            raise OneLogin_Saml2_Error(
-                'No private key available to decrypt the assertion, check settings',
-                OneLogin_Saml2_Error.PRIVATE_KEY_NOT_FOUND
-            )
+            raise OneLogin_Saml2_Error("No private key available to decrypt the assertion, check settings", OneLogin_Saml2_Error.PRIVATE_KEY_NOT_FOUND)
 
-        encrypted_assertion_nodes = OneLogin_Saml2_XML.query(xml, '/samlp:Response/saml:EncryptedAssertion')
+        encrypted_assertion_nodes = OneLogin_Saml2_XML.query(xml, "/samlp:Response/saml:EncryptedAssertion")
         if encrypted_assertion_nodes:
-            encrypted_data_nodes = OneLogin_Saml2_XML.query(encrypted_assertion_nodes[0], '//saml:EncryptedAssertion/xenc:EncryptedData')
+            encrypted_data_nodes = OneLogin_Saml2_XML.query(encrypted_assertion_nodes[0], "//saml:EncryptedAssertion/xenc:EncryptedData")
             if encrypted_data_nodes:
-                keyinfo = OneLogin_Saml2_XML.query(encrypted_assertion_nodes[0], '//saml:EncryptedAssertion/xenc:EncryptedData/ds:KeyInfo')
+                keyinfo = OneLogin_Saml2_XML.query(encrypted_assertion_nodes[0], "//saml:EncryptedAssertion/xenc:EncryptedData/ds:KeyInfo")
                 if not keyinfo:
-                    raise OneLogin_Saml2_ValidationError(
-                        'No KeyInfo present, invalid Assertion',
-                        OneLogin_Saml2_ValidationError.KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA
-                    )
+                    raise OneLogin_Saml2_ValidationError("No KeyInfo present, invalid Assertion", OneLogin_Saml2_ValidationError.KEYINFO_NOT_FOUND_IN_ENCRYPTED_DATA)
                 keyinfo = keyinfo[0]
                 children = keyinfo.getchildren()
                 if not children:
-                    raise OneLogin_Saml2_ValidationError(
-                        'KeyInfo has no children nodes, invalid Assertion',
-                        OneLogin_Saml2_ValidationError.CHILDREN_NODE_NOT_FOUND_IN_KEYINFO
-                    )
+                    raise OneLogin_Saml2_ValidationError("KeyInfo has no children nodes, invalid Assertion", OneLogin_Saml2_ValidationError.CHILDREN_NODE_NOT_FOUND_IN_KEYINFO)
                 for child in children:
-                    if 'RetrievalMethod' in child.tag:
-                        if child.attrib['Type'] != 'http://www.w3.org/2001/04/xmlenc#EncryptedKey':
-                            raise OneLogin_Saml2_ValidationError(
-                                'Unsupported Retrieval Method found',
-                                OneLogin_Saml2_ValidationError.UNSUPPORTED_RETRIEVAL_METHOD
-                            )
-                        uri = child.attrib['URI']
-                        if not uri.startswith('#'):
+                    if "RetrievalMethod" in child.tag:
+                        if child.attrib["Type"] != "http://www.w3.org/2001/04/xmlenc#EncryptedKey":
+                            raise OneLogin_Saml2_ValidationError("Unsupported Retrieval Method found", OneLogin_Saml2_ValidationError.UNSUPPORTED_RETRIEVAL_METHOD)
+                        uri = child.attrib["URI"]
+                        if not uri.startswith("#"):
                             break
-                        uri = uri.split('#')[1]
-                        encrypted_key = OneLogin_Saml2_XML.query(encrypted_assertion_nodes[0], './xenc:EncryptedKey[@Id=$tagid]', None, uri)
+                        uri = uri.split("#")[1]
+                        encrypted_key = OneLogin_Saml2_XML.query(encrypted_assertion_nodes[0], "./xenc:EncryptedKey[@Id=$tagid]", None, uri)
                         if encrypted_key:
                             keyinfo.append(encrypted_key[0])
 
@@ -870,7 +772,7 @@ def get_error(self):
         """
         After executing a validation process, if it fails this method returns the cause
         """
-        return self.__error
+        return self._error
 
     def get_xml_document(self):
         """
@@ -889,7 +791,7 @@ def get_id(self):
         :returns: the ID of the response
         :rtype: string
         """
-        return self.document.get('ID', None)
+        return self.document.get("ID", None)
 
     def get_assertion_id(self):
         """
@@ -897,8 +799,15 @@ def get_assertion_id(self):
         :rtype: string
         """
         if not self.validate_num_assertions():
-            raise OneLogin_Saml2_ValidationError(
-                'SAML Response must contain 1 assertion',
-                OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_ASSERTIONS
-            )
-        return self.__query_assertion('')[0].get('ID', None)
+            raise OneLogin_Saml2_ValidationError("SAML Response must contain 1 assertion", OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_ASSERTIONS)
+        return self._query_assertion("")[0].get("ID", None)
+
+    def get_assertion_issue_instant(self):
+        """
+        :returns: the IssueInstant of the assertion in the response
+        :rtype: unix/posix timestamp|None
+        """
+        if not self.validate_num_assertions():
+            raise OneLogin_Saml2_ValidationError("SAML Response must contain 1 assertion", OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_ASSERTIONS)
+        issue_instant = self._query_assertion("")[0].get("IssueInstant", None)
+        return OneLogin_Saml2_Utils.parse_SAML_to_time(issue_instant)
diff --git a/src/onelogin/saml2/settings.py b/src/onelogin/saml2/settings.py
index 003aa0ad..8a9e46cb 100644
--- a/src/onelogin/saml2/settings.py
+++ b/src/onelogin/saml2/settings.py
@@ -2,7 +2,7 @@
 
 """ OneLogin_Saml2_Settings class
 
-Copyright (c) 2010-2018 OneLogin, Inc.
+Copyright (c) 2010-2021 OneLogin, Inc.
 MIT License
 
 Setting class of OneLogin's Python Toolkit.
@@ -39,14 +39,25 @@
     r'\[?[A-F0-9]*:[A-F0-9:]+\]?)'  # ...or ipv6
     r'(?::\d+)?'  # optional port
     r'(?:/?|[/?]\S+)$', re.IGNORECASE)
+url_regex_single_label_domain = re.compile(
+    r'^(?:[a-z0-9\.\-]*)://'  # scheme is validated separately
+    r'(?:(?:[A-Z0-9_](?:[A-Z0-9-_]{0,61}[A-Z0-9_])?\.)+(?:[A-Z]{2,6}\.?|[A-Z0-9-]{2,}\.?)|'  # domain...
+    r'(?:[A-Z0-9_](?:[A-Z0-9-_]{0,61}[A-Z0-9_]))|'  # single-label-domain
+    r'localhost|'  # localhost...
+    r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}|'  # ...or ipv4
+    r'\[?[A-F0-9]*:[A-F0-9:]+\]?)'  # ...or ipv6
+    r'(?::\d+)?'  # optional port
+    r'(?:/?|[/?]\S+)$', re.IGNORECASE)
 url_schemes = ['http', 'https', 'ftp', 'ftps']
 
 
-def validate_url(url):
+def validate_url(url, allow_single_label_domain=False):
     """
     Auxiliary method to validate an urllib
     :param url: An url to be validated
     :type url: string
+    :param allow_single_label_domain: In order to allow or not single label domain
+    :type url: bool
     :returns: True if the url is valid
     :rtype: bool
     """
@@ -54,8 +65,12 @@ def validate_url(url):
     scheme = url.split('://')[0].lower()
     if scheme not in url_schemes:
         return False
-    if not bool(url_regex.search(url)):
-        return False
+    if allow_single_label_domain:
+        if not bool(url_regex_single_label_domain.search(url)):
+            return False
+    else:
+        if not bool(url_regex.search(url)):
+            return False
     return True
 
 
@@ -66,6 +81,8 @@ class OneLogin_Saml2_Settings(object):
 
     """
 
+    metadata_class = OneLogin_Saml2_Metadata
+
     def __init__(self, settings=None, custom_base_path=None, sp_validation_only=False):
         """
         Initializes the settings:
@@ -81,37 +98,37 @@ def __init__(self, settings=None, custom_base_path=None, sp_validation_only=Fals
         :param sp_validation_only: Avoid the IdP validation
         :type sp_validation_only: boolean
         """
-        self.__sp_validation_only = sp_validation_only
-        self.__paths = {}
-        self.__strict = False
-        self.__debug = False
-        self.__sp = {}
-        self.__idp = {}
-        self.__security = {}
-        self.__contacts = {}
-        self.__organization = {}
-        self.__errors = []
+        self._sp_validation_only = sp_validation_only
+        self._paths = {}
+        self._strict = True
+        self._debug = False
+        self._sp = {}
+        self._idp = {}
+        self._security = {}
+        self._contacts = {}
+        self._organization = {}
+        self._errors = []
 
-        self.__load_paths(base_path=custom_base_path)
-        self.__update_paths(settings)
+        self._load_paths(base_path=custom_base_path)
+        self._update_paths(settings)
 
         if settings is None:
             try:
-                valid = self.__load_settings_from_file()
+                valid = self._load_settings_from_file()
             except Exception as e:
                 raise e
             if not valid:
                 raise OneLogin_Saml2_Error(
                     'Invalid dict settings at the file: %s',
                     OneLogin_Saml2_Error.SETTINGS_INVALID,
-                    ','.join(self.__errors)
+                    ','.join(self._errors)
                 )
         elif isinstance(settings, dict):
-            if not self.__load_settings_from_dict(settings):
+            if not self._load_settings_from_dict(settings):
                 raise OneLogin_Saml2_Error(
                     'Invalid dict settings: %s',
                     OneLogin_Saml2_Error.SETTINGS_INVALID,
-                    ','.join(self.__errors)
+                    ','.join(self._errors)
                 )
         else:
             raise OneLogin_Saml2_Error(
@@ -120,14 +137,14 @@ def __init__(self, settings=None, custom_base_path=None, sp_validation_only=Fals
             )
 
         self.format_idp_cert()
-        if 'x509certMulti' in self.__idp:
+        if 'x509certMulti' in self._idp:
             self.format_idp_cert_multi()
         self.format_sp_cert()
-        if 'x509certNew' in self.__sp:
+        if 'x509certNew' in self._sp:
             self.format_sp_cert_new()
         self.format_sp_key()
 
-    def __load_paths(self, base_path=None):
+    def _load_paths(self, base_path=None):
         """
         Set the paths of the different folders
         """
@@ -135,14 +152,13 @@ def __load_paths(self, base_path=None):
             base_path = dirname(dirname(dirname(__file__)))
         if not base_path.endswith(sep):
             base_path += sep
-        self.__paths = {
+        self._paths = {
             'base': base_path,
             'cert': base_path + 'certs' + sep,
-            'lib': base_path + 'lib' + sep,
-            'extlib': base_path + 'extlib' + sep,
+            'lib': dirname(__file__) + sep
         }
 
-    def __update_paths(self, settings):
+    def _update_paths(self, settings):
         """
         Set custom paths if necessary
         """
@@ -152,7 +168,7 @@ def __update_paths(self, settings):
         if 'custom_base_path' in settings:
             base_path = settings['custom_base_path']
             base_path = join(dirname(__file__), base_path)
-            self.__load_paths(base_path)
+            self._load_paths(base_path)
 
     def get_base_path(self):
         """
@@ -161,7 +177,7 @@ def get_base_path(self):
         :return: The base toolkit folder path
         :rtype: string
         """
-        return self.__paths['base']
+        return self._paths['base']
 
     def get_cert_path(self):
         """
@@ -170,25 +186,40 @@ def get_cert_path(self):
         :return: The cert folder path
         :rtype: string
         """
-        return self.__paths['cert']
+        return self._paths['cert']
 
-    def get_lib_path(self):
+    def set_cert_path(self, path):
         """
-        Returns lib path
+        Set a new cert path
+        """
+        self._paths['cert'] = path
 
-        :return: The library folder path
-        :rtype: string
+    def set_sp_cert_filename(self, filename):
+        """
+        Set the filename of the SP certificate
+        """
+        self._sp['cert_filename'] = filename
+
+    def set_sp_key_filename(self, filename):
+        """
+        Set the filename of the SP key
+        """
+        self._sp['key_filename'] = filename
+
+    def set_idp_cert_filename(self, filename):
+        """
+        Set the filename of the idp certificate
         """
-        return self.__paths['lib']
+        self._idp['cert_filename'] = filename
 
-    def get_ext_lib_path(self):
+    def get_lib_path(self):
         """
-        Returns external lib path
+        Returns lib path
 
-        :return: The external library folder path
+        :return: The library folder path
         :rtype: string
         """
-        return self.__paths['extlib']
+        return self._paths['lib']
 
     def get_schemas_path(self):
         """
@@ -197,11 +228,11 @@ def get_schemas_path(self):
         :return: The schema folder path
         :rtype: string
         """
-        return self.__paths['lib'] + 'schemas/'
+        return self._paths['lib'] + 'schemas/'
 
-    def __load_settings_from_dict(self, settings):
+    def _load_settings_from_dict(self, settings):
         """
-        Loads settings info from a settings Dict
+        Loads settings info from a settings Dict, adds default values and validates the settings
 
         :param settings: SAML Toolkit Settings
         :type settings: dict
@@ -209,24 +240,25 @@ def __load_settings_from_dict(self, settings):
         :returns: True if the settings info is valid
         :rtype: boolean
         """
+        self._sp = settings.get('sp', {})
+        self._idp = settings.get('idp', {})
+        self._strict = settings.get('strict', True)
+        self._debug = settings.get('debug', False)
+        self._security = settings.get('security', {})
+        self._contacts = settings.get('contactPerson', {})
+        self._organization = settings.get('organization', {})
+        self._add_default_values()
+
+        self._errors = []
         errors = self.check_settings(settings)
+
         if len(errors) == 0:
-            self.__errors = []
-            self.__sp = settings['sp']
-            self.__idp = settings.get('idp', {})
-            self.__strict = settings.get('strict', False)
-            self.__debug = settings.get('debug', False)
-            self.__security = settings.get('security', {})
-            self.__contacts = settings.get('contactPerson', {})
-            self.__organization = settings.get('organization', {})
-
-            self.__add_default_values()
             return True
 
-        self.__errors = errors
+        self._errors = errors
         return False
 
-    def __load_settings_from_file(self):
+    def _load_settings_from_file(self):
         """
         Loads settings info from the settings json file
 
@@ -252,65 +284,77 @@ def __load_settings_from_file(self):
             with open(advanced_filename, 'r') as json_data:
                 settings.update(json.loads(json_data.read()))  # Merge settings
 
-        return self.__load_settings_from_dict(settings)
+        return self._load_settings_from_dict(settings)
 
-    def __add_default_values(self):
+    def _add_default_values(self):
         """
         Add default values if the settings info is not complete
         """
-        self.__sp.setdefault('assertionConsumerService', {})
-        self.__sp['assertionConsumerService'].setdefault('binding', OneLogin_Saml2_Constants.BINDING_HTTP_POST)
+        self._sp.setdefault('assertionConsumerService', {})
+        self._sp['assertionConsumerService'].setdefault('binding', OneLogin_Saml2_Constants.BINDING_HTTP_POST)
 
-        self.__sp.setdefault('attributeConsumingService', {})
+        self._sp.setdefault('attributeConsumingService', {})
 
-        self.__sp.setdefault('singleLogoutService', {})
-        self.__sp['singleLogoutService'].setdefault('binding', OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT)
+        self._sp.setdefault('singleLogoutService', {})
+        self._sp['singleLogoutService'].setdefault('binding', OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT)
 
-        self.__idp.setdefault('singleLogoutService', {})
+        self._idp.setdefault('singleLogoutService', {})
 
         # Related to nameID
-        self.__sp.setdefault('NameIDFormat', OneLogin_Saml2_Constants.NAMEID_UNSPECIFIED)
-        self.__security.setdefault('nameIdEncrypted', False)
+        self._sp.setdefault('NameIDFormat', OneLogin_Saml2_Constants.NAMEID_UNSPECIFIED)
+        self._security.setdefault('nameIdEncrypted', False)
 
         # Metadata format
-        self.__security.setdefault('metadataValidUntil', None)  # None means use default
-        self.__security.setdefault('metadataCacheDuration', None)  # None means use default
+        self._security.setdefault('metadataValidUntil', None)  # None means use default
+        self._security.setdefault('metadataCacheDuration', None)  # None means use default
 
         # Sign provided
-        self.__security.setdefault('authnRequestsSigned', False)
-        self.__security.setdefault('logoutRequestSigned', False)
-        self.__security.setdefault('logoutResponseSigned', False)
-        self.__security.setdefault('signMetadata', False)
+        self._security.setdefault('authnRequestsSigned', False)
+        self._security.setdefault('logoutRequestSigned', False)
+        self._security.setdefault('logoutResponseSigned', False)
+        self._security.setdefault('signMetadata', False)
 
         # Sign expected
-        self.__security.setdefault('wantMessagesSigned', False)
-        self.__security.setdefault('wantAssertionsSigned', False)
+        self._security.setdefault('wantMessagesSigned', False)
+        self._security.setdefault('wantAssertionsSigned', False)
 
         # NameID element expected
-        self.__security.setdefault('wantNameId', True)
+        self._security.setdefault('wantNameId', True)
 
         # Encrypt expected
-        self.__security.setdefault('wantAssertionsEncrypted', False)
-        self.__security.setdefault('wantNameIdEncrypted', False)
+        self._security.setdefault('wantAssertionsEncrypted', False)
+        self._security.setdefault('wantNameIdEncrypted', False)
 
         # Signature Algorithm
-        self.__security.setdefault('signatureAlgorithm', OneLogin_Saml2_Constants.RSA_SHA1)
+        self._security.setdefault('signatureAlgorithm', OneLogin_Saml2_Constants.RSA_SHA256)
 
         # Digest Algorithm
-        self.__security.setdefault('digestAlgorithm', OneLogin_Saml2_Constants.SHA1)
+        self._security.setdefault('digestAlgorithm', OneLogin_Saml2_Constants.SHA256)
+
+        # Reject Deprecated Algorithms
+        self._security.setdefault('rejectDeprecatedAlgorithm', False)
 
         # AttributeStatement required by default
-        self.__security.setdefault('wantAttributeStatement', True)
+        self._security.setdefault('wantAttributeStatement', True)
+
+        # Disallow duplicate attribute names by default
+        self._security.setdefault('allowRepeatAttributeName', False)
 
-        self.__idp.setdefault('x509cert', '')
-        self.__idp.setdefault('certFingerprint', '')
-        self.__idp.setdefault('certFingerprintAlgorithm', 'sha1')
+        self._idp.setdefault('x509cert', '')
+        self._idp.setdefault('certFingerprint', '')
+        self._idp.setdefault('certFingerprintAlgorithm', 'sha1')
 
-        self.__sp.setdefault('x509cert', '')
-        self.__sp.setdefault('privateKey', '')
+        self._sp.setdefault('x509cert', '')
+        self._sp.setdefault('privateKey', '')
 
-        self.__security.setdefault('requestedAuthnContext', True)
-        self.__security.setdefault('failOnAuthnContextMismatch', False)
+        # Set the default filenames for the certificates and keys
+        self._idp.setdefault('cert_filename', 'idp.crt')
+        self._sp.setdefault('cert_filename', 'sp.crt')
+        self._sp.setdefault('key_filename', 'sp.key')
+
+        self._security.setdefault('requestedAuthnContext', True)
+        self._security.setdefault('requestedAuthnContextComparison', 'exact')
+        self._security.setdefault('failOnAuthnContextMismatch', False)
 
     def check_settings(self, settings):
         """
@@ -328,7 +372,7 @@ def check_settings(self, settings):
         if not isinstance(settings, dict) or len(settings) == 0:
             errors.append('invalid_syntax')
         else:
-            if not self.__sp_validation_only:
+            if not self._sp_validation_only:
                 errors += self.check_idp_settings(settings)
             sp_errors = self.check_sp_settings(settings)
             errors += sp_errors
@@ -352,23 +396,24 @@ def check_idp_settings(self, settings):
             if not settings.get('idp'):
                 errors.append('idp_not_found')
             else:
+                allow_single_domain_urls = self._get_allow_single_label_domain(settings)
                 idp = settings['idp']
                 if not idp.get('entityId'):
                     errors.append('idp_entityId_not_found')
 
                 if not idp.get('singleSignOnService', {}).get('url'):
                     errors.append('idp_sso_not_found')
-                elif not validate_url(idp['singleSignOnService']['url']):
+                elif not validate_url(idp['singleSignOnService']['url'], allow_single_domain_urls):
                     errors.append('idp_sso_url_invalid')
 
                 slo_url = idp.get('singleLogoutService', {}).get('url')
-                if slo_url and not validate_url(slo_url):
+                if slo_url and not validate_url(slo_url, allow_single_domain_urls):
                     errors.append('idp_slo_url_invalid')
 
                 if 'security' in settings:
                     security = settings['security']
 
-                    exists_x509 = bool(idp.get('x509cert'))
+                    exists_x509 = bool(self.get_idp_cert())
                     exists_fingerprint = bool(idp.get('certFingerprint'))
 
                     exists_multix509sign = 'x509certMulti' in idp and \
@@ -383,7 +428,7 @@ def check_idp_settings(self, settings):
                     nameid_enc = bool(security.get('nameIdEncrypted'))
 
                     if (want_assert_sign or want_mes_signed) and \
-                            not(exists_x509 or exists_fingerprint or exists_multix509sign):
+                            not (exists_x509 or exists_fingerprint or exists_multix509sign):
                         errors.append('idp_cert_or_fingerprint_not_found_and_required')
                     if nameid_enc and not (exists_x509 or exists_multix509enc):
                         errors.append('idp_cert_not_found_and_required')
@@ -406,9 +451,10 @@ def check_sp_settings(self, settings):
             if not settings.get('sp'):
                 errors.append('sp_not_found')
             else:
-                # check_sp_certs uses self.__sp so I add it
-                old_sp = self.__sp
-                self.__sp = settings['sp']
+                allow_single_domain_urls = self._get_allow_single_label_domain(settings)
+                # check_sp_certs uses self._sp so I add it
+                old_sp = self._sp
+                self._sp = settings['sp']
 
                 sp = settings['sp']
                 security = settings.get('security', {})
@@ -418,7 +464,7 @@ def check_sp_settings(self, settings):
 
                 if not sp.get('assertionConsumerService', {}).get('url'):
                     errors.append('sp_acs_not_found')
-                elif not validate_url(sp['assertionConsumerService']['url']):
+                elif not validate_url(sp['assertionConsumerService']['url'], allow_single_domain_urls):
                     errors.append('sp_acs_url_invalid')
 
                 if sp.get('attributeConsumingService'):
@@ -447,7 +493,7 @@ def check_sp_settings(self, settings):
                         errors.append('sp_attributeConsumingService_serviceDescription_type_invalid')
 
                 slo_url = sp.get('singleLogoutService', {}).get('url')
-                if slo_url and not validate_url(slo_url):
+                if slo_url and not validate_url(slo_url, allow_single_domain_urls):
                     errors.append('sp_sls_url_invalid')
 
                 if 'signMetadata' in security and isinstance(security['signMetadata'], dict):
@@ -489,9 +535,9 @@ def check_sp_settings(self, settings):
                             ('url' not in organization or len(organization['url']) == 0):
                         errors.append('organization_not_enought_data')
                         break
-        # Restores the value that had the self.__sp
+        # Restores the value that had the self._sp
         if 'old_sp' in locals():
-            self.__sp = old_sp
+            self._sp = old_sp
 
         return errors
 
@@ -505,14 +551,46 @@ def check_sp_certs(self):
         cert = self.get_sp_cert()
         return key is not None and cert is not None
 
+    def get_idp_sso_url(self):
+        """
+        Gets the IdP SSO URL.
+
+        :returns: An URL, the SSO endpoint of the IdP
+        :rtype: string
+        """
+        idp_data = self.get_idp_data()
+        return idp_data['singleSignOnService']['url']
+
+    def get_idp_slo_url(self):
+        """
+        Gets the IdP SLO URL.
+
+        :returns: An URL, the SLO endpoint of the IdP
+        :rtype: string
+        """
+        idp_data = self.get_idp_data()
+        if 'url' in idp_data['singleLogoutService']:
+            return idp_data['singleLogoutService']['url']
+
+    def get_idp_slo_response_url(self):
+        """
+        Gets the IdP SLO return URL for IdP-initiated logout.
+
+        :returns: an URL, the SLO return endpoint of the IdP
+        :rtype: string
+        """
+        idp_data = self.get_idp_data()
+        if 'url' in idp_data['singleLogoutService']:
+            return idp_data['singleLogoutService'].get('responseUrl', self.get_idp_slo_url())
+
     def get_sp_key(self):
         """
         Returns the x509 private key of the SP.
         :returns: SP private key
         :rtype: string or None
         """
-        key = self.__sp.get('privateKey')
-        key_file_name = self.__paths['cert'] + 'sp.key'
+        key = self._sp.get('privateKey')
+        key_file_name = self._paths['cert'] + self._sp['key_filename']
 
         if not key and exists(key_file_name):
             with open(key_file_name) as f:
@@ -526,8 +604,8 @@ def get_sp_cert(self):
         :returns: SP public cert
         :rtype: string or None
         """
-        cert = self.__sp.get('x509cert')
-        cert_file_name = self.__paths['cert'] + 'sp.crt'
+        cert = self._sp.get('x509cert')
+        cert_file_name = self._paths['cert'] + self._sp['cert_filename']
 
         if not cert and exists(cert_file_name):
             with open(cert_file_name) as f:
@@ -542,8 +620,8 @@ def get_sp_cert_new(self):
         :returns: SP public cert new
         :rtype: string or None
         """
-        cert = self.__sp.get('x509certNew')
-        cert_file_name = self.__paths['cert'] + 'sp_new.crt'
+        cert = self._sp.get('x509certNew')
+        cert_file_name = self._paths['cert'] + 'sp_new.crt'
 
         if not cert and exists(cert_file_name):
             with open(cert_file_name) as f:
@@ -557,7 +635,12 @@ def get_idp_cert(self):
         :returns: IdP public cert
         :rtype: string
         """
-        return self.__idp.get('x509cert')
+        cert = self._idp.get('x509cert')
+        cert_file_name = self.get_cert_path() + self._idp['cert_filename']
+        if not cert and exists(cert_file_name):
+            with open(cert_file_name) as f:
+                cert = f.read()
+        return cert or None
 
     def get_idp_data(self):
         """
@@ -566,7 +649,7 @@ def get_idp_data(self):
         :returns: IdP info
         :rtype: dict
         """
-        return self.__idp
+        return self._idp
 
     def get_sp_data(self):
         """
@@ -575,7 +658,7 @@ def get_sp_data(self):
         :returns: SP info
         :rtype: dict
         """
-        return self.__sp
+        return self._sp
 
     def get_security_data(self):
         """
@@ -584,7 +667,7 @@ def get_security_data(self):
         :returns: Security info
         :rtype: dict
         """
-        return self.__security
+        return self._security
 
     def get_contacts(self):
         """
@@ -593,7 +676,7 @@ def get_contacts(self):
         :returns: Contacts info
         :rtype: dict
         """
-        return self.__contacts
+        return self._contacts
 
     def get_organization(self):
         """
@@ -602,7 +685,7 @@ def get_organization(self):
         :returns: Organization info
         :rtype: dict
         """
-        return self.__organization
+        return self._organization
 
     def get_sp_metadata(self):
         """
@@ -610,25 +693,25 @@ def get_sp_metadata(self):
         :returns: SP metadata (xml)
         :rtype: string
         """
-        metadata = OneLogin_Saml2_Metadata.builder(
-            self.__sp, self.__security['authnRequestsSigned'],
-            self.__security['wantAssertionsSigned'],
-            self.__security['metadataValidUntil'],
-            self.__security['metadataCacheDuration'],
+        metadata = self.metadata_class.builder(
+            self._sp, self._security['authnRequestsSigned'],
+            self._security['wantAssertionsSigned'],
+            self._security['metadataValidUntil'],
+            self._security['metadataCacheDuration'],
             self.get_contacts(), self.get_organization()
         )
 
-        add_encryption = self.__security['wantNameIdEncrypted'] or self.__security['wantAssertionsEncrypted']
+        add_encryption = self._security['wantNameIdEncrypted'] or self._security['wantAssertionsEncrypted']
 
         cert_new = self.get_sp_cert_new()
-        metadata = OneLogin_Saml2_Metadata.add_x509_key_descriptors(metadata, cert_new, add_encryption)
+        metadata = self.metadata_class.add_x509_key_descriptors(metadata, cert_new, add_encryption)
 
         cert = self.get_sp_cert()
-        metadata = OneLogin_Saml2_Metadata.add_x509_key_descriptors(metadata, cert, add_encryption)
+        metadata = self.metadata_class.add_x509_key_descriptors(metadata, cert, add_encryption)
 
         # Sign metadata
-        if 'signMetadata' in self.__security and self.__security['signMetadata'] is not False:
-            if self.__security['signMetadata'] is True:
+        if 'signMetadata' in self._security and self._security['signMetadata'] is not False:
+            if self._security['signMetadata'] is True:
                 # Use the SP's normal key to sign the metadata:
                 if not cert:
                     raise OneLogin_Saml2_Error(
@@ -644,16 +727,16 @@ def get_sp_metadata(self):
                     )
             else:
                 # Use a custom key to sign the metadata:
-                if ('keyFileName' not in self.__security['signMetadata'] or
-                        'certFileName' not in self.__security['signMetadata']):
+                if ('keyFileName' not in self._security['signMetadata'] or
+                        'certFileName' not in self._security['signMetadata']):
                     raise OneLogin_Saml2_Error(
                         'Invalid Setting: signMetadata value of the sp is not valid',
                         OneLogin_Saml2_Error.SETTINGS_INVALID_SYNTAX
                     )
-                key_file_name = self.__security['signMetadata']['keyFileName']
-                cert_file_name = self.__security['signMetadata']['certFileName']
-                key_metadata_file = self.__paths['cert'] + key_file_name
-                cert_metadata_file = self.__paths['cert'] + cert_file_name
+                key_file_name = self._security['signMetadata']['keyFileName']
+                cert_file_name = self._security['signMetadata']['certFileName']
+                key_metadata_file = self._paths['cert'] + key_file_name
+                cert_metadata_file = self._paths['cert'] + cert_file_name
 
                 try:
                     with open(key_metadata_file, 'r') as f_metadata_key:
@@ -675,10 +758,10 @@ def get_sp_metadata(self):
                         cert_metadata_file
                     )
 
-            signature_algorithm = self.__security['signatureAlgorithm']
-            digest_algorithm = self.__security['digestAlgorithm']
+            signature_algorithm = self._security['signatureAlgorithm']
+            digest_algorithm = self._security['digestAlgorithm']
 
-            metadata = OneLogin_Saml2_Metadata.sign_metadata(metadata, key_metadata, cert_metadata, signature_algorithm, digest_algorithm)
+            metadata = self.metadata_class.sign_metadata(metadata, key_metadata, cert_metadata, signature_algorithm, digest_algorithm)
 
         return metadata
 
@@ -699,7 +782,7 @@ def validate_metadata(self, xml):
             raise Exception('Empty string supplied as input')
 
         errors = []
-        root = OneLogin_Saml2_XML.validate_xml(xml, 'saml-schema-metadata-2.0.xsd', self.__debug)
+        root = OneLogin_Saml2_XML.validate_xml(xml, 'saml-schema-metadata-2.0.xsd', self._debug)
         if isinstance(root, str):
             errors.append(root)
         else:
@@ -725,38 +808,38 @@ def format_idp_cert(self):
         """
         Formats the IdP cert.
         """
-        self.__idp['x509cert'] = OneLogin_Saml2_Utils.format_cert(self.__idp['x509cert'])
+        self._idp['x509cert'] = OneLogin_Saml2_Utils.format_cert(self._idp['x509cert'])
 
     def format_idp_cert_multi(self):
         """
         Formats the Multple IdP certs.
         """
-        if 'x509certMulti' in self.__idp:
-            if 'signing' in self.__idp['x509certMulti']:
-                for idx in range(len(self.__idp['x509certMulti']['signing'])):
-                    self.__idp['x509certMulti']['signing'][idx] = OneLogin_Saml2_Utils.format_cert(self.__idp['x509certMulti']['signing'][idx])
+        if 'x509certMulti' in self._idp:
+            if 'signing' in self._idp['x509certMulti']:
+                for idx in range(len(self._idp['x509certMulti']['signing'])):
+                    self._idp['x509certMulti']['signing'][idx] = OneLogin_Saml2_Utils.format_cert(self._idp['x509certMulti']['signing'][idx])
 
-            if 'encryption' in self.__idp['x509certMulti']:
-                for idx in range(len(self.__idp['x509certMulti']['encryption'])):
-                    self.__idp['x509certMulti']['encryption'][idx] = OneLogin_Saml2_Utils.format_cert(self.__idp['x509certMulti']['encryption'][idx])
+            if 'encryption' in self._idp['x509certMulti']:
+                for idx in range(len(self._idp['x509certMulti']['encryption'])):
+                    self._idp['x509certMulti']['encryption'][idx] = OneLogin_Saml2_Utils.format_cert(self._idp['x509certMulti']['encryption'][idx])
 
     def format_sp_cert(self):
         """
         Formats the SP cert.
         """
-        self.__sp['x509cert'] = OneLogin_Saml2_Utils.format_cert(self.__sp['x509cert'])
+        self._sp['x509cert'] = OneLogin_Saml2_Utils.format_cert(self._sp['x509cert'])
 
     def format_sp_cert_new(self):
         """
         Formats the SP cert.
         """
-        self.__sp['x509certNew'] = OneLogin_Saml2_Utils.format_cert(self.__sp['x509certNew'])
+        self._sp['x509certNew'] = OneLogin_Saml2_Utils.format_cert(self._sp['x509certNew'])
 
     def format_sp_key(self):
         """
         Formats the private key.
         """
-        self.__sp['privateKey'] = OneLogin_Saml2_Utils.format_private_key(self.__sp['privateKey'])
+        self._sp['privateKey'] = OneLogin_Saml2_Utils.format_private_key(self._sp['privateKey'])
 
     def get_errors(self):
         """
@@ -765,7 +848,7 @@ def get_errors(self):
         :returns: Errors
         :rtype: list
         """
-        return self.__errors
+        return self._errors
 
     def set_strict(self, value):
         """
@@ -776,7 +859,7 @@ def set_strict(self, value):
         """
         assert isinstance(value, bool)
 
-        self.__strict = value
+        self._strict = value
 
     def is_strict(self):
         """
@@ -785,7 +868,7 @@ def is_strict(self):
         :returns: Strict parameter
         :rtype: boolean
         """
-        return self.__strict
+        return self._strict
 
     def is_debug_active(self):
         """
@@ -794,4 +877,8 @@ def is_debug_active(self):
         :returns: Debug parameter
         :rtype: boolean
         """
-        return self.__debug
+        return self._debug
+
+    def _get_allow_single_label_domain(self, settings):
+        security = settings.get('security', {})
+        return 'allowSingleLabelDomains' in security.keys() and security['allowSingleLabelDomains']
diff --git a/src/onelogin/saml2/utils.py b/src/onelogin/saml2/utils.py
index 4647c230..40313dd6 100644
--- a/src/onelogin/saml2/utils.py
+++ b/src/onelogin/saml2/utils.py
@@ -2,17 +2,15 @@
 
 """ OneLogin_Saml2_Utils class
 
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
-Auxiliary class of OneLogin's Python Toolkit.
+Auxiliary class of SAML Python Toolkit.
 
 """
 
 import base64
+import warnings
 from copy import deepcopy
-import calendar
-from datetime import datetime
+from datetime import datetime, timezone
 from hashlib import sha1, sha256, sha384, sha512
 from isodate import parse_duration as duration_parser
 import re
@@ -20,7 +18,6 @@
 from functools import wraps
 from uuid import uuid4
 from xml.dom.minidom import Element
-
 import zlib
 import xmlsec
 
@@ -31,8 +28,9 @@
 
 
 try:
-    from urllib.parse import quote_plus  # py3
+    from urllib.parse import quote_plus, urlsplit, urlunsplit  # py3
 except ImportError:
+    from urlparse import urlsplit, urlunsplit
     from urllib import quote_plus  # py2
 
 
@@ -42,15 +40,17 @@ def return_false_on_exception(func):
     raised by that function and return False. It may be overridden by passing a
     "raise_exceptions" keyword argument when calling the wrapped function.
     """
+
     @wraps(func)
     def exceptfalse(*args, **kwargs):
-        if not kwargs.pop('raise_exceptions', False):
+        if not kwargs.pop("raise_exceptions", False):
             try:
                 return func(*args, **kwargs)
             except Exception:
                 return False
         else:
             return func(*args, **kwargs)
+
     return exceptfalse
 
 
@@ -62,8 +62,12 @@ class OneLogin_Saml2_Utils(object):
 
     """
 
-    RESPONSE_SIGNATURE_XPATH = '/samlp:Response/ds:Signature'
-    ASSERTION_SIGNATURE_XPATH = '/samlp:Response/saml:Assertion/ds:Signature'
+    RESPONSE_SIGNATURE_XPATH = "/samlp:Response/ds:Signature"
+    ASSERTION_SIGNATURE_XPATH = "/samlp:Response/saml:Assertion/ds:Signature"
+
+    TIME_FORMAT = "%Y-%m-%dT%H:%M:%SZ"
+    TIME_FORMAT_2 = "%Y-%m-%dT%H:%M:%S.%fZ"
+    TIME_FORMAT_WITH_FRAGMENT = re.compile(r"^(\d{4,4}-\d{2,2}-\d{2,2}T\d{2,2}:\d{2,2}:\d{2,2})(\.\d*)?Z?$")
 
     @staticmethod
     def escape_url(url, lowercase_urlencoding=False):
@@ -137,13 +141,13 @@ def format_cert(cert, heads=True):
         :returns: Formatted cert
         :rtype: string
         """
-        x509_cert = cert.replace('\x0D', '')
-        x509_cert = x509_cert.replace('\r', '')
-        x509_cert = x509_cert.replace('\n', '')
+        x509_cert = cert.replace("\x0D", "")
+        x509_cert = x509_cert.replace("\r", "")
+        x509_cert = x509_cert.replace("\n", "")
         if len(x509_cert) > 0:
-            x509_cert = x509_cert.replace('-----BEGIN CERTIFICATE-----', '')
-            x509_cert = x509_cert.replace('-----END CERTIFICATE-----', '')
-            x509_cert = x509_cert.replace(' ', '')
+            x509_cert = x509_cert.replace("-----BEGIN CERTIFICATE-----", "")
+            x509_cert = x509_cert.replace("-----END CERTIFICATE-----", "")
+            x509_cert = x509_cert.replace(" ", "")
 
             if heads:
                 x509_cert = "-----BEGIN CERTIFICATE-----\n" + "\n".join(wrap(x509_cert, 64)) + "\n-----END CERTIFICATE-----\n"
@@ -164,20 +168,20 @@ def format_private_key(key, heads=True):
         :returns: Formated private key
         :rtype: string
         """
-        private_key = key.replace('\x0D', '')
-        private_key = private_key.replace('\r', '')
-        private_key = private_key.replace('\n', '')
+        private_key = key.replace("\x0D", "")
+        private_key = private_key.replace("\r", "")
+        private_key = private_key.replace("\n", "")
         if len(private_key) > 0:
-            if private_key.find('-----BEGIN PRIVATE KEY-----') != -1:
-                private_key = private_key.replace('-----BEGIN PRIVATE KEY-----', '')
-                private_key = private_key.replace('-----END PRIVATE KEY-----', '')
-                private_key = private_key.replace(' ', '')
+            if private_key.find("-----BEGIN PRIVATE KEY-----") != -1:
+                private_key = private_key.replace("-----BEGIN PRIVATE KEY-----", "")
+                private_key = private_key.replace("-----END PRIVATE KEY-----", "")
+                private_key = private_key.replace(" ", "")
                 if heads:
                     private_key = "-----BEGIN PRIVATE KEY-----\n" + "\n".join(wrap(private_key, 64)) + "\n-----END PRIVATE KEY-----\n"
             else:
-                private_key = private_key.replace('-----BEGIN RSA PRIVATE KEY-----', '')
-                private_key = private_key.replace('-----END RSA PRIVATE KEY-----', '')
-                private_key = private_key.replace(' ', '')
+                private_key = private_key.replace("-----BEGIN RSA PRIVATE KEY-----", "")
+                private_key = private_key.replace("-----END RSA PRIVATE KEY-----", "")
+                private_key = private_key.replace(" ", "")
                 if heads:
                     private_key = "-----BEGIN RSA PRIVATE KEY-----\n" + "\n".join(wrap(private_key, 64)) + "\n-----END RSA PRIVATE KEY-----\n"
         return private_key
@@ -202,38 +206,35 @@ def redirect(url, parameters={}, request_data={}):
         assert isinstance(url, compat.str_type)
         assert isinstance(parameters, dict)
 
-        if url.startswith('/'):
-            url = '%s%s' % (OneLogin_Saml2_Utils.get_self_url_host(request_data), url)
+        if url.startswith("/"):
+            url = "%s%s" % (OneLogin_Saml2_Utils.get_self_url_host(request_data), url)
 
         # Verify that the URL is to a http or https site.
-        if re.search('^https?://', url) is None:
-            raise OneLogin_Saml2_Error(
-                'Redirect to invalid URL: ' + url,
-                OneLogin_Saml2_Error.REDIRECT_INVALID_URL
-            )
+        if re.search("^https?://", url, flags=re.IGNORECASE) is None:
+            raise OneLogin_Saml2_Error("Redirect to invalid URL: " + url, OneLogin_Saml2_Error.REDIRECT_INVALID_URL)
 
         # Add encoded parameters
-        if url.find('?') < 0:
-            param_prefix = '?'
+        if url.find("?") < 0:
+            param_prefix = "?"
         else:
-            param_prefix = '&'
+            param_prefix = "&"
 
         for name, value in parameters.items():
 
             if value is None:
                 param = OneLogin_Saml2_Utils.escape_url(name)
             elif isinstance(value, list):
-                param = ''
+                param = ""
                 for val in value:
-                    param += OneLogin_Saml2_Utils.escape_url(name) + '[]=' + OneLogin_Saml2_Utils.escape_url(val) + '&'
+                    param += OneLogin_Saml2_Utils.escape_url(name) + "[]=" + OneLogin_Saml2_Utils.escape_url(val) + "&"
                 if len(param) > 0:
                     param = param[0:-1]
             else:
-                param = OneLogin_Saml2_Utils.escape_url(name) + '=' + OneLogin_Saml2_Utils.escape_url(value)
+                param = OneLogin_Saml2_Utils.escape_url(name) + "=" + OneLogin_Saml2_Utils.escape_url(value)
 
             if param:
                 url += param_prefix + param
-                param_prefix = '&'
+                param_prefix = "&"
 
         return url
 
@@ -250,27 +251,24 @@ def get_self_url_host(request_data):
         :rtype: string
         """
         current_host = OneLogin_Saml2_Utils.get_self_host(request_data)
-        port = ''
-        if OneLogin_Saml2_Utils.is_https(request_data):
-            protocol = 'https'
-        else:
-            protocol = 'http'
-
-        if 'server_port' in request_data and request_data['server_port'] is not None:
-            port_number = str(request_data['server_port'])
-            port = ':' + port_number
+        protocol = "https" if OneLogin_Saml2_Utils.is_https(request_data) else "http"
 
-            if protocol == 'http' and port_number == '80':
-                port = ''
-            elif protocol == 'https' and port_number == '443':
-                port = ''
+        if request_data.get("server_port") is not None:
+            warnings.warn(
+                "The server_port key in request data is deprecated. " "The http_host key should include a port, if required.",
+                category=DeprecationWarning,
+            )
+            port_suffix = ":%s" % request_data["server_port"]
+            if not current_host.endswith(port_suffix):
+                if not ((protocol == "https" and port_suffix == ":443") or (protocol == "http" and port_suffix == ":80")):
+                    current_host += port_suffix
 
-        return '%s://%s%s' % (protocol, current_host, port)
+        return "%s://%s" % (protocol, current_host)
 
     @staticmethod
     def get_self_host(request_data):
         """
-        Returns the current host.
+        Returns the current host (which may include a port number part).
 
         :param request_data: The request as a dict
         :type: dict
@@ -278,23 +276,12 @@ def get_self_host(request_data):
         :return: The current host
         :rtype: string
         """
-        if 'http_host' in request_data:
-            current_host = request_data['http_host']
-        elif 'server_name' in request_data:
-            current_host = request_data['server_name']
-        else:
-            raise Exception('No hostname defined')
-
-        if ':' in current_host:
-            current_host_data = current_host.split(':')
-            possible_port = current_host_data[-1]
-            try:
-                int(possible_port)
-                current_host = current_host_data[0]
-            except ValueError:
-                current_host = ':'.join(current_host_data)
-
-        return current_host
+        if "http_host" in request_data:
+            return request_data["http_host"]
+        elif "server_name" in request_data:
+            warnings.warn("The server_name key in request data is undocumented & deprecated.", category=DeprecationWarning)
+            return request_data["server_name"]
+        raise Exception("No hostname defined")
 
     @staticmethod
     def is_https(request_data):
@@ -307,8 +294,9 @@ def is_https(request_data):
         :return: False if https is not active
         :rtype: boolean
         """
-        is_https = 'https' in request_data and request_data['https'] != 'off'
-        is_https = is_https or ('server_port' in request_data and str(request_data['server_port']) == '443')
+        is_https = "https" in request_data and request_data["https"] != "off"
+        # TODO: this use of server_port should be removed too
+        is_https = is_https or ("server_port" in request_data and str(request_data["server_port"]) == "443")
         return is_https
 
     @staticmethod
@@ -323,15 +311,15 @@ def get_self_url_no_query(request_data):
         :rtype: string
         """
         self_url_host = OneLogin_Saml2_Utils.get_self_url_host(request_data)
-        script_name = request_data['script_name']
+        script_name = request_data["script_name"]
         if script_name:
-            if script_name[0] != '/':
-                script_name = '/' + script_name
+            if script_name[0] != "/":
+                script_name = "/" + script_name
         else:
-            script_name = ''
+            script_name = ""
         self_url_no_query = self_url_host + script_name
-        if 'path_info' in request_data:
-            self_url_no_query += request_data['path_info']
+        if "path_info" in request_data:
+            self_url_no_query += request_data["path_info"]
 
         return self_url_no_query
 
@@ -347,11 +335,11 @@ def get_self_routed_url_no_query(request_data):
         :rtype: string
         """
         self_url_host = OneLogin_Saml2_Utils.get_self_url_host(request_data)
-        route = ''
-        if 'request_uri' in request_data and request_data['request_uri']:
-            route = request_data['request_uri']
-            if 'query_string' in request_data and request_data['query_string']:
-                route = route.replace(request_data['query_string'], '')
+        route = ""
+        if "request_uri" in request_data and request_data["request_uri"]:
+            route = request_data["request_uri"]
+            if "query_string" in request_data and request_data["query_string"]:
+                route = route.replace(request_data["query_string"], "")
 
         return self_url_host + route
 
@@ -368,11 +356,11 @@ def get_self_url(request_data):
         """
         self_url_host = OneLogin_Saml2_Utils.get_self_url_host(request_data)
 
-        request_uri = ''
-        if 'request_uri' in request_data:
-            request_uri = request_data['request_uri']
-            if not request_uri.startswith('/'):
-                match = re.search('^https?://[^/]*(/.*)', request_uri)
+        request_uri = ""
+        if "request_uri" in request_data:
+            request_uri = request_data["request_uri"]
+            if not request_uri.startswith("/"):
+                match = re.search("^https?://[^/]*(/.*)", request_uri)
                 if match is not None:
                     request_uri = match.groups()[0]
 
@@ -386,7 +374,7 @@ def generate_unique_id():
         :return: A unique string
         :rtype: string
         """
-        return 'ONELOGIN_%s' % sha1(compat.to_bytes(uuid4().hex)).hexdigest()
+        return "ONELOGIN_%s" % sha1(compat.to_bytes(uuid4().hex)).hexdigest()
 
     @staticmethod
     def parse_time_to_SAML(time):
@@ -400,8 +388,8 @@ def parse_time_to_SAML(time):
         :return: SAML2 timestamp.
         :rtype: string
         """
-        data = datetime.utcfromtimestamp(float(time))
-        return data.strftime('%Y-%m-%dT%H:%M:%SZ')
+        data = datetime.fromtimestamp(float(time), timezone.utc)
+        return data.strftime(OneLogin_Saml2_Utils.TIME_FORMAT)
 
     @staticmethod
     def parse_SAML_to_time(timestr):
@@ -416,10 +404,17 @@ def parse_SAML_to_time(timestr):
         :rtype: int
         """
         try:
-            data = datetime.strptime(timestr, '%Y-%m-%dT%H:%M:%SZ')
+            data = datetime.strptime(timestr, OneLogin_Saml2_Utils.TIME_FORMAT).replace(tzinfo=timezone.utc)
         except ValueError:
-            data = datetime.strptime(timestr, '%Y-%m-%dT%H:%M:%S.%fZ')
-        return calendar.timegm(data.utctimetuple())
+            try:
+                data = datetime.strptime(timestr, OneLogin_Saml2_Utils.TIME_FORMAT_2).replace(tzinfo=timezone.utc)
+            except ValueError:
+                elem = OneLogin_Saml2_Utils.TIME_FORMAT_WITH_FRAGMENT.match(timestr)
+                if not elem:
+                    raise Exception("time data %s does not match format %s" % (timestr, r"yyyy-mm-ddThh:mm:ss(\.s+)?Z"))
+                data = datetime.strptime(elem.groups()[0] + "Z", OneLogin_Saml2_Utils.TIME_FORMAT).replace(tzinfo=timezone.utc)
+
+        return int(data.timestamp())
 
     @staticmethod
     def now():
@@ -427,7 +422,7 @@ def now():
         :return: unix timestamp of actual time.
         :rtype: int
         """
-        return calendar.timegm(datetime.utcnow().utctimetuple())
+        return int(datetime.now(timezone.utc).timestamp())
 
     @staticmethod
     def parse_duration(duration, timestamp=None):
@@ -449,10 +444,10 @@ def parse_duration(duration, timestamp=None):
 
         timedelta = duration_parser(duration)
         if timestamp is None:
-            data = datetime.utcnow() + timedelta
+            data = datetime.now(timezone.utc) + timedelta
         else:
-            data = datetime.utcfromtimestamp(timestamp) + timedelta
-        return calendar.timegm(data.utctimetuple())
+            data = datetime.fromtimestamp(timestamp, timezone.utc) + timedelta
+        return int(data.timestamp())
 
     @staticmethod
     def get_expire_time(cache_duration=None, valid_until=None):
@@ -482,7 +477,7 @@ def get_expire_time(cache_duration=None, valid_until=None):
                 expire_time = valid_until_time
 
         if expire_time is not None:
-            return '%d' % expire_time
+            return "%d" % expire_time
         return None
 
     @staticmethod
@@ -495,7 +490,7 @@ def delete_local_session(callback=None):
             callback()
 
     @staticmethod
-    def calculate_x509_fingerprint(x509_cert, alg='sha1'):
+    def calculate_x509_fingerprint(x509_cert, alg="sha1"):
         """
         Calculates the fingerprint of a formatted x509cert.
 
@@ -510,21 +505,21 @@ def calculate_x509_fingerprint(x509_cert, alg='sha1'):
         """
         assert isinstance(x509_cert, compat.str_type)
 
-        lines = x509_cert.split('\n')
-        data = ''
+        lines = x509_cert.split("\n")
+        data = ""
         inData = False
 
         for line in lines:
             # Remove '\r' from end of line if present.
             line = line.rstrip()
             if not inData:
-                if line == '-----BEGIN CERTIFICATE-----':
+                if line == "-----BEGIN CERTIFICATE-----":
                     inData = True
-                elif line == '-----BEGIN PUBLIC KEY-----' or line == '-----BEGIN RSA PRIVATE KEY-----':
+                elif line == "-----BEGIN PUBLIC KEY-----" or line == "-----BEGIN RSA PRIVATE KEY-----":
                     # This isn't an X509 certificate.
                     return None
             else:
-                if line == '-----END CERTIFICATE-----':
+                if line == "-----END CERTIFICATE-----":
                     break
 
                 # Append the current line to the certificate data.
@@ -535,11 +530,11 @@ def calculate_x509_fingerprint(x509_cert, alg='sha1'):
 
         decoded_data = base64.b64decode(compat.to_bytes(data))
 
-        if alg == 'sha512':
+        if alg == "sha512":
             fingerprint = sha512(decoded_data)
-        elif alg == 'sha384':
+        elif alg == "sha384":
             fingerprint = sha384(decoded_data)
-        elif alg == 'sha256':
+        elif alg == "sha256":
             fingerprint = sha256(decoded_data)
         else:
             fingerprint = sha1(decoded_data)
@@ -557,7 +552,7 @@ def format_finger_print(fingerprint):
         :returns: Formatted fingerprint
         :rtype: string
         """
-        formatted_fingerprint = fingerprint.replace(':', '')
+        formatted_fingerprint = fingerprint.replace(":", "")
         return formatted_fingerprint.lower()
 
     @staticmethod
@@ -588,13 +583,13 @@ def generate_name_id(value, sp_nq, sp_format=None, cert=None, debug=False, nq=No
         """
 
         root = OneLogin_Saml2_XML.make_root("{%s}container" % OneLogin_Saml2_Constants.NS_SAML)
-        name_id = OneLogin_Saml2_XML.make_child(root, '{%s}NameID' % OneLogin_Saml2_Constants.NS_SAML)
+        name_id = OneLogin_Saml2_XML.make_child(root, "{%s}NameID" % OneLogin_Saml2_Constants.NS_SAML)
         if sp_nq is not None:
-            name_id.set('SPNameQualifier', sp_nq)
+            name_id.set("SPNameQualifier", sp_nq)
         if sp_format is not None:
-            name_id.set('Format', sp_format)
+            name_id.set("Format", sp_format)
         if nq is not None:
-            name_id.set('NameQualifier', nq)
+            name_id.set("NameQualifier", nq)
         name_id.text = value
 
         if cert is not None:
@@ -605,8 +600,7 @@ def generate_name_id(value, sp_nq, sp_format=None, cert=None, debug=False, nq=No
             manager.add_key(xmlsec.Key.from_memory(cert, xmlsec.KeyFormat.CERT_PEM, None))
 
             # Prepare for encryption
-            enc_data = xmlsec.template.encrypted_data_create(
-                root, xmlsec.Transform.AES128, type=xmlsec.EncryptionType.ELEMENT, ns="xenc")
+            enc_data = xmlsec.template.encrypted_data_create(root, xmlsec.Transform.AES128, type=xmlsec.EncryptionType.ELEMENT, ns="xenc")
 
             xmlsec.template.encrypted_data_ensure_cipher_value(enc_data)
             key_info = xmlsec.template.encrypted_data_ensure_key_info(enc_data, ns="dsig")
@@ -617,7 +611,7 @@ def generate_name_id(value, sp_nq, sp_format=None, cert=None, debug=False, nq=No
             enc_ctx = xmlsec.EncryptionContext(manager)
             enc_ctx.key = xmlsec.Key.generate(xmlsec.KeyData.AES, 128, xmlsec.KeyDataType.SESSION)
             enc_data = enc_ctx.encrypt_xml(enc_data, name_id)
-            return '<saml:EncryptedID>' + compat.to_string(OneLogin_Saml2_XML.to_string(enc_data)) + '</saml:EncryptedID>'
+            return "<saml:EncryptedID>" + compat.to_string(OneLogin_Saml2_XML.to_string(enc_data)) + "</saml:EncryptedID>"
         else:
             return OneLogin_Saml2_XML.extract_tag_text(root, "saml:NameID")
 
@@ -634,30 +628,24 @@ def get_status(dom):
         """
         status = {}
 
-        status_entry = OneLogin_Saml2_XML.query(dom, '/samlp:Response/samlp:Status')
+        status_entry = OneLogin_Saml2_XML.query(dom, "/samlp:Response/samlp:Status")
         if len(status_entry) != 1:
-            raise OneLogin_Saml2_ValidationError(
-                'Missing Status on response',
-                OneLogin_Saml2_ValidationError.MISSING_STATUS
-            )
+            raise OneLogin_Saml2_ValidationError("Missing Status on response", OneLogin_Saml2_ValidationError.MISSING_STATUS)
 
-        code_entry = OneLogin_Saml2_XML.query(dom, '/samlp:Response/samlp:Status/samlp:StatusCode', status_entry[0])
+        code_entry = OneLogin_Saml2_XML.query(dom, "/samlp:Response/samlp:Status/samlp:StatusCode", status_entry[0])
         if len(code_entry) != 1:
-            raise OneLogin_Saml2_ValidationError(
-                'Missing Status Code on response',
-                OneLogin_Saml2_ValidationError.MISSING_STATUS_CODE
-            )
+            raise OneLogin_Saml2_ValidationError("Missing Status Code on response", OneLogin_Saml2_ValidationError.MISSING_STATUS_CODE)
         code = code_entry[0].values()[0]
-        status['code'] = code
+        status["code"] = code
 
-        status['msg'] = ''
-        message_entry = OneLogin_Saml2_XML.query(dom, '/samlp:Response/samlp:Status/samlp:StatusMessage', status_entry[0])
+        status["msg"] = ""
+        message_entry = OneLogin_Saml2_XML.query(dom, "/samlp:Response/samlp:Status/samlp:StatusMessage", status_entry[0])
         if len(message_entry) == 0:
-            subcode_entry = OneLogin_Saml2_XML.query(dom, '/samlp:Response/samlp:Status/samlp:StatusCode/samlp:StatusCode', status_entry[0])
+            subcode_entry = OneLogin_Saml2_XML.query(dom, "/samlp:Response/samlp:Status/samlp:StatusCode/samlp:StatusCode", status_entry[0])
             if len(subcode_entry) == 1:
-                status['msg'] = subcode_entry[0].values()[0]
+                status["msg"] = subcode_entry[0].values()[0]
         elif len(message_entry) == 1:
-            status['msg'] = OneLogin_Saml2_XML.element_text(message_entry[0])
+            status["msg"] = OneLogin_Saml2_XML.element_text(message_entry[0])
 
         return status
 
@@ -697,7 +685,7 @@ def decrypt_element(encrypted_data, key, debug=False, inplace=False):
         return enc_ctx.decrypt(encrypted_data)
 
     @staticmethod
-    def add_sign(xml, key, cert, debug=False, sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA1, digest_algorithm=OneLogin_Saml2_Constants.SHA1):
+    def add_sign(xml, key, cert, debug=False, sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA256, digest_algorithm=OneLogin_Saml2_Constants.SHA256):
         """
         Adds signature key and senders certificate to an element (Message or
         Assertion).
@@ -723,8 +711,8 @@ def add_sign(xml, key, cert, debug=False, sign_algorithm=OneLogin_Saml2_Constant
         :returns: Signed XML
         :rtype: string
         """
-        if xml is None or xml == '':
-            raise Exception('Empty string supplied as input')
+        if xml is None or xml == "":
+            raise Exception("Empty string supplied as input")
 
         elem = OneLogin_Saml2_XML.to_etree(xml)
 
@@ -733,33 +721,33 @@ def add_sign(xml, key, cert, debug=False, sign_algorithm=OneLogin_Saml2_Constant
             OneLogin_Saml2_Constants.RSA_SHA1: xmlsec.Transform.RSA_SHA1,
             OneLogin_Saml2_Constants.RSA_SHA256: xmlsec.Transform.RSA_SHA256,
             OneLogin_Saml2_Constants.RSA_SHA384: xmlsec.Transform.RSA_SHA384,
-            OneLogin_Saml2_Constants.RSA_SHA512: xmlsec.Transform.RSA_SHA512
+            OneLogin_Saml2_Constants.RSA_SHA512: xmlsec.Transform.RSA_SHA512,
         }
-        sign_algorithm_transform = sign_algorithm_transform_map.get(sign_algorithm, xmlsec.Transform.RSA_SHA1)
+        sign_algorithm_transform = sign_algorithm_transform_map.get(sign_algorithm, xmlsec.Transform.RSA_SHA256)
 
-        signature = xmlsec.template.create(elem, xmlsec.Transform.EXCL_C14N, sign_algorithm_transform, ns='ds')
+        signature = xmlsec.template.create(elem, xmlsec.Transform.EXCL_C14N, sign_algorithm_transform, ns="ds")
 
-        issuer = OneLogin_Saml2_XML.query(elem, '//saml:Issuer')
+        issuer = OneLogin_Saml2_XML.query(elem, "//saml:Issuer")
         if len(issuer) > 0:
             issuer = issuer[0]
             issuer.addnext(signature)
             elem_to_sign = issuer.getparent()
         else:
-            entity_descriptor = OneLogin_Saml2_XML.query(elem, '//md:EntityDescriptor')
+            entity_descriptor = OneLogin_Saml2_XML.query(elem, "//md:EntityDescriptor")
             if len(entity_descriptor) > 0:
                 elem.insert(0, signature)
             else:
                 elem[0].insert(0, signature)
             elem_to_sign = elem
 
-        elem_id = elem_to_sign.get('ID', None)
+        elem_id = elem_to_sign.get("ID", None)
         if elem_id is not None:
             if elem_id:
-                elem_id = '#' + elem_id
+                elem_id = "#" + elem_id
         else:
             generated_id = generated_id = OneLogin_Saml2_Utils.generate_unique_id()
-            elem_id = '#' + generated_id
-            elem_to_sign.attrib['ID'] = generated_id
+            elem_id = "#" + generated_id
+            elem_to_sign.attrib["ID"] = generated_id
 
         xmlsec.enable_debug_trace(debug)
         xmlsec.tree.add_ids(elem_to_sign, ["ID"])
@@ -768,9 +756,9 @@ def add_sign(xml, key, cert, debug=False, sign_algorithm=OneLogin_Saml2_Constant
             OneLogin_Saml2_Constants.SHA1: xmlsec.Transform.SHA1,
             OneLogin_Saml2_Constants.SHA256: xmlsec.Transform.SHA256,
             OneLogin_Saml2_Constants.SHA384: xmlsec.Transform.SHA384,
-            OneLogin_Saml2_Constants.SHA512: xmlsec.Transform.SHA512
+            OneLogin_Saml2_Constants.SHA512: xmlsec.Transform.SHA512,
         }
-        digest_algorithm_transform = digest_algorithm_transform_map.get(digest_algorithm, xmlsec.Transform.SHA1)
+        digest_algorithm_transform = digest_algorithm_transform_map.get(digest_algorithm, xmlsec.Transform.SHA256)
 
         ref = xmlsec.template.add_reference(signature, digest_algorithm_transform, uri=elem_id)
         xmlsec.template.add_transform(ref, xmlsec.Transform.ENVELOPED)
@@ -789,7 +777,7 @@ def add_sign(xml, key, cert, debug=False, sign_algorithm=OneLogin_Saml2_Constant
 
     @staticmethod
     @return_false_on_exception
-    def validate_sign(xml, cert=None, fingerprint=None, fingerprintalg='sha1', validatecert=False, debug=False, xpath=None, multicerts=None):
+    def validate_sign(xml, cert=None, fingerprint=None, fingerprintalg="sha1", validatecert=False, debug=False, xpath=None, multicerts=None):
         """
         Validates a signature (Message or Assertion).
 
@@ -820,8 +808,8 @@ def validate_sign(xml, cert=None, fingerprint=None, fingerprintalg='sha1', valid
         :param raise_exceptions: Whether to return false on failure or raise an exception
         :type raise_exceptions: Boolean
         """
-        if xml is None or xml == '':
-            raise Exception('Empty string supplied as input')
+        if xml is None or xml == "":
+            raise Exception("Empty string supplied as input")
 
         elem = OneLogin_Saml2_XML.to_etree(xml)
         xmlsec.enable_debug_trace(debug)
@@ -848,19 +836,13 @@ def validate_sign(xml, cert=None, fingerprint=None, fingerprintalg='sha1', valid
                 for cert in multicerts:
                     if OneLogin_Saml2_Utils.validate_node_sign(signature_node, elem, cert, fingerprint, fingerprintalg, validatecert, False, raise_exceptions=False):
                         return True
-                raise OneLogin_Saml2_ValidationError(
-                    'Signature validation failed. SAML Response rejected.',
-                    OneLogin_Saml2_ValidationError.INVALID_SIGNATURE
-                )
+                raise OneLogin_Saml2_ValidationError("Signature validation failed. SAML Response rejected.", OneLogin_Saml2_ValidationError.INVALID_SIGNATURE)
         else:
-            raise OneLogin_Saml2_ValidationError(
-                'Expected exactly one signature node; got {}.'.format(len(signature_nodes)),
-                OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES
-            )
+            raise OneLogin_Saml2_ValidationError("Expected exactly one signature node; got {}.".format(len(signature_nodes)), OneLogin_Saml2_ValidationError.WRONG_NUMBER_OF_SIGNATURES)
 
     @staticmethod
     @return_false_on_exception
-    def validate_metadata_sign(xml, cert=None, fingerprint=None, fingerprintalg='sha1', validatecert=False, debug=False):
+    def validate_metadata_sign(xml, cert=None, fingerprint=None, fingerprintalg="sha1", validatecert=False, debug=False):
         """
         Validates a signature of a EntityDescriptor.
 
@@ -885,33 +867,33 @@ def validate_metadata_sign(xml, cert=None, fingerprint=None, fingerprintalg='sha
         :param raise_exceptions: Whether to return false on failure or raise an exception
         :type raise_exceptions: Boolean
         """
-        if xml is None or xml == '':
-            raise Exception('Empty string supplied as input')
+        if xml is None or xml == "":
+            raise Exception("Empty string supplied as input")
 
         elem = OneLogin_Saml2_XML.to_etree(xml)
         xmlsec.enable_debug_trace(debug)
         xmlsec.tree.add_ids(elem, ["ID"])
 
-        signature_nodes = OneLogin_Saml2_XML.query(elem, '/md:EntitiesDescriptor/ds:Signature')
+        signature_nodes = OneLogin_Saml2_XML.query(elem, "/md:EntitiesDescriptor/ds:Signature")
 
         if len(signature_nodes) == 0:
-            signature_nodes += OneLogin_Saml2_XML.query(elem, '/md:EntityDescriptor/ds:Signature')
+            signature_nodes += OneLogin_Saml2_XML.query(elem, "/md:EntityDescriptor/ds:Signature")
 
             if len(signature_nodes) == 0:
-                signature_nodes += OneLogin_Saml2_XML.query(elem, '/md:EntityDescriptor/md:SPSSODescriptor/ds:Signature')
-                signature_nodes += OneLogin_Saml2_XML.query(elem, '/md:EntityDescriptor/md:IDPSSODescriptor/ds:Signature')
+                signature_nodes += OneLogin_Saml2_XML.query(elem, "/md:EntityDescriptor/md:SPSSODescriptor/ds:Signature")
+                signature_nodes += OneLogin_Saml2_XML.query(elem, "/md:EntityDescriptor/md:IDPSSODescriptor/ds:Signature")
 
         if len(signature_nodes) > 0:
             for signature_node in signature_nodes:
-                # Raises expection if invalid
+                # Raises exception if invalid
                 OneLogin_Saml2_Utils.validate_node_sign(signature_node, elem, cert, fingerprint, fingerprintalg, validatecert, debug, raise_exceptions=True)
             return True
         else:
-            raise Exception('Could not validate metadata signature: No signature nodes found.')
+            raise Exception("Could not validate metadata signature: No signature nodes found.")
 
     @staticmethod
     @return_false_on_exception
-    def validate_node_sign(signature_node, elem, cert=None, fingerprint=None, fingerprintalg='sha1', validatecert=False, debug=False):
+    def validate_node_sign(signature_node, elem, cert=None, fingerprint=None, fingerprintalg="sha1", validatecert=False, debug=False):
         """
         Validates a signature node.
 
@@ -939,8 +921,8 @@ def validate_node_sign(signature_node, elem, cert=None, fingerprint=None, finger
         :param raise_exceptions: Whether to return false on failure or raise an exception
         :type raise_exceptions: Boolean
         """
-        if (cert is None or cert == '') and fingerprint:
-            x509_certificate_nodes = OneLogin_Saml2_XML.query(signature_node, '//ds:Signature/ds:KeyInfo/ds:X509Data/ds:X509Certificate')
+        if (cert is None or cert == "") and fingerprint:
+            x509_certificate_nodes = OneLogin_Saml2_XML.query(signature_node, "//ds:Signature/ds:KeyInfo/ds:X509Data/ds:X509Certificate")
             if len(x509_certificate_nodes) > 0:
                 x509_certificate_node = x509_certificate_nodes[0]
                 x509_cert_value = OneLogin_Saml2_XML.element_text(x509_certificate_node)
@@ -949,17 +931,14 @@ def validate_node_sign(signature_node, elem, cert=None, fingerprint=None, finger
                 if fingerprint == x509_fingerprint_value:
                     cert = x509_cert_value_formatted
 
-        if cert is None or cert == '':
-            raise OneLogin_Saml2_Error(
-                'Could not validate node signature: No certificate provided.',
-                OneLogin_Saml2_Error.CERT_NOT_FOUND
-            )
+        if cert is None or cert == "":
+            raise OneLogin_Saml2_Error("Could not validate node signature: No certificate provided.", OneLogin_Saml2_Error.CERT_NOT_FOUND)
 
         # Check if Reference URI is empty
-        reference_elem = OneLogin_Saml2_XML.query(signature_node, '//ds:Reference')
-        if len(reference_elem) > 0:
-            if reference_elem[0].get('URI') == '':
-                reference_elem[0].set('URI', '#%s' % signature_node.getparent().get('ID'))
+        # reference_elem = OneLogin_Saml2_XML.query(signature_node, '//ds:Reference')
+        # if len(reference_elem) > 0:
+        #     if reference_elem[0].get('URI') == '':
+        #         reference_elem[0].set('URI', '#%s' % signature_node.getparent().get('ID'))
 
         if validatecert:
             manager = xmlsec.KeysManager()
@@ -974,16 +953,12 @@ def validate_node_sign(signature_node, elem, cert=None, fingerprint=None, finger
         try:
             dsig_ctx.verify(signature_node)
         except Exception as err:
-            raise OneLogin_Saml2_ValidationError(
-                'Signature validation failed. SAML Response rejected. %s',
-                OneLogin_Saml2_ValidationError.INVALID_SIGNATURE,
-                str(err)
-            )
+            raise OneLogin_Saml2_ValidationError("Signature validation failed. SAML Response rejected. %s", OneLogin_Saml2_ValidationError.INVALID_SIGNATURE, str(err))
 
         return True
 
     @staticmethod
-    def sign_binary(msg, key, algorithm=xmlsec.Transform.RSA_SHA1, debug=False):
+    def sign_binary(msg, key, algorithm=xmlsec.Transform.RSA_SHA256, debug=False):
         """
         Sign binary message
 
@@ -1001,7 +976,7 @@ def sign_binary(msg, key, algorithm=xmlsec.Transform.RSA_SHA1, debug=False):
         """
 
         if isinstance(msg, str):
-            msg = msg.encode('utf8')
+            msg = msg.encode("utf8")
 
         xmlsec.enable_debug_trace(debug)
         dsig_ctx = xmlsec.SignatureContext()
@@ -1009,7 +984,7 @@ def sign_binary(msg, key, algorithm=xmlsec.Transform.RSA_SHA1, debug=False):
         return dsig_ctx.sign_binary(compat.to_bytes(msg), algorithm)
 
     @staticmethod
-    def validate_binary_sign(signed_query, signature, cert=None, algorithm=OneLogin_Saml2_Constants.RSA_SHA1, debug=False):
+    def validate_binary_sign(signed_query, signature, cert=None, algorithm=OneLogin_Saml2_Constants.RSA_SHA256, debug=False):
         """
         Validates signed binary data (Used to validate GET Signature).
 
@@ -1039,15 +1014,34 @@ def validate_binary_sign(signed_query, signature, cert=None, algorithm=OneLogin_
                 OneLogin_Saml2_Constants.RSA_SHA1: xmlsec.Transform.RSA_SHA1,
                 OneLogin_Saml2_Constants.RSA_SHA256: xmlsec.Transform.RSA_SHA256,
                 OneLogin_Saml2_Constants.RSA_SHA384: xmlsec.Transform.RSA_SHA384,
-                OneLogin_Saml2_Constants.RSA_SHA512: xmlsec.Transform.RSA_SHA512
+                OneLogin_Saml2_Constants.RSA_SHA512: xmlsec.Transform.RSA_SHA512,
             }
-            sign_algorithm_transform = sign_algorithm_transform_map.get(algorithm, xmlsec.Transform.RSA_SHA1)
+            sign_algorithm_transform = sign_algorithm_transform_map.get(algorithm, xmlsec.Transform.RSA_SHA256)
 
-            dsig_ctx.verify_binary(compat.to_bytes(signed_query),
-                                   sign_algorithm_transform,
-                                   compat.to_bytes(signature))
+            dsig_ctx.verify_binary(compat.to_bytes(signed_query), sign_algorithm_transform, compat.to_bytes(signature))
             return True
         except xmlsec.Error as e:
             if debug:
                 print(e)
             return False
+
+    @staticmethod
+    def normalize_url(url):
+        """
+        Returns normalized URL for comparison.
+        This method converts the netloc to lowercase, as it should be case-insensitive (per RFC 4343, RFC 7617)
+        If standardization fails, the original URL is returned
+        Python documentation indicates that URL split also normalizes query strings if empty query fields are present
+
+        :param url: URL
+        :type url: String
+
+        :returns: A normalized URL, or the given URL string if parsing fails
+        :rtype: String
+        """
+        try:
+            scheme, netloc, path, query, fragment = urlsplit(url)
+            normalized_url = urlunsplit((scheme.lower(), netloc.lower(), path, query, fragment))
+            return normalized_url
+        except Exception:
+            return url
diff --git a/src/onelogin/saml2/xml_templates.py b/src/onelogin/saml2/xml_templates.py
index ec4f6260..2484d6f3 100644
--- a/src/onelogin/saml2/xml_templates.py
+++ b/src/onelogin/saml2/xml_templates.py
@@ -2,10 +2,8 @@
 
 """ OneLogin_Saml2_Auth class
 
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
-Main class of OneLogin's Python Toolkit.
+Main class of SAML Python Toolkit.
 
 Initializes the SP SAML instance
 
@@ -27,7 +25,7 @@ class OneLogin_Saml2_Templates(object):
   Version="2.0"%(provider_name)s%(force_authn_str)s%(is_passive_str)s
   IssueInstant="%(issue_instant)s"
   Destination="%(destination)s"
-  ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+  ProtocolBinding="%(acs_binding)s"
   AssertionConsumerServiceURL="%(assertion_url)s"%(attr_consuming_service_str)s>
     <saml:Issuer>%(entity_id)s</saml:Issuer>%(subject_str)s%(nameid_policy_str)s
 %(requested_authn_context_str)s
diff --git a/src/onelogin/saml2/xml_utils.py b/src/onelogin/saml2/xml_utils.py
index d966e615..a3c5dba9 100644
--- a/src/onelogin/saml2/xml_utils.py
+++ b/src/onelogin/saml2/xml_utils.py
@@ -2,18 +2,16 @@
 
 """ OneLogin_Saml2_XML class
 
-Copyright (c) 2010-2018 OneLogin, Inc.
-MIT License
 
-Auxiliary class of OneLogin's Python Toolkit.
+Auxiliary class of SAML Python Toolkit.
 
 """
 
 from os.path import join, dirname
 from lxml import etree
-from defusedxml.lxml import tostring, fromstring
 from onelogin.saml2 import compat
 from onelogin.saml2.constants import OneLogin_Saml2_Constants
+from onelogin.saml2.xmlparser import tostring, fromstring
 
 
 for prefix, url in OneLogin_Saml2_Constants.NSMAP.items():
@@ -21,7 +19,7 @@
 
 
 class OneLogin_Saml2_XML(object):
-    _element_class = type(etree.Element('root'))
+    _element_class = type(etree.Element("root"))
     _parse_etree = staticmethod(fromstring)
     _schema_class = etree.XMLSchema
     _text_class = compat.text_types
@@ -63,11 +61,11 @@ def to_etree(xml):
         if isinstance(xml, OneLogin_Saml2_XML._element_class):
             return xml
         if isinstance(xml, OneLogin_Saml2_XML._bytes_class):
-            return OneLogin_Saml2_XML._parse_etree(xml, forbid_dtd=True)
+            return OneLogin_Saml2_XML._parse_etree(xml, forbid_dtd=True, forbid_entities=True)
         if isinstance(xml, OneLogin_Saml2_XML._text_class):
-            return OneLogin_Saml2_XML._parse_etree(compat.to_bytes(xml), forbid_dtd=True)
+            return OneLogin_Saml2_XML._parse_etree(compat.to_bytes(xml), forbid_dtd=True, forbid_entities=True)
 
-        raise ValueError('unsupported type %r' % type(xml))
+        raise ValueError("unsupported type %r" % type(xml))
 
     @staticmethod
     def validate_xml(xml, schema, debug=False):
@@ -89,18 +87,18 @@ def validate_xml(xml, schema, debug=False):
         except Exception as e:
             if debug:
                 print(e)
-            return 'unloaded_xml'
+            return "unloaded_xml"
 
-        schema_file = join(dirname(__file__), 'schemas', schema)
-        with open(schema_file, 'r') as f_schema:
+        schema_file = join(dirname(__file__), "schemas", schema)
+        with open(schema_file, "r") as f_schema:
             xmlschema = OneLogin_Saml2_XML._schema_class(etree.parse(f_schema))
 
         if not xmlschema.validate(xml):
             if debug:
-                print('Errors validating the metadata: ')
+                print("Errors validating the metadata: ")
                 for error in xmlschema.error_log:
                     print(error.message)
-            return 'invalid_xml'
+            return "invalid_xml"
         return xml
 
     @staticmethod
@@ -146,11 +144,7 @@ def cleanup_namespaces(tree_or_element, top_nsmap=None, keep_ns_prefixes=None):
         :returns: An XML tree or element
         :rtype: etree.Element
         """
-        all_prefixes_to_keep = [
-            OneLogin_Saml2_Constants.NS_PREFIX_XS,
-            OneLogin_Saml2_Constants.NS_PREFIX_XSI,
-            OneLogin_Saml2_Constants.NS_PREFIX_XSD
-        ]
+        all_prefixes_to_keep = [OneLogin_Saml2_Constants.NS_PREFIX_XS, OneLogin_Saml2_Constants.NS_PREFIX_XSI, OneLogin_Saml2_Constants.NS_PREFIX_XSD]
 
         if keep_ns_prefixes:
             all_prefixes_to_keep = list(set(all_prefixes_to_keep.extend(keep_ns_prefixes)))
@@ -172,5 +166,6 @@ def extract_tag_text(xml, tagname):
 
     @staticmethod
     def element_text(node):
+        # Double check, the LXML Parser already removes comments
         etree.strip_tags(node, etree.Comment)
         return node.text
diff --git a/src/onelogin/saml2/xmlparser.py b/src/onelogin/saml2/xmlparser.py
new file mode 100644
index 00000000..9210480e
--- /dev/null
+++ b/src/onelogin/saml2/xmlparser.py
@@ -0,0 +1,173 @@
+# -*- coding: utf-8 -*-
+
+# Based on the lxml example from defusedxml
+# DTDForbidden, EntitiesForbidden, NotSupportedError are clones of the classes defined at defusedxml
+#
+# Copyright (c) 2013 by Christian Heimes <christian@python.org>
+# Licensed to PSF under a Contributor Agreement.
+# See https://www.python.org/psf/license for licensing details.
+"""lxml.etree protection"""
+
+from __future__ import print_function, absolute_import
+
+import threading
+
+from lxml import etree as _etree
+
+LXML3 = _etree.LXML_VERSION[0] >= 3
+
+__origin__ = "lxml.etree"
+
+tostring = _etree.tostring
+
+
+class DTDForbidden(ValueError):
+    """Document type definition is forbidden"""
+
+    def __init__(self, name, sysid, pubid):
+        super(DTDForbidden, self).__init__()
+        self.name = name
+        self.sysid = sysid
+        self.pubid = pubid
+
+    def __str__(self):
+        tpl = "DTDForbidden(name='{}', system_id={!r}, public_id={!r})"
+        return tpl.format(self.name, self.sysid, self.pubid)
+
+
+class EntitiesForbidden(ValueError):
+    """Entity definition is forbidden"""
+
+    def __init__(self, name, value, base, sysid, pubid, notation_name):
+        super(EntitiesForbidden, self).__init__()
+        self.name = name
+        self.value = value
+        self.base = base
+        self.sysid = sysid
+        self.pubid = pubid
+        self.notation_name = notation_name
+
+    def __str__(self):
+        tpl = "EntitiesForbidden(name='{}', system_id={!r}, public_id={!r})"
+        return tpl.format(self.name, self.sysid, self.pubid)
+
+
+class NotSupportedError(ValueError):
+    """The operation is not supported"""
+
+
+class RestrictedElement(_etree.ElementBase):
+    """A restricted Element class that filters out instances of some classes"""
+
+    __slots__ = ()
+    blacklist = (_etree._Entity, _etree._ProcessingInstruction, _etree._Comment)
+
+    def _filter(self, iterator):
+        blacklist = self.blacklist
+        for child in iterator:
+            if isinstance(child, blacklist):
+                continue
+            yield child
+
+    def __iter__(self):
+        iterator = super(RestrictedElement, self).__iter__()
+        return self._filter(iterator)
+
+    def iterchildren(self, tag=None, reversed=False):
+        iterator = super(RestrictedElement, self).iterchildren(tag=tag, reversed=reversed)
+        return self._filter(iterator)
+
+    def iter(self, tag=None, *tags):
+        iterator = super(RestrictedElement, self).iter(tag=tag, *tags)
+        return self._filter(iterator)
+
+    def iterdescendants(self, tag=None, *tags):
+        iterator = super(RestrictedElement, self).iterdescendants(tag=tag, *tags)
+        return self._filter(iterator)
+
+    def itersiblings(self, tag=None, preceding=False):
+        iterator = super(RestrictedElement, self).itersiblings(tag=tag, preceding=preceding)
+        return self._filter(iterator)
+
+    def getchildren(self):
+        iterator = super(RestrictedElement, self).__iter__()
+        return list(self._filter(iterator))
+
+    def getiterator(self, tag=None):
+        iterator = super(RestrictedElement, self).getiterator(tag)
+        return self._filter(iterator)
+
+
+class GlobalParserTLS(threading.local):
+    """Thread local context for custom parser instances"""
+
+    parser_config = {"resolve_entities": False, "remove_comments": True, "no_network": True, "remove_pis": True, "huge_tree": False}
+
+    element_class = RestrictedElement
+
+    def createDefaultParser(self):
+        parser = _etree.XMLParser(**self.parser_config)
+        element_class = self.element_class
+        if self.element_class is not None:
+            lookup = _etree.ElementDefaultClassLookup(element=element_class)
+            parser.set_element_class_lookup(lookup)
+        return parser
+
+    def setDefaultParser(self, parser):
+        self._default_parser = parser
+
+    def getDefaultParser(self):
+        parser = getattr(self, "_default_parser", None)
+        if parser is None:
+            parser = self.createDefaultParser()
+            self.setDefaultParser(parser)
+        return parser
+
+
+_parser_tls = GlobalParserTLS()
+getDefaultParser = _parser_tls.getDefaultParser
+
+
+def check_docinfo(elementtree, forbid_dtd=False, forbid_entities=True):
+    """Check docinfo of an element tree for DTD and entity declarations
+    The check for entity declarations needs lxml 3 or newer. lxml 2.x does
+    not support dtd.iterentities().
+    """
+    docinfo = elementtree.docinfo
+    if docinfo.doctype:
+        if forbid_dtd:
+            raise DTDForbidden(docinfo.doctype, docinfo.system_url, docinfo.public_id)
+        if forbid_entities and not LXML3:
+            # lxml < 3 has no iterentities()
+            raise NotSupportedError("Unable to check for entity declarations " "in lxml 2.x")
+
+    if forbid_entities:
+        for dtd in docinfo.internalDTD, docinfo.externalDTD:
+            if dtd is None:
+                continue
+            for entity in dtd.iterentities():
+                raise EntitiesForbidden(entity.name, entity.content, None, None, None, None)
+
+
+def parse(source, parser=None, base_url=None, forbid_dtd=True, forbid_entities=True):
+    if parser is None:
+        parser = getDefaultParser()
+    elementtree = _etree.parse(source, parser, base_url=base_url)
+    check_docinfo(elementtree, forbid_dtd, forbid_entities)
+    return elementtree
+
+
+def fromstring(text, parser=None, base_url=None, forbid_dtd=True, forbid_entities=True):
+    if parser is None:
+        parser = getDefaultParser()
+    rootelement = _etree.fromstring(text, parser, base_url=base_url)
+    elementtree = rootelement.getroottree()
+    check_docinfo(elementtree, forbid_dtd, forbid_entities)
+    return rootelement
+
+
+XML = fromstring
+
+
+def iterparse(*args, **kwargs):
+    raise NotSupportedError("iterparse not available")
diff --git a/tests/coverage.rc b/tests/coverage.rc
deleted file mode 100644
index 855ec7f9..00000000
--- a/tests/coverage.rc
+++ /dev/null
@@ -1,30 +0,0 @@
-[run]
-branch = True
-
-omit = 
-
-[paths]
-source = src/onelogin/saml2
-
-[report]
-# Regexes for lines to exclude from consideration
-exclude_lines =
-
-
-    # Have to re-enable the standard pragma
-    pragma: no cover
-
-    # Don't complain about missing debug-only code:
-    def __repr__
-    if self\.debug
-    if debug
-
-    # Don't complain if tests don't hit defensive assertion code:
-    raise AssertionError
-    raise NotImplementedError
-
-    # Don't complain if non-runnable code isn't run:
-    if 0:
-    if __name__ == .__main__.:
-
-ignore_errors = True
diff --git a/tests/data/customPath/certs/Test_Root_CA.crt b/tests/data/customPath/certs/Test_Root_CA.crt
new file mode 100644
index 00000000..52530954
--- /dev/null
+++ b/tests/data/customPath/certs/Test_Root_CA.crt
@@ -0,0 +1,16 @@
+----- Begin Certificate -----
+MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhM
+CTk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDg
+YDVQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqh
+kiG9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0w
+NzA4MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyB
+Tb2xiZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBA
+MTD2ZlaWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZ
+XR0Lm5vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqK
+xupQe0LONoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLC
+n7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo0
+78dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVf
+p86HObqY+e8BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFD
+bStNomPnQz7nbK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJV
+hTyvLgFVK2QarQ4/67OZfHd7R+POBXhophSMv1ZOo
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/tests/data/customPath/certs/idp.crt b/tests/data/customPath/certs/idp.crt
new file mode 100644
index 00000000..483db3ce
--- /dev/null
+++ b/tests/data/customPath/certs/idp.crt
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMC
+Tk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYD
+VQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG
+9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4
+MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xi
+ZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2Zl
+aWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5v
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LO
+NoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHIS
+KOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d
+1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8
+BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7n
+bK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2Qar
+Q4/67OZfHd7R+POBXhophSMv1ZOo
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/tests/data/logout_requests/invalids/invalid_issuer.xml b/tests/data/logout_requests/invalids/invalid_issuer.xml
index e1edabde..4b7714d1 100644
--- a/tests/data/logout_requests/invalids/invalid_issuer.xml
+++ b/tests/data/logout_requests/invalids/invalid_issuer.xml
@@ -5,7 +5,7 @@
                      Version="2.0"
                      IssueInstant="2013-12-10T04:39:31Z"
                      Destination="http://stuff.com/endpoints/endpoints/sls.php"
-                     NotOnOrAfter="2023-05-10T04:39:31Z"
+                     NotOnOrAfter="2053-05-10T04:39:31Z"
                      >
     <saml:Issuer>https://example.hello.com/access/saml</saml:Issuer>
     <saml:NameID SPNameQualifier="https://example.hello.com/access/saml"
diff --git a/tests/data/logout_requests/invalids/invalid_issuer.xml.base64 b/tests/data/logout_requests/invalids/invalid_issuer.xml.base64
index 56de49b0..8af7cbb1 100644
--- a/tests/data/logout_requests/invalids/invalid_issuer.xml.base64
+++ b/tests/data/logout_requests/invalids/invalid_issuer.xml.base64
@@ -1 +1 @@
-jZPfb4IwEMffTfwfDO9CW8BJoxgTt8XEyTaXPexl6coxSaBlXFn881dwP3yQxT411+v3+7n2brY4lMXoE2rMtZo71CXOIh4OZijKouIb/a4b8wgfDaAZ2UyFvDuZO02tuBaYI1eiBORG8t3ybsOZS3hVa6OlLpzhYHRu/Qn9ryMQoTYWrE9ovZo7yfZ6k9yut6+MhtNAyjQTUvgTQYNQQBSRIGCpTKPJWwYTQkMKfWLPP49grXsNERtYKzRCGZtIqD+mbEzJEwm4H3GfvvTdXNkXzJUwncPemIp7Hpomy1ypSw9UWulcGTzZYYFuta/6BLfaJCqpl5mBukVh/piEF6HEx3j3x7yrqI5bIrRIcBBlVYC7h6LQHZqQEtDS2OSZd3rlVGVr/269Gu3u281DI4o8y1usi2TPcd7ouhSmvz2oS7tIno6zLpU3CiuQrW96TjD+7RMKtiUkZRHQbMqYnJJoQqa2YSjxZQjA5JUUQOV3tcfS2pnwzgxF/AU=
\ No newline at end of file
+jZPLboMwEEX3kfIPiH3A5pEGKyGKlLZCSkPbVF10U7lmaJDApoyp8vk1pI8sQhWvrPH43jP2zHx5qErrExoslFzY1CH2Mh6P5sirsmYb9a5a/QgfLaC2TKZE1p8s7LaRTHEskEleATIt2G51t2GeQ1jdKK2EKu3xyDq3/oT+1+GI0GgDNiSUrBd2ur3epLfJ9tWj4SwQIsu54P6U0yDkEEUkCLxMZNH0LYcpoSGFIbHnn0cw1oOGiC0kEjWX2iQS6k+oN6HkiQTMj5hPX4Zurs0LFpLr3mGvdc1cF3Wb545QlQsyq1UhNZ7ssESn3tdDglulU5k2q1xD06GE/oSEF6HEx3j/x6yvqIk7IjRIcOBVXYKzh7JUPRoXAtDQmOS5e3rlVGVr/i5ZW7v7bvPQ8rLIiw7rItlznDeqqbgebg/q0D5SZJO8T2WtxBpE55udE4x/+4SCaQlBvQhoPvM8MSPRlMxMw1DiixDAE1eCAxXf1R5L62bCPTMU8Rc=
diff --git a/tests/data/logout_requests/invalids/no_nameId.xml b/tests/data/logout_requests/invalids/no_nameId.xml
index 2390536a..f1d02c83 100644
--- a/tests/data/logout_requests/invalids/no_nameId.xml
+++ b/tests/data/logout_requests/invalids/no_nameId.xml
@@ -5,7 +5,7 @@
                      Version="2.0"
                      IssueInstant="2013-12-10T04:39:31Z"
                      Destination="http://stuff.com/endpoints/endpoints/sls.php"
-                     NotOnOrAfter="2023-05-10T04:39:31Z"
+                     NotOnOrAfter="2053-05-10T04:39:31Z"
                      >
     <saml:Issuer>https://example.hello.com/access/saml</saml:Issuer>
 </samlp:LogoutRequest>
diff --git a/tests/data/metadata/idp_metadata.xml b/tests/data/metadata/idp_metadata.xml
index 146428c1..7c57cdf1 100644
--- a/tests/data/metadata/idp_metadata.xml
+++ b/tests/data/metadata/idp_metadata.xml
@@ -37,6 +37,6 @@ QOPR6cEwFZzP0tHTYbI839WgxX6hfhIUTUz6mLqq4+3P4BG3+1OXeVDg63y8Uh78
   </IDPSSODescriptor>
   <ContactPerson contactType="technical">
     <SurName>Support</SurName>
-    <EmailAddress>support@onelogin.com</EmailAddress>
+    <EmailAddress>support@example.com</EmailAddress>
   </ContactPerson>
-</EntityDescriptor>
\ No newline at end of file
+</EntityDescriptor>
diff --git a/tests/data/metadata/idp_metadata_different_sign_and_encrypt_cert.xml b/tests/data/metadata/idp_metadata_different_sign_and_encrypt_cert.xml
index df90353a..5736ff48 100644
--- a/tests/data/metadata/idp_metadata_different_sign_and_encrypt_cert.xml
+++ b/tests/data/metadata/idp_metadata_different_sign_and_encrypt_cert.xml
@@ -67,6 +67,6 @@ WQO0LPxPqRiUqUzyhDhLo/xXNrHCu4VbMw==</ds:X509Certificate>
   </IDPSSODescriptor>
   <ContactPerson contactType="technical">
     <SurName>Support</SurName>
-    <EmailAddress>support@onelogin.com</EmailAddress>
+    <EmailAddress>support@example.com</EmailAddress>
   </ContactPerson>
-</EntityDescriptor>
\ No newline at end of file
+</EntityDescriptor>
diff --git a/tests/data/metadata/idp_metadata_same_sign_and_encrypt_cert.xml b/tests/data/metadata/idp_metadata_same_sign_and_encrypt_cert.xml
index e7fd250b..ae8d09e9 100644
--- a/tests/data/metadata/idp_metadata_same_sign_and_encrypt_cert.xml
+++ b/tests/data/metadata/idp_metadata_same_sign_and_encrypt_cert.xml
@@ -66,6 +66,6 @@ QOPR6cEwFZzP0tHTYbI839WgxX6hfhIUTUz6mLqq4+3P4BG3+1OXeVDg63y8Uh78
   </IDPSSODescriptor>
   <ContactPerson contactType="technical">
     <SurName>Support</SurName>
-    <EmailAddress>support@onelogin.com</EmailAddress>
+    <EmailAddress>support@example.com</EmailAddress>
   </ContactPerson>
-</EntityDescriptor>
\ No newline at end of file
+</EntityDescriptor>
diff --git a/tests/data/metadata/idp_multiple_descriptors.xml b/tests/data/metadata/idp_multiple_descriptors.xml
index a74f8e4a..863cbb8d 100644
--- a/tests/data/metadata/idp_multiple_descriptors.xml
+++ b/tests/data/metadata/idp_multiple_descriptors.xml
@@ -26,7 +26,7 @@
     </md:IDPSSODescriptor>
   </md:EntityDescriptor>
   <md:EntityDescriptor entityID="https://bar.example.com/access/saml/idp.xml" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="md:EntityDescriptorType">
-    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
       <md:KeyDescriptor use="signing">
         <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
           <ds:X509Data>
diff --git a/tests/data/responses/invalids/duplicated_attributes.xml.base64 b/tests/data/responses/invalids/duplicated_attributes.xml.base64
index a571b6d3..d4359ec9 100644
--- a/tests/data/responses/invalids/duplicated_attributes.xml.base64
+++ b/tests/data/responses/invalids/duplicated_attributes.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeDQ0OTkyZWJiLTRiMzgtZTQzMi1kYjgyLTk5NTI0MTBkOWFhYiIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDMtMjFUMTM6NDI6MzFaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzE5MWMwM2U2OGQ3MWQ5Nzk2ZjVlMDdlNjI2MmNhNGFkODgzYTc0YjEiPjxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeDQ0OTkyZWJiLTRiMzgtZTQzMi1kYjgyLTk5NTI0MTBkOWFhYiI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+Z3ZScnJneHBBZHlsSUEvMnNyRm1KZCtqaXM4PTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT5LZHA4VDhybndQY0JVb2hjcVBNMGVpTlhwTWgzbGMrZXBIVERIcUxFbk9Kcmd1NS9qaitpN0VhQW1nTzBSSlRraERFWTBWOEZuZVQ0dm92Y0FiZzlmYk04ZlRPMWxYODJ3SW1zRWRxMkwzU0U4NHFCdWFDbURWNVlvMDdDSGJRT1FqYWV0VGt0SnVvRjA4QWQ2bCs1aFJPL3BKeG1yRXlHKzRLaWhGWUJ1dWs9PC9kczpTaWduYXR1cmVWYWx1ZT4NCjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDgwYmFhZWY2LTI5MmItODc0Ny1jZmNhLWRlMWVlM2YxYTQxNSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDMtMjFUMTM6NDI6MzFaIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPg0KICA8ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPg0KICAgIDxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4NCiAgPGRzOlJlZmVyZW5jZSBVUkk9IiNwZng4MGJhYWVmNi0yOTJiLTg3NDctY2ZjYS1kZTFlZTNmMWE0MTUiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPmFSOU00ZXdOczN1K25KYVFDRDI2WjBBd0Q2TT08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+NGQ4WEo1bXBOaW1vQkhkenNXZi9aemxVTlE3SmlVeEl4K1B5TjRuM0EvbWExcGwvQ0FPSUtOUzZ0clR6STg5N1ZjbGxneFhhTTljUFZqOUhLYU9aRW4wSE5Qa2FWR3VjeVVPVzFUd2dWdnJVdkNNQXVRTzdRZ21aekd1SVhsblVKS3FpTDRZMThNT1M1VGpLaExoSG4xbGE4TEFucmRVVEJobUx5eGtjZjhVPTwvZHM6U2lnbmF0dXJlVmFsdWU+DQo8ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDZ1RDQ0Flb0NDUUNiT2xyV0RkWDdGVEFOQmdrcWhraUc5dzBCQVFVRkFEQ0JoREVMTUFrR0ExVUVCaE1DVGs4eEdEQVdCZ05WQkFnVEQwRnVaSEpsWVhNZ1UyOXNZbVZ5WnpFTU1Bb0dBMVVFQnhNRFJtOXZNUkF3RGdZRFZRUUtFd2RWVGtsT1JWUlVNUmd3RmdZRFZRUURFdzltWldsa1pTNWxjbXhoYm1jdWJtOHhJVEFmQmdrcWhraUc5dzBCQ1FFV0VtRnVaSEpsWVhOQWRXNXBibVYwZEM1dWJ6QWVGdzB3TnpBMk1UVXhNakF4TXpWYUZ3MHdOekE0TVRReE1qQXhNelZhTUlHRU1Rc3dDUVlEVlFRR0V3Sk9UekVZTUJZR0ExVUVDQk1QUVc1a2NtVmhjeUJUYjJ4aVpYSm5NUXd3Q2dZRFZRUUhFd05HYjI4eEVEQU9CZ05WQkFvVEIxVk9TVTVGVkZReEdEQVdCZ05WQkFNVEQyWmxhV1JsTG1WeWJHRnVaeTV1YnpFaE1COEdDU3FHU0liM0RRRUpBUllTWVc1a2NtVmhjMEIxYm1sdVpYUjBMbTV2TUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FEaXZiaFI3UDUxNngvUzNCcUt4dXBRZTBMT05vbGl1cGlCT2VzQ08zU0hiRHJsMytxOUliZm5mbUUwNHJOdU1jUHNJeEIxNjFUZERwSWVzTENuN2M4YVBISVNLT3RQbEFlVFpTbmI4UUF1N2FSalpxMytQYnJQNXVXM1RjZkNHUHRLVHl0SE9nZS9PbEpibzA3OGRWaFhRMTRkMUVEd1hKVzFyUlh1VXQ0QzhRSURBUUFCTUEwR0NTcUdTSWIzRFFFQkJRVUFBNEdCQUNEVmZwODZIT2JxWStlOEJVb1dROStWTVF4MUFTRG9oQmp3T3NnMld5a1VxUlhGK2RMZmNVSDlkV1I2M0N0WklLRkRiU3ROb21QblF6N25iSytvbnlnd0JzcFZFYm5IdVVpaFpxM1pVZG11bVFxQ3c0VXZzLzFVdnEzb3JPby9XSlZoVHl2TGdGVksyUWFyUTQvNjdPWmZIZDdSK1BPQlhob3BoU012MVpPbzwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9tZXRhZGF0YS5waHAiIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6dHJhbnNpZW50Ij5fMjEyNmRkMTliOGE5YTI4MjM4ZDg4ZmRjNzM4NWU2MDk5NTAwNGE3NzgyPC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDIzLTA5LTIyVDE5OjAyOjMxWiIgUmVjaXBpZW50PSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL2luZGV4LnBocD9hY3MiIEluUmVzcG9uc2VUbz0iT05FTE9HSU5fMTkxYzAzZTY4ZDcxZDk3OTZmNWUwN2U2MjYyY2E0YWQ4ODNhNzRiMSIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE0LTAzLTIxVDEzOjQyOjAxWiIgTm90T25PckFmdGVyPSIyMDIzLTA5LTIyVDE5OjAyOjMxWiI+PHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTQtMDMtMjFUMTM6NDE6MDlaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDE0LTAzLTIxVDIxOjQyOjMxWiIgU2Vzc2lvbkluZGV4PSJfZTY1NzhkNmFmOTdiOWY3ZjA2NzJkODUwZDI5ZGI0YWRkMWEyODZkYzI0Ij48c2FtbDpBdXRobkNvbnRleHQ+PHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+PC9zYW1sOkF1dGhuQ29udGV4dD48L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJ1aWQiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnRlc3Q8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0idWlkIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj50ZXN0Mjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj50ZXN0QGV4YW1wbGUuY29tPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImNuIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj50ZXN0PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9InNuIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj53YWEyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImVkdVBlcnNvbkFmZmlsaWF0aW9uIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj51c2VyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPmFkbWluPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+
\ No newline at end of file
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGQzMGUzYTJlLTllMTAtODg2My04Y2MyLWM0N2M1ZTlmMTkyYiIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDMtMjFUMTM6NDI6MzFaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzE5MWMwM2U2OGQ3MWQ5Nzk2ZjVlMDdlNjI2MmNhNGFkODgzYTc0YjEiPjxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeGQzMGUzYTJlLTllMTAtODg2My04Y2MyLWM0N2M1ZTlmMTkyYiI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+NkkreTZCVnVjTWo1SjVRbm45bzNnTHU0dVMwPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT5vTWIzemJYZS9HdlFuampDTmk0Y0x2cEtGdmZEeEc2REgyT05GMUVuVTV0eU1zTXFyTDAzbVNKN0czTXcyaWtmWmRpRUN6SjJXSGZ6K013TGQzK1JGTnBGWGwvYW5aR1pDcnkzNTZ5eW1WVllkWkp1YldFdFBRaXRPdGRndlBxZGI3UGM2Q1BJYXJ1T01nRDk1TXpLdVZSYVkxc1NKUlNOM3BYeExhWml3MTQ9PC9kczpTaWduYXR1cmVWYWx1ZT4NCjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDExZjAwNWQ3LTlhMjMtZDI5Yi0xN2Y1LTQwNjAxMDdiYzEwZCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDMtMjFUMTM6NDI6MzFaIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPg0KICA8ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPg0KICAgIDxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4NCiAgPGRzOlJlZmVyZW5jZSBVUkk9IiNwZngxMWYwMDVkNy05YTIzLWQyOWItMTdmNS00MDYwMTA3YmMxMGQiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPjdoMlNLb1JhMG1QdHYvTnFHWGFXc3Y1SEIvdz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+b1ZscFpBc1g5cituUzBUek4zTFhzNkhDNVFWWTJNaFNaNE1CYkRIblNwbGNGU3VNZW9lcU94MGZxNUFQK1pFYzhVVG9VTkVZYUZmQ2N4NzhpZ042SDdGQzFvM0JQS1FkbnZwWmpkSGlMS3QyUno1Q3hVbHpIZzJCSGd1aGR5RW5RSUZEa00wK2huQkNuRG5oWWhnVG52YmI5VEx4TmFaUU5nQS96QU90TW9jPTwvZHM6U2lnbmF0dXJlVmFsdWU+DQo8ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDZ1RDQ0Flb0NDUUNiT2xyV0RkWDdGVEFOQmdrcWhraUc5dzBCQVFVRkFEQ0JoREVMTUFrR0ExVUVCaE1DVGs4eEdEQVdCZ05WQkFnVEQwRnVaSEpsWVhNZ1UyOXNZbVZ5WnpFTU1Bb0dBMVVFQnhNRFJtOXZNUkF3RGdZRFZRUUtFd2RWVGtsT1JWUlVNUmd3RmdZRFZRUURFdzltWldsa1pTNWxjbXhoYm1jdWJtOHhJVEFmQmdrcWhraUc5dzBCQ1FFV0VtRnVaSEpsWVhOQWRXNXBibVYwZEM1dWJ6QWVGdzB3TnpBMk1UVXhNakF4TXpWYUZ3MHdOekE0TVRReE1qQXhNelZhTUlHRU1Rc3dDUVlEVlFRR0V3Sk9UekVZTUJZR0ExVUVDQk1QUVc1a2NtVmhjeUJUYjJ4aVpYSm5NUXd3Q2dZRFZRUUhFd05HYjI4eEVEQU9CZ05WQkFvVEIxVk9TVTVGVkZReEdEQVdCZ05WQkFNVEQyWmxhV1JsTG1WeWJHRnVaeTV1YnpFaE1COEdDU3FHU0liM0RRRUpBUllTWVc1a2NtVmhjMEIxYm1sdVpYUjBMbTV2TUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FEaXZiaFI3UDUxNngvUzNCcUt4dXBRZTBMT05vbGl1cGlCT2VzQ08zU0hiRHJsMytxOUliZm5mbUUwNHJOdU1jUHNJeEIxNjFUZERwSWVzTENuN2M4YVBISVNLT3RQbEFlVFpTbmI4UUF1N2FSalpxMytQYnJQNXVXM1RjZkNHUHRLVHl0SE9nZS9PbEpibzA3OGRWaFhRMTRkMUVEd1hKVzFyUlh1VXQ0QzhRSURBUUFCTUEwR0NTcUdTSWIzRFFFQkJRVUFBNEdCQUNEVmZwODZIT2JxWStlOEJVb1dROStWTVF4MUFTRG9oQmp3T3NnMld5a1VxUlhGK2RMZmNVSDlkV1I2M0N0WklLRkRiU3ROb21QblF6N25iSytvbnlnd0JzcFZFYm5IdVVpaFpxM1pVZG11bVFxQ3c0VXZzLzFVdnEzb3JPby9XSlZoVHl2TGdGVksyUWFyUTQvNjdPWmZIZDdSK1BPQlhob3BoU012MVpPbzwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9tZXRhZGF0YS5waHAiIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6dHJhbnNpZW50Ij5fMjEyNmRkMTliOGE5YTI4MjM4ZDg4ZmRjNzM4NWU2MDk5NTAwNGE3NzgyPC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyOTkzLTA5LTIyVDE5OjAyOjMxWiIgUmVjaXBpZW50PSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL2luZGV4LnBocD9hY3MiIEluUmVzcG9uc2VUbz0iT05FTE9HSU5fMTkxYzAzZTY4ZDcxZDk3OTZmNWUwN2U2MjYyY2E0YWQ4ODNhNzRiMSIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE0LTAzLTIxVDEzOjQyOjAxWiIgTm90T25PckFmdGVyPSIyOTkzLTA5LTIyVDE5OjAyOjMxWiI+PHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTQtMDMtMjFUMTM6NDE6MDlaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyOTkzLTAzLTIxVDIxOjQyOjMxWiIgU2Vzc2lvbkluZGV4PSJfZTY1NzhkNmFmOTdiOWY3ZjA2NzJkODUwZDI5ZGI0YWRkMWEyODZkYzI0Ij48c2FtbDpBdXRobkNvbnRleHQ+PHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+PC9zYW1sOkF1dGhuQ29udGV4dD48L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJ1aWQiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnRlc3Q8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0idWlkIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj50ZXN0Mjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj50ZXN0QGV4YW1wbGUuY29tPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImNuIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj50ZXN0PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9InNuIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj53YWEyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImVkdVBlcnNvbkFmZmlsaWF0aW9uIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj51c2VyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPmFkbWluPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+
diff --git a/tests/data/responses/invalids/empty_destination.xml.base64 b/tests/data/responses/invalids/empty_destination.xml.base64
index 352988ce..74a9f5e5 100644
--- a/tests/data/responses/invalids/empty_destination.xml.base64
+++ b/tests/data/responses/invalids/empty_destination.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeDc2ZWY5MjAxLTY4OGItYzJkZC1mY2Q2LTQxMzEyNzE3ODk0OSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIiBEZXN0aW5hdGlvbj0iIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVmZTlkNmU0OTliMmYwOTEzMjA2YWFiM2Y3MTkxNzI5MDQ5YmI4MDciPjxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeDc2ZWY5MjAxLTY4OGItYzJkZC1mY2Q2LTQxMzEyNzE3ODk0OSI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+TVJEd3dSTXZtalQ1VEhLUTBCNWRUNDVBNWhNPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT5wRFlrTFNKM2Z3TUQ0cnJNbWF4cFUwQkZVemZHQlVwNklURmovejNOTnFrQmdaTzdBMGIvQlFGbVBOQ202UE82NGdYNmVySGhhMVQ3aW5PTGRIY2crT0Q2Z2h2R0lpbGJzM1RjUkRwUmVTVkpZVWRiUS9jVk85aC9VdWNielBqZ3gyb3dpakk2aVh1dXhYcmpVeHEzYS9DbHcyTGJiVWJHMCtmQStud0ZuOVE9PC9kczpTaWduYXR1cmVWYWx1ZT4NCjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDk0Y2Q5YTMzLWQyOWMtMTMyMi1kYzMzLTFkOGU0ZDJiNTQzNSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIj48c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPg0KICA8ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPg0KICAgIDxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4NCiAgPGRzOlJlZmVyZW5jZSBVUkk9IiNwZng5NGNkOWEzMy1kMjljLTEzMjItZGMzMy0xZDhlNGQyYjU0MzUiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPnBYMkV3c1pVVUdCTGhYSTBVOVVMc3d0S3hDYz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+TW5aVU04U0VmN3RVMlc1VGwvb0ZYTVBJYTZUVlcvUTczRmJUNUcxdW14eHZFRkM1UDlsR08reFVkdlBBTXdkTGc1aEN0R29QenB6amxCSnVFemhJU3VYblNZdkVCbllqdGJKVzcxcU9iM25WcTFjYVZtZXRhQjk4aUZzTDFvS0FWTVZ0Q0VST2E1SFpoT3VtQWJONU5qeHYvcUJlYW1lK0ExaStjV0FNaW13PTwvZHM6U2lnbmF0dXJlVmFsdWU+DQo8ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDZ1RDQ0Flb0NDUUNiT2xyV0RkWDdGVEFOQmdrcWhraUc5dzBCQVFVRkFEQ0JoREVMTUFrR0ExVUVCaE1DVGs4eEdEQVdCZ05WQkFnVEQwRnVaSEpsWVhNZ1UyOXNZbVZ5WnpFTU1Bb0dBMVVFQnhNRFJtOXZNUkF3RGdZRFZRUUtFd2RWVGtsT1JWUlVNUmd3RmdZRFZRUURFdzltWldsa1pTNWxjbXhoYm1jdWJtOHhJVEFmQmdrcWhraUc5dzBCQ1FFV0VtRnVaSEpsWVhOQWRXNXBibVYwZEM1dWJ6QWVGdzB3TnpBMk1UVXhNakF4TXpWYUZ3MHdOekE0TVRReE1qQXhNelZhTUlHRU1Rc3dDUVlEVlFRR0V3Sk9UekVZTUJZR0ExVUVDQk1QUVc1a2NtVmhjeUJUYjJ4aVpYSm5NUXd3Q2dZRFZRUUhFd05HYjI4eEVEQU9CZ05WQkFvVEIxVk9TVTVGVkZReEdEQVdCZ05WQkFNVEQyWmxhV1JsTG1WeWJHRnVaeTV1YnpFaE1COEdDU3FHU0liM0RRRUpBUllTWVc1a2NtVmhjMEIxYm1sdVpYUjBMbTV2TUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FEaXZiaFI3UDUxNngvUzNCcUt4dXBRZTBMT05vbGl1cGlCT2VzQ08zU0hiRHJsMytxOUliZm5mbUUwNHJOdU1jUHNJeEIxNjFUZERwSWVzTENuN2M4YVBISVNLT3RQbEFlVFpTbmI4UUF1N2FSalpxMytQYnJQNXVXM1RjZkNHUHRLVHl0SE9nZS9PbEpibzA3OGRWaFhRMTRkMUVEd1hKVzFyUlh1VXQ0QzhRSURBUUFCTUEwR0NTcUdTSWIzRFFFQkJRVUFBNEdCQUNEVmZwODZIT2JxWStlOEJVb1dROStWTVF4MUFTRG9oQmp3T3NnMld5a1VxUlhGK2RMZmNVSDlkV1I2M0N0WklLRkRiU3ROb21QblF6N25iSytvbnlnd0JzcFZFYm5IdVVpaFpxM1pVZG11bVFxQ3c0VXZzLzFVdnEzb3JPby9XSlZoVHl2TGdGVksyUWFyUTQvNjdPWmZIZDdSK1BPQlhob3BoU012MVpPbzwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvbWV0YWRhdGEucGhwIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+NDkyODgyNjE1YWNmMzFjODA5NmI2MjcyNDVkNzZhZTUzMDM2YzA5MDwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMy0wOC0yM1QwNjo1NzowMVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVmZTlkNmU0OTliMmYwOTEzMjA2YWFiM2Y3MTkxNzI5MDQ5YmI4MDciLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxNC0wMi0xOVQwMTozNjozMVoiIE5vdE9uT3JBZnRlcj0iMjAyMy0wOC0yM1QwNjo1NzowMVoiPjxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PHNhbWw6QXVkaWVuY2U+aHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvbWV0YWRhdGEucGhwPC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxNC0wMi0xOVQwMTozNzowMVoiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwMTQtMDItMTlUMDk6Mzc6MDFaIiBTZXNzaW9uSW5kZXg9Il82MjczZDc3YjhjZGUwYzMzM2VjNzlkMjJhOWZhMDAwM2I5ZmUyZDc1Y2IiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIE5hbWU9InVpZCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c21hcnRpbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5zbWFydGluQHlhY28uZXM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iY24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPlNpeHRvMzwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJzbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+TWFydGluMjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJlZHVQZXJzb25BZmZpbGlhdGlvbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+dXNlcjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5hZG1pbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PC9zYW1sOkFzc2VydGlvbj48L3NhbWxwOlJlc3BvbnNlPg==
\ No newline at end of file
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeDE2MGI1ODI1LWUwNmItZWM0Yy04MGYyLTM3YTRjY2ZiNmY5OSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIiBEZXN0aW5hdGlvbj0iIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVmZTlkNmU0OTliMmYwOTEzMjA2YWFiM2Y3MTkxNzI5MDQ5YmI4MDciPjxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeDE2MGI1ODI1LWUwNmItZWM0Yy04MGYyLTM3YTRjY2ZiNmY5OSI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+WUlJVmNQU2VwbUVvVGVxYlcyeldWbnBtanhnPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT5wR0p1dDJPMGZPRktJam5BQWpSbDgxUlpWMHFRVm1jUzRyNnY0TEpNQnlTY25rNjJBQ0oxT3k1eUkyblU4cnJhRERmOWZBaTBEazFscWE5Y3JVMFNScGZMeFQwalYvWHFzejBNblFRTi9FdS9KL0Z1Zi9MbWNaTDN0VjMrZkZXc0w1ZEg1RTNtcXZiK25tYXBzN3MrVGo0ZzBiV0x6TkN2Z01SdWdkV3JKRWs9PC9kczpTaWduYXR1cmVWYWx1ZT4NCjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDdiZTU1OTliLTc3ZTEtNTE1OS1lNWFkLTc3NzEyMTBmN2M2NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIj48c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPg0KICA8ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPg0KICAgIDxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4NCiAgPGRzOlJlZmVyZW5jZSBVUkk9IiNwZng3YmU1NTk5Yi03N2UxLTUxNTktZTVhZC03NzcxMjEwZjdjNjciPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPjlXK0lTTU52Nk4xdWJNemVCZDhtd3dQTVEzMD08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+TVhPMEFPbWFxL1owZnhTOTNZMThObkdidWhIbms0bk82MHFEaWNIN3kwQzFlUU9BdkJSYTIzZjVMSjRBVVc4OEZ1UFZ6bHNkb2g1alhsa2g4RUxmL1RvWEIzR01WS1VYSk13ek1iR1ZPcEl3S2tXWE5aKzdaT0J1ZzZlS0tmNGFMK1FZMENiamxDdGxRRTRIQXVhZ1RWaEtXZGh4Tmw5ZVVkUklCM24xVXhnPTwvZHM6U2lnbmF0dXJlVmFsdWU+DQo8ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDZ1RDQ0Flb0NDUUNiT2xyV0RkWDdGVEFOQmdrcWhraUc5dzBCQVFVRkFEQ0JoREVMTUFrR0ExVUVCaE1DVGs4eEdEQVdCZ05WQkFnVEQwRnVaSEpsWVhNZ1UyOXNZbVZ5WnpFTU1Bb0dBMVVFQnhNRFJtOXZNUkF3RGdZRFZRUUtFd2RWVGtsT1JWUlVNUmd3RmdZRFZRUURFdzltWldsa1pTNWxjbXhoYm1jdWJtOHhJVEFmQmdrcWhraUc5dzBCQ1FFV0VtRnVaSEpsWVhOQWRXNXBibVYwZEM1dWJ6QWVGdzB3TnpBMk1UVXhNakF4TXpWYUZ3MHdOekE0TVRReE1qQXhNelZhTUlHRU1Rc3dDUVlEVlFRR0V3Sk9UekVZTUJZR0ExVUVDQk1QUVc1a2NtVmhjeUJUYjJ4aVpYSm5NUXd3Q2dZRFZRUUhFd05HYjI4eEVEQU9CZ05WQkFvVEIxVk9TVTVGVkZReEdEQVdCZ05WQkFNVEQyWmxhV1JsTG1WeWJHRnVaeTV1YnpFaE1COEdDU3FHU0liM0RRRUpBUllTWVc1a2NtVmhjMEIxYm1sdVpYUjBMbTV2TUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FEaXZiaFI3UDUxNngvUzNCcUt4dXBRZTBMT05vbGl1cGlCT2VzQ08zU0hiRHJsMytxOUliZm5mbUUwNHJOdU1jUHNJeEIxNjFUZERwSWVzTENuN2M4YVBISVNLT3RQbEFlVFpTbmI4UUF1N2FSalpxMytQYnJQNXVXM1RjZkNHUHRLVHl0SE9nZS9PbEpibzA3OGRWaFhRMTRkMUVEd1hKVzFyUlh1VXQ0QzhRSURBUUFCTUEwR0NTcUdTSWIzRFFFQkJRVUFBNEdCQUNEVmZwODZIT2JxWStlOEJVb1dROStWTVF4MUFTRG9oQmp3T3NnMld5a1VxUlhGK2RMZmNVSDlkV1I2M0N0WklLRkRiU3ROb21QblF6N25iSytvbnlnd0JzcFZFYm5IdVVpaFpxM1pVZG11bVFxQ3c0VXZzLzFVdnEzb3JPby9XSlZoVHl2TGdGVksyUWFyUTQvNjdPWmZIZDdSK1BPQlhob3BoU012MVpPbzwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvbWV0YWRhdGEucGhwIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+NDkyODgyNjE1YWNmMzFjODA5NmI2MjcyNDVkNzZhZTUzMDM2YzA5MDwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjk5My0wOC0yM1QwNjo1NzowMVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVmZTlkNmU0OTliMmYwOTEzMjA2YWFiM2Y3MTkxNzI5MDQ5YmI4MDciLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxNC0wMi0xOVQwMTozNjozMVoiIE5vdE9uT3JBZnRlcj0iMjk5My0wOC0yM1QwNjo1NzowMVoiPjxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PHNhbWw6QXVkaWVuY2U+aHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvbWV0YWRhdGEucGhwPC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxNC0wMi0xOVQwMTozNzowMVoiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjI5OTMtMDItMTlUMDk6Mzc6MDFaIiBTZXNzaW9uSW5kZXg9Il82MjczZDc3YjhjZGUwYzMzM2VjNzlkMjJhOWZhMDAwM2I5ZmUyZDc1Y2IiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIE5hbWU9InVpZCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c21hcnRpbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5zbWFydGluQHlhY28uZXM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iY24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPlNpeHRvMzwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJzbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+TWFydGluMjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJlZHVQZXJzb25BZmZpbGlhdGlvbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+dXNlcjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5hZG1pbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PC9zYW1sOkFzc2VydGlvbj48L3NhbWxwOlJlc3BvbnNlPg==
diff --git a/tests/data/responses/invalids/empty_nameid.xml.base64 b/tests/data/responses/invalids/empty_nameid.xml.base64
index 72350d1f..35115f56 100644
--- a/tests/data/responses/invalids/empty_nameid.xml.base64
+++ b/tests/data/responses/invalids/empty_nameid.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeDQ0MTM5Y2JkLWE2NTQtOWM1Mi00Njk3LTdjMDVkMzAyM2QyZiIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVmZTlkNmU0OTliMmYwOTEzMjA2YWFiM2Y3MTkxNzI5MDQ5YmI4MDciPjxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeDQ0MTM5Y2JkLWE2NTQtOWM1Mi00Njk3LTdjMDVkMzAyM2QyZiI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+VEVFTFhxT0tmZVRqSFI5aUhPb2hrQWlCSDVVPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT51ZW1SeWgyQkcyTXBsbG5kWFNsV0tiaEgzZTRNQVd0VHNJYS9waWJndXZaRmhSTTVJNzUrRkFxYkl4UFVoWDlGYjlOTWRVRzdacWJJS2J0aitLZGxCdVlYaDdTdEIyQWMwY1VzamFQTHVLa2RTc0IzUzdESXFYRThmcEdNeHBSblNNZDZWc1RXM2RId3FYaTJiZklYblBDM0N0RjMwWUhXditwR081MFpCcjg9PC9kczpTaWduYXR1cmVWYWx1ZT4NCjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDVhMTU1NmIwLTE1NmYtZjNhNS04OGUyLTc1MzRkNjdiNjg0MyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPg0KICA8ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPg0KICAgIDxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4NCiAgPGRzOlJlZmVyZW5jZSBVUkk9IiNwZng1YTE1NTZiMC0xNTZmLWYzYTUtODhlMi03NTM0ZDY3YjY4NDMiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPnhpTEtIa05OcllPWTdWOFhkSjVET3pQNFp0ND08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+WHZDRURGdDBJM1VXWlMwN3JWa1VmNTA0Mjg3ZHJTbEI2bDBSdS9OTWMzZFlIT2E1V0NCNXZRanpGVURMSFZSQWlueWR0WXh3ejRTN1NKd081V3RKVFdTOStQNU9SMnpRTjRpYVpnclVGRm5xV0FDZW4rUTMzaXZVaFY0elVTcDU0cjVVdUxLNE96UnVhNmhlWUYrM0Y5TXZMK3VPV2hFZVc3NXZjODk0VXlVPTwvZHM6U2lnbmF0dXJlVmFsdWU+DQo8ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDZ1RDQ0Flb0NDUUNiT2xyV0RkWDdGVEFOQmdrcWhraUc5dzBCQVFVRkFEQ0JoREVMTUFrR0ExVUVCaE1DVGs4eEdEQVdCZ05WQkFnVEQwRnVaSEpsWVhNZ1UyOXNZbVZ5WnpFTU1Bb0dBMVVFQnhNRFJtOXZNUkF3RGdZRFZRUUtFd2RWVGtsT1JWUlVNUmd3RmdZRFZRUURFdzltWldsa1pTNWxjbXhoYm1jdWJtOHhJVEFmQmdrcWhraUc5dzBCQ1FFV0VtRnVaSEpsWVhOQWRXNXBibVYwZEM1dWJ6QWVGdzB3TnpBMk1UVXhNakF4TXpWYUZ3MHdOekE0TVRReE1qQXhNelZhTUlHRU1Rc3dDUVlEVlFRR0V3Sk9UekVZTUJZR0ExVUVDQk1QUVc1a2NtVmhjeUJUYjJ4aVpYSm5NUXd3Q2dZRFZRUUhFd05HYjI4eEVEQU9CZ05WQkFvVEIxVk9TVTVGVkZReEdEQVdCZ05WQkFNVEQyWmxhV1JsTG1WeWJHRnVaeTV1YnpFaE1COEdDU3FHU0liM0RRRUpBUllTWVc1a2NtVmhjMEIxYm1sdVpYUjBMbTV2TUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FEaXZiaFI3UDUxNngvUzNCcUt4dXBRZTBMT05vbGl1cGlCT2VzQ08zU0hiRHJsMytxOUliZm5mbUUwNHJOdU1jUHNJeEIxNjFUZERwSWVzTENuN2M4YVBISVNLT3RQbEFlVFpTbmI4UUF1N2FSalpxMytQYnJQNXVXM1RjZkNHUHRLVHl0SE9nZS9PbEpibzA3OGRWaFhRMTRkMUVEd1hKVzFyUlh1VXQ0QzhRSURBUUFCTUEwR0NTcUdTSWIzRFFFQkJRVUFBNEdCQUNEVmZwODZIT2JxWStlOEJVb1dROStWTVF4MUFTRG9oQmp3T3NnMld5a1VxUlhGK2RMZmNVSDlkV1I2M0N0WklLRkRiU3ROb21QblF6N25iSytvbnlnd0JzcFZFYm5IdVVpaFpxM1pVZG11bVFxQ3c0VXZzLzFVdnEzb3JPby9XSlZoVHl2TGdGVksyUWFyUTQvNjdPWmZIZDdSK1BPQlhob3BoU012MVpPbzwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIi8+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMy0wOC0yM1QwNjo1NzowMVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVmZTlkNmU0OTliMmYwOTEzMjA2YWFiM2Y3MTkxNzI5MDQ5YmI4MDciLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxNC0wMi0xOVQwMTozNjozMVoiIE5vdE9uT3JBZnRlcj0iMjAyMy0wOC0yM1QwNjo1NzowMVoiPjxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PHNhbWw6QXVkaWVuY2U+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+PC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sOkNvbmRpdGlvbnM+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE0LTAyLTE5VDAxOjM3OjAxWiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAxNC0wMi0xOVQwOTozNzowMVoiIFNlc3Npb25JbmRleD0iXzYyNzNkNzdiOGNkZTBjMzMzZWM3OWQyMmE5ZmEwMDAzYjlmZTJkNzVjYiI+PHNhbWw6QXV0aG5Db250ZXh0PjxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDpBdXRobkNvbnRleHQ+PC9zYW1sOkF1dGhuU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGUgTmFtZT0idWlkIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5zbWFydGluPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9Im1haWwiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNtYXJ0aW5AeWFjby5lczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJjbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+U2l4dG8zPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9InNuIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5NYXJ0aW4yPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImVkdVBlcnNvbkFmZmlsaWF0aW9uIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj51c2VyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPmFkbWluPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+
\ No newline at end of file
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeDlhMWFkNWU0LWMyZTQtMzYxZS04Y2ZlLWVjZWUwNTQwOGUwOCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVmZTlkNmU0OTliMmYwOTEzMjA2YWFiM2Y3MTkxNzI5MDQ5YmI4MDciPjxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeDlhMWFkNWU0LWMyZTQtMzYxZS04Y2ZlLWVjZWUwNTQwOGUwOCI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+M2ZsdVpsMWdxY01WSWVsamtqYllWS2k2MDFrPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT54cmhEYS95Z25kSzRFY1VVSCtTVXdUT0xlU3ZWbE1OSUI2MXY3bm1zcVJld1NmSkxHWVU3UVdidFFvVWUzSGdlS1BqK1FlUktKbHZ1ZG1qSWY5TFp5VlBvazYvTEpsT01HemEzbHZPUGVBSzJ1bmtFbW8wY1VCVHZNUGJ1V3gxdUIzOVJhazFLSE5WYzB5Z1FOU1h2dFZ6ZU4vQVNOZFNmeTd0Si9jZEM0OWc9PC9kczpTaWduYXR1cmVWYWx1ZT4NCjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDgxYWNhMTc4LTUxYjEtMGRlMS00MDM1LTg5NmI5ZDNhYzFmZSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPg0KICA8ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPg0KICAgIDxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4NCiAgPGRzOlJlZmVyZW5jZSBVUkk9IiNwZng4MWFjYTE3OC01MWIxLTBkZTEtNDAzNS04OTZiOWQzYWMxZmUiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPkpqRllNVmkwNTMrSWR6czBnU0NXelg1R0w0MD08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+MVVxOUVNMTRUak5yQWxGaUhQTzdoRU5BZjNIejV4UUNra255TjZGMjdacHBmUnE5VzAzbDVKRnIrdk56WC9KZnBjdUxnNzdXZHhoVXdaeGtESzk0djlMbE1yK1lBSmtUeUhxUFAzYXZNWG5BcW0vaG9CeG11Skw4aXpTS2xITWU1NFA1Y1R3QVlrZ1Y0dW1XNGxpaHE1bUI1bU1DTWI2b0theU1pT0Niekw0PTwvZHM6U2lnbmF0dXJlVmFsdWU+DQo8ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDZ1RDQ0Flb0NDUUNiT2xyV0RkWDdGVEFOQmdrcWhraUc5dzBCQVFVRkFEQ0JoREVMTUFrR0ExVUVCaE1DVGs4eEdEQVdCZ05WQkFnVEQwRnVaSEpsWVhNZ1UyOXNZbVZ5WnpFTU1Bb0dBMVVFQnhNRFJtOXZNUkF3RGdZRFZRUUtFd2RWVGtsT1JWUlVNUmd3RmdZRFZRUURFdzltWldsa1pTNWxjbXhoYm1jdWJtOHhJVEFmQmdrcWhraUc5dzBCQ1FFV0VtRnVaSEpsWVhOQWRXNXBibVYwZEM1dWJ6QWVGdzB3TnpBMk1UVXhNakF4TXpWYUZ3MHdOekE0TVRReE1qQXhNelZhTUlHRU1Rc3dDUVlEVlFRR0V3Sk9UekVZTUJZR0ExVUVDQk1QUVc1a2NtVmhjeUJUYjJ4aVpYSm5NUXd3Q2dZRFZRUUhFd05HYjI4eEVEQU9CZ05WQkFvVEIxVk9TVTVGVkZReEdEQVdCZ05WQkFNVEQyWmxhV1JsTG1WeWJHRnVaeTV1YnpFaE1COEdDU3FHU0liM0RRRUpBUllTWVc1a2NtVmhjMEIxYm1sdVpYUjBMbTV2TUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FEaXZiaFI3UDUxNngvUzNCcUt4dXBRZTBMT05vbGl1cGlCT2VzQ08zU0hiRHJsMytxOUliZm5mbUUwNHJOdU1jUHNJeEIxNjFUZERwSWVzTENuN2M4YVBISVNLT3RQbEFlVFpTbmI4UUF1N2FSalpxMytQYnJQNXVXM1RjZkNHUHRLVHl0SE9nZS9PbEpibzA3OGRWaFhRMTRkMUVEd1hKVzFyUlh1VXQ0QzhRSURBUUFCTUEwR0NTcUdTSWIzRFFFQkJRVUFBNEdCQUNEVmZwODZIT2JxWStlOEJVb1dROStWTVF4MUFTRG9oQmp3T3NnMld5a1VxUlhGK2RMZmNVSDlkV1I2M0N0WklLRkRiU3ROb21QblF6N25iSytvbnlnd0JzcFZFYm5IdVVpaFpxM1pVZG11bVFxQ3c0VXZzLzFVdnEzb3JPby9XSlZoVHl2TGdGVksyUWFyUTQvNjdPWmZIZDdSK1BPQlhob3BoU012MVpPbzwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIi8+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjk5My0wOC0yM1QwNjo1NzowMVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVmZTlkNmU0OTliMmYwOTEzMjA2YWFiM2Y3MTkxNzI5MDQ5YmI4MDciLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxNC0wMi0xOVQwMTozNjozMVoiIE5vdE9uT3JBZnRlcj0iMjk5My0wOC0yM1QwNjo1NzowMVoiPjxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PHNhbWw6QXVkaWVuY2U+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+PC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sOkNvbmRpdGlvbnM+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE0LTAyLTE5VDAxOjM3OjAxWiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjk5My0wMi0xOVQwOTozNzowMVoiIFNlc3Npb25JbmRleD0iXzYyNzNkNzdiOGNkZTBjMzMzZWM3OWQyMmE5ZmEwMDAzYjlmZTJkNzVjYiI+PHNhbWw6QXV0aG5Db250ZXh0PjxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDpBdXRobkNvbnRleHQ+PC9zYW1sOkF1dGhuU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGUgTmFtZT0idWlkIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5zbWFydGluPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9Im1haWwiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNtYXJ0aW5AeWFjby5lczwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJjbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+U2l4dG8zPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9InNuIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5NYXJ0aW4yPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImVkdVBlcnNvbkFmZmlsaWF0aW9uIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj51c2VyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPmFkbWluPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+
diff --git a/tests/data/responses/invalids/encrypted_attrs.xml.base64 b/tests/data/responses/invalids/encrypted_attrs.xml.base64
index f452075c..a170970a 100644
--- a/tests/data/responses/invalids/encrypted_attrs.xml.base64
+++ b/tests/data/responses/invalids/encrypted_attrs.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaGh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocCIgSW5SZXNwb25zZVRvPSJfNTdiY2JmNzAtN2IxZi0wMTJlLWM4MjEtNzgyYmNiMTNiYjM4Ii8+DQogICAgICA8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0wNi0xN1QxNDo1Mzo0NFoiIE5vdE9uT3JBZnRlcj0iMjAyMS0wNi0xN1QxNDo1OToxNFoiPg0KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICAgICAgPHNhbWw6QXVkaWVuY2U+aHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvbWV0YWRhdGEucGhwPC9zYW1sOkF1ZGllbmNlPg0KICAgICAgPC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgPC9zYW1sOkNvbmRpdGlvbnM+DQogICAgPHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDExLTA2LTE3VDE0OjU0OjA3WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QyMjo1NDoxNFoiIFNlc3Npb25JbmRleD0iXzUxYmUzNzk2NWZlYjU1NzlkODAzMTQxMDc2OTM2ZGMyZTlkMWQ5OGViZiI+DQogICAgICA8c2FtbDpBdXRobkNvbnRleHQ+DQogICAgICAgIDxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPg0KICAgICAgPC9zYW1sOkF1dGhuQ29udGV4dD4NCiAgICA8L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+DQogICAgPHNhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KIDxzYW1sOkVuY3J5cHRlZEF0dHJpYnV0ZSB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj4NCiAgICAgICAgICA8eGVuYzpFbmNyeXB0ZWREYXRhIHhtbG5zOnhlbmM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jIyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjRWxlbWVudCIgSWQ9Il9GMzk2MjVBRjY4QjRGQzA3OENDNzU4MkQyOEQwNUQ5QyI+DQogICAgICAgICAgICA8eGVuYzpFbmNyeXB0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjYWVzMjU2LWNiYyIvPg0KICAgICAgICAgICAgPGRzOktleUluZm8geG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPg0KICAgICAgICAgICAgICA8eGVuYzpFbmNyeXB0ZWRLZXk+DQogICAgICAgICAgICAgICAgPHhlbmM6RW5jcnlwdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jI3JzYS1vYWVwLW1nZjFwIi8+DQogICAgICAgICAgICAgICAgPGRzOktleUluZm8geG1sbnM6ZHNpZz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogICAgICAgICAgICAgICAgICA8ZHM6S2V5TmFtZT42MjM1NWZiZDFmNjI0NTAzYzVjOTY3NzQwMmVjY2EwMGVmMWY2Mjc3PC9kczpLZXlOYW1lPg0KICAgICAgICAgICAgICAgIDwvZHM6S2V5SW5mbz4NCiAgICAgICAgICAgICAgICA8eGVuYzpDaXBoZXJEYXRhPg0KICAgICAgICAgICAgICAgICAgPHhlbmM6Q2lwaGVyVmFsdWU+SzBtQkx4Zkx6aUtWVUtFQU9ZZTdENnVWU0NQeTh2eVdWaDNSZWNuUEVTKzhRa0FoT3VSU3VFL0xRcEZyMGh1SS9pQ0V5OXBkZTFRZ2pZREx0akhjdWpLaTJ4R3FXNmprWFcvRXVLb21xV1BQQTJ4WXMxZnBCMXN1NGFYVU9RQjZPSjcwL29EY09zeTgzNGdoRmFCV2lsRThmcXlEQlVCdlcrMkl2YU1VWmFid04vczltVmtXek0zcjMwdGxraExLN2lPcmJHQWxkSUh3RlU1ejdQUFI2Uk8zWTNmSXhqSFU0ME9uTHNKYzN4SXFkTEgzZlhwQzBrZ2k1VXNwTGRxMTRlNU9vWGpMb1BHM0JPM3p3T0FJSjhYTkJXWTV1UW9mNktyS2JjdnRaU1kwZk12UFloWWZOanRSRnk4eTQ5b3ZMOWZ3akNSVERsVDUrYUhxc0NUQnJ3PT08L3hlbmM6Q2lwaGVyVmFsdWU+DQogICAgICAgICAgICAgICAgPC94ZW5jOkNpcGhlckRhdGE+DQogICAgICAgICAgICAgIDwveGVuYzpFbmNyeXB0ZWRLZXk+DQogICAgICAgICAgICA8L2RzOktleUluZm8+DQogICAgICAgICAgICA8eGVuYzpDaXBoZXJEYXRhPg0KICAgICAgICAgICAgICA8eGVuYzpDaXBoZXJWYWx1ZT5aekN1NmF4R2dBWVpIVmY3N05YOGFwWktCL0dKRGV1VjZiRkJ5QlMwQUlnaVhrdkRVQW1MQ3BhYlRBV0JNK3l6MTlvbEE2cnJ5dU9mcjgyZXYyYnpQTlVSdm00U1l4YWh2dUw0UGlibjV3Smt5MEJsNTRWcW1jVStBcWowZEF2T2dxRzF5M1g0d085bjliUnNUdjY5MjFtMGVxUkFGcGg4a0s4TDloaXJLMUJ4WUJZajJSeUZDb0ZEUHhWWjV3eXJhM3E0cW1FNC9FTFFwRlA2bWZVOExYYjB1b1dKVWpHVWVsUzJBYTdiWmlzOHpFcHdvdjRDd3RsTmpsdFFpaDRtdjd0dENBZllxY1FJRnpCVEIrREFhMCtYZ2d4Q0xjZEIzK21RaVJjRUNCZndISEo3Z1JtbnVCRWdlV1QzQ0dLYTNOYjdHTVhPZnV4RktGNXBJZWhXZ28za2ROUUxhbG9yOFJWVzZJOFAvSThmUTMzRmUrTnNIVm5KM3p3U0EvL2E8L3hlbmM6Q2lwaGVyVmFsdWU+DQogICAgICAgICAgICA8L3hlbmM6Q2lwaGVyRGF0YT4NCiAgICAgICAgICA8L3hlbmM6RW5jcnlwdGVkRGF0YT4NCiAgICAgICAgPC9zYW1sOkVuY3J5cHRlZEF0dHJpYnV0ZT4NCiAgICA8L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICA8L3NhbWw6QXNzZXJ0aW9uPg0KPC9zYW1scDpSZXNwb25zZT4=
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaGh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocCIgSW5SZXNwb25zZVRvPSJfNTdiY2JmNzAtN2IxZi0wMTJlLWM4MjEtNzgyYmNiMTNiYjM4Ii8+DQogICAgICA8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0wNi0xN1QxNDo1Mzo0NFoiIE5vdE9uT3JBZnRlcj0iMjA5OS0wNi0xN1QxNDo1OToxNFoiPg0KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICAgICAgPHNhbWw6QXVkaWVuY2U+aHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvbWV0YWRhdGEucGhwPC9zYW1sOkF1ZGllbmNlPg0KICAgICAgPC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgPC9zYW1sOkNvbmRpdGlvbnM+DQogICAgPHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDExLTA2LTE3VDE0OjU0OjA3WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QyMjo1NDoxNFoiIFNlc3Npb25JbmRleD0iXzUxYmUzNzk2NWZlYjU1NzlkODAzMTQxMDc2OTM2ZGMyZTlkMWQ5OGViZiI+DQogICAgICA8c2FtbDpBdXRobkNvbnRleHQ+DQogICAgICAgIDxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPg0KICAgICAgPC9zYW1sOkF1dGhuQ29udGV4dD4NCiAgICA8L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+DQogICAgPHNhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KIDxzYW1sOkVuY3J5cHRlZEF0dHJpYnV0ZSB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj4NCiAgICAgICAgICA8eGVuYzpFbmNyeXB0ZWREYXRhIHhtbG5zOnhlbmM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jIyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjRWxlbWVudCIgSWQ9Il9GMzk2MjVBRjY4QjRGQzA3OENDNzU4MkQyOEQwNUQ5QyI+DQogICAgICAgICAgICA8eGVuYzpFbmNyeXB0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjYWVzMjU2LWNiYyIvPg0KICAgICAgICAgICAgPGRzOktleUluZm8geG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPg0KICAgICAgICAgICAgICA8eGVuYzpFbmNyeXB0ZWRLZXk+DQogICAgICAgICAgICAgICAgPHhlbmM6RW5jcnlwdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jI3JzYS1vYWVwLW1nZjFwIi8+DQogICAgICAgICAgICAgICAgPGRzOktleUluZm8geG1sbnM6ZHNpZz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogICAgICAgICAgICAgICAgICA8ZHM6S2V5TmFtZT42MjM1NWZiZDFmNjI0NTAzYzVjOTY3NzQwMmVjY2EwMGVmMWY2Mjc3PC9kczpLZXlOYW1lPg0KICAgICAgICAgICAgICAgIDwvZHM6S2V5SW5mbz4NCiAgICAgICAgICAgICAgICA8eGVuYzpDaXBoZXJEYXRhPg0KICAgICAgICAgICAgICAgICAgPHhlbmM6Q2lwaGVyVmFsdWU+SzBtQkx4Zkx6aUtWVUtFQU9ZZTdENnVWU0NQeTh2eVdWaDNSZWNuUEVTKzhRa0FoT3VSU3VFL0xRcEZyMGh1SS9pQ0V5OXBkZTFRZ2pZREx0akhjdWpLaTJ4R3FXNmprWFcvRXVLb21xV1BQQTJ4WXMxZnBCMXN1NGFYVU9RQjZPSjcwL29EY09zeTgzNGdoRmFCV2lsRThmcXlEQlVCdlcrMkl2YU1VWmFid04vczltVmtXek0zcjMwdGxraExLN2lPcmJHQWxkSUh3RlU1ejdQUFI2Uk8zWTNmSXhqSFU0ME9uTHNKYzN4SXFkTEgzZlhwQzBrZ2k1VXNwTGRxMTRlNU9vWGpMb1BHM0JPM3p3T0FJSjhYTkJXWTV1UW9mNktyS2JjdnRaU1kwZk12UFloWWZOanRSRnk4eTQ5b3ZMOWZ3akNSVERsVDUrYUhxc0NUQnJ3PT08L3hlbmM6Q2lwaGVyVmFsdWU+DQogICAgICAgICAgICAgICAgPC94ZW5jOkNpcGhlckRhdGE+DQogICAgICAgICAgICAgIDwveGVuYzpFbmNyeXB0ZWRLZXk+DQogICAgICAgICAgICA8L2RzOktleUluZm8+DQogICAgICAgICAgICA8eGVuYzpDaXBoZXJEYXRhPg0KICAgICAgICAgICAgICA8eGVuYzpDaXBoZXJWYWx1ZT5aekN1NmF4R2dBWVpIVmY3N05YOGFwWktCL0dKRGV1VjZiRkJ5QlMwQUlnaVhrdkRVQW1MQ3BhYlRBV0JNK3l6MTlvbEE2cnJ5dU9mcjgyZXYyYnpQTlVSdm00U1l4YWh2dUw0UGlibjV3Smt5MEJsNTRWcW1jVStBcWowZEF2T2dxRzF5M1g0d085bjliUnNUdjY5MjFtMGVxUkFGcGg4a0s4TDloaXJLMUJ4WUJZajJSeUZDb0ZEUHhWWjV3eXJhM3E0cW1FNC9FTFFwRlA2bWZVOExYYjB1b1dKVWpHVWVsUzJBYTdiWmlzOHpFcHdvdjRDd3RsTmpsdFFpaDRtdjd0dENBZllxY1FJRnpCVEIrREFhMCtYZ2d4Q0xjZEIzK21RaVJjRUNCZndISEo3Z1JtbnVCRWdlV1QzQ0dLYTNOYjdHTVhPZnV4RktGNXBJZWhXZ28za2ROUUxhbG9yOFJWVzZJOFAvSThmUTMzRmUrTnNIVm5KM3p3U0EvL2E8L3hlbmM6Q2lwaGVyVmFsdWU+DQogICAgICAgICAgICA8L3hlbmM6Q2lwaGVyRGF0YT4NCiAgICAgICAgICA8L3hlbmM6RW5jcnlwdGVkRGF0YT4NCiAgICAgICAgPC9zYW1sOkVuY3J5cHRlZEF0dHJpYnV0ZT4NCiAgICA8L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICA8L3NhbWw6QXNzZXJ0aW9uPg0KPC9zYW1scDpSZXNwb25zZT4=
\ No newline at end of file
diff --git a/tests/data/responses/invalids/invalid_audience.xml.base64 b/tests/data/responses/invalids/invalid_audience.xml.base64
index a2575836..80f30e51 100644
--- a/tests/data/responses/invalids/invalid_audience.xml.base64
+++ b/tests/data/responses/invalids/invalid_audience.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjIwMjEtMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICAgIDxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgICAgIDxzYW1sOkF1ZGllbmNlPmh0dHA6Ly9pbnZhbGlkLmF1ZGllbmNlLmNvbTwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMS0wNi0xN1QxNDo1NDowN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwMjEtMDYtMTdUMjI6NTQ6MTRaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjk5My0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjI5OTMtMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICAgIDxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgICAgIDxzYW1sOkF1ZGllbmNlPmh0dHA6Ly9pbnZhbGlkLmF1ZGllbmNlLmNvbTwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMS0wNi0xN1QxNDo1NDowN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjI5OTMtMDYtMTdUMjI6NTQ6MTRaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
diff --git a/tests/data/responses/invalids/invalid_issuer_assertion.xml.base64 b/tests/data/responses/invalids/invalid_issuer_assertion.xml.base64
index 07748ece..426ea5c2 100644
--- a/tests/data/responses/invalids/invalid_issuer_assertion.xml.base64
+++ b/tests/data/responses/invalids/invalid_issuer_assertion.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2ludmFsaWQuaXNzdWVyLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+ICAgIA0KICAgIDxzYW1sOlN1YmplY3Q+DQogICAgICA8c2FtbDpOYW1lSUQgU1BOYW1lUXVhbGlmaWVyPSJoZWxsby5jb20iIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIj5zb21lb25lQGV4YW1wbGUuY29tPC9zYW1sOk5hbWVJRD4NCiAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj4NCiAgICAgICAgPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDIwLTA2LTE3VDE0OjU5OjE0WiIgUmVjaXBpZW50PSJodHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9lbmRwb2ludHMvYWNzLnBocCIgSW5SZXNwb25zZVRvPSJfNTdiY2JmNzAtN2IxZi0wMTJlLWM4MjEtNzgyYmNiMTNiYjM4Ii8+DQogICAgICA8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0wNi0xN1QxNDo1Mzo0NFoiIE5vdE9uT3JBZnRlcj0iMjAyMS0wNi0xN1QxNDo1OToxNFoiPg0KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICAgICAgPHNhbWw6QXVkaWVuY2U+aHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvbWV0YWRhdGEucGhwPC9zYW1sOkF1ZGllbmNlPg0KICAgICAgPC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgPC9zYW1sOkNvbmRpdGlvbnM+DQogICAgPHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDExLTA2LTE3VDE0OjU0OjA3WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAyMS0wNi0xN1QyMjo1NDoxNFoiIFNlc3Npb25JbmRleD0iXzUxYmUzNzk2NWZlYjU1NzlkODAzMTQxMDc2OTM2ZGMyZTlkMWQ5OGViZiI+DQogICAgICA8c2FtbDpBdXRobkNvbnRleHQ+DQogICAgICAgIDxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPg0KICAgICAgPC9zYW1sOkF1dGhuQ29udGV4dD4NCiAgICA8L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+DQogICAgPHNhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICAgICAgPHNhbWw6QXR0cmlidXRlIE5hbWU9Im1haWwiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPg0KICAgICAgICA8c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5zb21lb25lQGV4YW1wbGUuY29tPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPg0KICAgICAgPC9zYW1sOkF0dHJpYnV0ZT4NCiAgICA8L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICA8L3NhbWw6QXNzZXJ0aW9uPg0KPC9zYW1scDpSZXNwb25zZT4=
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2ludmFsaWQuaXNzdWVyLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+ICAgIA0KICAgIDxzYW1sOlN1YmplY3Q+DQogICAgICA8c2FtbDpOYW1lSUQgU1BOYW1lUXVhbGlmaWVyPSJoZWxsby5jb20iIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIj5zb21lb25lQGV4YW1wbGUuY29tPC9zYW1sOk5hbWVJRD4NCiAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj4NCiAgICAgICAgPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDIwLTA2LTE3VDE0OjU5OjE0WiIgUmVjaXBpZW50PSJodHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9lbmRwb2ludHMvYWNzLnBocCIgSW5SZXNwb25zZVRvPSJfNTdiY2JmNzAtN2IxZi0wMTJlLWM4MjEtNzgyYmNiMTNiYjM4Ii8+DQogICAgICA8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0wNi0xN1QxNDo1Mzo0NFoiIE5vdE9uT3JBZnRlcj0iMjA5OS0wNi0xN1QxNDo1OToxNFoiPg0KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICAgICAgPHNhbWw6QXVkaWVuY2U+aHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvbWV0YWRhdGEucGhwPC9zYW1sOkF1ZGllbmNlPg0KICAgICAgPC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgPC9zYW1sOkNvbmRpdGlvbnM+DQogICAgPHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDExLTA2LTE3VDE0OjU0OjA3WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjA5OS0wNi0xN1QyMjo1NDoxNFoiIFNlc3Npb25JbmRleD0iXzUxYmUzNzk2NWZlYjU1NzlkODAzMTQxMDc2OTM2ZGMyZTlkMWQ5OGViZiI+DQogICAgICA8c2FtbDpBdXRobkNvbnRleHQ+DQogICAgICAgIDxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPg0KICAgICAgPC9zYW1sOkF1dGhuQ29udGV4dD4NCiAgICA8L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+DQogICAgPHNhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICAgICAgPHNhbWw6QXR0cmlidXRlIE5hbWU9Im1haWwiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPg0KICAgICAgICA8c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5zb21lb25lQGV4YW1wbGUuY29tPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPg0KICAgICAgPC9zYW1sOkF0dHJpYnV0ZT4NCiAgICA8L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICA8L3NhbWw6QXNzZXJ0aW9uPg0KPC9zYW1scDpSZXNwb25zZT4=
\ No newline at end of file
diff --git a/tests/data/responses/invalids/invalid_issuer_message.xml.base64 b/tests/data/responses/invalids/invalid_issuer_message.xml.base64
index f1f49fe5..0c06a25e 100644
--- a/tests/data/responses/invalids/invalid_issuer_message.xml.base64
+++ b/tests/data/responses/invalids/invalid_issuer_message.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaW52YWxpZC5pc3Nlci5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPg0KICA8c2FtbHA6U3RhdHVzPg0KICAgIDxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz4NCiAgPC9zYW1scDpTdGF0dXM+DQogIDxzYW1sOkFzc2VydGlvbiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIElEPSJwZng3ODQxOTkxYy1jNzNmLTQwMzUtZTJlZS1jMTcwYzBlMWQzZTQiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDExLTA2LTE3VDE0OjU0OjE0WiI+DQogICAgPHNhbWw6SXNzdWVyPmh0dHA6Ly9pZHAuZXhhbXBsZS5jb20vPC9zYW1sOklzc3Vlcj4gICAgDQogICAgPHNhbWw6U3ViamVjdD4NCiAgICAgIDxzYW1sOk5hbWVJRCBTUE5hbWVRdWFsaWZpZXI9ImhlbGxvLmNvbSIgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDplbWFpbEFkZHJlc3MiPnNvbWVvbmVAZXhhbXBsZS5jb208L3NhbWw6TmFtZUlEPg0KICAgICAgPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPg0KICAgICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBOb3RPbk9yQWZ0ZXI9IjIwMjAtMDYtMTdUMTQ6NTk6MTRaIiBSZWNpcGllbnQ9Imh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL2VuZHBvaW50cy9hY3MucGhwIiBJblJlc3BvbnNlVG89Il81N2JjYmY3MC03YjFmLTAxMmUtYzgyMS03ODJiY2IxM2JiMzgiLz4NCiAgICAgIDwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgIDwvc2FtbDpTdWJqZWN0Pg0KICAgIDxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDEwLTA2LTE3VDE0OjUzOjQ0WiIgTm90T25PckFmdGVyPSIyMDIxLTA2LTE3VDE0OjU5OjE0WiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT5odHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+DQogICAgICA8L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MDdaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDIxLTA2LTE3VDIyOjU0OjE0WiIgU2Vzc2lvbkluZGV4PSJfNTFiZTM3OTY1ZmViNTU3OWQ4MDMxNDEwNzY5MzZkYzJlOWQxZDk4ZWJmIj4NCiAgICAgIDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3NhbWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0ibWFpbCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNvbWVvbmVAZXhhbXBsZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+DQogICAgICA8L3NhbWw6QXR0cmlidXRlPg0KICAgIDwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogIDwvc2FtbDpBc3NlcnRpb24+DQo8L3NhbWxwOlJlc3BvbnNlPg0KICA=
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaW52YWxpZC5pc3Nlci5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPg0KICA8c2FtbHA6U3RhdHVzPg0KICAgIDxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz4NCiAgPC9zYW1scDpTdGF0dXM+DQogIDxzYW1sOkFzc2VydGlvbiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIElEPSJwZng3ODQxOTkxYy1jNzNmLTQwMzUtZTJlZS1jMTcwYzBlMWQzZTQiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDExLTA2LTE3VDE0OjU0OjE0WiI+DQogICAgPHNhbWw6SXNzdWVyPmh0dHA6Ly9pZHAuZXhhbXBsZS5jb20vPC9zYW1sOklzc3Vlcj4gICAgDQogICAgPHNhbWw6U3ViamVjdD4NCiAgICAgIDxzYW1sOk5hbWVJRCBTUE5hbWVRdWFsaWZpZXI9ImhlbGxvLmNvbSIgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDplbWFpbEFkZHJlc3MiPnNvbWVvbmVAZXhhbXBsZS5jb208L3NhbWw6TmFtZUlEPg0KICAgICAgPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPg0KICAgICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBOb3RPbk9yQWZ0ZXI9IjIwMjAtMDYtMTdUMTQ6NTk6MTRaIiBSZWNpcGllbnQ9Imh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL2VuZHBvaW50cy9hY3MucGhwIiBJblJlc3BvbnNlVG89Il81N2JjYmY3MC03YjFmLTAxMmUtYzgyMS03ODJiY2IxM2JiMzgiLz4NCiAgICAgIDwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgIDwvc2FtbDpTdWJqZWN0Pg0KICAgIDxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDEwLTA2LTE3VDE0OjUzOjQ0WiIgTm90T25PckFmdGVyPSIyMDk5LTA2LTE3VDE0OjU5OjE0WiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT5odHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+DQogICAgICA8L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MDdaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDk5LTA2LTE3VDIyOjU0OjE0WiIgU2Vzc2lvbkluZGV4PSJfNTFiZTM3OTY1ZmViNTU3OWQ4MDMxNDEwNzY5MzZkYzJlOWQxZDk4ZWJmIj4NCiAgICAgIDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3NhbWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0ibWFpbCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNvbWVvbmVAZXhhbXBsZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+DQogICAgICA8L3NhbWw6QXR0cmlidXRlPg0KICAgIDwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogIDwvc2FtbDpBc3NlcnRpb24+DQo8L3NhbWxwOlJlc3BvbnNlPg0KICA=
\ No newline at end of file
diff --git a/tests/data/responses/invalids/invalid_sessionindex.xml.base64 b/tests/data/responses/invalids/invalid_sessionindex.xml.base64
index cc5a581c..f2e4c4c6 100644
--- a/tests/data/responses/invalids/invalid_sessionindex.xml.base64
+++ b/tests/data/responses/invalids/invalid_sessionindex.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjIwMjEtMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICAgIDxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgICAgIDxzYW1sOkF1ZGllbmNlPmh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMS0wNi0xN1QxNDo1NDowN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwMTMtMDYtMTdUMjI6NTQ6MTRaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjIwOTktMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICAgIDxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgICAgIDxzYW1sOkF1ZGllbmNlPmh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMS0wNi0xN1QxNDo1NDowN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwMTMtMDYtMTdUMjI6NTQ6MTRaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
\ No newline at end of file
diff --git a/tests/data/responses/invalids/invalid_subjectconfirmation_inresponse.xml.base64 b/tests/data/responses/invalids/invalid_subjectconfirmation_inresponse.xml.base64
index 2ce545f8..b6a4e2eb 100644
--- a/tests/data/responses/invalids/invalid_subjectconfirmation_inresponse.xml.base64
+++ b/tests/data/responses/invalids/invalid_subjectconfirmation_inresponse.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iaW52YWxpZF9pbnJlc3BvbnNlIi8+DQogICAgICA8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0wNi0xN1QxNDo1Mzo0NFoiIE5vdE9uT3JBZnRlcj0iMjAyMS0wNi0xN1QxNDo1OToxNFoiPg0KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICAgICAgPHNhbWw6QXVkaWVuY2U+aHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvbWV0YWRhdGEucGhwPC9zYW1sOkF1ZGllbmNlPg0KICAgICAgPC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgPC9zYW1sOkNvbmRpdGlvbnM+DQogICAgPHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDExLTA2LTE3VDE0OjU0OjA3WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAyMS0wNi0xN1QyMjo1NDoxNFoiIFNlc3Npb25JbmRleD0iXzUxYmUzNzk2NWZlYjU1NzlkODAzMTQxMDc2OTM2ZGMyZTlkMWQ5OGViZiI+DQogICAgICA8c2FtbDpBdXRobkNvbnRleHQ+DQogICAgICAgIDxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPg0KICAgICAgPC9zYW1sOkF1dGhuQ29udGV4dD4NCiAgICA8L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+DQogICAgPHNhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICAgICAgPHNhbWw6QXR0cmlidXRlIE5hbWU9Im1haWwiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPg0KICAgICAgICA8c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5zb21lb25lQGV4YW1wbGUuY29tPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPg0KICAgICAgPC9zYW1sOkF0dHJpYnV0ZT4NCiAgICA8L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICA8L3NhbWw6QXNzZXJ0aW9uPg0KPC9zYW1scDpSZXNwb25zZT4=
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iaW52YWxpZF9pbnJlc3BvbnNlIi8+DQogICAgICA8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0wNi0xN1QxNDo1Mzo0NFoiIE5vdE9uT3JBZnRlcj0iMjA5OS0wNi0xN1QxNDo1OToxNFoiPg0KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICAgICAgPHNhbWw6QXVkaWVuY2U+aHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvbWV0YWRhdGEucGhwPC9zYW1sOkF1ZGllbmNlPg0KICAgICAgPC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgPC9zYW1sOkNvbmRpdGlvbnM+DQogICAgPHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDExLTA2LTE3VDE0OjU0OjA3WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjA5OS0wNi0xN1QyMjo1NDoxNFoiIFNlc3Npb25JbmRleD0iXzUxYmUzNzk2NWZlYjU1NzlkODAzMTQxMDc2OTM2ZGMyZTlkMWQ5OGViZiI+DQogICAgICA8c2FtbDpBdXRobkNvbnRleHQ+DQogICAgICAgIDxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPg0KICAgICAgPC9zYW1sOkF1dGhuQ29udGV4dD4NCiAgICA8L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+DQogICAgPHNhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICAgICAgPHNhbWw6QXR0cmlidXRlIE5hbWU9Im1haWwiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPg0KICAgICAgICA8c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5zb21lb25lQGV4YW1wbGUuY29tPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPg0KICAgICAgPC9zYW1sOkF0dHJpYnV0ZT4NCiAgICA8L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICA8L3NhbWw6QXNzZXJ0aW9uPg0KPC9zYW1scDpSZXNwb25zZT4=
\ No newline at end of file
diff --git a/tests/data/responses/invalids/invalid_subjectconfirmation_nb.xml.base64 b/tests/data/responses/invalids/invalid_subjectconfirmation_nb.xml.base64
index ff6d371c..5d1f8bc1 100644
--- a/tests/data/responses/invalids/invalid_subjectconfirmation_nb.xml.base64
+++ b/tests/data/responses/invalids/invalid_subjectconfirmation_nb.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdEJlZm9yZT0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjIwMjEtMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICAgIDxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgICAgIDxzYW1sOkF1ZGllbmNlPmh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMS0wNi0xN1QxNDo1NDowN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwMjEtMDYtMTdUMjI6NTQ6MTRaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdEJlZm9yZT0iMjk5OS0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjI5OTktMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICAgIDxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgICAgIDxzYW1sOkF1ZGllbmNlPmh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMS0wNi0xN1QxNDo1NDowN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjI5OTktMDYtMTdUMjI6NTQ6MTRaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
diff --git a/tests/data/responses/invalids/invalid_subjectconfirmation_noa.xml.base64 b/tests/data/responses/invalids/invalid_subjectconfirmation_noa.xml.base64
index 6d4b70aa..4f922132 100644
--- a/tests/data/responses/invalids/invalid_subjectconfirmation_noa.xml.base64
+++ b/tests/data/responses/invalids/invalid_subjectconfirmation_noa.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAxMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjIwMjEtMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICAgIDxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgICAgIDxzYW1sOkF1ZGllbmNlPmh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMS0wNi0xN1QxNDo1NDowN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwMjEtMDYtMTdUMjI6NTQ6MTRaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAxMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjIwOTktMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICAgIDxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgICAgIDxzYW1sOkF1ZGllbmNlPmh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMS0wNi0xN1QxNDo1NDowN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwOTktMDYtMTdUMjI6NTQ6MTRaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
\ No newline at end of file
diff --git a/tests/data/responses/invalids/invalid_subjectconfirmation_recipient.xml.base64 b/tests/data/responses/invalids/invalid_subjectconfirmation_recipient.xml.base64
index 1bf1d25a..30c55eb2 100644
--- a/tests/data/responses/invalids/invalid_subjectconfirmation_recipient.xml.base64
+++ b/tests/data/responses/invalids/invalid_subjectconfirmation_recipient.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL2ludmFsaWQucmVjaXBlbnQuZXhhbXBsZS5jb20iIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjIwMjEtMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICAgIDxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgICAgIDxzYW1sOkF1ZGllbmNlPmh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMS0wNi0xN1QxNDo1NDowN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwMjEtMDYtMTdUMjI6NTQ6MTRaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL2ludmFsaWQucmVjaXBlbnQuZXhhbXBsZS5jb20iIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjIwOTktMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICAgIDxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgICAgIDxzYW1sOkF1ZGllbmNlPmh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMS0wNi0xN1QxNDo1NDowN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwOTktMDYtMTdUMjI6NTQ6MTRaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
\ No newline at end of file
diff --git a/tests/data/responses/invalids/no_authnstatement.xml.base64 b/tests/data/responses/invalids/no_authnstatement.xml.base64
index d116b7b5..64239d42 100644
--- a/tests/data/responses/invalids/no_authnstatement.xml.base64
+++ b/tests/data/responses/invalids/no_authnstatement.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGRmNWRiN2JiLTYwZDgtMWZhNi00OTBhLWFjMWMyZThjYWFhMiIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVmZTlkNmU0OTliMmYwOTEzMjA2YWFiM2Y3MTkxNzI5MDQ5YmI4MDciPjxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeGRmNWRiN2JiLTYwZDgtMWZhNi00OTBhLWFjMWMyZThjYWFhMiI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+bGJTZmtFR0JsNmZEN0JBc1prU25wYmQyNGJFPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT56Y3YwSitsZ0V4R2tjSVVKYVp5ajdvZkFrY1VZc3dvckpiei9xdEo0WDBmSEtMYXB1eE0xYmlEbnJMTm5wUXhNSkJ3K092WG9sdWdHdVZBeEVyYmE5NTV2QlFtQTRCZXRZS0tKR09XcTkyMWpxKzVhdThtOWQzM2M1UTR6cDYzZld4UnRKV3AyVU05UnZ0aWd6enk2WWg0SE5yNVNkdUhzd1FJeFM2ZEQ2Lzg9PC9kczpTaWduYXR1cmVWYWx1ZT4NCjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeGI0ZWM5YzhhLTQ4ZWItZmRhMi03Zjc0LWZhMWExMDVhOTlmZSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9tZXRhZGF0YS5waHAiIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIj40OTI4ODI2MTVhY2YzMWM4MDk2YjYyNzI0NWQ3NmFlNTMwMzZjMDkwPC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDIzLTA4LTIzVDA2OjU3OjAxWiIgUmVjaXBpZW50PSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL2luZGV4LnBocD9hY3MiIEluUmVzcG9uc2VUbz0iT05FTE9HSU5fNWZlOWQ2ZTQ5OWIyZjA5MTMyMDZhYWIzZjcxOTE3MjkwNDliYjgwNyIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE0LTAyLTE5VDAxOjM2OjMxWiIgTm90T25PckFmdGVyPSIyMDIzLTA4LTIzVDA2OjU3OjAxWiI+PHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIE5hbWU9InVpZCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c21hcnRpbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5zbWFydGluQHlhY28uZXM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iY24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPlNpeHRvMzwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJzbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+TWFydGluMjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJlZHVQZXJzb25BZmZpbGlhdGlvbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+dXNlcjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5hZG1pbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PC9zYW1sOkFzc2VydGlvbj48L3NhbWxwOlJlc3BvbnNlPg==
\ No newline at end of file
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeDI2MjgzZmMzLWQ4MDQtMTNlYS04OGUxLWM2ZTlhNjUzY2I5NiIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVmZTlkNmU0OTliMmYwOTEzMjA2YWFiM2Y3MTkxNzI5MDQ5YmI4MDciPjxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeDI2MjgzZmMzLWQ4MDQtMTNlYS04OGUxLWM2ZTlhNjUzY2I5NiI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+VmExNWZUdkNXeDMwOWNzQkEvN3lZYjMrOVlVPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT5kRkx0SGYvcnpQMUZFQlNJM3NFTEwrTEVLYmt3cENpZW1FT2M2SVFiNi9wV1pIYmJ5VXdNSHYwTVFkZW1yNFZYK3E2QzFSMVp2bnp5MTdCWHcrL1Z4ckdMWVdydVpqa2RCQVI3aHBTMzRab2QyQ0hGMkZ4QktwR3RIL2RadncxRmE1Q1Z4eitnczJYcm96aGNlblVkNU5YOVNtZ0RnQ001TFZXaFpHc09NSTQ9PC9kczpTaWduYXR1cmVWYWx1ZT4NCjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeGI0ZWM5YzhhLTQ4ZWItZmRhMi03Zjc0LWZhMWExMDVhOTlmZSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9tZXRhZGF0YS5waHAiIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIj40OTI4ODI2MTVhY2YzMWM4MDk2YjYyNzI0NWQ3NmFlNTMwMzZjMDkwPC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyOTkzLTA4LTIzVDA2OjU3OjAxWiIgUmVjaXBpZW50PSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL2luZGV4LnBocD9hY3MiIEluUmVzcG9uc2VUbz0iT05FTE9HSU5fNWZlOWQ2ZTQ5OWIyZjA5MTMyMDZhYWIzZjcxOTE3MjkwNDliYjgwNyIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE0LTAyLTE5VDAxOjM2OjMxWiIgTm90T25PckFmdGVyPSIyOTkzLTA4LTIzVDA2OjU3OjAxWiI+PHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIE5hbWU9InVpZCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c21hcnRpbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5zbWFydGluQHlhY28uZXM8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iY24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPlNpeHRvMzwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJzbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+TWFydGluMjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJlZHVQZXJzb25BZmZpbGlhdGlvbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+dXNlcjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5hZG1pbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PC9zYW1sOkFzc2VydGlvbj48L3NhbWxwOlJlc3BvbnNlPg==
diff --git a/tests/data/responses/invalids/no_nameid.xml.base64 b/tests/data/responses/invalids/no_nameid.xml.base64
index 3c2b6d9b..db8879b2 100644
--- a/tests/data/responses/invalids/no_nameid.xml.base64
+++ b/tests/data/responses/invalids/no_nameid.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPg0KICAgICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBOb3RPbk9yQWZ0ZXI9IjIwMjAtMDYtMTdUMTQ6NTk6MTRaIiBSZWNpcGllbnQ9Imh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL2VuZHBvaW50cy9hY3MucGhwIiBJblJlc3BvbnNlVG89Il81N2JjYmY3MC03YjFmLTAxMmUtYzgyMS03ODJiY2IxM2JiMzgiLz4NCiAgICAgIDwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgIDwvc2FtbDpTdWJqZWN0Pg0KICAgIDxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDEwLTA2LTE3VDE0OjUzOjQ0WiIgTm90T25PckFmdGVyPSIyMDIxLTA2LTE3VDE0OjU5OjE0WiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT5odHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+DQogICAgICA8L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MDdaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDIxLTA2LTE3VDIyOjU0OjE0WiIgU2Vzc2lvbkluZGV4PSJfNTFiZTM3OTY1ZmViNTU3OWQ4MDMxNDEwNzY5MzZkYzJlOWQxZDk4ZWJmIj4NCiAgICAgIDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3NhbWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0ibWFpbCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNvbWVvbmVAZXhhbXBsZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+DQogICAgICA8L3NhbWw6QXR0cmlidXRlPg0KICAgIDwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogIDwvc2FtbDpBc3NlcnRpb24+DQo8L3NhbWxwOlJlc3BvbnNlPg==
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPg0KICAgICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBOb3RPbk9yQWZ0ZXI9IjIwMjAtMDYtMTdUMTQ6NTk6MTRaIiBSZWNpcGllbnQ9Imh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL2VuZHBvaW50cy9hY3MucGhwIiBJblJlc3BvbnNlVG89Il81N2JjYmY3MC03YjFmLTAxMmUtYzgyMS03ODJiY2IxM2JiMzgiLz4NCiAgICAgIDwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgIDwvc2FtbDpTdWJqZWN0Pg0KICAgIDxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDEwLTA2LTE3VDE0OjUzOjQ0WiIgTm90T25PckFmdGVyPSIyMDk5LTA2LTE3VDE0OjU5OjE0WiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT5odHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+DQogICAgICA8L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MDdaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDk5LTA2LTE3VDIyOjU0OjE0WiIgU2Vzc2lvbkluZGV4PSJfNTFiZTM3OTY1ZmViNTU3OWQ4MDMxNDEwNzY5MzZkYzJlOWQxZDk4ZWJmIj4NCiAgICAgIDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3NhbWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0ibWFpbCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNvbWVvbmVAZXhhbXBsZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+DQogICAgICA8L3NhbWw6QXR0cmlidXRlPg0KICAgIDwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogIDwvc2FtbDpBc3NlcnRpb24+DQo8L3NhbWxwOlJlc3BvbnNlPg==
\ No newline at end of file
diff --git a/tests/data/responses/invalids/no_saml2.xml.base64 b/tests/data/responses/invalids/no_saml2.xml.base64
index 3e86c702..383d0d40 100644
--- a/tests/data/responses/invalids/no_saml2.xml.base64
+++ b/tests/data/responses/invalids/no_saml2.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8UmVzcG9uc2UgeG1sbnM9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4wOmFzc2VydGlvbiINCiAgICB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4wOnByb3RvY29sIiB4bWxuczp4c2Q9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIg0KICAgIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIElzc3VlSW5zdGFudD0iMjAwOC0xMi0xMFQxNDoxMjoxNC44MTdaIg0KICAgIE1ham9yVmVyc2lvbj0iMSIgTWlub3JWZXJzaW9uPSIxIiBSZWNpcGllbnQ9Imh0dHBzOi8vZWlnZXIuaWFkLnZ0LmVkdS9kYXQvaG9tZS5kbyINCiAgICBSZXNwb25zZUlEPSJfNWM5NGI1NDMxYzU0MDM2NWU1YTcwYjI4NzRiNzU5OTYiPg0KICAgICAgPFN0YXR1cz4NCiAgICAgICAgPFN0YXR1c0NvZGUgVmFsdWU9InNhbWxwOlN1Y2Nlc3MiPg0KICAgICAgICA8L1N0YXR1c0NvZGU+DQogICAgICA8L1N0YXR1cz4NCiAgICAgIDxBc3NlcnRpb24geG1sbnM9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMDphc3NlcnRpb24iIEFzc2VydGlvbklEPSJfZTVjMjNmZjdhMzg4OWUxMmZhMDE4MDJhNDczMzE2NTMiDQogICAgICBJc3N1ZUluc3RhbnQ9IjIwMDgtMTItMTBUMTQ6MTI6MTQuODE3WiIgSXNzdWVyPSJsb2NhbGhvc3QiIE1ham9yVmVyc2lvbj0iMSINCiAgICAgIE1pbm9yVmVyc2lvbj0iMSI+DQogICAgICAgIDxDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAwOC0xMi0xMFQxNDoxMjoxNC44MTdaIiBOb3RPbk9yQWZ0ZXI9IjIwMDgtMTItMTBUMTQ6MTI6NDQuODE3WiI+DQogICAgICAgICAgPEF1ZGllbmNlUmVzdHJpY3Rpb25Db25kaXRpb24+DQogICAgICAgICAgICA8QXVkaWVuY2U+DQogICAgICAgICAgICAgIGh0dHBzOi8vc29tZS1zZXJ2aWNlLmV4YW1wbGUuY29tL2FwcC8NCiAgICAgICAgICAgIDwvQXVkaWVuY2U+DQogICAgICAgICAgPC9BdWRpZW5jZVJlc3RyaWN0aW9uQ29uZGl0aW9uPg0KICAgICAgICA8L0NvbmRpdGlvbnM+DQogICAgICAgIDxBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICAgICAgPFN1YmplY3Q+DQogICAgICAgICAgICA8TmFtZUlkZW50aWZpZXI+am9obnE8L05hbWVJZGVudGlmaWVyPg0KICAgICAgICAgICAgPFN1YmplY3RDb25maXJtYXRpb24+DQogICAgICAgICAgICAgIDxDb25maXJtYXRpb25NZXRob2Q+DQogICAgICAgICAgICAgICAgdXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4wOmNtOmFydGlmYWN0DQogICAgICAgICAgICAgIDwvQ29uZmlybWF0aW9uTWV0aG9kPg0KICAgICAgICAgICAgPC9TdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgICAgICAgIDwvU3ViamVjdD4NCiAgICAgICAgICA8QXR0cmlidXRlIEF0dHJpYnV0ZU5hbWU9InVpZCIgQXR0cmlidXRlTmFtZXNwYWNlPSJodHRwOi8vd3d3LmphLXNpZy5vcmcvcHJvZHVjdHMvY2FzLyI+DQogICAgICAgICAgICA8QXR0cmlidXRlVmFsdWU+MTIzNDU8L0F0dHJpYnV0ZVZhbHVlPg0KICAgICAgICAgIDwvQXR0cmlidXRlPg0KICAgICAgICAgIDxBdHRyaWJ1dGUgQXR0cmlidXRlTmFtZT0iZ3JvdXBNZW1iZXJzaGlwIiBBdHRyaWJ1dGVOYW1lc3BhY2U9Imh0dHA6Ly93d3cuamEtc2lnLm9yZy9wcm9kdWN0cy9jYXMvIj4NCiAgICAgICAgICAgIDxBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgICAgICAgICAgdXVnaWQ9bWlkZGxld2FyZS5zdGFmZixvdT1Hcm91cHMsZGM9dnQsZGM9ZWR1DQogICAgICAgICAgICA8L0F0dHJpYnV0ZVZhbHVlPg0KICAgICAgICAgIDwvQXR0cmlidXRlPg0KICAgICAgICAgIDxBdHRyaWJ1dGUgQXR0cmlidXRlTmFtZT0iZWR1UGVyc29uQWZmaWxpYXRpb24iIEF0dHJpYnV0ZU5hbWVzcGFjZT0iaHR0cDovL3d3dy5qYS1zaWcub3JnL3Byb2R1Y3RzL2Nhcy8iPg0KICAgICAgICAgICAgPEF0dHJpYnV0ZVZhbHVlPnN0YWZmPC9BdHRyaWJ1dGVWYWx1ZT4NCiAgICAgICAgICA8L0F0dHJpYnV0ZT4NCiAgICAgICAgICA8QXR0cmlidXRlIEF0dHJpYnV0ZU5hbWU9ImFjY291bnRTdGF0ZSIgQXR0cmlidXRlTmFtZXNwYWNlPSJodHRwOi8vd3d3LmphLXNpZy5vcmcvcHJvZHVjdHMvY2FzLyI+DQogICAgICAgICAgICA8QXR0cmlidXRlVmFsdWU+QUNUSVZFPC9BdHRyaWJ1dGVWYWx1ZT4NCiAgICAgICAgICA8L0F0dHJpYnV0ZT4NCiAgICAgICAgPC9BdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICAgIDxBdXRoZW50aWNhdGlvblN0YXRlbWVudCBBdXRoZW50aWNhdGlvbkluc3RhbnQ9IjIwMDgtMTItMTBUMTQ6MTI6MTQuNzQxWiINCiAgICAgICAgQXV0aGVudGljYXRpb25NZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMDphbTpwYXNzd29yZCI+DQogICAgICAgICAgPFN1YmplY3Q+DQogICAgICAgICAgICA8TmFtZUlkZW50aWZpZXI+am9obnE8L05hbWVJZGVudGlmaWVyPg0KICAgICAgICAgICAgPFN1YmplY3RDb25maXJtYXRpb24+DQogICAgICAgICAgICAgIDxDb25maXJtYXRpb25NZXRob2Q+DQogICAgICAgICAgICAgICAgdXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4wOmNtOmFydGlmYWN0DQogICAgICAgICAgICAgIDwvQ29uZmlybWF0aW9uTWV0aG9kPg0KICAgICAgICAgICAgPC9TdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgICAgICAgIDwvU3ViamVjdD4NCiAgICAgICAgPC9BdXRoZW50aWNhdGlvblN0YXRlbWVudD4NCiAgICAgIDwvQXNzZXJ0aW9uPg0KICAgIDwvUmVzcG9uc2U+
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8UmVzcG9uc2UgeG1sbnM9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4wOmFzc2VydGlvbiINCiAgICB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4wOnByb3RvY29sIiB4bWxuczp4c2Q9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIg0KICAgIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIElzc3VlSW5zdGFudD0iMjAwOC0xMi0xMFQxNDoxMjoxNC44MTdaIg0KICAgIE1ham9yVmVyc2lvbj0iMSIgTWlub3JWZXJzaW9uPSIxIiBSZWNpcGllbnQ9Imh0dHBzOi8vZWlnZXIuaWFkLnZ0LmVkdS9kYXQvaG9tZS5kbyINCiAgICBSZXNwb25zZUlEPSJfNWM5NGI1NDMxYzU0MDM2NWU1YTcwYjI4NzRiNzU5OTYiPg0KICAgICAgPFN0YXR1cz4NCiAgICAgICAgPFN0YXR1c0NvZGUgVmFsdWU9InNhbWxwOlN1Y2Nlc3MiPg0KICAgICAgICA8L1N0YXR1c0NvZGU+DQogICAgICA8L1N0YXR1cz4NCiAgICAgIDxBc3NlcnRpb24geG1sbnM9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMDphc3NlcnRpb24iIEFzc2VydGlvbklEPSJfZTVjMjNmZjdhMzg4OWUxMmZhMDE4MDJhNDczMzE2NTMiDQogICAgICBJc3N1ZUluc3RhbnQ9IjIwMDgtMTItMTBUMTQ6MTI6MTQuODE3WiIgSXNzdWVyPSJsb2NhbGhvc3QiIE1ham9yVmVyc2lvbj0iMSINCiAgICAgIE1pbm9yVmVyc2lvbj0iMSI+DQogICAgICAgIDxDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAwOC0xMi0xMFQxNDoxMjoxNC44MTdaIiBOb3RPbk9yQWZ0ZXI9IjI5OTMtMTItMTBUMTQ6MTI6NDQuODE3WiI+DQogICAgICAgICAgPEF1ZGllbmNlUmVzdHJpY3Rpb25Db25kaXRpb24+DQogICAgICAgICAgICA8QXVkaWVuY2U+DQogICAgICAgICAgICAgIGh0dHBzOi8vc29tZS1zZXJ2aWNlLmV4YW1wbGUuY29tL2FwcC8NCiAgICAgICAgICAgIDwvQXVkaWVuY2U+DQogICAgICAgICAgPC9BdWRpZW5jZVJlc3RyaWN0aW9uQ29uZGl0aW9uPg0KICAgICAgICA8L0NvbmRpdGlvbnM+DQogICAgICAgIDxBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICAgICAgPFN1YmplY3Q+DQogICAgICAgICAgICA8TmFtZUlkZW50aWZpZXI+am9obnE8L05hbWVJZGVudGlmaWVyPg0KICAgICAgICAgICAgPFN1YmplY3RDb25maXJtYXRpb24+DQogICAgICAgICAgICAgIDxDb25maXJtYXRpb25NZXRob2Q+DQogICAgICAgICAgICAgICAgdXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4wOmNtOmFydGlmYWN0DQogICAgICAgICAgICAgIDwvQ29uZmlybWF0aW9uTWV0aG9kPg0KICAgICAgICAgICAgPC9TdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgICAgICAgIDwvU3ViamVjdD4NCiAgICAgICAgICA8QXR0cmlidXRlIEF0dHJpYnV0ZU5hbWU9InVpZCIgQXR0cmlidXRlTmFtZXNwYWNlPSJodHRwOi8vd3d3LmphLXNpZy5vcmcvcHJvZHVjdHMvY2FzLyI+DQogICAgICAgICAgICA8QXR0cmlidXRlVmFsdWU+MTIzNDU8L0F0dHJpYnV0ZVZhbHVlPg0KICAgICAgICAgIDwvQXR0cmlidXRlPg0KICAgICAgICAgIDxBdHRyaWJ1dGUgQXR0cmlidXRlTmFtZT0iZ3JvdXBNZW1iZXJzaGlwIiBBdHRyaWJ1dGVOYW1lc3BhY2U9Imh0dHA6Ly93d3cuamEtc2lnLm9yZy9wcm9kdWN0cy9jYXMvIj4NCiAgICAgICAgICAgIDxBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgICAgICAgICAgdXVnaWQ9bWlkZGxld2FyZS5zdGFmZixvdT1Hcm91cHMsZGM9dnQsZGM9ZWR1DQogICAgICAgICAgICA8L0F0dHJpYnV0ZVZhbHVlPg0KICAgICAgICAgIDwvQXR0cmlidXRlPg0KICAgICAgICAgIDxBdHRyaWJ1dGUgQXR0cmlidXRlTmFtZT0iZWR1UGVyc29uQWZmaWxpYXRpb24iIEF0dHJpYnV0ZU5hbWVzcGFjZT0iaHR0cDovL3d3dy5qYS1zaWcub3JnL3Byb2R1Y3RzL2Nhcy8iPg0KICAgICAgICAgICAgPEF0dHJpYnV0ZVZhbHVlPnN0YWZmPC9BdHRyaWJ1dGVWYWx1ZT4NCiAgICAgICAgICA8L0F0dHJpYnV0ZT4NCiAgICAgICAgICA8QXR0cmlidXRlIEF0dHJpYnV0ZU5hbWU9ImFjY291bnRTdGF0ZSIgQXR0cmlidXRlTmFtZXNwYWNlPSJodHRwOi8vd3d3LmphLXNpZy5vcmcvcHJvZHVjdHMvY2FzLyI+DQogICAgICAgICAgICA8QXR0cmlidXRlVmFsdWU+QUNUSVZFPC9BdHRyaWJ1dGVWYWx1ZT4NCiAgICAgICAgICA8L0F0dHJpYnV0ZT4NCiAgICAgICAgPC9BdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICAgIDxBdXRoZW50aWNhdGlvblN0YXRlbWVudCBBdXRoZW50aWNhdGlvbkluc3RhbnQ9IjIwMDgtMTItMTBUMTQ6MTI6MTQuNzQxWiINCiAgICAgICAgQXV0aGVudGljYXRpb25NZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMDphbTpwYXNzd29yZCI+DQogICAgICAgICAgPFN1YmplY3Q+DQogICAgICAgICAgICA8TmFtZUlkZW50aWZpZXI+am9obnE8L05hbWVJZGVudGlmaWVyPg0KICAgICAgICAgICAgPFN1YmplY3RDb25maXJtYXRpb24+DQogICAgICAgICAgICAgIDxDb25maXJtYXRpb25NZXRob2Q+DQogICAgICAgICAgICAgICAgdXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4wOmNtOmFydGlmYWN0DQogICAgICAgICAgICAgIDwvQ29uZmlybWF0aW9uTWV0aG9kPg0KICAgICAgICAgICAgPC9TdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgICAgICAgIDwvU3ViamVjdD4NCiAgICAgICAgPC9BdXRoZW50aWNhdGlvblN0YXRlbWVudD4NCiAgICAgIDwvQXNzZXJ0aW9uPg0KICAgIDwvUmVzcG9uc2U+
diff --git a/tests/data/responses/invalids/no_signature.xml.base64 b/tests/data/responses/invalids/no_signature.xml.base64
index bed73c5c..76dfc435 100644
--- a/tests/data/responses/invalids/no_signature.xml.base64
+++ b/tests/data/responses/invalids/no_signature.xml.base64
@@ -1 +1 @@
-PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIElEPSJwZngwNWYzY2UxMC0xNjE1LWYzZWEtYTk4OC02MGUzODBiMzI5OWYiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDE0LTAyLTE5VDAxOjM3OjAxWiIgRGVzdGluYXRpb249Imh0dHBzOi8vZXhhbXBsZS5jb20vbmV3b25lbG9naW4vZGVtbzEvaW5kZXgucGhwP2FjcyIgSW5SZXNwb25zZVRvPSJPTkVMT0dJTl81ZmU5ZDZlNDk5YjJmMDkxMzIwNmFhYjNmNzE5MTcyOTA0OWJiODA3Ij48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9leGFtcGxlLmNvbS9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPjxzYW1scDpTdGF0dXM+PHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPjwvc2FtbHA6U3RhdHVzPjxzYW1sOkFzc2VydGlvbiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIElEPSJwZnhiNGVjOWM4YS00OGViLWZkYTItN2Y3NC1mYTFhMTA1YTk5ZmUiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDE0LTAyLTE5VDAxOjM3OjAxWiI+PHNhbWw6SXNzdWVyPmh0dHBzOi8vZXhhbXBsZS5jb20vc2ltcGxlc2FtbC9zYW1sMi9pZHAvbWV0YWRhdGEucGhwPC9zYW1sOklzc3Vlcj48c2FtbDpTdWJqZWN0PjxzYW1sOk5hbWVJRCBTUE5hbWVRdWFsaWZpZXI9Imh0dHBzOi8vZXhhbXBsZS5jb20vbmV3b25lbG9naW4vZGVtbzEvbWV0YWRhdGEucGhwIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+NDkyODgyNjE1YWNmMzFjODA5NmI2MjcyNDVkNzZhZTUzMDM2YzA5MDwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMy0wOC0yM1QwNjo1NzowMVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9leGFtcGxlLmNvbS9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVmZTlkNmU0OTliMmYwOTEzMjA2YWFiM2Y3MTkxNzI5MDQ5YmI4MDciLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxNC0wMi0xOVQwMTozNjozMVoiIE5vdE9uT3JBZnRlcj0iMjAyMy0wOC0yM1QwNjo1NzowMVoiPjxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PHNhbWw6QXVkaWVuY2U+aHR0cHM6Ly9leGFtcGxlLmNvbS9uZXdvbmVsb2dpbi9kZW1vMS9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+PC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sOkNvbmRpdGlvbnM+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE0LTAyLTE5VDAxOjM3OjAxWiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAxNC0wMi0xOVQwOTozNzowMVoiIFNlc3Npb25JbmRleD0iXzYyNzNkNzdiOGNkZTBjMzMzZWM3OWQyMmE5ZmEwMDAzYjlmZTJkNzVjYiI+PHNhbWw6QXV0aG5Db250ZXh0PjxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDpBdXRobkNvbnRleHQ+PC9zYW1sOkF1dGhuU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4=
+PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIElEPSJwZngwNWYzY2UxMC0xNjE1LWYzZWEtYTk4OC02MGUzODBiMzI5OWYiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDE0LTAyLTE5VDAxOjM3OjAxWiIgRGVzdGluYXRpb249Imh0dHBzOi8vZXhhbXBsZS5jb20vbmV3b25lbG9naW4vZGVtbzEvaW5kZXgucGhwP2FjcyIgSW5SZXNwb25zZVRvPSJPTkVMT0dJTl81ZmU5ZDZlNDk5YjJmMDkxMzIwNmFhYjNmNzE5MTcyOTA0OWJiODA3Ij48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9leGFtcGxlLmNvbS9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPjxzYW1scDpTdGF0dXM+PHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPjwvc2FtbHA6U3RhdHVzPjxzYW1sOkFzc2VydGlvbiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIElEPSJwZnhiNGVjOWM4YS00OGViLWZkYTItN2Y3NC1mYTFhMTA1YTk5ZmUiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDE0LTAyLTE5VDAxOjM3OjAxWiI+PHNhbWw6SXNzdWVyPmh0dHBzOi8vZXhhbXBsZS5jb20vc2ltcGxlc2FtbC9zYW1sMi9pZHAvbWV0YWRhdGEucGhwPC9zYW1sOklzc3Vlcj48c2FtbDpTdWJqZWN0PjxzYW1sOk5hbWVJRCBTUE5hbWVRdWFsaWZpZXI9Imh0dHBzOi8vZXhhbXBsZS5jb20vbmV3b25lbG9naW4vZGVtbzEvbWV0YWRhdGEucGhwIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+NDkyODgyNjE1YWNmMzFjODA5NmI2MjcyNDVkNzZhZTUzMDM2YzA5MDwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjk5My0wOC0yM1QwNjo1NzowMVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9leGFtcGxlLmNvbS9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVmZTlkNmU0OTliMmYwOTEzMjA2YWFiM2Y3MTkxNzI5MDQ5YmI4MDciLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxNC0wMi0xOVQwMTozNjozMVoiIE5vdE9uT3JBZnRlcj0iMjk5My0wOC0yM1QwNjo1NzowMVoiPjxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PHNhbWw6QXVkaWVuY2U+aHR0cHM6Ly9leGFtcGxlLmNvbS9uZXdvbmVsb2dpbi9kZW1vMS9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+PC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sOkNvbmRpdGlvbnM+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE0LTAyLTE5VDAxOjM3OjAxWiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjk5My0wMi0xOVQwOTozNzowMVoiIFNlc3Npb25JbmRleD0iXzYyNzNkNzdiOGNkZTBjMzMzZWM3OWQyMmE5ZmEwMDAzYjlmZTJkNzVjYiI+PHNhbWw6QXV0aG5Db250ZXh0PjxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDpBdXRobkNvbnRleHQ+PC9zYW1sOkF1dGhuU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4=
diff --git a/tests/data/responses/invalids/no_status.xml.base64 b/tests/data/responses/invalids/no_status.xml.base64
index 4f5905e9..fffb8592 100644
--- a/tests/data/responses/invalids/no_status.xml.base64
+++ b/tests/data/responses/invalids/no_status.xml.base64
@@ -1 +1 @@
-PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIElEPSJHT1NBTUxSMTI5MDExNzQ1NzE3OTQiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDEwLTExLTE4VDIxOjU3OjM3WiIgRGVzdGluYXRpb249IntyZWNpcGllbnR9Ij4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgVmVyc2lvbj0iMi4wIiBJRD0icGZ4YTQ2NTc0ZGYtYjNiMC1hMDZhLTIzYzgtNjM2NDEzMTk4NzcyIiBJc3N1ZUluc3RhbnQ9IjIwMTAtMTEtMThUMjE6NTc6MzdaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cHM6Ly9hcHAub25lbG9naW4uY29tL3NhbWwvbWV0YWRhdGEvMTM1OTA8L3NhbWw6SXNzdWVyPg0KICAgIDxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPg0KICAgICAgPGRzOlNpZ25lZEluZm8+DQogICAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgICAgIDxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4NCiAgICAgICAgPGRzOlJlZmVyZW5jZSBVUkk9IiNwZnhhNDY1NzRkZi1iM2IwLWEwNmEtMjNjOC02MzY0MTMxOTg3NzIiPg0KICAgICAgICAgIDxkczpUcmFuc2Zvcm1zPg0KICAgICAgICAgICAgPGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+DQogICAgICAgICAgICA8ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgICAgICAgPC9kczpUcmFuc2Zvcm1zPg0KICAgICAgICAgIDxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPg0KICAgICAgICAgIDxkczpEaWdlc3RWYWx1ZT5wSlE3TVMvZWs0S1JSV0dtdi9INDNSZUhZTXM9PC9kczpEaWdlc3RWYWx1ZT4NCiAgICAgICAgPC9kczpSZWZlcmVuY2U+DQogICAgICA8L2RzOlNpZ25lZEluZm8+DQogICAgICA8ZHM6U2lnbmF0dXJlVmFsdWU+eWl2ZUtjUGREcHVETmo2c2hyUTNBQndyL2NBM0NyeUQycGhHL3hMWnN6S1d4VTUvbWxhS3Q4ZXdiWk9kS0t2dE9zMnBIQnk1RHVhM2s5NEFGK3p4R3llbDVnT293bW95WEpyK0FPcitrUE8wdmxpMVY4bzNoUFBVWndSZ1NYNlE5cFMxQ3FRZ2hLaUVhc1J5eWxxcUpVYVBZem1Pek9FOC9YbE1rd2lXbU8wPTwvZHM6U2lnbmF0dXJlVmFsdWU+DQogICAgICA8ZHM6S2V5SW5mbz4NCiAgICAgICAgPGRzOlg1MDlEYXRhPg0KICAgICAgICAgIDxkczpYNTA5Q2VydGlmaWNhdGU+TUlJQnJUQ0NBYUdnQXdJQkFnSUJBVEFEQmdFQU1HY3hDekFKQmdOVkJBWVRBbFZUTVJNd0VRWURWUVFJREFwRFlXeHBabTl5Ym1saE1SVXdFd1lEVlFRSERBeFRZVzUwWVNCTmIyNXBZMkV4RVRBUEJnTlZCQW9NQ0U5dVpVeHZaMmx1TVJrd0Z3WURWUVFEREJCaGNIQXViMjVsYkc5bmFXNHVZMjl0TUI0WERURXdNRE13T1RBNU5UZzBOVm9YRFRFMU1ETXdPVEE1TlRnME5Wb3daekVMTUFrR0ExVUVCaE1DVlZNeEV6QVJCZ05WQkFnTUNrTmhiR2xtYjNKdWFXRXhGVEFUQmdOVkJBY01ERk5oYm5SaElFMXZibWxqWVRFUk1BOEdBMVVFQ2d3SVQyNWxURzluYVc0eEdUQVhCZ05WQkFNTUVHRndjQzV2Ym1Wc2IyZHBiaTVqYjIwd2daOHdEUVlKS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKQW9HQkFPalN1MWZqUHk4ZDV3NFF5TDEremQ0aEl3MU1ra2ZmNFdZL1RMRzhPWmtVNVlUU1dtbUhQRDVrdllINXVvWFMvNnFRODFxWHBSMndWOENUb3daSlVMZzA5ZGRSZFJuOFFzcWoxRnlPQzVzbEUzeTJiWjJvRnVhNzJvZi80OWZwdWpuRlQ2S25RNjFDQk1xbERvVFFxT1Q2MnZHSjhuUDZNWld2QTZzeHF1ZDVBZ01CQUFFd0F3WUJBQU1CQUE9PTwvZHM6WDUwOUNlcnRpZmljYXRlPg0KICAgICAgICA8L2RzOlg1MDlEYXRhPg0KICAgICAgPC9kczpLZXlJbmZvPg0KICAgIDwvZHM6U2lnbmF0dXJlPg0KICAgIDxzYW1sOlN1YmplY3Q+DQogICAgICA8c2FtbDpOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDplbWFpbEFkZHJlc3MiPnN1cHBvcnRAb25lbG9naW4uY29tPC9zYW1sOk5hbWVJRD4NCiAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj4NCiAgICAgICAgPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDEwLTExLTE4VDIyOjAyOjM3WiIgUmVjaXBpZW50PSJ7cmVjaXBpZW50fSIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgIDwvc2FtbDpTdWJqZWN0Pg0KICAgIDxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDEwLTExLTE4VDIxOjUyOjM3WiIgTm90T25PckFmdGVyPSIyMDEwLTExLTE4VDIyOjAyOjM3WiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT57YXVkaWVuY2V9PC9zYW1sOkF1ZGllbmNlPg0KICAgICAgPC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgPC9zYW1sOkNvbmRpdGlvbnM+DQogICAgPHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDEwLTExLTE4VDIxOjU3OjM3WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAxMC0xMS0xOVQyMTo1NzozN1oiIFNlc3Npb25JbmRleD0iXzUzMWMzMmQyODNiZGZmN2UwNGU0ODdiY2RiYzRkZDhkIj4NCiAgICAgIDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3NhbWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0idWlkIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5kZW1vPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPg0KICAgICAgPC9zYW1sOkF0dHJpYnV0ZT4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJhbm90aGVyX3ZhbHVlIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj52YWx1ZTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgSUQ9InBmeGY2MjIzYWE2LTkxZWEtMmE3NS1iYWUzLWU1YThkZmI0NzZmMSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTAtMTEtMThUMjE6NTc6MzdaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj4NCiAgPGRzOlNpZ25lZEluZm8+PGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4NCiAgICA8ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+DQogIDxkczpSZWZlcmVuY2UgVVJJPSIjcGZ4ZjYyMjNhYTYtOTFlYS0yYTc1LWJhZTMtZTVhOGRmYjQ3NmYxIj48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT41NFFDT3cxenIwYjdnWmlmZVJGUjhMVjI3NXc9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8+PGRzOlNpZ25hdHVyZVZhbHVlPjJzdjJ4R0RIdVdxcXY1MEhVQm5vQmdoN0pJUzlQSmxzc1BVV00rRG56SUZuNk8vaDZQN1NDdUVJcXJWRnFrN2NaYWg2Q1o4KzVUMUd1emx5Vzkwem84dGRGU3liTzFvbHNCcVVHSmprVUZZS0hLdGNRSTFSb2YxTHowT2ZRbnFSekNlc0NDODlzNnU4RCtLdlFLSWdIcEpzbWVjM2w5VDFYdlRPcmVmNmI4dz08L2RzOlNpZ25hdHVyZVZhbHVlPg0KPGRzOktleUluZm8+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJQ2dUQ0NBZW9DQ1FDYk9scldEZFg3RlRBTkJna3Foa2lHOXcwQkFRVUZBRENCaERFTE1Ba0dBMVVFQmhNQ1RrOHhHREFXQmdOVkJBZ1REMEZ1WkhKbFlYTWdVMjlzWW1WeVp6RU1NQW9HQTFVRUJ4TURSbTl2TVJBd0RnWURWUVFLRXdkVlRrbE9SVlJVTVJnd0ZnWURWUVFERXc5bVpXbGtaUzVsY214aGJtY3VibTh4SVRBZkJna3Foa2lHOXcwQkNRRVdFbUZ1WkhKbFlYTkFkVzVwYm1WMGRDNXViekFlRncwd056QTJNVFV4TWpBeE16VmFGdzB3TnpBNE1UUXhNakF4TXpWYU1JR0VNUXN3Q1FZRFZRUUdFd0pPVHpFWU1CWUdBMVVFQ0JNUFFXNWtjbVZoY3lCVGIyeGlaWEpuTVF3d0NnWURWUVFIRXdOR2IyOHhFREFPQmdOVkJBb1RCMVZPU1U1RlZGUXhHREFXQmdOVkJBTVREMlpsYVdSbExtVnliR0Z1Wnk1dWJ6RWhNQjhHQ1NxR1NJYjNEUUVKQVJZU1lXNWtjbVZoYzBCMWJtbHVaWFIwTG01dk1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0R05BRENCaVFLQmdRRGl2YmhSN1A1MTZ4L1MzQnFLeHVwUWUwTE9Ob2xpdXBpQk9lc0NPM1NIYkRybDMrcTlJYmZuZm1FMDRyTnVNY1BzSXhCMTYxVGREcEllc0xDbjdjOGFQSElTS090UGxBZVRaU25iOFFBdTdhUmpacTMrUGJyUDV1VzNUY2ZDR1B0S1R5dEhPZ2UvT2xKYm8wNzhkVmhYUTE0ZDFFRHdYSlcxclJYdVV0NEM4UUlEQVFBQk1BMEdDU3FHU0liM0RRRUJCUVVBQTRHQkFDRFZmcDg2SE9icVkrZThCVW9XUTkrVk1ReDFBU0RvaEJqd09zZzJXeWtVcVJYRitkTGZjVUg5ZFdSNjNDdFpJS0ZEYlN0Tm9tUG5RejduYksrb255Z3dCc3BWRWJuSHVVaWhacTNaVWRtdW1RcUN3NFV2cy8xVXZxM29yT28vV0pWaFR5dkxnRlZLMlFhclE0LzY3T1pmSGQ3UitQT0JYaG9waFNNdjFaT288L2RzOlg1MDlDZXJ0aWZpY2F0ZT48L2RzOlg1MDlEYXRhPjwvZHM6S2V5SW5mbz48L2RzOlNpZ25hdHVyZT4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgVmVyc2lvbj0iMi4wIiBJRD0icGZ4YTQ2NTc0ZGYtYjNiMC1hMDZhLTIzYzgtNjM2NDEzMTk4NzcyIiBJc3N1ZUluc3RhbnQ9IjIwMTAtMTEtMThUMjE6NTc6MzdaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cHM6Ly9hcHAub25lbG9naW4uY29tL3NhbWwvbWV0YWRhdGEvMTM1OTA8L3NhbWw6SXNzdWVyPg0KICAgIDxzYW1sOlN1YmplY3Q+DQogICAgICA8c2FtbDpOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDplbWFpbEFkZHJlc3MiPnN1cHBvcnRAb25lbG9naW4uY29tPC9zYW1sOk5hbWVJRD4NCiAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj4NCiAgICAgICAgPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyOTkzLTExLTE4VDIyOjAyOjM3WiIgUmVjaXBpZW50PSJ7cmVjaXBpZW50fSIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgIDwvc2FtbDpTdWJqZWN0Pg0KICAgIDxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDEwLTExLTE4VDIxOjUyOjM3WiIgTm90T25PckFmdGVyPSIyOTkzLTExLTE4VDIyOjAyOjM3WiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT57YXVkaWVuY2V9PC9zYW1sOkF1ZGllbmNlPg0KICAgICAgPC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgPC9zYW1sOkNvbmRpdGlvbnM+DQogICAgPHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDEwLTExLTE4VDIxOjU3OjM3WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjk5My0xMS0xOVQyMTo1NzozN1oiIFNlc3Npb25JbmRleD0iXzUzMWMzMmQyODNiZGZmN2UwNGU0ODdiY2RiYzRkZDhkIj4NCiAgICAgIDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3NhbWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0idWlkIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5kZW1vPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPg0KICAgICAgPC9zYW1sOkF0dHJpYnV0ZT4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJhbm90aGVyX3ZhbHVlIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj52YWx1ZTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
diff --git a/tests/data/responses/invalids/no_status_code.xml.base64 b/tests/data/responses/invalids/no_status_code.xml.base64
index 94c439b2..e62333cd 100644
--- a/tests/data/responses/invalids/no_status_code.xml.base64
+++ b/tests/data/responses/invalids/no_status_code.xml.base64
@@ -1 +1 @@
-PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIElEPSJHT1NBTUxSMTI5MDExNzQ1NzE3OTQiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDEwLTExLTE4VDIxOjU3OjM3WiIgRGVzdGluYXRpb249IntyZWNpcGllbnR9Ij4NCiAgPHNhbWxwOlN0YXR1cz48L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgVmVyc2lvbj0iMi4wIiBJRD0icGZ4YTQ2NTc0ZGYtYjNiMC1hMDZhLTIzYzgtNjM2NDEzMTk4NzcyIiBJc3N1ZUluc3RhbnQ9IjIwMTAtMTEtMThUMjE6NTc6MzdaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cHM6Ly9hcHAub25lbG9naW4uY29tL3NhbWwvbWV0YWRhdGEvMTM1OTA8L3NhbWw6SXNzdWVyPg0KICAgIDxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPg0KICAgICAgPGRzOlNpZ25lZEluZm8+DQogICAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgICAgIDxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4NCiAgICAgICAgPGRzOlJlZmVyZW5jZSBVUkk9IiNwZnhhNDY1NzRkZi1iM2IwLWEwNmEtMjNjOC02MzY0MTMxOTg3NzIiPg0KICAgICAgICAgIDxkczpUcmFuc2Zvcm1zPg0KICAgICAgICAgICAgPGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+DQogICAgICAgICAgICA8ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgICAgICAgPC9kczpUcmFuc2Zvcm1zPg0KICAgICAgICAgIDxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPg0KICAgICAgICAgIDxkczpEaWdlc3RWYWx1ZT5wSlE3TVMvZWs0S1JSV0dtdi9INDNSZUhZTXM9PC9kczpEaWdlc3RWYWx1ZT4NCiAgICAgICAgPC9kczpSZWZlcmVuY2U+DQogICAgICA8L2RzOlNpZ25lZEluZm8+DQogICAgICA8ZHM6U2lnbmF0dXJlVmFsdWU+eWl2ZUtjUGREcHVETmo2c2hyUTNBQndyL2NBM0NyeUQycGhHL3hMWnN6S1d4VTUvbWxhS3Q4ZXdiWk9kS0t2dE9zMnBIQnk1RHVhM2s5NEFGK3p4R3llbDVnT293bW95WEpyK0FPcitrUE8wdmxpMVY4bzNoUFBVWndSZ1NYNlE5cFMxQ3FRZ2hLaUVhc1J5eWxxcUpVYVBZem1Pek9FOC9YbE1rd2lXbU8wPTwvZHM6U2lnbmF0dXJlVmFsdWU+DQogICAgICA8ZHM6S2V5SW5mbz4NCiAgICAgICAgPGRzOlg1MDlEYXRhPg0KICAgICAgICAgIDxkczpYNTA5Q2VydGlmaWNhdGU+TUlJQnJUQ0NBYUdnQXdJQkFnSUJBVEFEQmdFQU1HY3hDekFKQmdOVkJBWVRBbFZUTVJNd0VRWURWUVFJREFwRFlXeHBabTl5Ym1saE1SVXdFd1lEVlFRSERBeFRZVzUwWVNCTmIyNXBZMkV4RVRBUEJnTlZCQW9NQ0U5dVpVeHZaMmx1TVJrd0Z3WURWUVFEREJCaGNIQXViMjVsYkc5bmFXNHVZMjl0TUI0WERURXdNRE13T1RBNU5UZzBOVm9YRFRFMU1ETXdPVEE1TlRnME5Wb3daekVMTUFrR0ExVUVCaE1DVlZNeEV6QVJCZ05WQkFnTUNrTmhiR2xtYjNKdWFXRXhGVEFUQmdOVkJBY01ERk5oYm5SaElFMXZibWxqWVRFUk1BOEdBMVVFQ2d3SVQyNWxURzluYVc0eEdUQVhCZ05WQkFNTUVHRndjQzV2Ym1Wc2IyZHBiaTVqYjIwd2daOHdEUVlKS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKQW9HQkFPalN1MWZqUHk4ZDV3NFF5TDEremQ0aEl3MU1ra2ZmNFdZL1RMRzhPWmtVNVlUU1dtbUhQRDVrdllINXVvWFMvNnFRODFxWHBSMndWOENUb3daSlVMZzA5ZGRSZFJuOFFzcWoxRnlPQzVzbEUzeTJiWjJvRnVhNzJvZi80OWZwdWpuRlQ2S25RNjFDQk1xbERvVFFxT1Q2MnZHSjhuUDZNWld2QTZzeHF1ZDVBZ01CQUFFd0F3WUJBQU1CQUE9PTwvZHM6WDUwOUNlcnRpZmljYXRlPg0KICAgICAgICA8L2RzOlg1MDlEYXRhPg0KICAgICAgPC9kczpLZXlJbmZvPg0KICAgIDwvZHM6U2lnbmF0dXJlPg0KICAgIDxzYW1sOlN1YmplY3Q+DQogICAgICA8c2FtbDpOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDplbWFpbEFkZHJlc3MiPnN1cHBvcnRAb25lbG9naW4uY29tPC9zYW1sOk5hbWVJRD4NCiAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj4NCiAgICAgICAgPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDEwLTExLTE4VDIyOjAyOjM3WiIgUmVjaXBpZW50PSJ7cmVjaXBpZW50fSIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgIDwvc2FtbDpTdWJqZWN0Pg0KICAgIDxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDEwLTExLTE4VDIxOjUyOjM3WiIgTm90T25PckFmdGVyPSIyMDEwLTExLTE4VDIyOjAyOjM3WiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT57YXVkaWVuY2V9PC9zYW1sOkF1ZGllbmNlPg0KICAgICAgPC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgPC9zYW1sOkNvbmRpdGlvbnM+DQogICAgPHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDEwLTExLTE4VDIxOjU3OjM3WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAxMC0xMS0xOVQyMTo1NzozN1oiIFNlc3Npb25JbmRleD0iXzUzMWMzMmQyODNiZGZmN2UwNGU0ODdiY2RiYzRkZDhkIj4NCiAgICAgIDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3NhbWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0idWlkIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5kZW1vPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPg0KICAgICAgPC9zYW1sOkF0dHJpYnV0ZT4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJhbm90aGVyX3ZhbHVlIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj52YWx1ZTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgSUQ9InBmeDg5MGIzMTU1LTQ3NWItNWE2NC1lNzllLTc2NTQ5YjY5M2IyNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTAtMTEtMThUMjE6NTc6MzdaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9leGFtcGxlLmNvbS9kZW1vMS9pbmRleC5waHA/YWNzIj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj4NCiAgPGRzOlNpZ25lZEluZm8+PGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4NCiAgICA8ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+DQogIDxkczpSZWZlcmVuY2UgVVJJPSIjcGZ4ODkwYjMxNTUtNDc1Yi01YTY0LWU3OWUtNzY1NDliNjkzYjI0Ij48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5OVGhVY0JMWm55T1RqdjhDQzlPRU81UWU0alk9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8+PGRzOlNpZ25hdHVyZVZhbHVlPnpWZ3ZWVGVmWGpTNmFIN0I0UjNINUYrTFhaTzBRTjdTZ0RJSXNRUTdlY0xLbTVhVHIxYU9TNGNIY0dRVjZzcVh6YS96cUxOc2hhTTlRZWZnTng0NnA1OHpqdHc5VDRNNExWUFFkVDdub0RxVWdYcWFRWU5hdlUzUlhpVGpPeVBrUjMrakdTN1ltWnBXUFFEdThpa2RFZUJHNDVYMGhjL0dhTXFtczVLeW12bz08L2RzOlNpZ25hdHVyZVZhbHVlPg0KPGRzOktleUluZm8+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJQ2dUQ0NBZW9DQ1FDYk9scldEZFg3RlRBTkJna3Foa2lHOXcwQkFRVUZBRENCaERFTE1Ba0dBMVVFQmhNQ1RrOHhHREFXQmdOVkJBZ1REMEZ1WkhKbFlYTWdVMjlzWW1WeVp6RU1NQW9HQTFVRUJ4TURSbTl2TVJBd0RnWURWUVFLRXdkVlRrbE9SVlJVTVJnd0ZnWURWUVFERXc5bVpXbGtaUzVsY214aGJtY3VibTh4SVRBZkJna3Foa2lHOXcwQkNRRVdFbUZ1WkhKbFlYTkFkVzVwYm1WMGRDNXViekFlRncwd056QTJNVFV4TWpBeE16VmFGdzB3TnpBNE1UUXhNakF4TXpWYU1JR0VNUXN3Q1FZRFZRUUdFd0pPVHpFWU1CWUdBMVVFQ0JNUFFXNWtjbVZoY3lCVGIyeGlaWEpuTVF3d0NnWURWUVFIRXdOR2IyOHhFREFPQmdOVkJBb1RCMVZPU1U1RlZGUXhHREFXQmdOVkJBTVREMlpsYVdSbExtVnliR0Z1Wnk1dWJ6RWhNQjhHQ1NxR1NJYjNEUUVKQVJZU1lXNWtjbVZoYzBCMWJtbHVaWFIwTG01dk1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0R05BRENCaVFLQmdRRGl2YmhSN1A1MTZ4L1MzQnFLeHVwUWUwTE9Ob2xpdXBpQk9lc0NPM1NIYkRybDMrcTlJYmZuZm1FMDRyTnVNY1BzSXhCMTYxVGREcEllc0xDbjdjOGFQSElTS090UGxBZVRaU25iOFFBdTdhUmpacTMrUGJyUDV1VzNUY2ZDR1B0S1R5dEhPZ2UvT2xKYm8wNzhkVmhYUTE0ZDFFRHdYSlcxclJYdVV0NEM4UUlEQVFBQk1BMEdDU3FHU0liM0RRRUJCUVVBQTRHQkFDRFZmcDg2SE9icVkrZThCVW9XUTkrVk1ReDFBU0RvaEJqd09zZzJXeWtVcVJYRitkTGZjVUg5ZFdSNjNDdFpJS0ZEYlN0Tm9tUG5RejduYksrb255Z3dCc3BWRWJuSHVVaWhacTNaVWRtdW1RcUN3NFV2cy8xVXZxM29yT28vV0pWaFR5dkxnRlZLMlFhclE0LzY3T1pmSGQ3UitQT0JYaG9waFNNdjFaT288L2RzOlg1MDlDZXJ0aWZpY2F0ZT48L2RzOlg1MDlEYXRhPjwvZHM6S2V5SW5mbz48L2RzOlNpZ25hdHVyZT4NCiAgPHNhbWxwOlN0YXR1cy8+DQogIDxzYW1sOkFzc2VydGlvbiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIFZlcnNpb249IjIuMCIgSUQ9InBmeGE0NjU3NGRmLWIzYjAtYTA2YS0yM2M4LTYzNjQxMzE5ODc3MiIgSXNzdWVJbnN0YW50PSIyMDEwLTExLTE4VDIxOjU3OjM3WiI+DQogICAgPHNhbWw6SXNzdWVyPmh0dHBzOi8vYXBwLm9uZWxvZ2luLmNvbS9zYW1sL21ldGFkYXRhLzEzNTkwPC9zYW1sOklzc3Vlcj4NCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIj5zdXBwb3J0QG9uZWxvZ2luLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAxMC0xMS0xOFQyMjowMjozN1oiIFJlY2lwaWVudD0ie3JlY2lwaWVudH0iLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0xMS0xOFQyMTo1MjozN1oiIE5vdE9uT3JBZnRlcj0iMjAxMC0xMS0xOFQyMjowMjozN1oiPg0KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICAgICAgPHNhbWw6QXVkaWVuY2U+e2F1ZGllbmNlfTwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMC0xMS0xOFQyMTo1NzozN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwMTAtMTEtMTlUMjE6NTc6MzdaIiBTZXNzaW9uSW5kZXg9Il81MzFjMzJkMjgzYmRmZjdlMDRlNDg3YmNkYmM0ZGQ4ZCI+DQogICAgICA8c2FtbDpBdXRobkNvbnRleHQ+DQogICAgICAgIDxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPg0KICAgICAgPC9zYW1sOkF1dGhuQ29udGV4dD4NCiAgICA8L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+DQogICAgPHNhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICAgICAgPHNhbWw6QXR0cmlidXRlIE5hbWU9InVpZCI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+ZGVtbzwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0iYW5vdGhlcl92YWx1ZSI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmFsdWU8L3NhbWw6QXR0cmlidXRlVmFsdWU+DQogICAgICA8L3NhbWw6QXR0cmlidXRlPg0KICAgIDwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogIDwvc2FtbDpBc3NlcnRpb24+DQo8L3NhbWxwOlJlc3BvbnNlPg==
diff --git a/tests/data/responses/invalids/no_subjectconfirmation_data.xml.base64 b/tests/data/responses/invalids/no_subjectconfirmation_data.xml.base64
index 3c92f561..bc28d907 100644
--- a/tests/data/responses/invalids/no_subjectconfirmation_data.xml.base64
+++ b/tests/data/responses/invalids/no_subjectconfirmation_data.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+ICAgICAgICANCiAgICAgIDwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgIDwvc2FtbDpTdWJqZWN0Pg0KICAgIDxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDEwLTA2LTE3VDE0OjUzOjQ0WiIgTm90T25PckFmdGVyPSIyMDIxLTA2LTE3VDE0OjU5OjE0WiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT5odHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+DQogICAgICA8L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MDdaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDIxLTA2LTE3VDIyOjU0OjE0WiIgU2Vzc2lvbkluZGV4PSJfNTFiZTM3OTY1ZmViNTU3OWQ4MDMxNDEwNzY5MzZkYzJlOWQxZDk4ZWJmIj4NCiAgICAgIDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3NhbWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0ibWFpbCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNvbWVvbmVAZXhhbXBsZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+DQogICAgICA8L3NhbWw6QXR0cmlidXRlPg0KICAgIDwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogIDwvc2FtbDpBc3NlcnRpb24+DQo8L3NhbWxwOlJlc3BvbnNlPg==
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+ICAgICAgICANCiAgICAgIDwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgIDwvc2FtbDpTdWJqZWN0Pg0KICAgIDxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDEwLTA2LTE3VDE0OjUzOjQ0WiIgTm90T25PckFmdGVyPSIyMDk5LTA2LTE3VDE0OjU5OjE0WiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT5odHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+DQogICAgICA8L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MDdaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDk5LTA2LTE3VDIyOjU0OjE0WiIgU2Vzc2lvbkluZGV4PSJfNTFiZTM3OTY1ZmViNTU3OWQ4MDMxNDEwNzY5MzZkYzJlOWQxZDk4ZWJmIj4NCiAgICAgIDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3NhbWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0ibWFpbCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNvbWVvbmVAZXhhbXBsZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+DQogICAgICA8L3NhbWw6QXR0cmlidXRlPg0KICAgIDwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogIDwvc2FtbDpBc3NlcnRpb24+DQo8L3NhbWxwOlJlc3BvbnNlPg==
\ No newline at end of file
diff --git a/tests/data/responses/invalids/no_subjectconfirmation_method.xml.base64 b/tests/data/responses/invalids/no_subjectconfirmation_method.xml.base64
index 07ce153a..37b69370 100644
--- a/tests/data/responses/invalids/no_subjectconfirmation_method.xml.base64
+++ b/tests/data/responses/invalids/no_subjectconfirmation_method.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmhvbGRlci1vZi1rZXkiPg0KICAgICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBOb3RPbk9yQWZ0ZXI9IjIwMjAtMDYtMTdUMTQ6NTk6MTRaIiBSZWNpcGllbnQ9Imh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL2VuZHBvaW50cy9hY3MucGhwIiBJblJlc3BvbnNlVG89Il81N2JjYmY3MC03YjFmLTAxMmUtYzgyMS03ODJiY2IxM2JiMzgiLz4NCiAgICAgIDwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgIDwvc2FtbDpTdWJqZWN0Pg0KICAgIDxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDEwLTA2LTE3VDE0OjUzOjQ0WiIgTm90T25PckFmdGVyPSIyMDIxLTA2LTE3VDE0OjU5OjE0WiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT5odHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+DQogICAgICA8L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MDdaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDIxLTA2LTE3VDIyOjU0OjE0WiIgU2Vzc2lvbkluZGV4PSJfNTFiZTM3OTY1ZmViNTU3OWQ4MDMxNDEwNzY5MzZkYzJlOWQxZDk4ZWJmIj4NCiAgICAgIDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3NhbWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0ibWFpbCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNvbWVvbmVAZXhhbXBsZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+DQogICAgICA8L3NhbWw6QXR0cmlidXRlPg0KICAgIDwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogIDwvc2FtbDpBc3NlcnRpb24+DQo8L3NhbWxwOlJlc3BvbnNlPg==
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmhvbGRlci1vZi1rZXkiPg0KICAgICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBOb3RPbk9yQWZ0ZXI9IjIwMjAtMDYtMTdUMTQ6NTk6MTRaIiBSZWNpcGllbnQ9Imh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL2VuZHBvaW50cy9hY3MucGhwIiBJblJlc3BvbnNlVG89Il81N2JjYmY3MC03YjFmLTAxMmUtYzgyMS03ODJiY2IxM2JiMzgiLz4NCiAgICAgIDwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgIDwvc2FtbDpTdWJqZWN0Pg0KICAgIDxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDEwLTA2LTE3VDE0OjUzOjQ0WiIgTm90T25PckFmdGVyPSIyMDk5LTA2LTE3VDE0OjU5OjE0WiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT5odHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+DQogICAgICA8L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MDdaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDk5LTA2LTE3VDIyOjU0OjE0WiIgU2Vzc2lvbkluZGV4PSJfNTFiZTM3OTY1ZmViNTU3OWQ4MDMxNDEwNzY5MzZkYzJlOWQxZDk4ZWJmIj4NCiAgICAgIDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3NhbWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0ibWFpbCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNvbWVvbmVAZXhhbXBsZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+DQogICAgICA8L3NhbWw6QXR0cmlidXRlPg0KICAgIDwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogIDwvc2FtbDpBc3NlcnRpb24+DQo8L3NhbWxwOlJlc3BvbnNlPg==
\ No newline at end of file
diff --git a/tests/data/responses/invalids/not_before_failed.xml.base64 b/tests/data/responses/invalids/not_before_failed.xml.base64
index 6c15a076..8a2ffd3d 100644
--- a/tests/data/responses/invalids/not_before_failed.xml.base64
+++ b/tests/data/responses/invalids/not_before_failed.xml.base64
@@ -1 +1 @@
-PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIElEPSJwZnhmYTk3ZWVkNS03NTg4LTBkMjMtMmFkNy1mYTY2ZjI4OTM3ODgiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDE0LTAyLTE5VDAxOjA1OjQ5WiIgRGVzdGluYXRpb249Imh0dHBzOi8vZXhhbXBsZS5jb20vbmV3b25lbG9naW4vZGVtbzEvaW5kZXgucGhwP2FjcyIgSW5SZXNwb25zZVRvPSJPTkVMT0dJTl9hZjNkNGE3MTBmYzhiMzA1ODg0Yjk2ZDAwOTRhYjYyODgwMmY1NjkyIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9leGFtcGxlLmNvbS9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPjxzYW1sOkFzc2VydGlvbiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIElEPSJwZng3ZTQ4ZmQ3NS1jZTJiLTYwZWQtMjllZS1lNzk4NDZjOTU5YzYiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDE0LTAyLTE5VDAxOjA1OjQ5WiI+PHNhbWw6SXNzdWVyPmh0dHBzOi8vZXhhbXBsZS5jb20vc2ltcGxlc2FtbC9zYW1sMi9pZHAvbWV0YWRhdGEucGhwPC9zYW1sOklzc3Vlcj4NCjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaHR0cHM6Ly9leGFtcGxlLmNvbS9uZXdvbmVsb2dpbi9kZW1vMS9tZXRhZGF0YS5waHAiIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIj40OTI4ODI2MTVhY2YzMWM4MDk2YjYyNzI0NWQ3NmFlNTMwMzZjMDkwPC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDE0LTAyLTE5VDAxOjEwOjQ5WiIgUmVjaXBpZW50PSJodHRwczovL2V4YW1wbGUuY29tL25ld29uZWxvZ2luL2RlbW8xL2luZGV4LnBocD9hY3MiIEluUmVzcG9uc2VUbz0iT05FTE9HSU5fYWYzZDRhNzEwZmM4YjMwNTg4NGI5NmQwMDk0YWI2Mjg4MDJmNTY5MiIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDI0LTAyLTE5VDAxOjA1OjE5WiIgTm90T25PckFmdGVyPSIyMDE0LTAyLTE5VDAxOjEwOjQ5WiI+PHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5odHRwczovL2V4YW1wbGUuY29tL25ld29uZWxvZ2luL2RlbW8xL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTQtMDItMThUMTk6NDI6MjBaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDE0LTAyLTE5VDA5OjA1OjQ5WiIgU2Vzc2lvbkluZGV4PSJfMGY0ZjE4OGRjMWJmZDNiZmVhMzZhMTYzNGE3NDQxNTgzYWZjM2IzNzgxIj48c2FtbDpBdXRobkNvbnRleHQ+PHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+PC9zYW1sOkF1dGhuQ29udGV4dD48L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJ1aWQiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnVzZXI8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0ibWFpbCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+dXNlckBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJjbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+dGVzdDwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJzbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+dXNlcjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJlZHVQZXJzb25BZmZpbGlhdGlvbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+dXNlcjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5hZG1pbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PC9zYW1sOkFzc2VydGlvbj48L3NhbWxwOlJlc3BvbnNlPg==
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeDMxNGFjZTYwLTRiOTUtN2NiOS01YmJlLTkwYjc0NWRlYTY4NiIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6MDU6NDlaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9leGFtcGxlLmNvbS9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOX2FmM2Q0YTcxMGZjOGIzMDU4ODRiOTZkMDA5NGFiNjI4ODAyZjU2OTIiPjxzYW1sOklzc3Vlcj5odHRwczovL2V4YW1wbGUuY29tL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeDMxNGFjZTYwLTRiOTUtN2NiOS01YmJlLTkwYjc0NWRlYTY4NiI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+Ymp2ZEVIN3U3MzlsNStaMG1WcitGNE8rd0RJPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT5QM243SE5PR3FpSGFybGJ1aUV0bjNEaEFxSkIzU1RDOXUwcE1YTktSdU9PTlVOa2JDcTZGVHYzVlFZOFRaUnZ0NFJkRHpoZDlmZ1ZBNjIwREFjNVJqVE9iVThRekNnVHlPTTBkVlhxQ3FwdElFMVZuQ2xmd210MlhaNU1SemlyQ3QzS3dVS1RmOENyeU5FMWREWFpRL0QyTllSUmRWMkU4VGZCakxkS3hieXc9PC9kczpTaWduYXR1cmVWYWx1ZT4NCjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDdlNDhmZDc1LWNlMmItNjBlZC0yOWVlLWU3OTg0NmM5NTljNiIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6MDU6NDlaIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9leGFtcGxlLmNvbS9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPg0KPHNhbWw6U3ViamVjdD48c2FtbDpOYW1lSUQgU1BOYW1lUXVhbGlmaWVyPSJodHRwczovL2V4YW1wbGUuY29tL25ld29uZWxvZ2luL2RlbW8xL21ldGFkYXRhLnBocCIgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDplbWFpbEFkZHJlc3MiPjQ5Mjg4MjYxNWFjZjMxYzgwOTZiNjI3MjQ1ZDc2YWU1MzAzNmMwOTA8L3NhbWw6TmFtZUlEPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBOb3RPbk9yQWZ0ZXI9IjI5OTMtMDItMTlUMDE6MTA6NDlaIiBSZWNpcGllbnQ9Imh0dHBzOi8vZXhhbXBsZS5jb20vbmV3b25lbG9naW4vZGVtbzEvaW5kZXgucGhwP2FjcyIgSW5SZXNwb25zZVRvPSJPTkVMT0dJTl9hZjNkNGE3MTBmYzhiMzA1ODg0Yjk2ZDAwOTRhYjYyODgwMmY1NjkyIi8+PC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+PC9zYW1sOlN1YmplY3Q+PHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjI5OTMtMDItMTlUMDE6MDU6MTlaIiBOb3RPbk9yQWZ0ZXI9IjI5OTMtMDItMTlUMDE6MTA6NDlaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPmh0dHBzOi8vZXhhbXBsZS5jb20vbmV3b25lbG9naW4vZGVtbzEvbWV0YWRhdGEucGhwPC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxNC0wMi0xOFQxOTo0MjoyMFoiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjI5OTMtMDItMTlUMDk6MDU6NDlaIiBTZXNzaW9uSW5kZXg9Il8wZjRmMTg4ZGMxYmZkM2JmZWEzNmExNjM0YTc0NDE1ODNhZmMzYjM3ODEiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIE5hbWU9InVpZCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+dXNlcjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj51c2VyQGV4YW1wbGUuY29tPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImNuIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj50ZXN0PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9InNuIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj51c2VyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImVkdVBlcnNvbkFmZmlsaWF0aW9uIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj51c2VyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPmFkbWluPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+
\ No newline at end of file
diff --git a/tests/data/responses/invalids/response_encrypted_attrs.xml.base64 b/tests/data/responses/invalids/response_encrypted_attrs.xml.base64
index 32449899..ad6392c5 100644
--- a/tests/data/responses/invalids/response_encrypted_attrs.xml.base64
+++ b/tests/data/responses/invalids/response_encrypted_attrs.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaGh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocCIgSW5SZXNwb25zZVRvPSJfNTdiY2JmNzAtN2IxZi0wMTJlLWM4MjEtNzgyYmNiMTNiYjM4Ii8+DQogICAgICA8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0wNi0xN1QxNDo1Mzo0NFoiIE5vdE9uT3JBZnRlcj0iMjAyMS0wNi0xN1QxNDo1OToxNFoiPg0KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICAgICAgPHNhbWw6QXVkaWVuY2U+aHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvbWV0YWRhdGEucGhwPC9zYW1sOkF1ZGllbmNlPg0KICAgICAgPC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgPC9zYW1sOkNvbmRpdGlvbnM+DQogICAgPHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDExLTA2LTE3VDE0OjU0OjA3WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAyMS0wNi0xN1QyMjo1NDoxNFoiIFNlc3Npb25JbmRleD0iXzUxYmUzNzk2NWZlYjU1NzlkODAzMTQxMDc2OTM2ZGMyZTlkMWQ5OGViZiI+DQogICAgICA8c2FtbDpBdXRobkNvbnRleHQ+DQogICAgICAgIDxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPg0KICAgICAgPC9zYW1sOkF1dGhuQ29udGV4dD4NCiAgICA8L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+DQogICAgPHNhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KIDxzYW1sOkVuY3J5cHRlZEF0dHJpYnV0ZSB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj4NCiAgICAgICAgICA8eGVuYzpFbmNyeXB0ZWREYXRhIHhtbG5zOnhlbmM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jIyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjRWxlbWVudCIgSWQ9Il9GMzk2MjVBRjY4QjRGQzA3OENDNzU4MkQyOEQwNUQ5QyI+DQogICAgICAgICAgICA8eGVuYzpFbmNyeXB0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjYWVzMjU2LWNiYyIvPg0KICAgICAgICAgICAgPGRzOktleUluZm8geG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPg0KICAgICAgICAgICAgICA8eGVuYzpFbmNyeXB0ZWRLZXk+DQogICAgICAgICAgICAgICAgPHhlbmM6RW5jcnlwdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jI3JzYS1vYWVwLW1nZjFwIi8+DQogICAgICAgICAgICAgICAgPGRzOktleUluZm8geG1sbnM6ZHNpZz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogICAgICAgICAgICAgICAgICA8ZHM6S2V5TmFtZT42MjM1NWZiZDFmNjI0NTAzYzVjOTY3NzQwMmVjY2EwMGVmMWY2Mjc3PC9kczpLZXlOYW1lPg0KICAgICAgICAgICAgICAgIDwvZHM6S2V5SW5mbz4NCiAgICAgICAgICAgICAgICA8eGVuYzpDaXBoZXJEYXRhPg0KICAgICAgICAgICAgICAgICAgPHhlbmM6Q2lwaGVyVmFsdWU+SzBtQkx4Zkx6aUtWVUtFQU9ZZTdENnVWU0NQeTh2eVdWaDNSZWNuUEVTKzhRa0FoT3VSU3VFL0xRcEZyMGh1SS9pQ0V5OXBkZTFRZ2pZREx0akhjdWpLaTJ4R3FXNmprWFcvRXVLb21xV1BQQTJ4WXMxZnBCMXN1NGFYVU9RQjZPSjcwL29EY09zeTgzNGdoRmFCV2lsRThmcXlEQlVCdlcrMkl2YU1VWmFid04vczltVmtXek0zcjMwdGxraExLN2lPcmJHQWxkSUh3RlU1ejdQUFI2Uk8zWTNmSXhqSFU0ME9uTHNKYzN4SXFkTEgzZlhwQzBrZ2k1VXNwTGRxMTRlNU9vWGpMb1BHM0JPM3p3T0FJSjhYTkJXWTV1UW9mNktyS2JjdnRaU1kwZk12UFloWWZOanRSRnk4eTQ5b3ZMOWZ3akNSVERsVDUrYUhxc0NUQnJ3PT08L3hlbmM6Q2lwaGVyVmFsdWU+DQogICAgICAgICAgICAgICAgPC94ZW5jOkNpcGhlckRhdGE+DQogICAgICAgICAgICAgIDwveGVuYzpFbmNyeXB0ZWRLZXk+DQogICAgICAgICAgICA8L2RzOktleUluZm8+DQogICAgICAgICAgICA8eGVuYzpDaXBoZXJEYXRhPg0KICAgICAgICAgICAgICA8eGVuYzpDaXBoZXJWYWx1ZT5aekN1NmF4R2dBWVpIVmY3N05YOGFwWktCL0dKRGV1VjZiRkJ5QlMwQUlnaVhrdkRVQW1MQ3BhYlRBV0JNK3l6MTlvbEE2cnJ5dU9mcjgyZXYyYnpQTlVSdm00U1l4YWh2dUw0UGlibjV3Smt5MEJsNTRWcW1jVStBcWowZEF2T2dxRzF5M1g0d085bjliUnNUdjY5MjFtMGVxUkFGcGg4a0s4TDloaXJLMUJ4WUJZajJSeUZDb0ZEUHhWWjV3eXJhM3E0cW1FNC9FTFFwRlA2bWZVOExYYjB1b1dKVWpHVWVsUzJBYTdiWmlzOHpFcHdvdjRDd3RsTmpsdFFpaDRtdjd0dENBZllxY1FJRnpCVEIrREFhMCtYZ2d4Q0xjZEIzK21RaVJjRUNCZndISEo3Z1JtbnVCRWdlV1QzQ0dLYTNOYjdHTVhPZnV4RktGNXBJZWhXZ28za2ROUUxhbG9yOFJWVzZJOFAvSThmUTMzRmUrTnNIVm5KM3p3U0EvL2E8L3hlbmM6Q2lwaGVyVmFsdWU+DQogICAgICAgICAgICA8L3hlbmM6Q2lwaGVyRGF0YT4NCiAgICAgICAgICA8L3hlbmM6RW5jcnlwdGVkRGF0YT4NCiAgICAgICAgPC9zYW1sOkVuY3J5cHRlZEF0dHJpYnV0ZT4NCiAgICA8L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICA8L3NhbWw6QXNzZXJ0aW9uPg0KPC9zYW1scDpSZXNwb25zZT4=
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaGh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocCIgSW5SZXNwb25zZVRvPSJfNTdiY2JmNzAtN2IxZi0wMTJlLWM4MjEtNzgyYmNiMTNiYjM4Ii8+DQogICAgICA8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0wNi0xN1QxNDo1Mzo0NFoiIE5vdE9uT3JBZnRlcj0iMjA5OS0wNi0xN1QxNDo1OToxNFoiPg0KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICAgICAgPHNhbWw6QXVkaWVuY2U+aHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvbWV0YWRhdGEucGhwPC9zYW1sOkF1ZGllbmNlPg0KICAgICAgPC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgPC9zYW1sOkNvbmRpdGlvbnM+DQogICAgPHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDExLTA2LTE3VDE0OjU0OjA3WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjA5OS0wNi0xN1QyMjo1NDoxNFoiIFNlc3Npb25JbmRleD0iXzUxYmUzNzk2NWZlYjU1NzlkODAzMTQxMDc2OTM2ZGMyZTlkMWQ5OGViZiI+DQogICAgICA8c2FtbDpBdXRobkNvbnRleHQ+DQogICAgICAgIDxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPg0KICAgICAgPC9zYW1sOkF1dGhuQ29udGV4dD4NCiAgICA8L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+DQogICAgPHNhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KIDxzYW1sOkVuY3J5cHRlZEF0dHJpYnV0ZSB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj4NCiAgICAgICAgICA8eGVuYzpFbmNyeXB0ZWREYXRhIHhtbG5zOnhlbmM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jIyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjRWxlbWVudCIgSWQ9Il9GMzk2MjVBRjY4QjRGQzA3OENDNzU4MkQyOEQwNUQ5QyI+DQogICAgICAgICAgICA8eGVuYzpFbmNyeXB0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjYWVzMjU2LWNiYyIvPg0KICAgICAgICAgICAgPGRzOktleUluZm8geG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPg0KICAgICAgICAgICAgICA8eGVuYzpFbmNyeXB0ZWRLZXk+DQogICAgICAgICAgICAgICAgPHhlbmM6RW5jcnlwdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jI3JzYS1vYWVwLW1nZjFwIi8+DQogICAgICAgICAgICAgICAgPGRzOktleUluZm8geG1sbnM6ZHNpZz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogICAgICAgICAgICAgICAgICA8ZHM6S2V5TmFtZT42MjM1NWZiZDFmNjI0NTAzYzVjOTY3NzQwMmVjY2EwMGVmMWY2Mjc3PC9kczpLZXlOYW1lPg0KICAgICAgICAgICAgICAgIDwvZHM6S2V5SW5mbz4NCiAgICAgICAgICAgICAgICA8eGVuYzpDaXBoZXJEYXRhPg0KICAgICAgICAgICAgICAgICAgPHhlbmM6Q2lwaGVyVmFsdWU+SzBtQkx4Zkx6aUtWVUtFQU9ZZTdENnVWU0NQeTh2eVdWaDNSZWNuUEVTKzhRa0FoT3VSU3VFL0xRcEZyMGh1SS9pQ0V5OXBkZTFRZ2pZREx0akhjdWpLaTJ4R3FXNmprWFcvRXVLb21xV1BQQTJ4WXMxZnBCMXN1NGFYVU9RQjZPSjcwL29EY09zeTgzNGdoRmFCV2lsRThmcXlEQlVCdlcrMkl2YU1VWmFid04vczltVmtXek0zcjMwdGxraExLN2lPcmJHQWxkSUh3RlU1ejdQUFI2Uk8zWTNmSXhqSFU0ME9uTHNKYzN4SXFkTEgzZlhwQzBrZ2k1VXNwTGRxMTRlNU9vWGpMb1BHM0JPM3p3T0FJSjhYTkJXWTV1UW9mNktyS2JjdnRaU1kwZk12UFloWWZOanRSRnk4eTQ5b3ZMOWZ3akNSVERsVDUrYUhxc0NUQnJ3PT08L3hlbmM6Q2lwaGVyVmFsdWU+DQogICAgICAgICAgICAgICAgPC94ZW5jOkNpcGhlckRhdGE+DQogICAgICAgICAgICAgIDwveGVuYzpFbmNyeXB0ZWRLZXk+DQogICAgICAgICAgICA8L2RzOktleUluZm8+DQogICAgICAgICAgICA8eGVuYzpDaXBoZXJEYXRhPg0KICAgICAgICAgICAgICA8eGVuYzpDaXBoZXJWYWx1ZT5aekN1NmF4R2dBWVpIVmY3N05YOGFwWktCL0dKRGV1VjZiRkJ5QlMwQUlnaVhrdkRVQW1MQ3BhYlRBV0JNK3l6MTlvbEE2cnJ5dU9mcjgyZXYyYnpQTlVSdm00U1l4YWh2dUw0UGlibjV3Smt5MEJsNTRWcW1jVStBcWowZEF2T2dxRzF5M1g0d085bjliUnNUdjY5MjFtMGVxUkFGcGg4a0s4TDloaXJLMUJ4WUJZajJSeUZDb0ZEUHhWWjV3eXJhM3E0cW1FNC9FTFFwRlA2bWZVOExYYjB1b1dKVWpHVWVsUzJBYTdiWmlzOHpFcHdvdjRDd3RsTmpsdFFpaDRtdjd0dENBZllxY1FJRnpCVEIrREFhMCtYZ2d4Q0xjZEIzK21RaVJjRUNCZndISEo3Z1JtbnVCRWdlV1QzQ0dLYTNOYjdHTVhPZnV4RktGNXBJZWhXZ28za2ROUUxhbG9yOFJWVzZJOFAvSThmUTMzRmUrTnNIVm5KM3p3U0EvL2E8L3hlbmM6Q2lwaGVyVmFsdWU+DQogICAgICAgICAgICA8L3hlbmM6Q2lwaGVyRGF0YT4NCiAgICAgICAgICA8L3hlbmM6RW5jcnlwdGVkRGF0YT4NCiAgICAgICAgPC9zYW1sOkVuY3J5cHRlZEF0dHJpYnV0ZT4NCiAgICA8L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICA8L3NhbWw6QXNzZXJ0aW9uPg0KPC9zYW1scDpSZXNwb25zZT4=
\ No newline at end of file
diff --git a/tests/data/responses/invalids/signature_wrapping_attack2.xml.base64 b/tests/data/responses/invalids/signature_wrapping_attack2.xml.base64
new file mode 100644
index 00000000..408b2f77
--- /dev/null
+++ b/tests/data/responses/invalids/signature_wrapping_attack2.xml.base64
@@ -0,0 +1 @@
+PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxuczA6UmVzcG9uc2UgeG1sbnM6bnMwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOm5zMT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgeG1sbnM6bnMyPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiBEZXN0aW5hdGlvbj0iaHR0cDovL2xpbmdvbi5jYXRhbG9naXguc2U6ODA4Ny8iIElEPSJpZC12cU9RNzJKQ3BwWGFCV25CRSIgSW5SZXNwb25zZVRvPSJpZDEyIiBJc3N1ZUluc3RhbnQ9IjIwMTktMTItMjBUMTI6MTU6MTZaIiBWZXJzaW9uPSIyLjAiPjxuczE6SXNzdWVyIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6ZW50aXR5Ij51cm46bWFjZTpleGFtcGxlLmNvbTpzYW1sOnJvbGFuZDppZHA8L25zMTpJc3N1ZXI+PG5zMDpTdGF0dXM+PG5zMDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz48L25zMDpTdGF0dXM+PG5zMTpBc3NlcnRpb24gSUQ9ImlkLVNQT09GRURfQVNTRVJUSU9OIiBJc3N1ZUluc3RhbnQ9IjIwMTktMTItMjBUMTI6MTU6MTZaIiBWZXJzaW9uPSIyLjAiPjxuczE6SXNzdWVyIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6ZW50aXR5Ij51cm46bWFjZTpleGFtcGxlLmNvbTpzYW1sOnJvbGFuZDppZHA8L25zMTpJc3N1ZXI+PG5zMjpTaWduYXR1cmUgSWQ9IlNpZ25hdHVyZTIiPjxuczI6U2lnbmVkSW5mbz48bnMyOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48bnMyOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPjxuczI6UmVmZXJlbmNlIFVSST0iI2lkLUFhOUlXZkR4SlZJWDZHUXllIj48bnMyOlRyYW5zZm9ybXM+PG5zMjpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxuczI6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9uczI6VHJhbnNmb3Jtcz48bnMyOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PG5zMjpEaWdlc3RWYWx1ZT5FV0J2UVVscndRYnRyQWp1VVhrU0JBVnNaNTA9PC9uczI6RGlnZXN0VmFsdWU+PC9uczI6UmVmZXJlbmNlPjwvbnMyOlNpZ25lZEluZm8+PG5zMjpTaWduYXR1cmVWYWx1ZT5tNHpSZ1RXbGVNY3gxZEZib2VpWWxiaURpZ0hXQVZoSFZhK0dMTisrRUxOTUZEdXR1ekJ4YzN0dTZva3lhTlFHVzNsZXUzMnd6YmZkcGI1KzNSbHBHb0tqMndQWDU3MC9FTUpqNHV3OTFYZlhzWmZwTlArNUdsZ05UOHcvZWxEbUJYaEcvS3dtU080NzdJbWswc3pLb3ZUQk1WSG1vM1FPZCtiYS8vZFZzSkU9PC9uczI6U2lnbmF0dXJlVmFsdWU+PG5zMjpLZXlJbmZvPjxuczI6WDUwOURhdGE+PG5zMjpYNTA5Q2VydGlmaWNhdGU+TUlJQ3NEQ0NBaG1nQXdJQkFnSUpBSnJ6cVNTd21EWTlNQTBHQ1NxR1NJYjNEUUVCQlFVQU1FVXhDekFKQmdOVkJBWVRBa0ZWTVJNd0VRWURWUVFJRXdwVGIyMWxMVk4wWVhSbE1TRXdId1lEVlFRS0V4aEpiblJsY201bGRDQlhhV1JuYVhSeklGQjBlU0JNZEdRd0hoY05NRGt4TURBMk1UazBPVFF4V2hjTk1Ea3hNVEExTVRrME9UUXhXakJGTVFzd0NRWURWUVFHRXdKQlZURVRNQkVHQTFVRUNCTUtVMjl0WlMxVGRHRjBaVEVoTUI4R0ExVUVDaE1ZU1c1MFpYSnVaWFFnVjJsa1oybDBjeUJRZEhrZ1RIUmtNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURKZzJjbXM3TXFqbmlUOEZpL1hrTkhaTlBiTlZReU1VTVhFOXRYT2Rxd1lDQTFjYzh2UWR6a2loc2NRTVh5M2lQdzJjTWdnQnU2Z2pNVE9TT3hFQ2t1dlg1WkNjbEtyOHBYQUpNNWNZNmdWT2FWTzJQZFRaY3ZEQktHYmlhTmVmaUV3NWhub1pvbXFaR3A4d0hOTEFVa3d0SDl2anFxdnh5Uy92Y2xjNmsyZXdJREFRQUJvNEduTUlHa01CMEdBMVVkRGdRV0JCUmVQc0tIS1lKc2lvakU3OFpXWGNjSzlLNGFKVEIxQmdOVkhTTUViakJzZ0JSZVBzS0hLWUpzaW9qRTc4WldYY2NLOUs0YUphRkpwRWN3UlRFTE1Ba0dBMVVFQmhNQ1FWVXhFekFSQmdOVkJBZ1RDbE52YldVdFUzUmhkR1V4SVRBZkJnTlZCQW9UR0VsdWRHVnlibVYwSUZkcFpHZHBkSE1nVUhSNUlFeDBaSUlKQUpyenFTU3dtRFk5TUF3R0ExVWRFd1FGTUFNQkFmOHdEUVlKS29aSWh2Y05BUUVGQlFBRGdZRUFKU3JLT0V6SE83VEw1Y3k2aDNxaCszK0pBazhIYkdCVytjYlg2S0JDQXcvbXpVOGZsSzI1dm5Xd1hTM2R2MkZGM0FvZDAvUzdBV05mS2liNVUvU0E5bkphei9tV2VGOVMwZmFyejlBUUZjOC9OU3pBemFWcTdZYk00RjZmNk4yRlJsN0dpa2RYUkNlZDQ1ajZtclB6R3prM0VDYnVwRm5xeVJFSDMrWlBTZGs9PC9uczI6WDUwOUNlcnRpZmljYXRlPjwvbnMyOlg1MDlEYXRhPjwvbnMyOktleUluZm8+PC9uczI6U2lnbmF0dXJlPjxuczE6U3ViamVjdD48bnMxOk5hbWVJRCBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OnRyYW5zaWVudCIgTmFtZVF1YWxpZmllcj0iIiBTUE5hbWVRdWFsaWZpZXI9ImlkMTIiPkFOT1RIRVJfSUQ8L25zMTpOYW1lSUQ+PG5zMTpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PG5zMTpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBJblJlc3BvbnNlVG89ImlkMTIiIE5vdE9uT3JBZnRlcj0iMjAxOS0xMi0yMFQxMjoyMDoxNloiIFJlY2lwaWVudD0iaHR0cDovL2xpbmdvbi5jYXRhbG9naXguc2U6ODA4Ny8iLz48L25zMTpTdWJqZWN0Q29uZmlybWF0aW9uPjwvbnMxOlN1YmplY3Q+PG5zMTpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxOS0xMi0yMFQxMjoxNToxNloiIE5vdE9uT3JBZnRlcj0iMjAxOS0xMi0yMFQxMjoyMDoxNloiPjxuczE6QXVkaWVuY2VSZXN0cmljdGlvbj48bnMxOkF1ZGllbmNlPnVybjptYWNlOmV4YW1wbGUuY29tOnNhbWw6cm9sYW5kOnNwPC9uczE6QXVkaWVuY2U+PC9uczE6QXVkaWVuY2VSZXN0cmljdGlvbj48L25zMTpDb25kaXRpb25zPjxuczE6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE5LTEyLTIwVDEyOjE1OjE2WiIgU2Vzc2lvbkluZGV4PSJpZC1lRWhOQ2M1QlNpZXNWT2w4QiI+PG5zMTpBdXRobkNvbnRleHQ+PG5zMTpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpJbnRlcm5ldFByb3RvY29sUGFzc3dvcmQ8L25zMTpBdXRobkNvbnRleHRDbGFzc1JlZj48bnMxOkF1dGhlbnRpY2F0aW5nQXV0aG9yaXR5Pmh0dHA6Ly93d3cuZXhhbXBsZS5jb20vbG9naW48L25zMTpBdXRoZW50aWNhdGluZ0F1dGhvcml0eT48L25zMTpBdXRobkNvbnRleHQ+PC9uczE6QXV0aG5TdGF0ZW1lbnQ+PG5zMTpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PG5zMTpBdHRyaWJ1dGUgRnJpZW5kbHlOYW1lPSJlZHVQZXJzb25BZmZpbGlhdGlvbiIgTmFtZT0idXJuOm9pZDoxLjMuNi4xLjQuMS41OTIzLjEuMS4xLjEiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6dXJpIj48bnMxOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeHNpOnR5cGU9InhzOnN0cmluZyI+c3RhZmY8L25zMTpBdHRyaWJ1dGVWYWx1ZT48bnMxOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeHNpOnR5cGU9InhzOnN0cmluZyI+QURNSU48L25zMTpBdHRyaWJ1dGVWYWx1ZT48L25zMTpBdHRyaWJ1dGU+PG5zMTpBdHRyaWJ1dGUgRnJpZW5kbHlOYW1lPSJtYWlsIiBOYW1lPSJ1cm46b2lkOjAuOS4yMzQyLjE5MjAwMzAwLjEwMC4xLjMiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6dXJpIj48bnMxOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeHNpOnR5cGU9InhzOnN0cmluZyI+SEFDS0VSQGdtYWlsLmNvbTwvbnMxOkF0dHJpYnV0ZVZhbHVlPjwvbnMxOkF0dHJpYnV0ZT48bnMxOkF0dHJpYnV0ZSBGcmllbmRseU5hbWU9ImdpdmVuTmFtZSIgTmFtZT0idXJuOm9pZDoyLjUuNC40MiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDp1cmkiPjxuczE6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5EZXJlazwvbnMxOkF0dHJpYnV0ZVZhbHVlPjwvbnMxOkF0dHJpYnV0ZT48bnMxOkF0dHJpYnV0ZSBGcmllbmRseU5hbWU9InN1ck5hbWUiIE5hbWU9InVybjpvaWQ6Mi41LjQuNCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDp1cmkiPjxuczE6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5KZXRlcjwvbnMxOkF0dHJpYnV0ZVZhbHVlPjwvbnMxOkF0dHJpYnV0ZT48bnMxOkF0dHJpYnV0ZSBGcmllbmRseU5hbWU9InRpdGxlIiBOYW1lPSJ1cm46b2lkOjIuNS40LjEyIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVyaSI+PG5zMTpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNob3J0c3RvcDwvbnMxOkF0dHJpYnV0ZVZhbHVlPjwvbnMxOkF0dHJpYnV0ZT48L25zMTpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PC9uczE6QXNzZXJ0aW9uPg0KPFhTV19BVFRBQ0s+DQo8bnMxOkFzc2VydGlvbiBJRD0iaWQtQWE5SVdmRHhKVklYNkdReWUiIElzc3VlSW5zdGFudD0iMjAxOS0xMi0yMFQxMjoxNToxNloiIFZlcnNpb249IjIuMCI+PG5zMTpJc3N1ZXIgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDplbnRpdHkiPnVybjptYWNlOmV4YW1wbGUuY29tOnNhbWw6cm9sYW5kOmlkcDwvbnMxOklzc3Vlcj48bnMxOlN1YmplY3Q+PG5zMTpOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDp0cmFuc2llbnQiIE5hbWVRdWFsaWZpZXI9IiIgU1BOYW1lUXVhbGlmaWVyPSJpZDEyIj5hYzViMjJiYjhlYWM0YTI2ZWQwN2E1NTQzMmEwZmUwZGEyNDNmNmU5MTFhYTYxNGNmZjQwMmM0NGQ3Y2RlYzM2PC9uczE6TmFtZUlEPjxuczE6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxuczE6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgSW5SZXNwb25zZVRvPSJpZDEyIiBOb3RPbk9yQWZ0ZXI9IjIwMTktMTItMjBUMTI6MjA6MTZaIiBSZWNpcGllbnQ9Imh0dHA6Ly9saW5nb24uY2F0YWxvZ2l4LnNlOjgwODcvIi8+PC9uczE6U3ViamVjdENvbmZpcm1hdGlvbj48L25zMTpTdWJqZWN0PjxuczE6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTktMTItMjBUMTI6MTU6MTZaIiBOb3RPbk9yQWZ0ZXI9IjIwMTktMTItMjBUMTI6MjA6MTZaIj48bnMxOkF1ZGllbmNlUmVzdHJpY3Rpb24+PG5zMTpBdWRpZW5jZT51cm46bWFjZTpleGFtcGxlLmNvbTpzYW1sOnJvbGFuZDpzcDwvbnMxOkF1ZGllbmNlPjwvbnMxOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9uczE6Q29uZGl0aW9ucz48bnMxOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxOS0xMi0yMFQxMjoxNToxNloiIFNlc3Npb25JbmRleD0iaWQtZUVoTkNjNUJTaWVzVk9sOEIiPjxuczE6QXV0aG5Db250ZXh0PjxuczE6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6SW50ZXJuZXRQcm90b2NvbFBhc3N3b3JkPC9uczE6QXV0aG5Db250ZXh0Q2xhc3NSZWY+PG5zMTpBdXRoZW50aWNhdGluZ0F1dGhvcml0eT5odHRwOi8vd3d3LmV4YW1wbGUuY29tL2xvZ2luPC9uczE6QXV0aGVudGljYXRpbmdBdXRob3JpdHk+PC9uczE6QXV0aG5Db250ZXh0PjwvbnMxOkF1dGhuU3RhdGVtZW50PjxuczE6QXR0cmlidXRlU3RhdGVtZW50PjxuczE6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iZWR1UGVyc29uQWZmaWxpYXRpb24iIE5hbWU9InVybjpvaWQ6MS4zLjYuMS40LjEuNTkyMy4xLjEuMS4xIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVyaSI+PG5zMTpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnN0YWZmPC9uczE6QXR0cmlidXRlVmFsdWU+PG5zMTpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm1lbWJlcjwvbnMxOkF0dHJpYnV0ZVZhbHVlPjwvbnMxOkF0dHJpYnV0ZT48bnMxOkF0dHJpYnV0ZSBGcmllbmRseU5hbWU9Im1haWwiIE5hbWU9InVybjpvaWQ6MC45LjIzNDIuMTkyMDAzMDAuMTAwLjEuMyIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDp1cmkiPjxuczE6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5mb29AZ21haWwuY29tPC9uczE6QXR0cmlidXRlVmFsdWU+PC9uczE6QXR0cmlidXRlPjxuczE6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0iZ2l2ZW5OYW1lIiBOYW1lPSJ1cm46b2lkOjIuNS40LjQyIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVyaSI+PG5zMTpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhzaTp0eXBlPSJ4czpzdHJpbmciPkRlcmVrPC9uczE6QXR0cmlidXRlVmFsdWU+PC9uczE6QXR0cmlidXRlPjxuczE6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0ic3VyTmFtZSIgTmFtZT0idXJuOm9pZDoyLjUuNC40IiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVyaSI+PG5zMTpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhzaTp0eXBlPSJ4czpzdHJpbmciPkpldGVyPC9uczE6QXR0cmlidXRlVmFsdWU+PC9uczE6QXR0cmlidXRlPjxuczE6QXR0cmlidXRlIEZyaWVuZGx5TmFtZT0idGl0bGUiIE5hbWU9InVybjpvaWQ6Mi41LjQuMTIiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6dXJpIj48bnMxOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeHNpOnR5cGU9InhzOnN0cmluZyI+c2hvcnRzdG9wPC9uczE6QXR0cmlidXRlVmFsdWU+PC9uczE6QXR0cmlidXRlPjwvbnMxOkF0dHJpYnV0ZVN0YXRlbWVudD48L25zMTpBc3NlcnRpb24+DQo8L1hTV19BVFRBQ0s+DQo8L25zMDpSZXNwb25zZT4=
\ No newline at end of file
diff --git a/tests/data/responses/invalids/signed_assertion_response.xml.base64 b/tests/data/responses/invalids/signed_assertion_response.xml.base64
index b183e68c..736ea793 100644
--- a/tests/data/responses/invalids/signed_assertion_response.xml.base64
+++ b/tests/data/responses/invalids/signed_assertion_response.xml.base64
@@ -1 +1 @@
-PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIERlc3RpbmF0aW9uPSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL2luZGV4LnBocD9hY3MiIElEPSJwZnhkYjRkOWVmZS1kMGFkLTAwODYtY2U4OC1jMjg4Njg3Y2FjNjEiIEluUmVzcG9uc2VUbz0iT05FTE9HSU5fNjEyYmJmOWIxNjQ1Mjk0YWEwYjQ2MzdiMWJjNWYzOWRlOGI3OWNlYiIgSXNzdWVJbnN0YW50PSIyMDE0LTAzLTMxVDAwOjM3OjE2WiIgVmVyc2lvbj0iMi4wIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPgogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICA8ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+CiAgPGRzOlJlZmVyZW5jZSBVUkk9IiNwZnhkYjRkOWVmZS1kMGFkLTAwODYtY2U4OC1jMjg4Njg3Y2FjNjEiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPmpjMklRWFNoc3dzTG85TkdJSHp2cGtBaXY4ND08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+aUVqR2QrdWFqSVArYU9ucGo4MjYxUzRBaWdMeXJqc0pheTJzdVFKakhhVHlETlh4TFhWQ3AxZG1PR0JhZGhmRUtnWVJsaTFBZDA1QktBejlpd3NBME14OGZ6SmFhSlBUbHM2NS93ODZTSEN4NTdrNXhteDBSUjhuR09MOU1vb2lidnZWeTVRODl2Z2lnVWN5cWJUY0dxaU5uSVNCWGZuYVR2dnpQYS9QbWJ3PTwvZHM6U2lnbmF0dXJlVmFsdWU+CjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNWekNDQWNBQ0NRRElWSGFOU0JZTDZUQU5CZ2txaGtpRzl3MEJBUXNGQURCd01Rc3dDUVlEVlFRR0V3SkdVakVPTUF3R0ExVUVDQXdGVUdGeWFYTXhEakFNQmdOVkJBY01CVkJoY21sek1SWXdGQVlEVlFRS0RBMU9iM1poY0c5emRDQlVSVk5VTVNrd0p3WUpLb1pJaHZjTkFRa0JGaHBtYkc5eVpXNTBMbkJwWjI5MWRFQnViM1poY0c5emRDNW1jakFlRncweE5EQXlNVE14TXpVek5EQmFGdzB4TlRBeU1UTXhNelV6TkRCYU1IQXhDekFKQmdOVkJBWVRBa1pTTVE0d0RBWURWUVFJREFWUVlYSnBjekVPTUF3R0ExVUVCd3dGVUdGeWFYTXhGakFVQmdOVkJBb01EVTV2ZG1Gd2IzTjBJRlJGVTFReEtUQW5CZ2txaGtpRzl3MEJDUUVXR21ac2IzSmxiblF1Y0dsbmIzVjBRRzV2ZG1Gd2IzTjBMbVp5TUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FDaExGSG4zTG5ONEpRLzdXQ2RZdXB4a1VnY05PUW5QRit5bGwrL0RQcHV4OW5wZlkwNTlQSVVhdEI4WDdrQ241aTh0UndJeS9pa0hKUjZNcjgrTVB2YzZWT1pEeFBOZFp2TW8vOGxoeHJiTjNKZHJ3M3doWm1VL0tQUjlGM0JkRmR1K1NMenJNbDFURFVabFB0WTlYelVGWGNxTjhJWGN5OFRKekNCZU5leTNRSURBUUFCTUEwR0NTcUdTSWIzRFFFQkN3VUFBNEdCQUN0SjhmZUd6ZTFOSEI1VncxOGpNVVB2SG83SDNHd21qNlpEQVhRbGFpQVhNdU5CeE5YVldWd2lmbDZWK25XM3c5UWE3RmVvL25aL080VFVPSDFueithZGtsY0NENFFwWmFFSWJtQWJyaVBXSktnYjRMV0docVFydXdZUjdJdFRSMU1OWDlnTGJQMHowenZERVFubnQvVlVXRkVCTFNKcTRaNE5yZThMRm1TMjwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1scDpTdGF0dXM+PHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPjwvc2FtbHA6U3RhdHVzPjxzYW1sOkFzc2VydGlvbiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIElEPSJwZng3ZTNmMWYxMS0zZDM4LTdkYTUtNTVlZC05YjRkNmMwYTQ0ZWIiIElzc3VlSW5zdGFudD0iMjAxNC0wMy0zMVQwMDozNzoxNloiIFZlcnNpb249IjIuMCI+PHNhbWw6SXNzdWVyPmh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvc2ltcGxlc2FtbC9zYW1sMi9pZHAvbWV0YWRhdGEucGhwPC9zYW1sOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj4KICA8ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPgogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPgogIDxkczpSZWZlcmVuY2UgVVJJPSIjcGZ4N2UzZjFmMTEtM2QzOC03ZGE1LTU1ZWQtOWI0ZDZjMGE0NGViIj48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT42d1dzemxmRllidGRzNnR5K24rT3RESnZLRUE9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8+PGRzOlNpZ25hdHVyZVZhbHVlPmVVRTkxaFA2bTZ3VlVtd0liVkpTZnhWdkppOVFwd3QwZGpIUDRpcW5yMk42Y2ZWVmV3eERVM0dXQTlsOVpWanltV292RkltL1k0dGR3VTM0R2RiaS8yaWhvMmd0OGVWR3c4ajNSdVFoTVVIc1ZmK2hIaDJlSDhuMHhqZEFqdGRoTkhIT3pMMnREV3hYazg2T2VZbmw4Slp1VTdCRUVTZUtlQzlieDBPUW5ZTT08L2RzOlNpZ25hdHVyZVZhbHVlPgo8ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDVnpDQ0FjQUNDUURJVkhhTlNCWUw2VEFOQmdrcWhraUc5dzBCQVFzRkFEQndNUXN3Q1FZRFZRUUdFd0pHVWpFT01Bd0dBMVVFQ0F3RlVHRnlhWE14RGpBTUJnTlZCQWNNQlZCaGNtbHpNUll3RkFZRFZRUUtEQTFPYjNaaGNHOXpkQ0JVUlZOVU1Ta3dKd1lKS29aSWh2Y05BUWtCRmhwbWJHOXlaVzUwTG5CcFoyOTFkRUJ1YjNaaGNHOXpkQzVtY2pBZUZ3MHhOREF5TVRNeE16VXpOREJhRncweE5UQXlNVE14TXpVek5EQmFNSEF4Q3pBSkJnTlZCQVlUQWtaU01RNHdEQVlEVlFRSURBVlFZWEpwY3pFT01Bd0dBMVVFQnd3RlVHRnlhWE14RmpBVUJnTlZCQW9NRFU1dmRtRndiM04wSUZSRlUxUXhLVEFuQmdrcWhraUc5dzBCQ1FFV0dtWnNiM0psYm5RdWNHbG5iM1YwUUc1dmRtRndiM04wTG1aeU1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0R05BRENCaVFLQmdRQ2hMRkhuM0xuTjRKUS83V0NkWXVweGtVZ2NOT1FuUEYreWxsKy9EUHB1eDlucGZZMDU5UElVYXRCOFg3a0NuNWk4dFJ3SXkvaWtISlI2TXI4K01QdmM2Vk9aRHhQTmRadk1vLzhsaHhyYk4zSmRydzN3aFptVS9LUFI5RjNCZEZkdStTTHpyTWwxVERVWmxQdFk5WHpVRlhjcU44SVhjeThUSnpDQmVOZXkzUUlEQVFBQk1BMEdDU3FHU0liM0RRRUJDd1VBQTRHQkFDdEo4ZmVHemUxTkhCNVZ3MThqTVVQdkhvN0gzR3dtajZaREFYUWxhaUFYTXVOQnhOWFZXVndpZmw2VituVzN3OVFhN0Zlby9uWi9PNFRVT0gxbnorYWRrbGNDRDRRcFphRUlibUFicmlQV0pLZ2I0TFdHaHFRcnV3WVI3SXRUUjFNTlg5Z0xiUDB6MHp2REVRbm50L1ZVV0ZFQkxTSnE0WjROcmU4TEZtUzI8L2RzOlg1MDlDZXJ0aWZpY2F0ZT48L2RzOlg1MDlEYXRhPjwvZHM6S2V5SW5mbz48L2RzOlNpZ25hdHVyZT48c2FtbDpTdWJqZWN0PjxzYW1sOk5hbWVJRCBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OnRyYW5zaWVudCIgU1BOYW1lUXVhbGlmaWVyPSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL21ldGFkYXRhLnBocCI+XzNhZjYyZjFkMDM1MTNiZGQ2MWRkNWJmMDRkM2RlYjdhYTYxNzQ4MGUyMjwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIEluUmVzcG9uc2VUbz0iT05FTE9HSU5fNjEyYmJmOWIxNjQ1Mjk0YWEwYjQ2MzdiMWJjNWYzOWRlOGI3OWNlYiIgTm90T25PckFmdGVyPSIyMDIzLTEwLTAyVDA1OjU3OjE2WiIgUmVjaXBpZW50PSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL2luZGV4LnBocD9hY3MiLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxNC0wMy0zMVQwMDozNjo0NloiIE5vdE9uT3JBZnRlcj0iMjAyMy0xMC0wMlQwNTo1NzoxNloiPjxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PHNhbWw6QXVkaWVuY2U+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+PC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sOkNvbmRpdGlvbnM+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE0LTAzLTMxVDAwOjM3OjE2WiIgU2Vzc2lvbkluZGV4PSJfODVlN2NmZTE2ZDZlN2U2MDBiZDk4YmJjMmI0MzcxZTFjNjk1ODhhNGRhIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDE0LTAzLTMxVDA4OjM3OjE2WiI+PHNhbWw6QXV0aG5Db250ZXh0PjxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDpBdXRobkNvbnRleHQ+PC9zYW1sOkF1dGhuU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4=
\ No newline at end of file
+PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIERlc3RpbmF0aW9uPSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL2luZGV4LnBocD9hY3MiIElEPSJwZnhkYjRkOWVmZS1kMGFkLTAwODYtY2U4OC1jMjg4Njg3Y2FjNjEiIEluUmVzcG9uc2VUbz0iT05FTE9HSU5fNjEyYmJmOWIxNjQ1Mjk0YWEwYjQ2MzdiMWJjNWYzOWRlOGI3OWNlYiIgSXNzdWVJbnN0YW50PSIyMDE0LTAzLTMxVDAwOjM3OjE2WiIgVmVyc2lvbj0iMi4wIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPg0KICA8ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPg0KICAgIDxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4NCiAgPGRzOlJlZmVyZW5jZSBVUkk9IiNwZnhkYjRkOWVmZS1kMGFkLTAwODYtY2U4OC1jMjg4Njg3Y2FjNjEiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPmpjMklRWFNoc3dzTG85TkdJSHp2cGtBaXY4ND08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+aUVqR2QrdWFqSVArYU9ucGo4MjYxUzRBaWdMeXJqc0pheTJzdVFKakhhVHlETlh4TFhWQ3AxZG1PR0JhZGhmRUtnWVJsaTFBZDA1QktBejlpd3NBME14OGZ6SmFhSlBUbHM2NS93ODZTSEN4NTdrNXhteDBSUjhuR09MOU1vb2lidnZWeTVRODl2Z2lnVWN5cWJUY0dxaU5uSVNCWGZuYVR2dnpQYS9QbWJ3PTwvZHM6U2lnbmF0dXJlVmFsdWU+DQo8ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDVnpDQ0FjQUNDUURJVkhhTlNCWUw2VEFOQmdrcWhraUc5dzBCQVFzRkFEQndNUXN3Q1FZRFZRUUdFd0pHVWpFT01Bd0dBMVVFQ0F3RlVHRnlhWE14RGpBTUJnTlZCQWNNQlZCaGNtbHpNUll3RkFZRFZRUUtEQTFPYjNaaGNHOXpkQ0JVUlZOVU1Ta3dKd1lKS29aSWh2Y05BUWtCRmhwbWJHOXlaVzUwTG5CcFoyOTFkRUJ1YjNaaGNHOXpkQzVtY2pBZUZ3MHhOREF5TVRNeE16VXpOREJhRncweE5UQXlNVE14TXpVek5EQmFNSEF4Q3pBSkJnTlZCQVlUQWtaU01RNHdEQVlEVlFRSURBVlFZWEpwY3pFT01Bd0dBMVVFQnd3RlVHRnlhWE14RmpBVUJnTlZCQW9NRFU1dmRtRndiM04wSUZSRlUxUXhLVEFuQmdrcWhraUc5dzBCQ1FFV0dtWnNiM0psYm5RdWNHbG5iM1YwUUc1dmRtRndiM04wTG1aeU1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0R05BRENCaVFLQmdRQ2hMRkhuM0xuTjRKUS83V0NkWXVweGtVZ2NOT1FuUEYreWxsKy9EUHB1eDlucGZZMDU5UElVYXRCOFg3a0NuNWk4dFJ3SXkvaWtISlI2TXI4K01QdmM2Vk9aRHhQTmRadk1vLzhsaHhyYk4zSmRydzN3aFptVS9LUFI5RjNCZEZkdStTTHpyTWwxVERVWmxQdFk5WHpVRlhjcU44SVhjeThUSnpDQmVOZXkzUUlEQVFBQk1BMEdDU3FHU0liM0RRRUJDd1VBQTRHQkFDdEo4ZmVHemUxTkhCNVZ3MThqTVVQdkhvN0gzR3dtajZaREFYUWxhaUFYTXVOQnhOWFZXVndpZmw2VituVzN3OVFhN0Zlby9uWi9PNFRVT0gxbnorYWRrbGNDRDRRcFphRUlibUFicmlQV0pLZ2I0TFdHaHFRcnV3WVI3SXRUUjFNTlg5Z0xiUDB6MHp2REVRbm50L1ZVV0ZFQkxTSnE0WjROcmU4TEZtUzI8L2RzOlg1MDlDZXJ0aWZpY2F0ZT48L2RzOlg1MDlEYXRhPjwvZHM6S2V5SW5mbz48L2RzOlNpZ25hdHVyZT48c2FtbHA6U3RhdHVzPjxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz48L3NhbWxwOlN0YXR1cz48c2FtbDpBc3NlcnRpb24geG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiBJRD0icGZ4N2UzZjFmMTEtM2QzOC03ZGE1LTU1ZWQtOWI0ZDZjMGE0NGViIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDMtMzFUMDA6Mzc6MTZaIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeDdlM2YxZjExLTNkMzgtN2RhNS01NWVkLTliNGQ2YzBhNDRlYiI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+NndXc3psZkZZYnRkczZ0eStuK090REp2S0VBPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT5lVUU5MWhQNm02d1ZVbXdJYlZKU2Z4VnZKaTlRcHd0MGRqSFA0aXFucjJONmNmVlZld3hEVTNHV0E5bDlaVmp5bVdvdkZJbS9ZNHRkd1UzNEdkYmkvMmlobzJndDhlVkd3OGozUnVRaE1VSHNWZitoSGgyZUg4bjB4amRBanRkaE5ISE96TDJ0RFd4WGs4Nk9lWW5sOEpadVU3QkVFU2VLZUM5YngwT1FuWU09PC9kczpTaWduYXR1cmVWYWx1ZT4NCjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNWekNDQWNBQ0NRRElWSGFOU0JZTDZUQU5CZ2txaGtpRzl3MEJBUXNGQURCd01Rc3dDUVlEVlFRR0V3SkdVakVPTUF3R0ExVUVDQXdGVUdGeWFYTXhEakFNQmdOVkJBY01CVkJoY21sek1SWXdGQVlEVlFRS0RBMU9iM1poY0c5emRDQlVSVk5VTVNrd0p3WUpLb1pJaHZjTkFRa0JGaHBtYkc5eVpXNTBMbkJwWjI5MWRFQnViM1poY0c5emRDNW1jakFlRncweE5EQXlNVE14TXpVek5EQmFGdzB4TlRBeU1UTXhNelV6TkRCYU1IQXhDekFKQmdOVkJBWVRBa1pTTVE0d0RBWURWUVFJREFWUVlYSnBjekVPTUF3R0ExVUVCd3dGVUdGeWFYTXhGakFVQmdOVkJBb01EVTV2ZG1Gd2IzTjBJRlJGVTFReEtUQW5CZ2txaGtpRzl3MEJDUUVXR21ac2IzSmxiblF1Y0dsbmIzVjBRRzV2ZG1Gd2IzTjBMbVp5TUlHZk1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTkFEQ0JpUUtCZ1FDaExGSG4zTG5ONEpRLzdXQ2RZdXB4a1VnY05PUW5QRit5bGwrL0RQcHV4OW5wZlkwNTlQSVVhdEI4WDdrQ241aTh0UndJeS9pa0hKUjZNcjgrTVB2YzZWT1pEeFBOZFp2TW8vOGxoeHJiTjNKZHJ3M3doWm1VL0tQUjlGM0JkRmR1K1NMenJNbDFURFVabFB0WTlYelVGWGNxTjhJWGN5OFRKekNCZU5leTNRSURBUUFCTUEwR0NTcUdTSWIzRFFFQkN3VUFBNEdCQUN0SjhmZUd6ZTFOSEI1VncxOGpNVVB2SG83SDNHd21qNlpEQVhRbGFpQVhNdU5CeE5YVldWd2lmbDZWK25XM3c5UWE3RmVvL25aL080VFVPSDFueithZGtsY0NENFFwWmFFSWJtQWJyaVBXSktnYjRMV0docVFydXdZUjdJdFRSMU1OWDlnTGJQMHowenZERVFubnQvVlVXRkVCTFNKcTRaNE5yZThMRm1TMjwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6dHJhbnNpZW50IiBTUE5hbWVRdWFsaWZpZXI9Imh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvbmV3b25lbG9naW4vZGVtbzEvbWV0YWRhdGEucGhwIj5fM2FmNjJmMWQwMzUxM2JkZDYxZGQ1YmYwNGQzZGViN2FhNjE3NDgwZTIyPC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgSW5SZXNwb25zZVRvPSJPTkVMT0dJTl82MTJiYmY5YjE2NDUyOTRhYTBiNDYzN2IxYmM1ZjM5ZGU4Yjc5Y2ViIiBOb3RPbk9yQWZ0ZXI9IjI5OTMtMTAtMDJUMDU6NTc6MTZaIiBSZWNpcGllbnQ9Imh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvbmV3b25lbG9naW4vZGVtbzEvaW5kZXgucGhwP2FjcyIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE0LTAzLTMxVDAwOjM2OjQ2WiIgTm90T25PckFmdGVyPSIyOTkzLTEwLTAyVDA1OjU3OjE2WiI+PHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTQtMDMtMzFUMDA6Mzc6MTZaIiBTZXNzaW9uSW5kZXg9Il84NWU3Y2ZlMTZkNmU3ZTYwMGJkOThiYmMyYjQzNzFlMWM2OTU4OGE0ZGEiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjI5OTMtMDMtMzFUMDg6Mzc6MTZaIj48c2FtbDpBdXRobkNvbnRleHQ+PHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+PC9zYW1sOkF1dGhuQ29udGV4dD48L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+PC9zYW1sOkFzc2VydGlvbj48L3NhbWxwOlJlc3BvbnNlPg==
diff --git a/tests/data/responses/no_audience.xml.base64 b/tests/data/responses/no_audience.xml.base64
index 6ac34337..25550e3b 100644
--- a/tests/data/responses/no_audience.xml.base64
+++ b/tests/data/responses/no_audience.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjIwMjEtMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MDdaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDIxLTA2LTE3VDIyOjU0OjE0WiIgU2Vzc2lvbkluZGV4PSJfNTFiZTM3OTY1ZmViNTU3OWQ4MDMxNDEwNzY5MzZkYzJlOWQxZDk4ZWJmIj4NCiAgICAgIDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3NhbWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0ibWFpbCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNvbWVvbmVAZXhhbXBsZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+DQogICAgICA8L3NhbWw6QXR0cmlidXRlPg0KICAgIDwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogIDwvc2FtbDpBc3NlcnRpb24+DQo8L3NhbWxwOlJlc3BvbnNlPg==
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjIwOTktMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MDdaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDk5LTA2LTE3VDIyOjU0OjE0WiIgU2Vzc2lvbkluZGV4PSJfNTFiZTM3OTY1ZmViNTU3OWQ4MDMxNDEwNzY5MzZkYzJlOWQxZDk4ZWJmIj4NCiAgICAgIDxzYW1sOkF1dGhuQ29udGV4dD4NCiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+DQogICAgICA8L3NhbWw6QXV0aG5Db250ZXh0Pg0KICAgIDwvc2FtbDpBdXRoblN0YXRlbWVudD4NCiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0ibWFpbCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNvbWVvbmVAZXhhbXBsZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+DQogICAgICA8L3NhbWw6QXR0cmlidXRlPg0KICAgIDwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogIDwvc2FtbDpBc3NlcnRpb24+DQo8L3NhbWxwOlJlc3BvbnNlPg==
\ No newline at end of file
diff --git a/tests/data/responses/pretty_signed_message_response.xml b/tests/data/responses/pretty_signed_message_response.xml
index 7dcb65ee..8ac3541e 100644
--- a/tests/data/responses/pretty_signed_message_response.xml
+++ b/tests/data/responses/pretty_signed_message_response.xml
@@ -1,9 +1,9 @@
-<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxc3d2b542-0f7e-8767-8e87-5b0dc6913375" Version="2.0" IssueInstant="2014-03-21T13:41:09Z" Destination="https://pitbulk.no-ip.org/newonelogin/demo1/index.php?acs" InResponseTo="ONELOGIN_5d9e319c1b8a67da48227964c28d280e7860f804">
+<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfxf209cd60-f060-722b-02e9-4850ac5a2e41" Version="2.0" IssueInstant="2014-03-21T13:41:09Z" Destination="https://pitbulk.no-ip.org/newonelogin/demo1/index.php?acs" InResponseTo="ONELOGIN_5d9e319c1b8a67da48227964c28d280e7860f804">
   <saml:Issuer>https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php</saml:Issuer>
   <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
   <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
     <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
-  <ds:Reference URI="#pfxc3d2b542-0f7e-8767-8e87-5b0dc6913375"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>1dQFiYU0o2OF7c/RVV8Gpgb4u3I=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>wRgBXOq/FiLZc2mureTC/j6zY709OikJ5HeUSruHTdYjEg9aZy1RbxlKIYEIfXpnX7NBoKxfAMm+O0fsrqOjgcYxTVkqZjOr71qiXNbtwjeAkdYSpk5brsAcnfcPdv8QReYr3D7t5ZVCgYuvXQ+dNELKeag7e1ASOzVqOdp5Z9Y=</ds:SignatureValue>
+  <ds:Reference URI="#pfxf209cd60-f060-722b-02e9-4850ac5a2e41"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>mv5lfRE63rPIrb29tQ6Qbfe/yvY=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>yQvrNsoSwWXL3rSW3sH6iyfG0ukrq1tyvsydSrs63wz1ayaVY/uXBQuldn1VcQmOZpQgDwnZwjmb5fU+CZejQw5dTtj2mJR50TO1Wj81upVEtQByF2RyOP1GsB27dSeYRTMYsK64ywzIxfltw02BBQUqpz10i3EtlVh46hc+LWY=</ds:SignatureValue>
 <ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMCTk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYDVQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xiZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2ZlaWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LONoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7nbK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2QarQ4/67OZfHd7R+POBXhophSMv1ZOo</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature>
   <samlp:Status>
     <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
@@ -13,15 +13,15 @@
     <saml:Subject>
       <saml:NameID SPNameQualifier="https://pitbulk.no-ip.org/newonelogin/demo1/metadata.php" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_b98f98bb1ab512ced653b58baaff543448daed535d</saml:NameID>
       <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
-        <saml:SubjectConfirmationData NotOnOrAfter="2023-09-22T19:01:09Z" Recipient="https://pitbulk.no-ip.org/newonelogin/demo1/index.php?acs" InResponseTo="ONELOGIN_5d9e319c1b8a67da48227964c28d280e7860f804"/>
+        <saml:SubjectConfirmationData NotOnOrAfter="2993-09-22T19:01:09Z" Recipient="https://pitbulk.no-ip.org/newonelogin/demo1/index.php?acs" InResponseTo="ONELOGIN_5d9e319c1b8a67da48227964c28d280e7860f804"/>
       </saml:SubjectConfirmation>
     </saml:Subject>
-    <saml:Conditions NotBefore="2014-03-21T13:40:39Z" NotOnOrAfter="2023-09-22T19:01:09Z">
+    <saml:Conditions NotBefore="2014-03-21T13:40:39Z" NotOnOrAfter="2993-09-22T19:01:09Z">
       <saml:AudienceRestriction>
         <saml:Audience>https://pitbulk.no-ip.org/newonelogin/demo1/metadata.php</saml:Audience>
       </saml:AudienceRestriction>
     </saml:Conditions>
-    <saml:AuthnStatement AuthnInstant="2014-03-21T13:41:09Z" SessionNotOnOrAfter="2014-03-21T21:41:09Z" SessionIndex="_9fe0c8dcd3302e7364fcab22a52748ebf2224df0aa">
+    <saml:AuthnStatement AuthnInstant="2014-03-21T13:41:09Z" SessionNotOnOrAfter="2993-03-21T21:41:09Z" SessionIndex="_9fe0c8dcd3302e7364fcab22a52748ebf2224df0aa">
       <saml:AuthnContext>
         <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
       </saml:AuthnContext>
diff --git a/tests/data/responses/response1_with_duplicate_attributes.xml.base64 b/tests/data/responses/response1_with_duplicate_attributes.xml.base64
new file mode 100644
index 00000000..de113c3c
--- /dev/null
+++ b/tests/data/responses/response1_with_duplicate_attributes.xml.base64
@@ -0,0 +1 @@
+PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIElEPSJHT1NBTUxSMTI5MDExNzQ1NzE3OTQiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDEwLTExLTE4VDIxOjU3OjM3WiIgRGVzdGluYXRpb249IntyZWNpcGllbnR9Ij48c2FtbHA6U3RhdHVzPjxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz48L3NhbWxwOlN0YXR1cz48c2FtbDpBc3NlcnRpb24geG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiBWZXJzaW9uPSIyLjAiIElEPSJwZng4ZmZiMzk4My1jYmY2LTkyYTEtZjJjNC02MTlhZTFiZTFjODYiIElzc3VlSW5zdGFudD0iMjAxMC0xMS0xOFQyMTo1NzozN1oiPjxzYW1sOklzc3Vlcj5odHRwczovL2FwcC5vbmVsb2dpbi5jb20vc2FtbC9tZXRhZGF0YS8xMzU5MDwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+PGRzOlNpZ25lZEluZm8+PGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+PGRzOlJlZmVyZW5jZSBVUkk9IiNwZng4ZmZiMzk4My1jYmY2LTkyYTEtZjJjNC02MTlhZTFiZTFjODYiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPmhndVFiQ0hhbmliYkRDN3EzWnp4ekhjUG9uST08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+R2FuY0Q5dlJvaDlNYlQwMDJEeTc5dDFtNkk2WWZoVUtQZmJsa21wMnVkb2xYdWp2NmUxTVd2c1ZteE56dHNJR2x4QWEwcUtEaVNNekNORFpzazNqc3lzVWwxbkFLbkFnMTg1amZYanN6aHNkbVIrTTkxZHhrNmtmY0xVb3NPb2xvdmFkV0xQV3FuN1AzajgvNXh6cDlMcFJBM2d2QjQxODJSU2lyV0NCWFBRPTwvZHM6U2lnbmF0dXJlVmFsdWU+PGRzOktleUluZm8+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJQ2dUQ0NBZW9DQ1FDYk9scldEZFg3RlRBTkJna3Foa2lHOXcwQkFRVUZBRENCaERFTE1Ba0dBMVVFQmhNQ1RrOHhHREFXQmdOVkJBZ1REMEZ1WkhKbFlYTWdVMjlzWW1WeVp6RU1NQW9HQTFVRUJ4TURSbTl2TVJBd0RnWURWUVFLRXdkVlRrbE9SVlJVTVJnd0ZnWURWUVFERXc5bVpXbGtaUzVsY214aGJtY3VibTh4SVRBZkJna3Foa2lHOXcwQkNRRVdFbUZ1WkhKbFlYTkFkVzVwYm1WMGRDNXViekFlRncwd056QTJNVFV4TWpBeE16VmFGdzB3TnpBNE1UUXhNakF4TXpWYU1JR0VNUXN3Q1FZRFZRUUdFd0pPVHpFWU1CWUdBMVVFQ0JNUFFXNWtjbVZoY3lCVGIyeGlaWEpuTVF3d0NnWURWUVFIRXdOR2IyOHhFREFPQmdOVkJBb1RCMVZPU1U1RlZGUXhHREFXQmdOVkJBTVREMlpsYVdSbExtVnliR0Z1Wnk1dWJ6RWhNQjhHQ1NxR1NJYjNEUUVKQVJZU1lXNWtjbVZoYzBCMWJtbHVaWFIwTG01dk1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0R05BRENCaVFLQmdRRGl2YmhSN1A1MTZ4L1MzQnFLeHVwUWUwTE9Ob2xpdXBpQk9lc0NPM1NIYkRybDMrcTlJYmZuZm1FMDRyTnVNY1BzSXhCMTYxVGREcEllc0xDbjdjOGFQSElTS090UGxBZVRaU25iOFFBdTdhUmpacTMrUGJyUDV1VzNUY2ZDR1B0S1R5dEhPZ2UvT2xKYm8wNzhkVmhYUTE0ZDFFRHdYSlcxclJYdVV0NEM4UUlEQVFBQk1BMEdDU3FHU0liM0RRRUJCUVVBQTRHQkFDRFZmcDg2SE9icVkrZThCVW9XUTkrVk1ReDFBU0RvaEJqd09zZzJXeWtVcVJYRitkTGZjVUg5ZFdSNjNDdFpJS0ZEYlN0Tm9tUG5RejduYksrb255Z3dCc3BWRWJuSHVVaWhacTNaVWRtdW1RcUN3NFV2cy8xVXZxM29yT28vV0pWaFR5dkxnRlZLMlFhclE0LzY3T1pmSGQ3UitQT0JYaG9waFNNdjFaT288L2RzOlg1MDlDZXJ0aWZpY2F0ZT48L2RzOlg1MDlEYXRhPjwvZHM6S2V5SW5mbz48L2RzOlNpZ25hdHVyZT48c2FtbDpTdWJqZWN0PjxzYW1sOk5hbWVJRCBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c3VwcG9ydEBvbmVsb2dpbi5jb208L3NhbWw6TmFtZUlEPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBOb3RPbk9yQWZ0ZXI9IjIwMTAtMTEtMThUMjI6MDI6MzdaIiBSZWNpcGllbnQ9IntyZWNpcGllbnR9Ii8+PC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+PC9zYW1sOlN1YmplY3Q+PHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMTEtMThUMjE6NTI6MzdaIiBOb3RPbk9yQWZ0ZXI9IjIwMTAtMTEtMThUMjI6MDI6MzdaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPnthdWRpZW5jZX08L3NhbWw6QXVkaWVuY2U+PC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sOkNvbmRpdGlvbnM+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDEwLTExLTE4VDIxOjU3OjM3WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAxMC0xMS0xOVQyMTo1NzozN1oiIFNlc3Npb25JbmRleD0iXzUzMWMzMmQyODNiZGZmN2UwNGU0ODdiY2RiYzRkZDhkIj48c2FtbDpBdXRobkNvbnRleHQ+PHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+PC9zYW1sOkF1dGhuQ29udGV4dD48L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJ1aWQiIEZyaWVuZGx5TmFtZT0idXNlcm5hbWUiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+ZGVtbzwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJmcmllbmRseTEiIEZyaWVuZGx5TmFtZT0iZnJpZW5kbHl0ZXN0Ij48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPmZyaWVuZGx5MTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJmcmllbmRseTIiIEZyaWVuZGx5TmFtZT0iZnJpZW5kbHl0ZXN0Ij48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPmZyaWVuZGx5Mjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJhbm90aGVyX3ZhbHVlIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPnZhbHVlPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImR1cGxpY2F0ZV9uYW1lIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm5hbWUxPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImR1cGxpY2F0ZV9uYW1lIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPm5hbWUyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+
\ No newline at end of file
diff --git a/tests/data/responses/response1_with_friendlyname.xml.base64 b/tests/data/responses/response1_with_friendlyname.xml.base64
new file mode 100644
index 00000000..a17c3941
--- /dev/null
+++ b/tests/data/responses/response1_with_friendlyname.xml.base64
@@ -0,0 +1 @@
+PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIElEPSJHT1NBTUxSMTI5MDExNzQ1NzE3OTQiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDEwLTExLTE4VDIxOjU3OjM3WiIgRGVzdGluYXRpb249IntyZWNpcGllbnR9Ij4NCiAgPHNhbWxwOlN0YXR1cz4NCiAgICA8c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+DQogIDxzYW1sOkFzc2VydGlvbiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIFZlcnNpb249IjIuMCIgSUQ9InBmeDhmZmIzOTgzLWNiZjYtOTJhMS1mMmM0LTYxOWFlMWJlMWM4NiIgSXNzdWVJbnN0YW50PSIyMDEwLTExLTE4VDIxOjU3OjM3WiI+DQogICAgPHNhbWw6SXNzdWVyPmh0dHBzOi8vYXBwLm9uZWxvZ2luLmNvbS9zYW1sL21ldGFkYXRhLzEzNTkwPC9zYW1sOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj4NCiAgPGRzOlNpZ25lZEluZm8+PGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4NCiAgICA8ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+DQogIDxkczpSZWZlcmVuY2UgVVJJPSIjcGZ4OGZmYjM5ODMtY2JmNi05MmExLWYyYzQtNjE5YWUxYmUxYzg2Ij48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5oZ3VRYkNIYW5pYmJEQzdxM1p6eHpIY1Bvbkk9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8+PGRzOlNpZ25hdHVyZVZhbHVlPkdhbmNEOXZSb2g5TWJUMDAyRHk3OXQxbTZJNllmaFVLUGZibGttcDJ1ZG9sWHVqdjZlMU1XdnNWbXhOenRzSUdseEFhMHFLRGlTTXpDTkRac2szanN5c1VsMW5BS25BZzE4NWpmWGpzemhzZG1SK005MWR4azZrZmNMVW9zT29sb3ZhZFdMUFdxbjdQM2o4LzV4enA5THBSQTNndkI0MTgyUlNpcldDQlhQUT08L2RzOlNpZ25hdHVyZVZhbHVlPg0KPGRzOktleUluZm8+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJQ2dUQ0NBZW9DQ1FDYk9scldEZFg3RlRBTkJna3Foa2lHOXcwQkFRVUZBRENCaERFTE1Ba0dBMVVFQmhNQ1RrOHhHREFXQmdOVkJBZ1REMEZ1WkhKbFlYTWdVMjlzWW1WeVp6RU1NQW9HQTFVRUJ4TURSbTl2TVJBd0RnWURWUVFLRXdkVlRrbE9SVlJVTVJnd0ZnWURWUVFERXc5bVpXbGtaUzVsY214aGJtY3VibTh4SVRBZkJna3Foa2lHOXcwQkNRRVdFbUZ1WkhKbFlYTkFkVzVwYm1WMGRDNXViekFlRncwd056QTJNVFV4TWpBeE16VmFGdzB3TnpBNE1UUXhNakF4TXpWYU1JR0VNUXN3Q1FZRFZRUUdFd0pPVHpFWU1CWUdBMVVFQ0JNUFFXNWtjbVZoY3lCVGIyeGlaWEpuTVF3d0NnWURWUVFIRXdOR2IyOHhFREFPQmdOVkJBb1RCMVZPU1U1RlZGUXhHREFXQmdOVkJBTVREMlpsYVdSbExtVnliR0Z1Wnk1dWJ6RWhNQjhHQ1NxR1NJYjNEUUVKQVJZU1lXNWtjbVZoYzBCMWJtbHVaWFIwTG01dk1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0R05BRENCaVFLQmdRRGl2YmhSN1A1MTZ4L1MzQnFLeHVwUWUwTE9Ob2xpdXBpQk9lc0NPM1NIYkRybDMrcTlJYmZuZm1FMDRyTnVNY1BzSXhCMTYxVGREcEllc0xDbjdjOGFQSElTS090UGxBZVRaU25iOFFBdTdhUmpacTMrUGJyUDV1VzNUY2ZDR1B0S1R5dEhPZ2UvT2xKYm8wNzhkVmhYUTE0ZDFFRHdYSlcxclJYdVV0NEM4UUlEQVFBQk1BMEdDU3FHU0liM0RRRUJCUVVBQTRHQkFDRFZmcDg2SE9icVkrZThCVW9XUTkrVk1ReDFBU0RvaEJqd09zZzJXeWtVcVJYRitkTGZjVUg5ZFdSNjNDdFpJS0ZEYlN0Tm9tUG5RejduYksrb255Z3dCc3BWRWJuSHVVaWhacTNaVWRtdW1RcUN3NFV2cy8xVXZxM29yT28vV0pWaFR5dkxnRlZLMlFhclE0LzY3T1pmSGQ3UitQT0JYaG9waFNNdjFaT288L2RzOlg1MDlDZXJ0aWZpY2F0ZT48L2RzOlg1MDlEYXRhPjwvZHM6S2V5SW5mbz48L2RzOlNpZ25hdHVyZT4NCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIj5zdXBwb3J0QG9uZWxvZ2luLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAxMC0xMS0xOFQyMjowMjozN1oiIFJlY2lwaWVudD0ie3JlY2lwaWVudH0iLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0xMS0xOFQyMTo1MjozN1oiIE5vdE9uT3JBZnRlcj0iMjAxMC0xMS0xOFQyMjowMjozN1oiPg0KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICAgICAgPHNhbWw6QXVkaWVuY2U+e2F1ZGllbmNlfTwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMC0xMS0xOFQyMTo1NzozN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwMTAtMTEtMTlUMjE6NTc6MzdaIiBTZXNzaW9uSW5kZXg9Il81MzFjMzJkMjgzYmRmZjdlMDRlNDg3YmNkYmM0ZGQ4ZCI+DQogICAgICA8c2FtbDpBdXRobkNvbnRleHQ+DQogICAgICAgIDxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPg0KICAgICAgPC9zYW1sOkF1dGhuQ29udGV4dD4NCiAgICA8L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+DQogICAgPHNhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICAgICAgPHNhbWw6QXR0cmlidXRlIE5hbWU9InVpZCIgRnJpZW5kbHlOYW1lPSJ1c2VybmFtZSI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+ZGVtbzwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0iYW5vdGhlcl92YWx1ZSI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dmFsdWU8L3NhbWw6QXR0cmlidXRlVmFsdWU+DQogICAgICA8L3NhbWw6QXR0cmlidXRlPg0KICAgIDwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogIDwvc2FtbDpBc3NlcnRpb24+DQo8L3NhbWxwOlJlc3BvbnNlPg==
\ No newline at end of file
diff --git a/tests/data/responses/response_with_nested_nameid_values.xml.base64 b/tests/data/responses/response_with_nested_nameid_values.xml.base64
index 3092c3cf..3b99e137 100644
--- a/tests/data/responses/response_with_nested_nameid_values.xml.base64
+++ b/tests/data/responses/response_with_nested_nameid_values.xml.base64
@@ -1,71 +1 @@
-PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDph
-c3NlcnRpb24iIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9j
-b2wiIElEPSJHT1NBTUxSMTI5MDExNzQ1NzE3OTQiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50
-PSIyMDEwLTExLTE4VDIxOjU3OjM3WiIgRGVzdGluYXRpb249IntyZWNpcGllbnR9Ij4KICA8c2Ft
-bHA6U3RhdHVzPgogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0
-YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPjwvc2FtbHA6U3RhdHVzPgogIDxzYW1sOkFzc2Vy
-dGlvbiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhz
-aT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIFZlcnNpb249IjIu
-MCIgSUQ9InBmeGE0NjU3NGRmLWIzYjAtYTA2YS0yM2M4LTYzNjQxMzE5ODc3MiIgSXNzdWVJbnN0
-YW50PSIyMDEwLTExLTE4VDIxOjU3OjM3WiI+CiAgICA8c2FtbDpJc3N1ZXI+aHR0cHM6Ly9hcHAu
-b25lbG9naW4uY29tL3NhbWwvbWV0YWRhdGEvMTM1OTA8L3NhbWw6SXNzdWVyPgogICAgPGRzOlNp
-Z25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+CiAg
-ICAgIDxkczpTaWduZWRJbmZvPgogICAgICAgIDxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFs
-Z29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAg
-ICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAv
-MDkveG1sZHNpZyNyc2Etc2hhMSIvPgogICAgICAgIDxkczpSZWZlcmVuY2UgVVJJPSIjcGZ4YTQ2
-NTc0ZGYtYjNiMC1hMDZhLTIzYzgtNjM2NDEzMTk4NzcyIj4KICAgICAgICAgIDxkczpUcmFuc2Zv
-cm1zPgogICAgICAgICAgICA8ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5v
-cmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz4KICAgICAgICAgICAgPGRz
-OlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1j
-MTRuIyIvPgogICAgICAgICAgPC9kczpUcmFuc2Zvcm1zPgogICAgICAgICAgPGRzOkRpZ2VzdE1l
-dGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+
-CiAgICAgICAgICA8ZHM6RGlnZXN0VmFsdWU+cEpRN01TL2VrNEtSUldHbXYvSDQzUmVIWU1zPTwv
-ZHM6RGlnZXN0VmFsdWU+CiAgICAgICAgPC9kczpSZWZlcmVuY2U+CiAgICAgIDwvZHM6U2lnbmVk
-SW5mbz4KICAgICAgPGRzOlNpZ25hdHVyZVZhbHVlPnlpdmVLY1BkRHB1RE5qNnNoclEzQUJ3ci9j
-QTNDcnlEMnBoRy94TFpzektXeFU1L21sYUt0OGV3YlpPZEtLdnRPczJwSEJ5NUR1YTNrOTRBRit6
-eEd5ZWw1Z09vd21veVhKcitBT3Ira1BPMHZsaTFWOG8zaFBQVVp3UmdTWDZROXBTMUNxUWdoS2lF
-YXNSeXlscXFKVWFQWXptT3pPRTgvWGxNa3dpV21PMD08L2RzOlNpZ25hdHVyZVZhbHVlPgogICAg
-ICA8ZHM6S2V5SW5mbz4KICAgICAgICA8ZHM6WDUwOURhdGE+CiAgICAgICAgICA8ZHM6WDUwOUNl
-cnRpZmljYXRlPk1JSUJyVENDQWFHZ0F3SUJBZ0lCQVRBREJnRUFNR2N4Q3pBSkJnTlZCQVlUQWxW
-VE1STXdFUVlEVlFRSURBcERZV3hwWm05eWJtbGhNUlV3RXdZRFZRUUhEQXhUWVc1MFlTQk5iMjVw
-WTJFeEVUQVBCZ05WQkFvTUNFOXVaVXh2WjJsdU1Sa3dGd1lEVlFRRERCQmhjSEF1YjI1bGJHOW5h
-VzR1WTI5dE1CNFhEVEV3TURNd09UQTVOVGcwTlZvWERURTFNRE13T1RBNU5UZzBOVm93WnpFTE1B
-a0dBMVVFQmhNQ1ZWTXhFekFSQmdOVkJBZ01Da05oYkdsbWIzSnVhV0V4RlRBVEJnTlZCQWNNREZO
-aGJuUmhJRTF2Ym1sallURVJNQThHQTFVRUNnd0lUMjVsVEc5bmFXNHhHVEFYQmdOVkJBTU1FR0Z3
-Y0M1dmJtVnNiMmRwYmk1amIyMHdnWjh3RFFZSktvWklodmNOQVFFQkJRQURnWTBBTUlHSkFvR0JB
-T2pTdTFmalB5OGQ1dzRReUwxK3pkNGhJdzFNa2tmZjRXWS9UTEc4T1prVTVZVFNXbW1IUEQ1a3ZZ
-SDV1b1hTLzZxUTgxcVhwUjJ3VjhDVG93WkpVTGcwOWRkUmRSbjhRc3FqMUZ5T0M1c2xFM3kyYloy
-b0Z1YTcyb2YvNDlmcHVqbkZUNktuUTYxQ0JNcWxEb1RRcU9UNjJ2R0o4blA2TVpXdkE2c3hxdWQ1
-QWdNQkFBRXdBd1lCQUFNQkFBPT08L2RzOlg1MDlDZXJ0aWZpY2F0ZT4KICAgICAgICA8L2RzOlg1
-MDlEYXRhPgogICAgICA8L2RzOktleUluZm8+CiAgICA8L2RzOlNpZ25hdHVyZT4KICAgIDxzYW1s
-OlN1YmplY3Q+CiAgICAgIDxzYW1sOk5hbWVJRCBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpT
-QU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c3VwcG9ydEBvbmVsb2dpbi5jb208
-L3NhbWw6TmFtZUlEPgogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJu
-Om9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+CiAgICAgICAgPHNhbWw6U3ViamVj
-dENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDEwLTExLTE4VDIyOjAyOjM3WiIgUmVj
-aXBpZW50PSJ7cmVjaXBpZW50fSIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPgogICAgPC9z
-YW1sOlN1YmplY3Q+CiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0xMS0xOFQy
-MTo1MjozN1oiIE5vdE9uT3JBZnRlcj0iMjAxMC0xMS0xOFQyMjowMjozN1oiPgogICAgICA8c2Ft
-bDpBdWRpZW5jZVJlc3RyaWN0aW9uPgogICAgICAgIDxzYW1sOkF1ZGllbmNlPnthdWRpZW5jZX08
-L3NhbWw6QXVkaWVuY2U+CiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPgogICAgPC9z
-YW1sOkNvbmRpdGlvbnM+CiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIw
-MTAtMTEtMThUMjE6NTc6MzdaIiBTZXNzaW9uTm90T25PckFmdGVyPSIyMDEwLTExLTE5VDIxOjU3
-OjM3WiIgU2Vzc2lvbkluZGV4PSJfNTMxYzMyZDI4M2JkZmY3ZTA0ZTQ4N2JjZGJjNGRkOGQiPgog
-ICAgICA8c2FtbDpBdXRobkNvbnRleHQ+CiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NS
-ZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6
-QXV0aG5Db250ZXh0Q2xhc3NSZWY+CiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+CiAgICA8L3Nh
-bWw6QXV0aG5TdGF0ZW1lbnQ+CiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+CiAgICAgIDxz
-YW1sOkF0dHJpYnV0ZSBOYW1lPSJ1aWQiPgogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHht
-bG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRw
-Oi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmlu
-ZyI+ZGVtbzwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4KICAgICAgPC9zYW1sOkF0dHJpYnV0ZT4KICAg
-ICAgPHNhbWw6QXR0cmlidXRlIE5hbWU9ImFub3RoZXJfdmFsdWUiPgogICAgICAgIDxzYW1sOkF0
-dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIg
-eG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNp
-OnR5cGU9InhzOnN0cmluZyI+CiAgICAgICAgICAgIDxzYW1sOk5hbWVJRCBGb3JtYXQ9InVybjpv
-YXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OnBlcnNpc3RlbnQiIE5hbWVRdWFs
-aWZpZXI9Imh0dHBzOi8vaWRwSUQiIFNQTmFtZVF1YWxpZmllcj0iaHR0cHM6Ly9zcElEIj52YWx1
-ZTwvc2FtbDpOYW1lSUQ+CiAgICAgICAgPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPgogICAgICA8L3Nh
-bWw6QXR0cmlidXRlPgogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4KICA8L3NhbWw6QXNz
-ZXJ0aW9uPgo8L3NhbWxwOlJlc3BvbnNlPgo=
+PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIElEPSJHT1NBTUxSMTI5MDExNzQ1NzE3OTQiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDEwLTExLTE4VDIxOjU3OjM3WiIgRGVzdGluYXRpb249IntyZWNpcGllbnR9Ij4NCiAgPHNhbWxwOlN0YXR1cz4NCiAgICA8c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+DQogIDxzYW1sOkFzc2VydGlvbiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIFZlcnNpb249IjIuMCIgSUQ9InBmeGE0NjU3NGRmLWIzYjAtYTA2YS0yM2M4LTYzNjQxMzE5ODc3MiIgSXNzdWVJbnN0YW50PSIyMDEwLTExLTE4VDIxOjU3OjM3WiI+DQogICAgPHNhbWw6SXNzdWVyPmh0dHBzOi8vYXBwLm9uZWxvZ2luLmNvbS9zYW1sL21ldGFkYXRhLzEzNTkwPC9zYW1sOklzc3Vlcj4NCiAgICA8ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj4NCiAgICAgIDxkczpTaWduZWRJbmZvPg0KICAgICAgICA8ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPg0KICAgICAgICA8ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+DQogICAgICAgIDxkczpSZWZlcmVuY2UgVVJJPSIjcGZ4YTQ2NTc0ZGYtYjNiMC1hMDZhLTIzYzgtNjM2NDEzMTk4NzcyIj4NCiAgICAgICAgICA8ZHM6VHJhbnNmb3Jtcz4NCiAgICAgICAgICAgIDxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPg0KICAgICAgICAgICAgPGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPg0KICAgICAgICAgIDwvZHM6VHJhbnNmb3Jtcz4NCiAgICAgICAgICA8ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz4NCiAgICAgICAgICA8ZHM6RGlnZXN0VmFsdWU+cEpRN01TL2VrNEtSUldHbXYvSDQzUmVIWU1zPTwvZHM6RGlnZXN0VmFsdWU+DQogICAgICAgIDwvZHM6UmVmZXJlbmNlPg0KICAgICAgPC9kczpTaWduZWRJbmZvPg0KICAgICAgPGRzOlNpZ25hdHVyZVZhbHVlPnlpdmVLY1BkRHB1RE5qNnNoclEzQUJ3ci9jQTNDcnlEMnBoRy94TFpzektXeFU1L21sYUt0OGV3YlpPZEtLdnRPczJwSEJ5NUR1YTNrOTRBRit6eEd5ZWw1Z09vd21veVhKcitBT3Ira1BPMHZsaTFWOG8zaFBQVVp3UmdTWDZROXBTMUNxUWdoS2lFYXNSeXlscXFKVWFQWXptT3pPRTgvWGxNa3dpV21PMD08L2RzOlNpZ25hdHVyZVZhbHVlPg0KICAgICAgPGRzOktleUluZm8+DQogICAgICAgIDxkczpYNTA5RGF0YT4NCiAgICAgICAgICA8ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUJyVENDQWFHZ0F3SUJBZ0lCQVRBREJnRUFNR2N4Q3pBSkJnTlZCQVlUQWxWVE1STXdFUVlEVlFRSURBcERZV3hwWm05eWJtbGhNUlV3RXdZRFZRUUhEQXhUWVc1MFlTQk5iMjVwWTJFeEVUQVBCZ05WQkFvTUNFOXVaVXh2WjJsdU1Sa3dGd1lEVlFRRERCQmhjSEF1YjI1bGJHOW5hVzR1WTI5dE1CNFhEVEV3TURNd09UQTVOVGcwTlZvWERURTFNRE13T1RBNU5UZzBOVm93WnpFTE1Ba0dBMVVFQmhNQ1ZWTXhFekFSQmdOVkJBZ01Da05oYkdsbWIzSnVhV0V4RlRBVEJnTlZCQWNNREZOaGJuUmhJRTF2Ym1sallURVJNQThHQTFVRUNnd0lUMjVsVEc5bmFXNHhHVEFYQmdOVkJBTU1FR0Z3Y0M1dmJtVnNiMmRwYmk1amIyMHdnWjh3RFFZSktvWklodmNOQVFFQkJRQURnWTBBTUlHSkFvR0JBT2pTdTFmalB5OGQ1dzRReUwxK3pkNGhJdzFNa2tmZjRXWS9UTEc4T1prVTVZVFNXbW1IUEQ1a3ZZSDV1b1hTLzZxUTgxcVhwUjJ3VjhDVG93WkpVTGcwOWRkUmRSbjhRc3FqMUZ5T0M1c2xFM3kyYloyb0Z1YTcyb2YvNDlmcHVqbkZUNktuUTYxQ0JNcWxEb1RRcU9UNjJ2R0o4blA2TVpXdkE2c3hxdWQ1QWdNQkFBRXdBd1lCQUFNQkFBPT08L2RzOlg1MDlDZXJ0aWZpY2F0ZT4NCiAgICAgICAgPC9kczpYNTA5RGF0YT4NCiAgICAgIDwvZHM6S2V5SW5mbz4NCiAgICA8L2RzOlNpZ25hdHVyZT4NCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIj5zdXBwb3J0QG9uZWxvZ2luLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAxMC0xMS0xOFQyMjowMjozN1oiIFJlY2lwaWVudD0ie3JlY2lwaWVudH0iLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0xMS0xOFQyMTo1MjozN1oiIE5vdE9uT3JBZnRlcj0iMjAxMC0xMS0xOFQyMjowMjozN1oiPg0KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICAgICAgPHNhbWw6QXVkaWVuY2U+e2F1ZGllbmNlfTwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMC0xMS0xOFQyMTo1NzozN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwMTAtMTEtMTlUMjE6NTc6MzdaIiBTZXNzaW9uSW5kZXg9Il81MzFjMzJkMjgzYmRmZjdlMDRlNDg3YmNkYmM0ZGQ4ZCI+DQogICAgICA8c2FtbDpBdXRobkNvbnRleHQ+DQogICAgICAgIDxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPg0KICAgICAgPC9zYW1sOkF1dGhuQ29udGV4dD4NCiAgICA8L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+DQogICAgPHNhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICAgICAgPHNhbWw6QXR0cmlidXRlIE5hbWU9InVpZCI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+ZGVtbzwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0iYW5vdGhlcl92YWx1ZSIgRnJpZW5kbHlOYW1lPSJhbm90aGVyX2ZyaWVuZGx5X3ZhbHVlIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj4NCiAgICAgICAgICAgIDxzYW1sOk5hbWVJRCBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OnBlcnNpc3RlbnQiIE5hbWVRdWFsaWZpZXI9Imh0dHBzOi8vaWRwSUQiIFNQTmFtZVF1YWxpZmllcj0iaHR0cHM6Ly9zcElEIj52YWx1ZTwvc2FtbDpOYW1lSUQ+DQogICAgICAgIDwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
\ No newline at end of file
diff --git a/tests/data/responses/response_without_assertion_reference_uri.xml.base64 b/tests/data/responses/response_without_assertion_reference_uri.xml.base64
new file mode 100644
index 00000000..8c4dab5d
--- /dev/null
+++ b/tests/data/responses/response_without_assertion_reference_uri.xml.base64
@@ -0,0 +1 @@
+PD94bWwgdmVyc2lvbj0iMS4wIj8+CjxzYW1scDpSZXNwb25zZSB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiBJRD0icGZ4ZDU5NDM0N2QtNDk1Zi1iOGQxLTBlZTItNDFjZmRhMTRkZDM1IiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAxNS0wMS0wMlQyMjo0ODo0OFoiIERlc3RpbmF0aW9uPSJodHRwOi8vbG9jYWxob3N0OjkwMDEvdjEvdXNlcnMvYXV0aG9yaXplL3NhbWwiIENvbnNlbnQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjb25zZW50OnVuc3BlY2lmaWVkIiBJblJlc3BvbnNlVG89Il9lZDkxNWE0MC03NGZiLTAxMzItNWIxNi00OGUwZWIxNGExYzciPgogIDxJc3N1ZXIgeG1sbnM9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPmh0dHA6Ly9leGFtcGxlLmNvbTwvSXNzdWVyPgogIDxzYW1scDpTdGF0dXM+CiAgICA8c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+CiAgPC9zYW1scDpTdGF0dXM+CgogIDxBc3NlcnRpb24geG1sbnM9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIElEPSJfNzAwYWMzMjAtNzRmZi0wMTMyLTViMTQtNDhlMGViMTRhMWM3IiBJc3N1ZUluc3RhbnQ9IjIwMTUtMDEtMDJUMjI6NDg6NDhaIiBWZXJzaW9uPSIyLjAiPgogICAgPElzc3Vlcj5odHRwOi8vZXhhbXBsZS5jb208L0lzc3Vlcj4KICAgIDxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPgogIDxkczpTaWduZWRJbmZvPgogICAgPGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4KICAgIDxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4KICAgIDxkczpSZWZlcmVuY2UgVVJJPSIiPgogICAgICA8ZHM6VHJhbnNmb3Jtcz4KICAgICAgICA8ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz4KICAgICAgICA8ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgIDwvZHM6VHJhbnNmb3Jtcz4KICAgICAgPGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+CiAgICAgIDxkczpEaWdlc3RWYWx1ZT5qQ2dlWENQREZsd2pUZ3FnUHAwbVUyVHF3OWc9PC9kczpEaWdlc3RWYWx1ZT4KICAgIDwvZHM6UmVmZXJlbmNlPgogIDwvZHM6U2lnbmVkSW5mbz4KICA8ZHM6U2lnbmF0dXJlVmFsdWU+bG9SN21DRmlNSURIUHBLeVgzRUd2dzJYeTZycEtFZWZVMDhYS1lWRXJ6MXB3a1BUUFFlYU5iK2RGMHZLai9rNQoyUmJ2Z3ZFUFN2ZGI3RDJOMTY5QjJMTGVmbXpaWTBDY0RKcThkK3lNbnZSNER3YitSUFl6bWJoS29XQ1ZyY3VPCnNvbEUxQTg3WFZjenNpd2JYRWllM2p4RHdDSk5vWi9GRFJRZy80RHRQVmc9PC9kczpTaWduYXR1cmVWYWx1ZT4KPGRzOktleUluZm8+CiAgPGRzOlg1MDlEYXRhPgogICAgPGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDVnpDQ0FjQUNDUURJVkhhTlNCWUw2VEFOQmdrcWhraUc5dzBCQVFzRkFEQndNUXN3Q1FZRFZRUUdFd0pHVWpFT01Bd0dBMVVFQ0F3RlVHRnlhWE14RGpBTUJnTlZCQWNNQlZCaGNtbHpNUll3RkFZRFZRUUtEQTFPYjNaaGNHOXpkQ0JVUlZOVU1Ta3dKd1lKS29aSWh2Y05BUWtCRmhwbWJHOXlaVzUwTG5CcFoyOTFkRUJ1YjNaaGNHOXpkQzVtY2pBZUZ3MHhOREF5TVRNeE16VXpOREJhRncweE5UQXlNVE14TXpVek5EQmFNSEF4Q3pBSkJnTlZCQVlUQWtaU01RNHdEQVlEVlFRSURBVlFZWEpwY3pFT01Bd0dBMVVFQnd3RlVHRnlhWE14RmpBVUJnTlZCQW9NRFU1dmRtRndiM04wSUZSRlUxUXhLVEFuQmdrcWhraUc5dzBCQ1FFV0dtWnNiM0psYm5RdWNHbG5iM1YwUUc1dmRtRndiM04wTG1aeU1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0R05BRENCaVFLQmdRQ2hMRkhuM0xuTjRKUS83V0NkWXVweGtVZ2NOT1FuUEYreWxsKy9EUHB1eDlucGZZMDU5UElVYXRCOFg3a0NuNWk4dFJ3SXkvaWtISlI2TXI4K01QdmM2Vk9aRHhQTmRadk1vLzhsaHhyYk4zSmRydzN3aFptVS9LUFI5RjNCZEZkdStTTHpyTWwxVERVWmxQdFk5WHpVRlhjcU44SVhjeThUSnpDQmVOZXkzUUlEQVFBQk1BMEdDU3FHU0liM0RRRUJDd1VBQTRHQkFDdEo4ZmVHemUxTkhCNVZ3MThqTVVQdkhvN0gzR3dtajZaREFYUWxhaUFYTXVOQnhOWFZXVndpZmw2VituVzN3OVFhN0Zlby9uWi9PNFRVT0gxbnorYWRrbGNDRDRRcFphRUlibUFicmlQV0pLZ2I0TFdHaHFRcnV3WVI3SXRUUjFNTlg5Z0xiUDB6MHp2REVRbm50L1ZVV0ZFQkxTSnE0WjROcmU4TEZtUzI8L2RzOlg1MDlDZXJ0aWZpY2F0ZT4KICA8L2RzOlg1MDlEYXRhPgo8L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PFN1YmplY3Q+CiAgICAgIDxOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDplbWFpbEFkZHJlc3MiPnNhbWxAdXNlci5jb208L05hbWVJRD4KICAgICAgPFN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj4KICAgICAgICA8U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgSW5SZXNwb25zZVRvPSJfZWQ5MTVhNDAtNzRmYi0wMTMyLTViMTYtNDhlMGViMTRhMWM3IiBOb3RPbk9yQWZ0ZXI9IjIwMzgtMDEtMDJUMjI6NTE6NDhaIiBSZWNpcGllbnQ9Imh0dHA6Ly9sb2NhbGhvc3Q6OTAwMS92MS91c2Vycy9hdXRob3JpemUvc2FtbCIvPgogICAgICA8L1N1YmplY3RDb25maXJtYXRpb24+CiAgICA8L1N1YmplY3Q+CiAgICA8Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTUtMDEtMDJUMjI6NDg6NDNaIiBOb3RPbk9yQWZ0ZXI9IjIwMzgtMDEtMDJUMjM6NDg6NDhaIj4KICAgICAgPEF1ZGllbmNlUmVzdHJpY3Rpb24+CiAgICAgICAgPEF1ZGllbmNlPmh0dHA6Ly9sb2NhbGhvc3Q6OTAwMS88L0F1ZGllbmNlPgogICAgICAgIDxBdWRpZW5jZT5mbGF0X3dvcmxkPC9BdWRpZW5jZT4KICAgICAgPC9BdWRpZW5jZVJlc3RyaWN0aW9uPgogICAgPC9Db25kaXRpb25zPgogICAgPEF0dHJpYnV0ZVN0YXRlbWVudD4KICAgICAgPEF0dHJpYnV0ZSBOYW1lPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiPgogICAgICAgIDxBdHRyaWJ1dGVWYWx1ZT5zYW1sQHVzZXIuY29tPC9BdHRyaWJ1dGVWYWx1ZT4KICAgICAgPC9BdHRyaWJ1dGU+CiAgICA8L0F0dHJpYnV0ZVN0YXRlbWVudD4KICAgIDxBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTUtMDEtMDJUMjI6NDg6NDhaIiBTZXNzaW9uSW5kZXg9Il83MDBhYzMyMC03NGZmLTAxMzItNWIxNC00OGUwZWIxNGExYzciPgogICAgICA8QXV0aG5Db250ZXh0PgogICAgICAgIDxBdXRobkNvbnRleHRDbGFzc1JlZj51cm46ZmVkZXJhdGlvbjphdXRoZW50aWNhdGlvbjp3aW5kb3dzPC9BdXRobkNvbnRleHRDbGFzc1JlZj4KICAgICAgPC9BdXRobkNvbnRleHQ+CiAgICA8L0F1dGhuU3RhdGVtZW50PgogIDwvQXNzZXJ0aW9uPgo8L3NhbWxwOlJlc3BvbnNlPgo=
diff --git a/tests/data/responses/response_without_reference_uri.xml.base64 b/tests/data/responses/response_without_reference_uri.xml.base64
index 7ceecf01..d830db01 100644
--- a/tests/data/responses/response_without_reference_uri.xml.base64
+++ b/tests/data/responses/response_without_reference_uri.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgSUQ9InBmeGQ1OTQzNDdkLTQ5NWYtYjhkMS0wZWUyLTQxY2ZkYTE0ZGQzNSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTUtMDEtMDJUMjI6NDg6NDhaIiBEZXN0aW5hdGlvbj0iaHR0cDovL2xvY2FsaG9zdDo5MDAxL3YxL3VzZXJzL2F1dGhvcml6ZS9zYW1sIiBDb25zZW50PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y29uc2VudDp1bnNwZWNpZmllZCIgSW5SZXNwb25zZVRvPSJfZWQ5MTVhNDAtNzRmYi0wMTMyLTViMTYtNDhlMGViMTRhMWM3Ij4NCiAgPElzc3VlciB4bWxucz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+aHR0cDovL2V4YW1wbGUuY29tPC9Jc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iIj48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5qQ2dlWENQREZsd2pUZ3FnUHAwbVUyVHF3OWc9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8+PGRzOlNpZ25hdHVyZVZhbHVlPkRmdXByMTh3UityRGFndENQRWZRbFNHSHp3NE5kZlBIWjRIc3pGZTFKUENKWGpmYnlFTTFmZytqemdHYk1NdDZYemdDWGNLSk03RS9DUFNURGt2TWUzRFVKbEh1NERodURPQXovRHN5b0J3V3VWK1JmM1dpTmNGNFhDYzl3QlF6dm4vYXREN3pXNnh3TzdOL2hrQVpKcWZ2SmRkbnBNTUhLR1hxRy9aSFpBdz08L2RzOlNpZ25hdHVyZVZhbHVlPg0KPGRzOktleUluZm8+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJQ3FEQ0NBaEdnQXdJQkFnSUJBREFOQmdrcWhraUc5dzBCQVEwRkFEQnhNUXN3Q1FZRFZRUUdFd0oxY3pFVE1CRUdBMVVFQ0F3S1YyRnphR2x1WjNSdmJqRWlNQ0FHQTFVRUNnd1pSbXhoZENCWGIzSnNaQ0JMYm05M2JHVmtaMlVzSUVsdVl6RWNNQm9HQTFVRUF3d1RiR1ZoY200dVpteGhkSGR2Y214a0xtTnZiVEVMTUFrR0ExVUVCd3dDUkVNd0hoY05NVFV3TnpBNE1EazFPVEF6V2hjTk1qVXdOekExTURrMU9UQXpXakJ4TVFzd0NRWURWUVFHRXdKMWN6RVRNQkVHQTFVRUNBd0tWMkZ6YUdsdVozUnZiakVpTUNBR0ExVUVDZ3daUm14aGRDQlhiM0pzWkNCTGJtOTNiR1ZrWjJVc0lFbHVZekVjTUJvR0ExVUVBd3dUYkdWaGNtNHVabXhoZEhkdmNteGtMbU52YlRFTE1Ba0dBMVVFQnd3Q1JFTXdnWjh3RFFZSktvWklodmNOQVFFQkJRQURnWTBBTUlHSkFvR0JBTVBEd3NsNW82eDJRb3VOaTEvRTdJVXFSWWoyWW9jSlJGc3VFR1RldnlVKzJhRkNhQk5WL3R0NnNBYk05V1N1dEx1cWpFL2hmYm5sRWNaMDMrZ24wQ29MbDZZbXdiS0tlUnBrSXplVmhveUoxWVlNUUVBVmhMcmR5OFBvd3U4VUNaMFBiQXorbjlka2lSek01cENDTzc3K2d5Y0ZUQkZLSEFBOXFJcFVaWmtQQWdNQkFBR2pVREJPTUIwR0ExVWREZ1FXQkJRSFU1OGl1R3hGbFp1ckJVSndvbGFsSnIrRlJ6QWZCZ05WSFNNRUdEQVdnQlFIVTU4aXVHeEZsWnVyQlVKd29sYWxKcitGUnpBTUJnTlZIUk1FQlRBREFRSC9NQTBHQ1NxR1NJYjNEUUVCRFFVQUE0R0JBQzZpSGZNbWQraE1TUnpma29zaTNDK3d2cUhDTEVVc2czSEZwa1ptNWp4bVREbEY1cU8rQnQwbjB4bWZvcVdCekJNbE5DOFRzR3JhZmhKM3p1OEdORjBMZW8xMXJmYzFHTUdCdnI1SG9aM1dBQXltbkJFREFBb3N4TjZXWlJtajF4YWdhMTMrNnBXZkdCKysyblB3Y1pXUC84ZGtQY1JvZ2V2VjB4MHA1Njg2PC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCg0KICA8QXNzZXJ0aW9uIHhtbG5zPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iXzcwMGFjMzIwLTc0ZmYtMDEzMi01YjE0LTQ4ZTBlYjE0YTFjNyIgSXNzdWVJbnN0YW50PSIyMDE1LTAxLTAyVDIyOjQ4OjQ4WiIgVmVyc2lvbj0iMi4wIj4NCiAgICA8SXNzdWVyPmh0dHA6Ly9leGFtcGxlLmNvbTwvSXNzdWVyPg0KICAgIDxTdWJqZWN0Pg0KICAgICAgPE5hbWVJRCBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c2FtbEB1c2VyLmNvbTwvTmFtZUlEPg0KICAgICAgPFN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj4NCiAgICAgICAgPFN1YmplY3RDb25maXJtYXRpb25EYXRhIEluUmVzcG9uc2VUbz0iX2VkOTE1YTQwLTc0ZmItMDEzMi01YjE2LTQ4ZTBlYjE0YTFjNyIgTm90T25PckFmdGVyPSIyMDM4LTAxLTAyVDIyOjUxOjQ4WiIgUmVjaXBpZW50PSJodHRwOi8vbG9jYWxob3N0OjkwMDEvdjEvdXNlcnMvYXV0aG9yaXplL3NhbWwiLz4NCiAgICAgIDwvU3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L1N1YmplY3Q+DQogICAgPENvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE1LTAxLTAyVDIyOjQ4OjQzWiIgTm90T25PckFmdGVyPSIyMDM4LTAxLTAyVDIzOjQ4OjQ4WiI+DQogICAgICA8QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICAgICAgPEF1ZGllbmNlPmh0dHA6Ly9sb2NhbGhvc3Q6OTAwMS88L0F1ZGllbmNlPg0KICAgICAgICA8QXVkaWVuY2U+ZmxhdF93b3JsZDwvQXVkaWVuY2U+DQogICAgICA8L0F1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgPC9Db25kaXRpb25zPg0KICAgIDxBdHRyaWJ1dGVTdGF0ZW1lbnQ+DQogICAgICA8QXR0cmlidXRlIE5hbWU9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDUvaWRlbnRpdHkvY2xhaW1zL2VtYWlsYWRkcmVzcyI+DQogICAgICAgIDxBdHRyaWJ1dGVWYWx1ZT5zYW1sQHVzZXIuY29tPC9BdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvQXR0cmlidXRlPg0KICAgIDwvQXR0cmlidXRlU3RhdGVtZW50Pg0KICAgIDxBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTUtMDEtMDJUMjI6NDg6NDhaIiBTZXNzaW9uSW5kZXg9Il83MDBhYzMyMC03NGZmLTAxMzItNWIxNC00OGUwZWIxNGExYzciPg0KICAgICAgPEF1dGhuQ29udGV4dD4NCiAgICAgICAgPEF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpmZWRlcmF0aW9uOmF1dGhlbnRpY2F0aW9uOndpbmRvd3M8L0F1dGhuQ29udGV4dENsYXNzUmVmPg0KICAgICAgPC9BdXRobkNvbnRleHQ+DQogICAgPC9BdXRoblN0YXRlbWVudD4NCiAgPC9Bc3NlcnRpb24+DQo8L3NhbWxwOlJlc3BvbnNlPg==
\ No newline at end of file
+PD94bWwgdmVyc2lvbj0iMS4wIj8+CjxzYW1scDpSZXNwb25zZSB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiBJRD0icGZ4ZDU5NDM0N2QtNDk1Zi1iOGQxLTBlZTItNDFjZmRhMTRkZDM1IiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAxNS0wMS0wMlQyMjo0ODo0OFoiIERlc3RpbmF0aW9uPSJodHRwOi8vbG9jYWxob3N0OjkwMDEvdjEvdXNlcnMvYXV0aG9yaXplL3NhbWwiIENvbnNlbnQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjb25zZW50OnVuc3BlY2lmaWVkIiBJblJlc3BvbnNlVG89Il9lZDkxNWE0MC03NGZiLTAxMzItNWIxNi00OGUwZWIxNGExYzciPgogIDxJc3N1ZXIgeG1sbnM9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPmh0dHA6Ly9leGFtcGxlLmNvbTwvSXNzdWVyPgogIDxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPgogIDxkczpTaWduZWRJbmZvPgogICAgPGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4KICAgIDxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4KICAgIDxkczpSZWZlcmVuY2UgVVJJPSIiPgogICAgICA8ZHM6VHJhbnNmb3Jtcz4KICAgICAgICA8ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz4KICAgICAgICA8ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICAgIDwvZHM6VHJhbnNmb3Jtcz4KICAgICAgPGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+CiAgICAgIDxkczpEaWdlc3RWYWx1ZT5qQ2dlWENQREZsd2pUZ3FnUHAwbVUyVHF3OWc9PC9kczpEaWdlc3RWYWx1ZT4KICAgIDwvZHM6UmVmZXJlbmNlPgogIDwvZHM6U2lnbmVkSW5mbz4KICA8ZHM6U2lnbmF0dXJlVmFsdWU+bG9SN21DRmlNSURIUHBLeVgzRUd2dzJYeTZycEtFZWZVMDhYS1lWRXJ6MXB3a1BUUFFlYU5iK2RGMHZLai9rNQoyUmJ2Z3ZFUFN2ZGI3RDJOMTY5QjJMTGVmbXpaWTBDY0RKcThkK3lNbnZSNER3YitSUFl6bWJoS29XQ1ZyY3VPCnNvbEUxQTg3WFZjenNpd2JYRWllM2p4RHdDSk5vWi9GRFJRZy80RHRQVmc9PC9kczpTaWduYXR1cmVWYWx1ZT4KPGRzOktleUluZm8+CiAgPGRzOlg1MDlEYXRhPgogICAgPGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlDVnpDQ0FjQUNDUURJVkhhTlNCWUw2VEFOQmdrcWhraUc5dzBCQVFzRkFEQndNUXN3Q1FZRFZRUUdFd0pHVWpFT01Bd0dBMVVFQ0F3RlVHRnlhWE14RGpBTUJnTlZCQWNNQlZCaGNtbHpNUll3RkFZRFZRUUtEQTFPYjNaaGNHOXpkQ0JVUlZOVU1Ta3dKd1lKS29aSWh2Y05BUWtCRmhwbWJHOXlaVzUwTG5CcFoyOTFkRUJ1YjNaaGNHOXpkQzVtY2pBZUZ3MHhOREF5TVRNeE16VXpOREJhRncweE5UQXlNVE14TXpVek5EQmFNSEF4Q3pBSkJnTlZCQVlUQWtaU01RNHdEQVlEVlFRSURBVlFZWEpwY3pFT01Bd0dBMVVFQnd3RlVHRnlhWE14RmpBVUJnTlZCQW9NRFU1dmRtRndiM04wSUZSRlUxUXhLVEFuQmdrcWhraUc5dzBCQ1FFV0dtWnNiM0psYm5RdWNHbG5iM1YwUUc1dmRtRndiM04wTG1aeU1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0R05BRENCaVFLQmdRQ2hMRkhuM0xuTjRKUS83V0NkWXVweGtVZ2NOT1FuUEYreWxsKy9EUHB1eDlucGZZMDU5UElVYXRCOFg3a0NuNWk4dFJ3SXkvaWtISlI2TXI4K01QdmM2Vk9aRHhQTmRadk1vLzhsaHhyYk4zSmRydzN3aFptVS9LUFI5RjNCZEZkdStTTHpyTWwxVERVWmxQdFk5WHpVRlhjcU44SVhjeThUSnpDQmVOZXkzUUlEQVFBQk1BMEdDU3FHU0liM0RRRUJDd1VBQTRHQkFDdEo4ZmVHemUxTkhCNVZ3MThqTVVQdkhvN0gzR3dtajZaREFYUWxhaUFYTXVOQnhOWFZXVndpZmw2VituVzN3OVFhN0Zlby9uWi9PNFRVT0gxbnorYWRrbGNDRDRRcFphRUlibUFicmlQV0pLZ2I0TFdHaHFRcnV3WVI3SXRUUjFNTlg5Z0xiUDB6MHp2REVRbm50L1ZVV0ZFQkxTSnE0WjROcmU4TEZtUzI8L2RzOlg1MDlDZXJ0aWZpY2F0ZT4KICA8L2RzOlg1MDlEYXRhPgo8L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz4KICAgIDxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz4KICA8L3NhbWxwOlN0YXR1cz4KCiAgPEFzc2VydGlvbiB4bWxucz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9Il83MDBhYzMyMC03NGZmLTAxMzItNWIxNC00OGUwZWIxNGExYzciIElzc3VlSW5zdGFudD0iMjAxNS0wMS0wMlQyMjo0ODo0OFoiIFZlcnNpb249IjIuMCI+CiAgICA8SXNzdWVyPmh0dHA6Ly9leGFtcGxlLmNvbTwvSXNzdWVyPgogICAgPFN1YmplY3Q+CiAgICAgIDxOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDplbWFpbEFkZHJlc3MiPnNhbWxAdXNlci5jb208L05hbWVJRD4KICAgICAgPFN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj4KICAgICAgICA8U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgSW5SZXNwb25zZVRvPSJfZWQ5MTVhNDAtNzRmYi0wMTMyLTViMTYtNDhlMGViMTRhMWM3IiBOb3RPbk9yQWZ0ZXI9IjIwMzgtMDEtMDJUMjI6NTE6NDhaIiBSZWNpcGllbnQ9Imh0dHA6Ly9sb2NhbGhvc3Q6OTAwMS92MS91c2Vycy9hdXRob3JpemUvc2FtbCIvPgogICAgICA8L1N1YmplY3RDb25maXJtYXRpb24+CiAgICA8L1N1YmplY3Q+CiAgICA8Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTUtMDEtMDJUMjI6NDg6NDNaIiBOb3RPbk9yQWZ0ZXI9IjIwMzgtMDEtMDJUMjM6NDg6NDhaIj4KICAgICAgPEF1ZGllbmNlUmVzdHJpY3Rpb24+CiAgICAgICAgPEF1ZGllbmNlPmh0dHA6Ly9sb2NhbGhvc3Q6OTAwMS88L0F1ZGllbmNlPgogICAgICAgIDxBdWRpZW5jZT5mbGF0X3dvcmxkPC9BdWRpZW5jZT4KICAgICAgPC9BdWRpZW5jZVJlc3RyaWN0aW9uPgogICAgPC9Db25kaXRpb25zPgogICAgPEF0dHJpYnV0ZVN0YXRlbWVudD4KICAgICAgPEF0dHJpYnV0ZSBOYW1lPSJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9lbWFpbGFkZHJlc3MiPgogICAgICAgIDxBdHRyaWJ1dGVWYWx1ZT5zYW1sQHVzZXIuY29tPC9BdHRyaWJ1dGVWYWx1ZT4KICAgICAgPC9BdHRyaWJ1dGU+CiAgICA8L0F0dHJpYnV0ZVN0YXRlbWVudD4KICAgIDxBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTUtMDEtMDJUMjI6NDg6NDhaIiBTZXNzaW9uSW5kZXg9Il83MDBhYzMyMC03NGZmLTAxMzItNWIxNC00OGUwZWIxNGExYzciPgogICAgICA8QXV0aG5Db250ZXh0PgogICAgICAgIDxBdXRobkNvbnRleHRDbGFzc1JlZj51cm46ZmVkZXJhdGlvbjphdXRoZW50aWNhdGlvbjp3aW5kb3dzPC9BdXRobkNvbnRleHRDbGFzc1JlZj4KICAgICAgPC9BdXRobkNvbnRleHQ+CiAgICA8L0F1dGhuU3RhdGVtZW50PgogIDwvQXNzZXJ0aW9uPgo8L3NhbWxwOlJlc3BvbnNlPgo=
diff --git a/tests/data/responses/signed_assertion_response.xml.base64 b/tests/data/responses/signed_assertion_response.xml.base64
index 80e214a3..ff563b49 100644
--- a/tests/data/responses/signed_assertion_response.xml.base64
+++ b/tests/data/responses/signed_assertion_response.xml.base64
@@ -1 +1 @@
-PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIElEPSJfMmUwZjNlOGE3YzUxZGUyNjcxNjczNDE0YWE3ZDVhNjkyNDdmNmQ2NjI1IiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAxNC0wMy0zMVQwMDozNzoxNloiIERlc3RpbmF0aW9uPSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL2luZGV4LnBocD9hY3MiIEluUmVzcG9uc2VUbz0iT05FTE9HSU5fNjEyYmJmOWIxNjQ1Mjk0YWEwYjQ2MzdiMWJjNWYzOWRlOGI3OWNlYiI+PHNhbWw6SXNzdWVyPmh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvc2ltcGxlc2FtbC9zYW1sMi9pZHAvbWV0YWRhdGEucGhwPC9zYW1sOklzc3Vlcj48c2FtbHA6U3RhdHVzPjxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz48L3NhbWxwOlN0YXR1cz48c2FtbDpBc3NlcnRpb24geG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiBJRD0icGZ4ZDdkZWFmOGQtYTlmOS1iNmQyLTU5ZjItZTQ2MjI5MmFjMTNkIiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAxNC0wMy0zMVQwMDozNzoxNloiPjxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+CiAgPGRzOlNpZ25lZEluZm8+PGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4KICAgIDxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeGQ3ZGVhZjhkLWE5ZjktYjZkMi01OWYyLWU0NjIyOTJhYzEzZCI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+ckNaU2E0bHZydndRRVN6UnVjU1hKUW1aTGtVPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT5HZ1JSRjZkNXE2a01zUHNTUnZZbE43NHQ4aGNiWDB5QU9OYTZDS2xHT1ZuaUxaN2w5M1dBcDRQSEIrWFhZYnlCU0x1RnJsYW9JbzFnRk5pUk10aU5hRzIreWczK2IxTXRBaXRGdmFWeTZ3dnhRbDFhamdUYUFjbVdjYTNJckp6U3I0ZGtxL1ZVZWZuZFhmZ01Ga2NldWdDNk00UGw4MXZ3TVYzM1BFU1lDQm89PC9kczpTaWduYXR1cmVWYWx1ZT4KPGRzOktleUluZm8+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJQ2dUQ0NBZW9DQ1FDYk9scldEZFg3RlRBTkJna3Foa2lHOXcwQkFRVUZBRENCaERFTE1Ba0dBMVVFQmhNQ1RrOHhHREFXQmdOVkJBZ1REMEZ1WkhKbFlYTWdVMjlzWW1WeVp6RU1NQW9HQTFVRUJ4TURSbTl2TVJBd0RnWURWUVFLRXdkVlRrbE9SVlJVTVJnd0ZnWURWUVFERXc5bVpXbGtaUzVsY214aGJtY3VibTh4SVRBZkJna3Foa2lHOXcwQkNRRVdFbUZ1WkhKbFlYTkFkVzVwYm1WMGRDNXViekFlRncwd056QTJNVFV4TWpBeE16VmFGdzB3TnpBNE1UUXhNakF4TXpWYU1JR0VNUXN3Q1FZRFZRUUdFd0pPVHpFWU1CWUdBMVVFQ0JNUFFXNWtjbVZoY3lCVGIyeGlaWEpuTVF3d0NnWURWUVFIRXdOR2IyOHhFREFPQmdOVkJBb1RCMVZPU1U1RlZGUXhHREFXQmdOVkJBTVREMlpsYVdSbExtVnliR0Z1Wnk1dWJ6RWhNQjhHQ1NxR1NJYjNEUUVKQVJZU1lXNWtjbVZoYzBCMWJtbHVaWFIwTG01dk1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0R05BRENCaVFLQmdRRGl2YmhSN1A1MTZ4L1MzQnFLeHVwUWUwTE9Ob2xpdXBpQk9lc0NPM1NIYkRybDMrcTlJYmZuZm1FMDRyTnVNY1BzSXhCMTYxVGREcEllc0xDbjdjOGFQSElTS090UGxBZVRaU25iOFFBdTdhUmpacTMrUGJyUDV1VzNUY2ZDR1B0S1R5dEhPZ2UvT2xKYm8wNzhkVmhYUTE0ZDFFRHdYSlcxclJYdVV0NEM4UUlEQVFBQk1BMEdDU3FHU0liM0RRRUJCUVVBQTRHQkFDRFZmcDg2SE9icVkrZThCVW9XUTkrVk1ReDFBU0RvaEJqd09zZzJXeWtVcVJYRitkTGZjVUg5ZFdSNjNDdFpJS0ZEYlN0Tm9tUG5RejduYksrb255Z3dCc3BWRWJuSHVVaWhacTNaVWRtdW1RcUN3NFV2cy8xVXZxM29yT28vV0pWaFR5dkxnRlZLMlFhclE0LzY3T1pmSGQ3UitQT0JYaG9waFNNdjFaT288L2RzOlg1MDlDZXJ0aWZpY2F0ZT48L2RzOlg1MDlEYXRhPjwvZHM6S2V5SW5mbz48L2RzOlNpZ25hdHVyZT48c2FtbDpTdWJqZWN0PjxzYW1sOk5hbWVJRCBTUE5hbWVRdWFsaWZpZXI9Imh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvbmV3b25lbG9naW4vZGVtbzEvbWV0YWRhdGEucGhwIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OnRyYW5zaWVudCI+XzNhZjYyZjFkMDM1MTNiZGQ2MWRkNWJmMDRkM2RlYjdhYTYxNzQ4MGUyMjwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMy0xMC0wMlQwNTo1NzoxNloiIFJlY2lwaWVudD0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzYxMmJiZjliMTY0NTI5NGFhMGI0NjM3YjFiYzVmMzlkZThiNzljZWIiLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxNC0wMy0zMVQwMDozNjo0NloiIE5vdE9uT3JBZnRlcj0iMjAyMy0xMC0wMlQwNTo1NzoxNloiPjxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PHNhbWw6QXVkaWVuY2U+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+PC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sOkNvbmRpdGlvbnM+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE0LTAzLTMxVDAwOjM3OjE2WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAxNC0wMy0zMVQwODozNzoxNloiIFNlc3Npb25JbmRleD0iXzg1ZTdjZmUxNmQ2ZTdlNjAwYmQ5OGJiYzJiNDM3MWUxYzY5NTg4YTRkYSI+PHNhbWw6QXV0aG5Db250ZXh0PjxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDpBdXRobkNvbnRleHQ+PC9zYW1sOkF1dGhuU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGUgTmFtZT0idWlkIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj50ZXN0PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9Im1haWwiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnRlc3RAZXhhbXBsZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iY24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnRlc3Q8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0ic24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPndhYTI8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iZWR1UGVyc29uQWZmaWxpYXRpb24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnVzZXI8L3NhbWw6QXR0cmlidXRlVmFsdWU+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+YWRtaW48L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4=
+PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIElEPSJfMmUwZjNlOGE3YzUxZGUyNjcxNjczNDE0YWE3ZDVhNjkyNDdmNmQ2NjI1IiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAxNC0wMy0zMVQwMDozNzoxNloiIERlc3RpbmF0aW9uPSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL2luZGV4LnBocD9hY3MiIEluUmVzcG9uc2VUbz0iT05FTE9HSU5fNjEyYmJmOWIxNjQ1Mjk0YWEwYjQ2MzdiMWJjNWYzOWRlOGI3OWNlYiI+PHNhbWw6SXNzdWVyPmh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvc2ltcGxlc2FtbC9zYW1sMi9pZHAvbWV0YWRhdGEucGhwPC9zYW1sOklzc3Vlcj48c2FtbHA6U3RhdHVzPjxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz48L3NhbWxwOlN0YXR1cz48c2FtbDpBc3NlcnRpb24geG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiBJRD0icGZ4ZDNkZDIzYjEtYWZiYy1jNWQxLTVmOTgtMjFjNmJhYzVkYjRjIiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAxNC0wMy0zMVQwMDozNzoxNloiPjxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeGQzZGQyM2IxLWFmYmMtYzVkMS01Zjk4LTIxYzZiYWM1ZGI0YyI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+d2dCMnYvaE9hU29PQzd6S0tFLzhpdmhsQnRVPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT5QbUwrRTllcWxXVDdobExxeHM2QVlWZTJTR2VmT0lTbWZQTjBMUlhaa2VmSks4d3hpM01wZUVaU25XTC91SEI5MmRYcSsrWStBd1dUQnFySHZqL3g5ckMzRE5FUmZXcFB1QUZUejcrNXBCWDVEb2lpeDNnZmlHUXQ0WDM0YThwRWY2WG90bGUzTmpYcEVWRXVQWmRlRzB1WG5kWVZKUmJpSUV6WnNMMnB4QXM9PC9kczpTaWduYXR1cmVWYWx1ZT4NCjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWw6U3ViamVjdD48c2FtbDpOYW1lSUQgU1BOYW1lUXVhbGlmaWVyPSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL21ldGFkYXRhLnBocCIgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDp0cmFuc2llbnQiPl8zYWY2MmYxZDAzNTEzYmRkNjFkZDViZjA0ZDNkZWI3YWE2MTc0ODBlMjI8L3NhbWw6TmFtZUlEPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBOb3RPbk9yQWZ0ZXI9IjI5OTMtMTAtMDJUMDU6NTc6MTZaIiBSZWNpcGllbnQ9Imh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvbmV3b25lbG9naW4vZGVtbzEvaW5kZXgucGhwP2FjcyIgSW5SZXNwb25zZVRvPSJPTkVMT0dJTl82MTJiYmY5YjE2NDUyOTRhYTBiNDYzN2IxYmM1ZjM5ZGU4Yjc5Y2ViIi8+PC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+PC9zYW1sOlN1YmplY3Q+PHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTQtMDMtMzFUMDA6MzY6NDZaIiBOb3RPbk9yQWZ0ZXI9IjI5OTMtMTAtMDJUMDU6NTc6MTZaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPmh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvbmV3b25lbG9naW4vZGVtbzEvbWV0YWRhdGEucGhwPC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxNC0wMy0zMVQwMDozNzoxNloiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjI5OTMtMDMtMzFUMDg6Mzc6MTZaIiBTZXNzaW9uSW5kZXg9Il84NWU3Y2ZlMTZkNmU3ZTYwMGJkOThiYmMyYjQzNzFlMWM2OTU4OGE0ZGEiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIE5hbWU9InVpZCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+dGVzdDwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj50ZXN0QGV4YW1wbGUuY29tPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImNuIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj50ZXN0PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9InNuIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj53YWEyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9ImVkdVBlcnNvbkFmZmlsaWF0aW9uIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj51c2VyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPmFkbWluPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+
diff --git a/tests/data/responses/signed_message_response.xml.base64 b/tests/data/responses/signed_message_response.xml.base64
index 492348a4..09951908 100644
--- a/tests/data/responses/signed_message_response.xml.base64
+++ b/tests/data/responses/signed_message_response.xml.base64
@@ -1 +1 @@
-PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIElEPSJwZnhjM2QyYjU0Mi0wZjdlLTg3NjctOGU4Ny01YjBkYzY5MTMzNzUiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDE0LTAzLTIxVDEzOjQxOjA5WiIgRGVzdGluYXRpb249Imh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvbmV3b25lbG9naW4vZGVtbzEvaW5kZXgucGhwP2FjcyIgSW5SZXNwb25zZVRvPSJPTkVMT0dJTl81ZDllMzE5YzFiOGE2N2RhNDgyMjc5NjRjMjhkMjgwZTc4NjBmODA0Ij48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9zaW1wbGVzYW1sL3NhbWwyL2lkcC9tZXRhZGF0YS5waHA8L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPgogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CiAgICA8ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+CiAgPGRzOlJlZmVyZW5jZSBVUkk9IiNwZnhjM2QyYjU0Mi0wZjdlLTg3NjctOGU4Ny01YjBkYzY5MTMzNzUiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPjFkUUZpWVUwbzJPRjdjL1JWVjhHcGdiNHUzST08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+d1JnQlhPcS9GaUxaYzJtdXJlVEMvajZ6WTcwOU9pa0o1SGVVU3J1SFRkWWpFZzlhWnkxUmJ4bEtJWUVJZlhwblg3TkJvS3hmQU1tK08wZnNycU9qZ2NZeFRWa3Faak9yNzFxaVhOYnR3amVBa2RZU3BrNWJyc0FjbmZjUGR2OFFSZVlyM0Q3dDVaVkNnWXV2WFErZE5FTEtlYWc3ZTFBU096VnFPZHA1WjlZPTwvZHM6U2lnbmF0dXJlVmFsdWU+CjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9Il9jY2NkNjAyNDExNjY0MWZlNDhlMGFlMmM1MTIyMGQwMjc1NWY5NmM5OGQiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDE0LTAzLTIxVDEzOjQxOjA5WiI+PHNhbWw6SXNzdWVyPmh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvc2ltcGxlc2FtbC9zYW1sMi9pZHAvbWV0YWRhdGEucGhwPC9zYW1sOklzc3Vlcj48c2FtbDpTdWJqZWN0PjxzYW1sOk5hbWVJRCBTUE5hbWVRdWFsaWZpZXI9Imh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvbmV3b25lbG9naW4vZGVtbzEvbWV0YWRhdGEucGhwIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OnRyYW5zaWVudCI+X2I5OGY5OGJiMWFiNTEyY2VkNjUzYjU4YmFhZmY1NDM0NDhkYWVkNTM1ZDwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMy0wOS0yMlQxOTowMTowOVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVkOWUzMTljMWI4YTY3ZGE0ODIyNzk2NGMyOGQyODBlNzg2MGY4MDQiLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxNC0wMy0yMVQxMzo0MDozOVoiIE5vdE9uT3JBZnRlcj0iMjAyMy0wOS0yMlQxOTowMTowOVoiPjxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PHNhbWw6QXVkaWVuY2U+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+PC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sOkNvbmRpdGlvbnM+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE0LTAzLTIxVDEzOjQxOjA5WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAxNC0wMy0yMVQyMTo0MTowOVoiIFNlc3Npb25JbmRleD0iXzlmZTBjOGRjZDMzMDJlNzM2NGZjYWIyMmE1Mjc0OGViZjIyMjRkZjBhYSI+PHNhbWw6QXV0aG5Db250ZXh0PjxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDpBdXRobkNvbnRleHQ+PC9zYW1sOkF1dGhuU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGUgTmFtZT0idWlkIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj50ZXN0PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9Im1haWwiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnRlc3RAZXhhbXBsZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iY24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnRlc3Q8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0ic24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPndhYTI8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iZWR1UGVyc29uQWZmaWxpYXRpb24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnVzZXI8L3NhbWw6QXR0cmlidXRlVmFsdWU+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+YWRtaW48L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4=
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGYyMDljZDYwLWYwNjAtNzIyYi0wMmU5LTQ4NTBhYzVhMmU0MSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDMtMjFUMTM6NDE6MDlaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVkOWUzMTljMWI4YTY3ZGE0ODIyNzk2NGMyOGQyODBlNzg2MGY4MDQiPjxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeGYyMDljZDYwLWYwNjAtNzIyYi0wMmU5LTQ4NTBhYzVhMmU0MSI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+bXY1bGZSRTYzclBJcmIyOXRRNlFiZmUveXZZPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT55UXZyTnNvU3dXWEwzclNXM3NINml5ZkcwdWtycTF0eXZzeWRTcnM2M3d6MWF5YVZZL3VYQlF1bGRuMVZjUW1PWnBRZ0R3blp3am1iNWZVK0NaZWpRdzVkVHRqMm1KUjUwVE8xV2o4MXVwVkV0UUJ5RjJSeU9QMUdzQjI3ZFNlWVJUTVlzSzY0eXd6SXhmbHR3MDJCQlFVcXB6MTBpM0V0bFZoNDZoYytMV1k9PC9kczpTaWduYXR1cmVWYWx1ZT4NCjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9Il9jY2NkNjAyNDExNjY0MWZlNDhlMGFlMmM1MTIyMGQwMjc1NWY5NmM5OGQiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDE0LTAzLTIxVDEzOjQxOjA5WiI+PHNhbWw6SXNzdWVyPmh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvc2ltcGxlc2FtbC9zYW1sMi9pZHAvbWV0YWRhdGEucGhwPC9zYW1sOklzc3Vlcj48c2FtbDpTdWJqZWN0PjxzYW1sOk5hbWVJRCBTUE5hbWVRdWFsaWZpZXI9Imh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvbmV3b25lbG9naW4vZGVtbzEvbWV0YWRhdGEucGhwIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OnRyYW5zaWVudCI+X2I5OGY5OGJiMWFiNTEyY2VkNjUzYjU4YmFhZmY1NDM0NDhkYWVkNTM1ZDwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjk5My0wOS0yMlQxOTowMTowOVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVkOWUzMTljMWI4YTY3ZGE0ODIyNzk2NGMyOGQyODBlNzg2MGY4MDQiLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxNC0wMy0yMVQxMzo0MDozOVoiIE5vdE9uT3JBZnRlcj0iMjk5My0wOS0yMlQxOTowMTowOVoiPjxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PHNhbWw6QXVkaWVuY2U+aHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+PC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sOkNvbmRpdGlvbnM+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE0LTAzLTIxVDEzOjQxOjA5WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjk5My0wMy0yMVQyMTo0MTowOVoiIFNlc3Npb25JbmRleD0iXzlmZTBjOGRjZDMzMDJlNzM2NGZjYWIyMmE1Mjc0OGViZjIyMjRkZjBhYSI+PHNhbWw6QXV0aG5Db250ZXh0PjxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlBhc3N3b3JkPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDpBdXRobkNvbnRleHQ+PC9zYW1sOkF1dGhuU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGUgTmFtZT0idWlkIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj50ZXN0PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIE5hbWU9Im1haWwiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnRlc3RAZXhhbXBsZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iY24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnRlc3Q8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0ic24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPndhYTI8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iZWR1UGVyc29uQWZmaWxpYXRpb24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnVzZXI8L3NhbWw6QXR0cmlidXRlVmFsdWU+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+YWRtaW48L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4=
diff --git a/tests/data/responses/unsigned_response.xml.base64 b/tests/data/responses/unsigned_response.xml.base64
index 66892b53..18abcf23 100644
--- a/tests/data/responses/unsigned_response.xml.base64
+++ b/tests/data/responses/unsigned_response.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMC0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjIwMjEtMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICAgIDxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgICAgIDxzYW1sOkF1ZGllbmNlPmh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMS0wNi0xN1QxNDo1NDowN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwMjEtMDYtMTdUMjI6NTQ6MTRaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCI+DQogIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+DQogIDxzYW1scDpTdGF0dXM+DQogICAgPHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPg0KICA8L3NhbWxwOlN0YXR1cz4NCiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeDc4NDE5OTFjLWM3M2YtNDAzNS1lMmVlLWMxNzBjMGUxZDNlNCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTRaIj4NCiAgICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPiAgICANCiAgICA8c2FtbDpTdWJqZWN0Pg0KICAgICAgPHNhbWw6TmFtZUlEIFNQTmFtZVF1YWxpZmllcj0iaGVsbG8uY29tIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjk5OS0wNi0xN1QxNDo1OToxNFoiIFJlY2lwaWVudD0iaHR0cDovL3N0dWZmLmNvbS9lbmRwb2ludHMvZW5kcG9pbnRzL2Fjcy5waHAiIEluUmVzcG9uc2VUbz0iXzU3YmNiZjcwLTdiMWYtMDEyZS1jODIxLTc4MmJjYjEzYmIzOCIvPg0KICAgICAgPC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+DQogICAgPC9zYW1sOlN1YmplY3Q+DQogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTAtMDYtMTdUMTQ6NTM6NDRaIiBOb3RPbk9yQWZ0ZXI9IjI5OTktMDYtMTdUMTQ6NTk6MTRaIj4NCiAgICAgIDxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+DQogICAgICAgIDxzYW1sOkF1ZGllbmNlPmh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxMS0wNi0xN1QxNDo1NDowN1oiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjI5OTktMDYtMTdUMjI6NTQ6MTRaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
diff --git a/tests/data/responses/unsigned_response_with_miliseconds.xm.base64 b/tests/data/responses/unsigned_response_with_miliseconds.xm.base64
index 76522b7e..1722cbf9 100644
--- a/tests/data/responses/unsigned_response_with_miliseconds.xm.base64
+++ b/tests/data/responses/unsigned_response_with_miliseconds.xm.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTQuMTIwWiIgRGVzdGluYXRpb249Imh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL2VuZHBvaW50cy9hY3MucGhwIiBJblJlc3BvbnNlVG89Il81N2JjYmY3MC03YjFmLTAxMmUtYzgyMS03ODJiY2IxM2JiMzgiPg0KICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPg0KICA8c2FtbHA6U3RhdHVzPg0KICAgIDxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz4NCiAgPC9zYW1scDpTdGF0dXM+DQogIDxzYW1sOkFzc2VydGlvbiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIElEPSJwZng3ODQxOTkxYy1jNzNmLTQwMzUtZTJlZS1jMTcwYzBlMWQzZTQiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDExLTA2LTE3VDE0OjU0OjE0LjEyMFoiPg0KICAgIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+ICAgIA0KICAgIDxzYW1sOlN1YmplY3Q+DQogICAgICA8c2FtbDpOYW1lSUQgU1BOYW1lUXVhbGlmaWVyPSJoZWxsby5jb20iIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIj5zb21lb25lQGV4YW1wbGUuY29tPC9zYW1sOk5hbWVJRD4NCiAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj4NCiAgICAgICAgPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDIwLTA2LTE3VDE0OjU5OjE0WiIgUmVjaXBpZW50PSJodHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9lbmRwb2ludHMvYWNzLnBocCIgSW5SZXNwb25zZVRvPSJfNTdiY2JmNzAtN2IxZi0wMTJlLWM4MjEtNzgyYmNiMTNiYjM4Ii8+DQogICAgICA8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0wNi0xN1QxNDo1Mzo0NC4xNzNaIiBOb3RPbk9yQWZ0ZXI9IjIwMjEtMDYtMTdUMTQ6NTk6MTQuMjM1WiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT5odHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+DQogICAgICA8L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MDcuMTIwWiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAyMS0wNi0xN1QyMjo1NDoxNC4xMjBaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
\ No newline at end of file
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGMzMmFlZDY3LTgyMGYtNDI5Ni0wYzIwLTIwNWExMGRkNTc4NyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MTQuMTIwWiIgRGVzdGluYXRpb249Imh0dHA6Ly9zdHVmZi5jb20vZW5kcG9pbnRzL2VuZHBvaW50cy9hY3MucGhwIiBJblJlc3BvbnNlVG89Il81N2JjYmY3MC03YjFmLTAxMmUtYzgyMS03ODJiY2IxM2JiMzgiPg0KICA8c2FtbDpJc3N1ZXI+aHR0cDovL2lkcC5leGFtcGxlLmNvbS88L3NhbWw6SXNzdWVyPg0KICA8c2FtbHA6U3RhdHVzPg0KICAgIDxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz4NCiAgPC9zYW1scDpTdGF0dXM+DQogIDxzYW1sOkFzc2VydGlvbiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIElEPSJwZng3ODQxOTkxYy1jNzNmLTQwMzUtZTJlZS1jMTcwYzBlMWQzZTQiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDExLTA2LTE3VDE0OjU0OjE0LjEyMFoiPg0KICAgIDxzYW1sOklzc3Vlcj5odHRwOi8vaWRwLmV4YW1wbGUuY29tLzwvc2FtbDpJc3N1ZXI+ICAgIA0KICAgIDxzYW1sOlN1YmplY3Q+DQogICAgICA8c2FtbDpOYW1lSUQgU1BOYW1lUXVhbGlmaWVyPSJoZWxsby5jb20iIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzIj5zb21lb25lQGV4YW1wbGUuY29tPC9zYW1sOk5hbWVJRD4NCiAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj4NCiAgICAgICAgPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDIwLTA2LTE3VDE0OjU5OjE0WiIgUmVjaXBpZW50PSJodHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9lbmRwb2ludHMvYWNzLnBocCIgSW5SZXNwb25zZVRvPSJfNTdiY2JmNzAtN2IxZi0wMTJlLWM4MjEtNzgyYmNiMTNiYjM4Ii8+DQogICAgICA8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4NCiAgICA8L3NhbWw6U3ViamVjdD4NCiAgICA8c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMC0wNi0xN1QxNDo1Mzo0NC4xNzNaIiBOb3RPbk9yQWZ0ZXI9IjIwOTktMDYtMTdUMTQ6NTk6MTQuMjM1WiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT5odHRwOi8vc3R1ZmYuY29tL2VuZHBvaW50cy9tZXRhZGF0YS5waHA8L3NhbWw6QXVkaWVuY2U+DQogICAgICA8L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4NCiAgICA8L3NhbWw6Q29uZGl0aW9ucz4NCiAgICA8c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTEtMDYtMTdUMTQ6NTQ6MDcuMTIwWiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjA5OS0wNi0xN1QyMjo1NDoxNC4xMjBaIiBTZXNzaW9uSW5kZXg9Il81MWJlMzc5NjVmZWI1NTc5ZDgwMzE0MTA3NjkzNmRjMmU5ZDFkOThlYmYiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c29tZW9uZUBleGFtcGxlLmNvbTwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgPC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgPC9zYW1sOkFzc2VydGlvbj4NCjwvc2FtbHA6UmVzcG9uc2U+
\ No newline at end of file
diff --git a/tests/data/responses/valid_encrypted_assertion_encrypted_nameid.xml.base64 b/tests/data/responses/valid_encrypted_assertion_encrypted_nameid.xml.base64
index 83431af3..33eaf12d 100644
--- a/tests/data/responses/valid_encrypted_assertion_encrypted_nameid.xml.base64
+++ b/tests/data/responses/valid_encrypted_assertion_encrypted_nameid.xml.base64
@@ -1 +1 @@
-PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIElEPSJfYzIzZjAwODk2NmZmMjcxMGI5ZDQ3NjA4NDIyNDRkZGM4MTE2NzY2NjkyIiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAxNC0wOS0yMlQxNjozMzoxNVoiIERlc3RpbmF0aW9uPSJodHRwOi8vcHl0b29sa2l0LmNvbTo4MDAwLz9hY3MiIEluUmVzcG9uc2VUbz0iT05FTE9HSU5fOTlmYjdiOWQ4OTYzNDdmY2UxMjEyZDE5MjRkNDQ3M2I1NDcyZjJhOSI+PHNhbWw6SXNzdWVyPmh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvc2ltcGxlc2FtbC9zYW1sMi9pZHAvbWV0YWRhdGEucGhwPC9zYW1sOklzc3Vlcj48c2FtbHA6U3RhdHVzPjxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz48L3NhbWxwOlN0YXR1cz48c2FtbDpFbmNyeXB0ZWRBc3NlcnRpb24+PHhlbmM6RW5jcnlwdGVkRGF0YSB4bWxuczp4ZW5jPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyMiIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIFR5cGU9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jI0VsZW1lbnQiPjx4ZW5jOkVuY3J5cHRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNhZXMxMjgtY2JjIi8+PGRzaWc6S2V5SW5mbyB4bWxuczpkc2lnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48eGVuYzpFbmNyeXB0ZWRLZXk+PHhlbmM6RW5jcnlwdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZW5jI3JzYS1vYWVwLW1nZjFwIi8+PHhlbmM6Q2lwaGVyRGF0YT48eGVuYzpDaXBoZXJWYWx1ZT4yd09rZERoNXVaL25BNTRZeHdEdVljbTFFTXdlNXRvZ2NqOGxpeVdXWmNaUGROS3FYdzJuWmUxVVpBTlAxZ2V6WFFMa0xidTMzbUE3Z0JQQ0NRQ3J4Q1gramtycEpPbnFpNFoyaklVc2FteFQycGVmaW1NRUM0ZE54bWdub2hxWFFHTEhvN0VrMnprTGU0ZEtDdTBmVEl6WkRNRERjSXdyclQ4MmcwYjdQL1U9PC94ZW5jOkNpcGhlclZhbHVlPjwveGVuYzpDaXBoZXJEYXRhPjwveGVuYzpFbmNyeXB0ZWRLZXk+PC9kc2lnOktleUluZm8+CiAgIDx4ZW5jOkNpcGhlckRhdGE+CiAgICAgIDx4ZW5jOkNpcGhlclZhbHVlPk5jYVlxSVhzUFZlU1dQUUpGZXAwVzJVNHZ2Ym9xVitQWlgrdlNMa0pldXR5VW16Qzk3aGpsZUNyQ3VXN3BPYy9xWXZia1lPUlE0NmhsR1VqT2FTWmJ6d2R0MlBBWmZRbUQ2M05uSzFZS084ek42TEhhUVRkUFI0c1Q5UUFwUkFDNndhbDV6cDAyU1dQVlpzNzlIaGk2Z0pXdTZyL1R6U3c2czN2YkNXTThBeWs5MU8wWURwaXpvSHlFYTR3U29SQ0NEemFFTHFaNyszUEFNaWVyRklYWHBWUDh0aE9RNXEwNmt5Yi92YTdRK1ZLMW0vL1ZxZnpYdnhMNmlsKzFWSzVFbTF1T2xlaU14bG9tRnZzdnRBNmpocU1WQ0dNQkZvdXBzWWwybTVPS3VNNWxuRTl4NEk1dnpFS0xaa3lRY0pETVo2aVE4T2FQMWRFY0dITU1vRmNuTmpheG9hTFhrUDBaMEptM3RxTE9Ka2ZjNW9RS2puWjNQYTJkelVDS1YvWllLYTlmR1R6b2ZuSVFzRURKbk9pd21UeXExcHVLWW5MaWdycEpxYWJKQjFUVXIzTTFkVWtMVTBIaWk5T2Nod1NrZVU1bm0wTmVXRG02KzA5dkFlWmZzKzB1WmdBUHpsNHU3TlM3bTJpRkxhbFdxYmhYWnpkZXlHWVQ0K24xNEdGZFNYcmhTcW9tNDVBTVNwREY4MFl4dXVESGg4ZzIydGcvSVBvT2JvVG4xelFKaFBjbi8rYnFMYkE0bjd2K0VmU1JRdjh4TFQ4SGZza25DSWpzNzhsU3NqSVpJRVU2V0ZKUUhkNWlGS0MvRXNUT3N4UTNsR1hleVBaVlNBYU1jcUQ4YllheXQ5eVJ5NXNVTUtkWmJMMXJVWUp0enZJb1pwY3dDM0xtc3VEM3FKdXZZbyt6K1MzVG9vUXNOWnlTeU9pYThRL2k2MFhmQ0lZOW1LSnAzbTZwYnBjNk5ETmJuRWJyNmJ0U2pvalFZUVlDWStKUEZtdWd0c2tNeVdkbEY4cWhYN2wvbGVHTzE1UUZDRkY1Qld0c1lmMmI2SWFKbGRlRDAxcTZsRFpYTjI1RkJQRDNVanZNS0RFZVkyblA1TkJqRUdKb09MMzlQWU5tNVJIMVBxaVhYVUVQNWVvcVN3UExSM2hQN1NtRUNkbVhHMDhUVlErQUMvbEQrNHB6ZEhEbjVQWUhsZWhqQ2dZb1lteWFxaVVONTUreDdUR0hWZXF5SXBHSVBQNWV2aURDZC95RHBEMXJwUXhVdVVESU1hTms4SHBOR1ZnUzR0UFdKZHBtdUtxb3hEbGY4SmZDaDRCc2pxVnRoeVVEMUY4ci9MdmlQU2UyS1RwbVJrSGhvOFVMZXVlZFZOS0p0S0hScGIyTUxtblY3T3M0Sk0vaStoT3pXWnVsU2JjMjhoTk1ua09tVEZabEV5Q1dpdWRoUEp6Tkd4S0F3M0E2amZYRHp0Wkl2RDBPM1ZHaGkxR1hOQmc3NUJrSEpIV3Vka09NR0JtMmR0MWpUT3FJajA2b1c2czhnVjB5M2ErV1RMaUhhV1ZucGV0a0t4elJhRlFGNmZNMnhTSmFNNmp2alJWTVk5ZGtrckZqZVFYTHp5dVNoczZuSzI2elFKdVJhY1VybEJrK0hHVS9DM1JiVVhDaElza1N0ajZ4YXF4MHQrbENzK3dQWUVubEZwckluSWR4SmhrcEJ2b0xmRGI1U1FEZnhmdTdoSXBaY2xDUGs0QWM4MWUySElPNHFHSGtwNWxaYUxkSjU3WldFRmpGc2FIRkV6RitCcFVoZExoUzdVMksxaWlhd2x0QlZQcnpEZUU5Y09VRFpuQ3pQNEthbFFnZlRENDNSUzJNS0Z4MWFMWElKdnUrUlBYOHZzd1NHdjN0Q29LNHI0K3ptVWhmM3JZaFFwWFhCd0EyUVJGS1F0ODhRb290bVJIcitRU0ZneHBnUm1iTjhnQnF6SHRYOFIyVUNWOExvSy8ySXhrRDVQWUlsVWN3Qm40SzUxNFZMMWRGZmtWMENOUnNPTG1NNDJxSm9EK09tQUJ0VEJkVHBkcWVLUVdlZjNjcjlSY1pBSUlzMHBOS2NvMUpVVTIyN2poYVJVTWkrbnZzYjJqemloZGUzdnYyY09BTHN5NWRIWDlOREZqOWs4elVhejJ2UGZXYURoMlFqTWJleFNuWFZGWk1BeFAvZGNET09PaDBzMHRGL20wMmJ4RE1IV1cvdkFwWnMxT0VXQ2xyZGFRMWF6RFdXQ2FTeHNnQy9MV2Y0SmVwR1Jhc3JhZDNVc0ZDWE9kYmJTWG52UnlSbU5IbjUyZUFjOWFHdlNhQWtLaDl4YnQwdTRjU3FEUThrOENkclpDb21VUnJFb1Z2TW9Gb0ZtVy8xWENWRFZvQ29OZmtGZnhJMXVRS3ZJTHBBbzNwZC9Wa0xqQW8zNU5mMlI4WW9QVXJPZFVVQ2JBb3NLTkQ0c1Z5QTgrMElIOE50OWhZYUZSWnNyNkRPdzNkQjFwWVh6TktyUDdNakVOMVhoVlNJZW9VNmE3VnRDbnNtLzE5dVpIa3dpb09rMm9UVXJyY1pzMW9oZlM2dDdIbUI0SEdSeE9QQzNjSzBMWVVreVF2bXlINEk0V0RIdmdOVE5BS2E1M0k4Ym94ZDNnSG5Dd3pUUXFXQjVWM1BXQUd3NFJUOUM2QXo5TTdlcHZGemw4VFpQZEJjbGR1Qi9JNzlIZE9LTVM3OFNIOFFKL1FSSUZXV1MvSG1GU3lqVFZoVG9Na2llT1p6aXk1SW5XTlJFaXlIS0oyazZNaGJETUZKOW4wRTJZVStETWhWZkFadFFzYXFFd2xaSURseHl1UmRqYVBGQjljalo5UGJlZWtoVi9BeEtuMklIenUyRW51ZHZuUUhvUHBmUVFTSk4wZEk4ekMxRXVlQTJCZjdDazRBc3c1RFVlUnQ5N2lBMkFEeitJbU95dHZDa1J0b2k4YUgxTG5mQzRKRGMzdGwxU0d4YXJEOGdVR0drSUd2ZkhHdFlncE5PamZhUURPOTZzVHBCVU8xcWI3SlRFU0VzbkxkaVpxRzlCTm8rWGlNQmxuYWRKdE1DMWttMHY0MWVGY2s1dWVveDZJQlhCVngxVkMvN01KdnhaV2Q1ZDBhaFptWEg0c1p6OHdFdVR3djdzanBBUk5VM1IvSkJsY3k3VXVjZnBCQmZycVkvWU9zMUQ4SVRjSlNZMjh4dlVrblFGVjJLSWM3NkFwMzNCR3NJclFSTTlxaWZNMU9TNWdKeVBCMWZsa3RHcmlSc1lmeGdlanVaZEM5N0FqNTdzQkgrS2VTdUxINmwzRVJOODJ0SXB5MDBRVFk1NlJQMzdCclI0RkFhSXVHVTgzWWJxK3V3ZUo3aFFXeUt3VGlkYmJjS1hSNWlsOXFwNW1JazJlbDBkSXRiUzhPenBTek5XYzJaTU9zSVhlUVdMWTd1QVNyVGR5Q1dyQmRrZXhuZnB0QUgzM1JuWkI4Q0lKVVlmQWxCYk81MWxpd2tmeEhaR2ZVeEtOSFlvTjF2b2dZOGRKUk13YUxMQ3B5dlgyT29FVXBEOEZZNWRPbVZGQUxWMnZMeUluVWRSaVZKQ3Yxb1A1RU9lbHZ4MjlsUlFCN0NJVDlJOElRdUhCa3ZYeUw1K1FKZERITXF6ZjI0OHZjU3diUXE0ZVpWNktlemxNVVFWYmJXWHVVOEFTd0VneThjLzREZ2FBZjdSZE1ZcUhYWWZENTR6TjJtNzZ2WkZ4SDRBZUswM3JveHBBeVc3ZVMwL0NJcThKSWJ0QmNQVk1NVHAvR1d2Z1RwUUlZT0FtOFhNRGhFSGtsaVl5ZjlMUHd0UEw5eFZPdHBhSzIrOW4vdFpUQm9qdFd0TE9JMm9HYUZvS29Wb0dYMVlMZVdBZGZXTUxUU1pEQy9XRVhMcWtSZjhKY3VOa3VGSm1NTGpuNUNBaUljTExueW43YlZKZUY4L3FxR3NNNzNja2ViWDY0cEkrRENuMmpBZGcxSENXSE80TEc3N3FqS3d5WmpqWndjWHpOb1lGYnh0aGNQZUY3ajU4eXpTUEJ1UFFEMkFaT3BRc3ZMVXplb2QxY0E0eDlEdnB3OVBxeWEzSkIxYUdOdEVUR0FqTVRVOHg1ejJjRHRBWHFhWXpVK1d4S1NEUW5qc3FLK0xhdm9iTkx2YXZqK2xVRkl3Yk1kMU9Yc1FOU2RPY2dhNHhYeHpxWUFpWXUvZkRQN2lDQlMvN1RuMWFBT0lvb2JPQmovcHVFMUREMEFkRVpBN3hpU1BJbjhBbmRBbVhtdDlTSElpUTBpcnlPWjhQQ1pzd09odDNIYitOaGV1SlhCYWlBRSs5UGtxYmowV3dZQkZIWXhlSFFFWmhMTXdiUEFZVHVELzBQbUhyTFl6V3BPemI5bHZGY3B3VE1QTFdsVlNjbkozbVd0MmRyYllHV0NGTlYrQXYyU01OVzF0TnpML2xXWVh3ZGl2bWRQYWp3czl6K2E5Y2FNSlFSWWlDemFaVHJpbTRpQmovZmREY1UzUHZHRUpyZGZUbTJRbWJ2S1lqdDRtM3lBbTBXbWpZK2RJZkJQNUpEZFIrZmFPME1KYlRVM3BNU1RKdmJYOWY2M1Z4T0JaNjNyZ0dKVkhlTit2ZW9WdmJ5LzJYeUtWUWJYSEtmQ2I5cjh0Wkk0Mk1sQ0hBdHJzbEdUaVVBN0xMUWFVVlpUVENxcGY0VzhMdk0yaEoraC9CTjFJZGlNc2h5MmhMb2JDdjk0TmwrVDFQc1l4alU5aUtTcmt0OG53eGo2V3NFejlJOHVJMlFkSGNwZStSODBoY1Q2NHRpSGZCa2FiMlp4N3NaQ1A2TlZqRC9MYk5EUDdwalk5aHZWQWpxNWJucjdQQ1RueEZtYW1GTjUrcklVWTBieHRpRU9HajFDeGV6N3J5Ym52VlJ5QjVDOFRPSmF2UlQ0TEhyek5aVzRPOFNhUVYzVmpXMGY2dzU1NFlZRHZuS0UxSzYxZ2x6eDVrWU9Mc2J0eEt3NVhmd2VocEEySVNnbjc3OWhHV0drak81QkV0N1QzWWNsSEpsZzFIcHU1YTNRdmEwVHEzWXBOSEljWTFQZ2VCMlRVQnpubVRDWjVPbDVKSndQNllUY3YvZWRRVUtVbDBIYVJnb29TNDBTWkVsN2hhZmZzYWtqS29pZmV1S3doWE9mREN4Sm9NdXVJanBwSzNSNmJCN3liY1FDTjJHMFczOUR1UkJvSitzZ1Y5Q0NwN3NmUnY1OE5tZnVXNHdMRnIydnRITlZsdnRkWEtNcG5qTEJvWno1dGEyTFRXbFlsaktuRi9DZUtsakVYTGErRG45WkVKR2x1a3NZZFFEREdFZlBvcWUwZXhUR08vZXhmR3JNMERZMW9iWXJ0OFZ5Q2lIK3JPT1NMSVcxV1pIb1NXdmxZaFNYbitSd0Q4a1ZqUE5CaCszZWpOMU1INEIwWi9nVmRmcXFXYWVmTW4vUEZzNENvL0dNUDFHeEhLTmNsZVIzZllpalhVdWhzcU5ibXZocXRUcG5Ya2QxeklrTnFBZ3dLTGdpSlNlRkVSNklLSGpEUE9iRjJSNGFKRTB3U3lla0hDNjNWQ3ErdjIxc096eXRXSEo2eTdadHh1UlZOSHZjYmsxVDBVSjVxZXQ2US9qcjNZMm13ejBSQk1pVXEvMjZ0RDh1K0c4TjJzOGR6c0gyLzlFcHhhNWRPYWRwRUNXQ3hoRDdtNGVmbmVVK3RGbVVhUFRURmpFWU05K3l3WHRCbUEzbytkeHVmMkJKMXJCNmtZZXBRTmRNNG5VVUZRYkgzL3hKTlE1TFdubVYrS1lnSC9mS1hnOUIyaHM5SFpOMXM4WCtjckJQby8rSUZUOVEwbGgxRkN0VzFDV29CclMxeUViakhjVEFxR21PVDhySmNndGhGRVc3ZHRZSFg1VUJZRXBSQzFOT2pPTjhoeXhtdU16OGhFNU9tSUo3b1RkMUxoeUt4TmNBVlRaWHhNOUJIN3ZFaXk3UFM0c2xpN3RFVXduTlhBNUpwWnFEVEx5anBNd3N5djk5YUlib1haTDlwaFZ0QzRrZGt0aTlid0xtNEJZeU9wcFpWakYwRzl4MEpxbEpjT01WVi9YMnR0ZWUwc2tralVqZmE0VkI5MG5FKy8wYUl2SS92d0ZZUHNGVDVOY0RWSDdQZDB6bERNZnZUcTgvVzJEbHhkRTZrUnpGUldYcjhNdDhWTFBldVp1UDFoZ1JBS0tsb2RZc2NFVjh6UVY1bGNjdnFGMmdHY01YbCtnUk52aXMvS3VJclc2QjlUSkMwanJGWDFXQUZKZUdURXBTTGhSTmlTdWVDb0VCNUFKcWN0Q0VmMkdCVUlkWXVjM2JwRjRiNWVqcz08L3hlbmM6Q2lwaGVyVmFsdWU+CiAgIDwveGVuYzpDaXBoZXJEYXRhPgo8L3hlbmM6RW5jcnlwdGVkRGF0YT48L3NhbWw6RW5jcnlwdGVkQXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+
\ No newline at end of file
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeDFjYWMxMjlhLWFhZjItYzBiYi01YmQyLTdjNjY5Yjg1MDlhMSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDktMjJUMTY6MzM6MTVaIiBEZXN0aW5hdGlvbj0iaHR0cDovL3B5dG9vbGtpdC5jb206ODAwMC8/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzk5ZmI3YjlkODk2MzQ3ZmNlMTIxMmQxOTI0ZDQ0NzNiNTQ3MmYyYTkiPjxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+DQogIDxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+DQogICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPg0KICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeDFjYWMxMjlhLWFhZjItYzBiYi01YmQyLTdjNjY5Yjg1MDlhMSI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHM6VHJhbnNmb3Jtcz48ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHM6RGlnZXN0VmFsdWU+TUg2NUJ4SSt4QkFXNUpmUS9KdVdMVmpEL3lzPTwvZHM6RGlnZXN0VmFsdWU+PC9kczpSZWZlcmVuY2U+PC9kczpTaWduZWRJbmZvPjxkczpTaWduYXR1cmVWYWx1ZT53bG1MdXZ0dUc4bjEyRm9MOWlJRWFiekxxTUxJNEtSYU04VlM1bzU5NmtHdjhoclpvc25BQVNUYS9vak0xdkhlMnNMcmF0Q2NNYkhwVFJFaXNZcnpmUkhaVkk5bVNBaTU3SHVLZitsSnJla24rL1VNdndJWFVDUGtXcUIzT3orWWdxM3ZKOHNsaGM3THlVTG5haXZORmVkVXBKMFBPVkt4dU41TEdvRmN2SU09PC9kczpTaWduYXR1cmVWYWx1ZT4NCjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSUNnVENDQWVvQ0NRQ2JPbHJXRGRYN0ZUQU5CZ2txaGtpRzl3MEJBUVVGQURDQmhERUxNQWtHQTFVRUJoTUNUazh4R0RBV0JnTlZCQWdURDBGdVpISmxZWE1nVTI5c1ltVnlaekVNTUFvR0ExVUVCeE1EUm05dk1SQXdEZ1lEVlFRS0V3ZFZUa2xPUlZSVU1SZ3dGZ1lEVlFRREV3OW1aV2xrWlM1bGNteGhibWN1Ym04eElUQWZCZ2txaGtpRzl3MEJDUUVXRW1GdVpISmxZWE5BZFc1cGJtVjBkQzV1YnpBZUZ3MHdOekEyTVRVeE1qQXhNelZhRncwd056QTRNVFF4TWpBeE16VmFNSUdFTVFzd0NRWURWUVFHRXdKT1R6RVlNQllHQTFVRUNCTVBRVzVrY21WaGN5QlRiMnhpWlhKbk1Rd3dDZ1lEVlFRSEV3TkdiMjh4RURBT0JnTlZCQW9UQjFWT1NVNUZWRlF4R0RBV0JnTlZCQU1URDJabGFXUmxMbVZ5YkdGdVp5NXViekVoTUI4R0NTcUdTSWIzRFFFSkFSWVNZVzVrY21WaGMwQjFibWx1WlhSMExtNXZNSUdmTUEwR0NTcUdTSWIzRFFFQkFRVUFBNEdOQURDQmlRS0JnUURpdmJoUjdQNTE2eC9TM0JxS3h1cFFlMExPTm9saXVwaUJPZXNDTzNTSGJEcmwzK3E5SWJmbmZtRTA0ck51TWNQc0l4QjE2MVRkRHBJZXNMQ243YzhhUEhJU0tPdFBsQWVUWlNuYjhRQXU3YVJqWnEzK1BiclA1dVczVGNmQ0dQdEtUeXRIT2dlL09sSmJvMDc4ZFZoWFExNGQxRUR3WEpXMXJSWHVVdDRDOFFJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQlFVQUE0R0JBQ0RWZnA4NkhPYnFZK2U4QlVvV1E5K1ZNUXgxQVNEb2hCandPc2cyV3lrVXFSWEYrZExmY1VIOWRXUjYzQ3RaSUtGRGJTdE5vbVBuUXo3bmJLK29ueWd3QnNwVkVibkh1VWloWnEzWlVkbXVtUXFDdzRVdnMvMVV2cTNvck9vL1dKVmhUeXZMZ0ZWSzJRYXJRNC82N09aZkhkN1IrUE9CWGhvcGhTTXYxWk9vPC9kczpYNTA5Q2VydGlmaWNhdGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6RW5jcnlwdGVkQXNzZXJ0aW9uPjx4ZW5jOkVuY3J5cHRlZERhdGEgeG1sbnM6eGVuYz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjIiB4bWxuczpkc2lnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIiBUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNFbGVtZW50Ij48eGVuYzpFbmNyeXB0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjYWVzMTI4LWNiYyIvPjxkc2lnOktleUluZm8geG1sbnM6ZHNpZz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+PHhlbmM6RW5jcnlwdGVkS2V5Pjx4ZW5jOkVuY3J5cHRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNyc2EtMV81Ii8+PHhlbmM6Q2lwaGVyRGF0YT48eGVuYzpDaXBoZXJWYWx1ZT5VeWcxMW42d0E3MGFoMGxFb2xJL0VWelpjVzFuM3RpUjluRFNnR1FXY3RwK2l2ektBRTg4ekl0UHFWdnlaMjJFbmFjU2tIbjUwRlNWUk1ZYm91bzhYTFZtSzVndzdQdW9sZGVVRmsxTmNuNnpiaUowV1hBSXNUNG9vOTFDcExXR29hN3FaRjNSL20xVjZmcjBKYTBZemhVV2lvZUhtMUQ0TXRncUJSbG4zTlk9PC94ZW5jOkNpcGhlclZhbHVlPjwveGVuYzpDaXBoZXJEYXRhPjwveGVuYzpFbmNyeXB0ZWRLZXk+PC9kc2lnOktleUluZm8+DQogICA8eGVuYzpDaXBoZXJEYXRhPg0KICAgICAgPHhlbmM6Q2lwaGVyVmFsdWU+clhyUGQ3WUt5dk9VZThpZ2NPeE1tdHl5aFUyYndNbU5GTEJSOUtvdm9yT1BEb1pBWGxtcGVyNUFRT2FjM0NkTzlBbDNKcWl0Uk1kYW44cU51M1RibCtsQ1YrY1ljTG5sdUlpYngra20yT0NyMTBsbWZpRWlhUGdWbzJ5djh6ZFZuK1RxZkJINUVCTG1BS09vUXIycmdCeTFvMVQwYXRrRW5MUzZnMGFLRUtJOXFzSGNaRVVkSkNYTU03NUlYQzY5dm5BMis5MEljQ01GY0JRT3B3aCtBRWhrWVY2ZmhpMHZKRDN0YzIxOGJiQ2xla25NeEZjYUdvUWRJZHd0U2tpUW1NTHRLY2RKSncrakVreDJOQ1d3N1BxM3Q3WkJBL0NKOHNVRERZNHFnWjJXRVh1TFRXZDVNb0xoZ1hwczUvR1lKZUtnVG9VNURVK2M2R3I0bllhVzZ0bkdsNHVQeHpFeDQ1czYxL1pjUkU5T1UwSHVseU9uL1ZyRmw5b1dxMXpERjFzQkMxdFI2dnhSS3lqYWkvazRsMnRCZit2ZGJmc21hYml3YS9MdzdUMUcxbVFVdWtZVk42SkU3YmNxM0N0Vm02VmxUYmxNTTNqSFNQUWVTTy9KbUZEOU9QRUNhZ3N1akZQRmNDLzVKa2VyK0YvRHI0M09IYy9odFBNTzlLMjRTUThzMi9ycWJGWXlIcFVrME0zN0RXWW9YRDVjMDBEY05qUjRQM1NDdlhibC9XSVpWYnd5MksxMnN0ZmpvcHdCT2taNWJLQVNXNkFYeWI4OHhHc3JreWFBOTI3ekQ0Nnp6bUNRWDMrZWNmQzFQU3FmVjRPRXQwSStiMzY5OS9FZm9ETXFzd08wWkpGb1JJSmR2U0RicnBwVmZ4WGFqZWhVSllDZUhNdVFZeFZmK202WW5VUHJaKzBLRzVzRmtZR2V5SEdYc25sUTVFcS9GQzFNRXRNS2IzemJHUllGTTZ1RDhMZ0JJZk1jNjlsL3VMKzhLcjZ0OFVvUmJwTm4raDJDOURzQ3A2WE5LdE5JYWhydE0xYWlkK1dtK2d4TW0vK1dNdGlzajVBRXA2TjlQUjE5WVNMdndjMjZhdnFWTjRRLzBMN1QrSEtqWlNLSG4vMCtmQWJMYUo3bGZLZVJYazJVTzhMUDFJei8xQVp5ekovRU5GMDdUK2xCci8xQlp5OHpLVFdlM1dkenF4MXhlN29JbU53RjJZbHpwc29WL29QU211M1VoRTNrVFJuV20rUlVpM0R3UVZqVDNSbWRoR1Vmb01FMDVrQWhlQUJhbVNWVVJVd2xLSC80b04vbDBNZEVWOElXdE9lOGQyVTdCQ3N1WWlTQ3UxQ1kwcmZwWEQ2U2RyNURseFNtWk9zTUM1NUVubE44MlowU25mUitUNXQrRmRpa2VmM3IwYzlQSG51dlpLeVd6OXZlV01Pa012SVFlQ1duN2ZTYXFpdmQydUxDaVUyYnpCWG1vdVBaNTdQMko5TFF6RjJpQ3hvY0lLOFhiRTJ5QmsyczRuUitjckt4L2lLTzJzR1FBSmtSMkNJRVhDSGdwUWVwSmdzbml0Qk9FVUhnSGlEVUE4enhuTGEzQkNtSVdyNjA4cnpZOEt5SG1ZZFFuVjhiajYyVnhFRmZvN0hMMVpRQ2xPNFpWdHdZVGhlUE1DQmtWcU5iTDhnVm8wUmM4cHp4b2ZQUG9hVXJhbmMwUGtabm1hbG5RR2lvQnErbEhRTktxR3BxRXZuNCtCTEZUQ3U1MkcrUnJTZXkvK25CdG9SVXdCMjJnOGZDRjl2ZWs1N3MzZ0gvQnQxUkJVb1VXUXpPeDdiK2pGSmYvTHMyYkVacVFHT09hWVp5ZVFaN1pxREFRV1VEdXV0NHpqYklrejFnWlFUSnlFMllCdE0vL2hYYi83MmZyWjkycnV3N1Z0dXhOY2NIekZDVzBmbzZWV0U2Q0NEdFlQaThnTlFnbHBlM3FJM0dyaG5zRytiRzd6dmRWUXJteXdTblh6aHNMOGFteDRkZytETGZQS3FXZVplSm5ocnY5VXl5TWVnYkM2K1cwWGROSm15dGRJcEhYTWs0ajd5QTBmOWtLbGRjeEpmOHh6b3I4MkF1UTlsWjQvdXB2T1BRdUk1L2IvTjRzdFFDK0kvZTJvUnlIWENlNUE0ZlpENjJ3UFphNTRsQmNCRWxUU2NFYWpoTEVaZ1dEY25rYmRaNFk4L3ZVQ29UUWp5QUdJS1QrdlI4cGtUbXVxd2g5WXZyZDltdGwxS2FTQ3ZNRUc1R0tlZXVMdWNocURUNlJteUs2YW93TFAyWFNFSk1WczY5WFBWQTBiNWxNWlIzWmQ4YlhvT1NkWElsbHhSbnNPNHNtSlJiOCtyTFhqaXpaSmd5TWYzVVNidkJQalFqTjVDS3ptNi9BSDRObHMrelRYWmVpekNYc3NCOE5kZXBTZmxvT1hxdTl1UU54cTI3RlpNaFZ1UG9CVTM1MG9lZzBTUHhVL2RGWUpEcEFGclZhVmtKRkE0d3VUYTJTYW5zaFc0MG4xM1p1ZGRsdkZMTkZaNGxYd1pFY3NhMm9DRWJ1aERscWFzYThLVnUrVVM4Z0pibWhERisyQlR1RjNOcTJrWlQrWTZxanFNTWRsVytpbHlsUXFVdG5vWWNMdklwUTBkTzdtM0NwLzB4eGdXeGJGVm9BMjB6MGVKZEk2T2N2a2VIYkxGeW5ydWV0ak5IdUROODNxMm9mcUVvNjZKV2tPRXdGYlBsL1BhZzFxc0VURGJVaCt4RmQ5cUdoUERqd0hCcCs3TS84a0hlbDhKTUZRM2t3b0ZZdFVDMjBGcmJ5REc1SkRiV1FhTzBPM1M0UGRBRkRrRDk2VDVYN3MrbThEN01GYkl0NWI3di9iMVdWZG9JVkJYSjRtZmsvelJ4NjBWUHFpSFVoUkM1Q3BoWXFGTVN3aWZXMFkyN1RuM25ucWxNdGFFcUV5RFlMRlBkdm1sWFJqc1MwQW5zSm03ejliK1VTTUM4ZXZMdnVMMVc4V0ZkdHpielZJUGRwYmJrQm9BMFlSZldOeTNVMUhqd3ZmcXFxQytDOFpXcUY4RVJSNFBpM3VVT2NsOUl5dFVNcDdqTVNDd2wxQXB2aElWRTdSQm1kbVdMSTlMbkhocjFxcGJOWE5remtiNS9aM2YyQnZkbEZ6eU1rZkg3UVdVMmRuaHN4QjRURThIb2xYSHoxQ2xUSXRlU3BqRG5ITHlTbTVjM0h6ODAvNkIvSWxvYTE5c0hJN0F1V2VHdVFFYUVkSWhOMUt5YlVoUWs3Tk50UHJXQVBkbng3NC83QjFIR3Q2N2dPb05Zb0VWWEZvUTJaVTUvQ1N1ZUFRbTdDV01td0tORHFXSGd1cHNwZWgvTkdHekYrTUtPOXVSWmJWbktLL3l1NXJCVDdYNGE4QnRCbGRuQTJ2UGt2Y2pROEpUWkpES00xNmxxR09ITGJXVUpiNDZJTVg2Y0RnQTd6blF2Z0hyeU5CRnl4U2orQXBoSitQRHEzblhKeFFNc1d0dlVWaFBiZEswZkpSbUNTd01UWHloYXEwMHpaMGtCL2o0NmFJN2I2RXFvR01Ka2JrdzJaUlpkelE2Ty9SZWUyWDRtSWkyNllVQUk3bnNNbk1HNnpwNG1UMFdCNFhGcFNUanZtYm9SRithaEhHR1VLc2JEQjEweUdCSVdCV2xLV1RzMyt3Sm5ZT0VadXpaMU1OTzVOWW5abDllczc3eXp6QWFIUy9xeVNDNW1oQmg4WjYzYklPUmFIdmUyaVJiY2Qvcm9laUJPajhXTnNkdnBWOXFGbU9WcEdkUWdlaGtsd2s3alRIZHBxRC94NjI1OFA4KzhxQnEzK0g1OHpnV0dLcm5OaERhbkRhNWFyblBqR1RNQ296TE5ZU2M2eHJZTWhlcGdUaUhPaTlFYnBwUS9UYnNSOWppU2VYZWtRTytjV2pDVFFvcEFoaU9qc2x5Z0R3V0sxajUvclVUM1BaVVlrUm5rNGYwODB1b3poc2JybkxydCtUME9WZDYwcnFGYW93SFBXLzZqcGg2OE5Jait2Z21Ba0pvNDNqbTJwR2JwcGNERWpIa05FYjdiNmZoL2RZSEZjdmVBM3lsTFc3T0VKSVl6Tm1GWEtrdklDVmNMZmw2WDZjRWtGTHUyVmFIekRCVllDMTdFWFJyTXYyaEN2VUhmaDFLMXBNMXVOWmtNVmpyblU1ZU9jNDRJZEtEOEg5N1FjZm5rRGhadGxpbHZGR2JVTGNPWTRqcHkya3dkSSt6TTFxMktHazN0S0Z5aURHdndBQXhXVC9zZHl1YTFkaHAwV1lybGpwSmpEVzVMSmRYYWN2bk1heWRlallGd3E5a083OTB1eit0YjlNMTQxQktPYnhRSE1VZENyWktNazYzbWtGeUlTMzhHRVhjSGlKWHkyR0RpZjFQa0dYVzVyUHpiRHc2YlBDbS9oUGJaWmI0d3hiT3ZiWmUyeHVxaDAyNmY5RW13TzZyaGFhOGVITytJRVJ5WmZwNGd0S2cycElqS3JTQjlvSU52UU4xMVpKQ1ZsdnpURGd1Z25RL1lGVVlNeWZpTmR6QURVRVg4d0VhT0VYS1loSHFaTzdXSEV0ak10N3lXdERqaVBhbGQ1WGw4Tnl4RVBldzJHdEZrNkI5VzhuMmhwUGlaWTBpK1BGaEpEallBQ2hPYVlSM1ZPVHpSYTB4ZFNtMHBDcTVVellRQzhoakdRR3I4SER2UEt4TW5Tb2tvamlsYitxZlZ1cW94WENhWVFLOVZuUktTUERsYzVPRmJhbkNKZWQ4V2ZaRXhpWXBqZUxEMXV2NXBpZVU0QndZaWZENGw1OWdWQ2hCczh0UUJEayswZmw2TEY4RlBCcEtuNStySndYRENvdjMxZ1U3eit4VjNZVkppclh6VFZrTzk0S2lnWFpCYlZ2Q0w3Q280M2toUjVrL1I4eWl2Ym9EcHY4TThSQlNGSUg3ZFA0RkFBQjZrdHRuVWl4Zjcvc28zMGNuMVJ5a3djVFdMTzRnRlZuTWRtTDM1R1M1ZXFMYjNvMmNtdU5tSXV3ZGM4Ymx4REx0TGhjQ0FMYmkvZktXYjhtSmdwdEczcThHNm13bkwydXJVcVJQM2ZNVFdJNW1DZUR5dkZEMENFbHBSeHRuN3ZFd0FZTlI1cGVlSkY5UzE4WWJuL3p0a3lTL2xaNEU4OVUzTGNyQ0hROGJaOW9MTmQxUVc4MVVSMm9aVE52NkZHZlZxenYrbyticFd4UytpT1RST0huNEdEdmtsVlNBNytubUxhSHFBWnREeFZ1ZEh1eVdyYmtuNUU4d2dSckRKTy9qYkxvRGYxRy9RcXVlOXhNRFdIV0J0QjVFZzFRRUVsejhFRVZ2K1A5aFhVWXF2SnRBcHVxK1oxT0NCWDBPeFlybCtBcENObVUybXRqc3hwNGprYWtpSzVVb3FWaDIzb0tkeFczNkI4dEVFY05TdDV5UnVBc3hsZmxjVUNGK0U1QU5vdVV6UnRtYkpDZS94ZUxPVEdXUHk3bVpRVG5PcjN4K1RWN0RkNU5vVUU0TlN5d1JTS1hieTN5TTVlV0l0blRxQTdiNEVjNjBxeVhmeE4xT1cvaDdUL3RLR3JrRGJoRllDQktrQzdwcGlpc3ArSkhxWExzTXk2bnNHY1U3aDlzQWhaQWFIWllla3lSLzBQYU5MTjVJTTk1bWVVZkpRNDh2OTlaRWpYMTN6enJtY2pNZG1WOXZCWk5yd1l1NXRHU2NkMWdtbUlOR1pIcGlnTUJ4YnRMUy9Mb2MzTlVzemozYlo0QmpqY0NPQmsvdlEvTE9CMGFmOWY1bzV4SSt1Nk10RklmWDE3MS9Zbjc3clY5Y0dZek1xZGdHTzVoZGV3dG5FTG9uSldGTmQwNlRlZlRMRlV6WVNwY3NQRHpoWWxJNTNDQ1E3cFF5Q2JiTDVLQ1ZKQWZEVHRyTmlieXFPZFlDQ1dzYXloczVqY01jS05PQk1ITmdzalFqQzVGZUtGc0JJdk9DbEM4MUZ2VU5TdXI4aUh0bUVzYnVoRW1XeTFTaXlDMWkyRkRudThWbHlkVmJlV2ZHRFdYK284c1lGanZpaEFSeWtqR3JSUlAvc1ZsWDBSK0pnb0VTWmpyRjk2QzVhNkxxWmVITTVkUDdqWmtWeDRaZnVmbis0Qnp4dlVHczJuZkk1aXdESGtyZz08L3hlbmM6Q2lwaGVyVmFsdWU+DQogICA8L3hlbmM6Q2lwaGVyRGF0YT4NCjwveGVuYzpFbmNyeXB0ZWREYXRhPjwvc2FtbDpFbmNyeXB0ZWRBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4=
\ No newline at end of file
diff --git a/tests/data/responses/valid_response_without_inresponseto.xml.base64 b/tests/data/responses/valid_response_without_inresponseto.xml.base64
index 120a6c3c..64fcaba0 100644
--- a/tests/data/responses/valid_response_without_inresponseto.xml.base64
+++ b/tests/data/responses/valid_response_without_inresponseto.xml.base64
@@ -1 +1 @@
-PD94bWwgdmVyc2lvbj0iMS4wIj8+CjxzYW1scDpSZXNwb25zZSB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0icGZ4MDVmM2NlMTAtMTYxNS1mM2VhLWE5ODgtNjBlMzgwYjMyOTlmIiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAxNC0wMi0xOVQwMTozNzowMVoiIERlc3RpbmF0aW9uPSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL2luZGV4LnBocD9hY3MiPgogIDxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+CiAgPGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+CiAgICA8ZHM6U2lnbmVkSW5mbz4KICAgICAgPGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4KICAgICAgPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPgogICAgICA8ZHM6UmVmZXJlbmNlIFVSST0iI3BmeDA1ZjNjZTEwLTE2MTUtZjNlYS1hOTg4LTYwZTM4MGIzMjk5ZiI+CiAgICAgICAgPGRzOlRyYW5zZm9ybXM+CiAgICAgICAgICA8ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz4KICAgICAgICAgIDxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4KICAgICAgICA8L2RzOlRyYW5zZm9ybXM+CiAgICAgICAgPGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+CiAgICAgICAgPGRzOkRpZ2VzdFZhbHVlPkRjUWNDL1BoS05qRTlLa29YRXZZRlhXMHZGdz08L2RzOkRpZ2VzdFZhbHVlPgogICAgICA8L2RzOlJlZmVyZW5jZT4KICAgIDwvZHM6U2lnbmVkSW5mbz4KICAgIDxkczpTaWduYXR1cmVWYWx1ZT5xVjcvc2YvVEt1S0x5allaMGNDSlhCWnZSYmF1RXNoMXQvaEtJeStpVHJRSjYxWG0rMXZDcEtvVXdleGNuL1ZpCitsemZlaHZjL2tDMjE5TjZVTUUxZnRLTDY2OSsxYkpFb1NLejQrN2VhWi9XTFdYL0hRYndMVmh6dlh3bWdMQVAKUEhLNmZJZHpocGRkLzRydjlXVnpjaGoveGcxWVNkaXFrcnU3YUhhS2FEOD08L2RzOlNpZ25hdHVyZVZhbHVlPgogIDwvZHM6U2lnbmF0dXJlPgogIDxzYW1scDpTdGF0dXM+CiAgICA8c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+CiAgPC9zYW1scDpTdGF0dXM+CiAgPHNhbWw6QXNzZXJ0aW9uIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgSUQ9InBmeGI0ZWM5YzhhLTQ4ZWItZmRhMi03Zjc0LWZhMWExMDVhOTlmZSIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIj4KICAgIDxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+CiAgICA8c2FtbDpTdWJqZWN0PgogICAgICA8c2FtbDpOYW1lSUQgU1BOYW1lUXVhbGlmaWVyPSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL21ldGFkYXRhLnBocCIgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDplbWFpbEFkZHJlc3MiPjQ5Mjg4MjYxNWFjZjMxYzgwOTZiNjI3MjQ1ZDc2YWU1MzAzNmMwOTA8L3NhbWw6TmFtZUlEPgogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+CiAgICAgICAgPHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDIzLTA4LTIzVDA2OjU3OjAxWiIgUmVjaXBpZW50PSJodHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL2luZGV4LnBocD9hY3MiIEluUmVzcG9uc2VUbz0iT05FTE9HSU5fNWZlOWQ2ZTQ5OWIyZjA5MTMyMDZhYWIzZjcxOTE3MjkwNDliYjgwNyIvPgogICAgICA8L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj4KICAgIDwvc2FtbDpTdWJqZWN0PgogICAgPHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTQtMDItMTlUMDE6MzY6MzFaIiBOb3RPbk9yQWZ0ZXI9IjIwMjMtMDgtMjNUMDY6NTc6MDFaIj4KICAgICAgPHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj4KICAgICAgICA8c2FtbDpBdWRpZW5jZT5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT4KICAgICAgPC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+CiAgICA8L3NhbWw6Q29uZGl0aW9ucz4KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxNC0wMi0xOVQwMTozNzowMVoiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwMTQtMDItMTlUMDk6Mzc6MDFaIiBTZXNzaW9uSW5kZXg9Il82MjczZDc3YjhjZGUwYzMzM2VjNzlkMjJhOWZhMDAwM2I5ZmUyZDc1Y2IiPgogICAgICA8c2FtbDpBdXRobkNvbnRleHQ+CiAgICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+CiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+CiAgICA8L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+CiAgICA8c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+CiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJ1aWQiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPgogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnNtYXJ0aW48L3NhbWw6QXR0cmlidXRlVmFsdWU+CiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+CiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4KICAgICAgICA8c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5zbWFydGluQHlhY28uZXM8L3NhbWw6QXR0cmlidXRlVmFsdWU+CiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+CiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJjbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+CiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+U2l4dG8zPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPgogICAgICA8L3NhbWw6QXR0cmlidXRlPgogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0ic24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPgogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPk1hcnRpbjI8L3NhbWw6QXR0cmlidXRlVmFsdWU+CiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+CiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJlZHVQZXJzb25BZmZpbGlhdGlvbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+CiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+dXNlcjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4KICAgICAgICA8c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5hZG1pbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4KICAgICAgPC9zYW1sOkF0dHJpYnV0ZT4KICAgIDwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+CiAgPC9zYW1sOkFzc2VydGlvbj4KPC9zYW1scDpSZXNwb25zZT4K
+PD94bWwgdmVyc2lvbj0iMS4wIj8+DQo8c2FtbHA6UmVzcG9uc2UgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9InBmeGRkMzRiOWJhLWUwNmQtZmQ2Mi01NmI5LTM3ZmExNDA4ZDdjYyIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMTQtMDItMTlUMDE6Mzc6MDFaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIj4NCiAgPHNhbWw6SXNzdWVyPmh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvc2ltcGxlc2FtbC9zYW1sMi9pZHAvbWV0YWRhdGEucGhwPC9zYW1sOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj4NCiAgPGRzOlNpZ25lZEluZm8+PGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4NCiAgICA8ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+DQogIDxkczpSZWZlcmVuY2UgVVJJPSIjcGZ4ZGQzNGI5YmEtZTA2ZC1mZDYyLTU2YjktMzdmYTE0MDhkN2NjIj48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5oc3ZTSUJwdDcvMjZIeGt3OGNEcXBZYUJhSTA9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8+PGRzOlNpZ25hdHVyZVZhbHVlPmxWbEZhdGZUWTN2Y1BNRlZ6VjNpWXp4aXliL0FLaTZLOFl2VTJmZEo2L3N1RXdRcHdZZlRyYXRLYitmN3kzVFdySGN3SW1vanRJbE9xaXdNdENxOHZhTUI5WTVQbndNQ0dYalRLcUxDZ3N4aktJNFBtbHpMdzNFMDB5aERsTEVKSjgwdFBBem9WMmxlQmFqOWMxRzhJUVZEMFA3eWxrZGxtbFB5ZmF3ZjdCVT08L2RzOlNpZ25hdHVyZVZhbHVlPg0KPGRzOktleUluZm8+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJQ2dUQ0NBZW9DQ1FDYk9scldEZFg3RlRBTkJna3Foa2lHOXcwQkFRVUZBRENCaERFTE1Ba0dBMVVFQmhNQ1RrOHhHREFXQmdOVkJBZ1REMEZ1WkhKbFlYTWdVMjlzWW1WeVp6RU1NQW9HQTFVRUJ4TURSbTl2TVJBd0RnWURWUVFLRXdkVlRrbE9SVlJVTVJnd0ZnWURWUVFERXc5bVpXbGtaUzVsY214aGJtY3VibTh4SVRBZkJna3Foa2lHOXcwQkNRRVdFbUZ1WkhKbFlYTkFkVzVwYm1WMGRDNXViekFlRncwd056QTJNVFV4TWpBeE16VmFGdzB3TnpBNE1UUXhNakF4TXpWYU1JR0VNUXN3Q1FZRFZRUUdFd0pPVHpFWU1CWUdBMVVFQ0JNUFFXNWtjbVZoY3lCVGIyeGlaWEpuTVF3d0NnWURWUVFIRXdOR2IyOHhFREFPQmdOVkJBb1RCMVZPU1U1RlZGUXhHREFXQmdOVkJBTVREMlpsYVdSbExtVnliR0Z1Wnk1dWJ6RWhNQjhHQ1NxR1NJYjNEUUVKQVJZU1lXNWtjbVZoYzBCMWJtbHVaWFIwTG01dk1JR2ZNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0R05BRENCaVFLQmdRRGl2YmhSN1A1MTZ4L1MzQnFLeHVwUWUwTE9Ob2xpdXBpQk9lc0NPM1NIYkRybDMrcTlJYmZuZm1FMDRyTnVNY1BzSXhCMTYxVGREcEllc0xDbjdjOGFQSElTS090UGxBZVRaU25iOFFBdTdhUmpacTMrUGJyUDV1VzNUY2ZDR1B0S1R5dEhPZ2UvT2xKYm8wNzhkVmhYUTE0ZDFFRHdYSlcxclJYdVV0NEM4UUlEQVFBQk1BMEdDU3FHU0liM0RRRUJCUVVBQTRHQkFDRFZmcDg2SE9icVkrZThCVW9XUTkrVk1ReDFBU0RvaEJqd09zZzJXeWtVcVJYRitkTGZjVUg5ZFdSNjNDdFpJS0ZEYlN0Tm9tUG5RejduYksrb255Z3dCc3BWRWJuSHVVaWhacTNaVWRtdW1RcUN3NFV2cy8xVXZxM29yT28vV0pWaFR5dkxnRlZLMlFhclE0LzY3T1pmSGQ3UitQT0JYaG9waFNNdjFaT288L2RzOlg1MDlDZXJ0aWZpY2F0ZT48L2RzOlg1MDlEYXRhPjwvZHM6S2V5SW5mbz48L2RzOlNpZ25hdHVyZT4NCiAgPHNhbWxwOlN0YXR1cz4NCiAgICA8c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+DQogIDwvc2FtbHA6U3RhdHVzPg0KICA8c2FtbDpBc3NlcnRpb24geG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiBJRD0icGZ4YjRlYzljOGEtNDhlYi1mZGEyLTdmNzQtZmExYTEwNWE5OWZlIiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAxNC0wMi0xOVQwMTozNzowMVoiPg0KICAgIDxzYW1sOklzc3Vlcj5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL3NpbXBsZXNhbWwvc2FtbDIvaWRwL21ldGFkYXRhLnBocDwvc2FtbDpJc3N1ZXI+DQogICAgPHNhbWw6U3ViamVjdD4NCiAgICAgIDxzYW1sOk5hbWVJRCBTUE5hbWVRdWFsaWZpZXI9Imh0dHBzOi8vcGl0YnVsay5uby1pcC5vcmcvbmV3b25lbG9naW4vZGVtbzEvbWV0YWRhdGEucGhwIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+NDkyODgyNjE1YWNmMzFjODA5NmI2MjcyNDVkNzZhZTUzMDM2YzA5MDwvc2FtbDpOYW1lSUQ+DQogICAgICA8c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+DQogICAgICAgIDxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjk5OS0wOC0yM1QwNjo1NzowMVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9waXRidWxrLm5vLWlwLm9yZy9uZXdvbmVsb2dpbi9kZW1vMS9pbmRleC5waHA/YWNzIiBJblJlc3BvbnNlVG89Ik9ORUxPR0lOXzVmZTlkNmU0OTliMmYwOTEzMjA2YWFiM2Y3MTkxNzI5MDQ5YmI4MDciLz4NCiAgICAgIDwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPg0KICAgIDwvc2FtbDpTdWJqZWN0Pg0KICAgIDxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE0LTAyLTE5VDAxOjM2OjMxWiIgTm90T25PckFmdGVyPSIyOTk5LTA4LTIzVDA2OjU3OjAxWiI+DQogICAgICA8c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgICAgICA8c2FtbDpBdWRpZW5jZT5odHRwczovL3BpdGJ1bGsubm8taXAub3JnL25ld29uZWxvZ2luL2RlbW8xL21ldGFkYXRhLnBocDwvc2FtbDpBdWRpZW5jZT4NCiAgICAgIDwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPg0KICAgIDwvc2FtbDpDb25kaXRpb25zPg0KICAgIDxzYW1sOkF1dGhuU3RhdGVtZW50IEF1dGhuSW5zdGFudD0iMjAxNC0wMi0xOVQwMTozNzowMVoiIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjI5OTktMDItMTlUMDk6Mzc6MDFaIiBTZXNzaW9uSW5kZXg9Il82MjczZDc3YjhjZGUwYzMzM2VjNzlkMjJhOWZhMDAwM2I5ZmUyZDc1Y2IiPg0KICAgICAgPHNhbWw6QXV0aG5Db250ZXh0Pg0KICAgICAgICA8c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj4NCiAgICAgIDwvc2FtbDpBdXRobkNvbnRleHQ+DQogICAgPC9zYW1sOkF1dGhuU3RhdGVtZW50Pg0KICAgIDxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJ1aWQiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPg0KICAgICAgICA8c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5zbWFydGluPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPg0KICAgICAgPC9zYW1sOkF0dHJpYnV0ZT4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJtYWlsIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj4NCiAgICAgICAgPHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c21hcnRpbkB5YWNvLmVzPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPg0KICAgICAgPC9zYW1sOkF0dHJpYnV0ZT4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJjbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPlNpeHRvMzwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT4NCiAgICAgIDwvc2FtbDpBdHRyaWJ1dGU+DQogICAgICA8c2FtbDpBdHRyaWJ1dGUgTmFtZT0ic24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPg0KICAgICAgICA8c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5NYXJ0aW4yPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPg0KICAgICAgPC9zYW1sOkF0dHJpYnV0ZT4NCiAgICAgIDxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJlZHVQZXJzb25BZmZpbGlhdGlvbiIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPnVzZXI8L3NhbWw6QXR0cmlidXRlVmFsdWU+DQogICAgICAgIDxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPmFkbWluPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPg0KICAgICAgPC9zYW1sOkF0dHJpYnV0ZT4NCiAgICA8L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pg0KICA8L3NhbWw6QXNzZXJ0aW9uPg0KPC9zYW1scDpSZXNwb25zZT4=
\ No newline at end of file
diff --git a/tests/pylint.rc b/tests/pylint.rc
deleted file mode 100644
index e5dd9bb9..00000000
--- a/tests/pylint.rc
+++ /dev/null
@@ -1,75 +0,0 @@
-[MASTER]
-profile=no
-persistent=yes
-ignore=
-cache-size=500
-
-[REPORTS]
-output-format=text
-files-output=no
-reports=yes
-
-[BASIC]
-no-docstring-rgx=__.*__|_.*
-class-rgx=[A-Z_][a-zA-Z0-9_]+$
-function-rgx=[a-zA_][a-zA-Z0-9_]{2,70}$
-method-rgx=[a-z_][a-zA-Z0-9_]{2,70}$
-const-rgx=(([A-Z_][A-Z0-9_]*)|([a-z_][a-z0-9_]*)|(__.*__)|register|urlpatterns)$
-good-names=_,i,j,k,e,qs,pk,setUp,tearDown,el,ns,fd,js,nb,na,sp,SAML_SINGLE_LOGOUT_NOT_SUPPORTED,SAML_SINGLE_LOGOUT_NOT_SUPPORTED,NAMEID_WINDOWS_DOMAIN_QUALIFIED_NAME
-docstring-min-length=1
-
-disable=E0611,W0703,W0511,W1401,F0401,W0102,E1103,W0212,I0011
-
-[TYPECHECK]
-
-# Tells whether missing members accessed in mixin class should be ignored. A
-# mixin class is detected if its name ends with "mixin" (case insensitive).
-ignore-mixin-members=yes
-
-# List of module names for which member attributes should not be checked
-# (useful for modules/projects where namespaces are manipulated during runtime
-# and thus extisting member attributes cannot be deduced by static analysis
-ignored-modules=
-
-# List of classes names for which member attributes should not be checked
-# (useful for classes with attributes dynamically set).
-ignored-classes=SQLObject,WSGIRequest
-
-# When zope mode is activated, add a predefined set of Zope acquired attributes
-# to generated-members.
-zope=no
-
-# List of members which are set dynamically and missed by pylint inference
-# system, and so shouldn't trigger E0201 when accessed.
-generated-members=objects,DoesNotExist,id,pk,_meta,base_fields,context,views,save
-
-# List of method names used to declare (i.e. assign) instance attributes
-defining-attr-methods=__init__,__new__,setUp
-
-[VARIABLES]
-init-import=no
-dummy-variables-rgx=_|dummy
-
-[SIMILARITIES]
-min-similarity-lines=6
-ignore-comments=yes
-ignore-docstrings=yes
-[MISCELLANEOUS]
-notes=FIXME,XXX,TODO
-
-[FORMAT]
-max-line-length=200
-max-module-lines=1200
-indent-string='    '
-indent-after-paren=4
-
-[DESIGN]
-max-args=10
-max-locals=40
-max-returns=6
-max-branches=50
-max-statements=120
-max-parents=10
-max-attributes=10
-min-public-methods=0
-max-public-methods=100
diff --git a/tests/settings/settings10.json b/tests/settings/settings10.json
new file mode 100644
index 00000000..f118b4d0
--- /dev/null
+++ b/tests/settings/settings10.json
@@ -0,0 +1,46 @@
+{
+    "strict": false,
+    "debug": false,
+    "sp": {
+        "entityId": "http://stuff.com/endpoints/metadata.php",
+        "assertionConsumerService": {
+            "url": "http://stuff.com/endpoints/endpoints/acs.php"
+        },
+        "singleLogoutService": {
+            "url": "http://stuff.com/endpoints/endpoints/sls.php"
+        },
+        "NameIDFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
+    },
+    "idp": {
+        "entityId": "http://idp.example.com/",
+        "singleSignOnService": {
+            "url": "http://idp.example.com/SSOService.php"
+        },
+        "singleLogoutService": {
+            "url": "http://idp.example.com/SingleLogoutService.php"
+        },
+        "x509cert": "MIICbDCCAdWgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBTMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRgwFgYDVQQDDA9pZHAuZXhhbXBsZS5jb20wHhcNMTQwOTIzMTIyNDA4WhcNNDIwMjA4MTIyNDA4WjBTMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRgwFgYDVQQDDA9pZHAuZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOWA+YHU7cvPOrBOfxCscsYTJB+kH3MaA9BFrSHFS+KcR6cw7oPSktIJxUgvDpQbtfNcOkE/tuOPBDoech7AXfvH6d7Bw7xtW8PPJ2mB5Hn/HGW2roYhxmfh3tR5SdwN6i4ERVF8eLkvwCHsNQyK2Ref0DAJvpBNZMHCpS24916/AgMBAAGjUDBOMB0GA1UdDgQWBBQ77/qVeiigfhYDITplCNtJKZTM8DAfBgNVHSMEGDAWgBQ77/qVeiigfhYDITplCNtJKZTM8DAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBDQUAA4GBAJO2j/1uO80E5C2PM6Fk9mzerrbkxl7AZ/mvlbOn+sNZE+VZ1AntYuG8ekbJpJtG1YfRfc7EA9mEtqvv4dhv7zBy4nK49OR+KpIBjItWB5kYvrqMLKBa32sMbgqqUqeF1ENXKjpvLSuPdfGJZA3dNa/+Dyb8GGqWe707zLyc5F8m"
+    },
+    "security": {
+        "authnRequestsSigned": false,
+        "wantAssertionsSigned": false,
+        "signMetadata": false
+    },
+    "contactPerson": {
+        "technical": {
+            "givenName": "technical_name",
+            "emailAddress": "technical@example.com"
+        },
+        "support": {
+            "givenName": "support_name",
+            "emailAddress": "support@example.com"
+        }
+    },
+    "organization": {
+        "en-US": {
+            "name": "sp_test",
+            "displayname": "SP test",
+            "url": "http://sp.example.com"
+        }
+    }
+}
diff --git a/tests/settings/settings11.json b/tests/settings/settings11.json
new file mode 100644
index 00000000..a039b32d
--- /dev/null
+++ b/tests/settings/settings11.json
@@ -0,0 +1,48 @@
+{
+    "strict": false,
+    "debug": false,
+    "custom_base_path": "../../../tests/data/customPath/",
+    "sp": {
+        "entityId": "http://stuff.com/endpoints/metadata.php",
+        "assertionConsumerService": {
+            "url": "http://stuff.com/endpoints/endpoints/acs.php"
+        },
+        "singleLogoutService": {
+            "url": "http://stuff.com/endpoints/endpoints/sls.php"
+        },
+        "NameIDFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
+    },
+    "idp": {
+        "entityId": "http://idp.example.com/",
+        "singleSignOnService": {
+            "url": "http://idp.example.com/SSOService.php"
+        },
+        "singleLogoutService": {
+            "url": "http://idp.example.com/SingleLogoutService.php"
+        },
+        "x509cert": "MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMCTk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYDVQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xiZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2ZlaWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LONoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7nbK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2QarQ4/67OZfHd7R+POBXhophSMv1ZOo"
+    },
+    "security": {
+        "authnRequestsSigned": false,
+        "wantAssertionsSigned": false,
+        "signMetadata": false,
+        "allowRepeatAttributeName": true
+    },
+    "contactPerson": {
+        "technical": {
+            "givenName": "technical_name",
+            "emailAddress": "technical@example.com"
+        },
+        "support": {
+            "givenName": "support_name",
+            "emailAddress": "support@example.com"
+        }
+    },
+    "organization": {
+        "en-US": {
+            "name": "sp_test",
+            "displayname": "SP test",
+            "url": "http://sp.example.com"
+        }
+    }
+}
diff --git a/tests/settings/settings9.json b/tests/settings/settings9.json
new file mode 100644
index 00000000..351c5c95
--- /dev/null
+++ b/tests/settings/settings9.json
@@ -0,0 +1,46 @@
+{
+    "strict": false,
+    "debug": false,
+    "custom_base_path": "../../../tests/data/customPath/",
+    "sp": {
+        "entityId": "http://stuff.com/endpoints/metadata.php",
+        "assertionConsumerService": {
+            "url": "http://stuff.com/endpoints/endpoints/acs.php"
+        },
+        "singleLogoutService": {
+            "url": "http://stuff.com/endpoints/endpoints/sls.php"
+        },
+        "NameIDFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
+    },
+    "idp": {
+        "entityId": "http://idp.example.com/",
+        "singleSignOnService": {
+            "url": "http://idp.example.com/SSOService.php"
+        },
+        "singleLogoutService": {
+            "url": "http://idp.example.com/SingleLogoutService.php"
+        }
+    },
+    "security": {
+        "authnRequestsSigned": false,
+        "wantAssertionsSigned": false,
+        "signMetadata": false
+    },
+    "contactPerson": {
+        "technical": {
+            "givenName": "technical_name",
+            "emailAddress": "technical@example.com"
+        },
+        "support": {
+            "givenName": "support_name",
+            "emailAddress": "support@example.com"
+        }
+    },
+    "organization": {
+        "en-US": {
+            "name": "sp_test",
+            "displayname": "SP test",
+            "url": "http://sp.example.com"
+        }
+    }
+}
diff --git a/tests/src/OneLogin/saml2_tests/auth_test.py b/tests/src/OneLogin/saml2_tests/auth_test.py
index c7c391c7..455b2d28 100644
--- a/tests/src/OneLogin/saml2_tests/auth_test.py
+++ b/tests/src/OneLogin/saml2_tests/auth_test.py
@@ -1,7 +1,5 @@
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2010-2018 OneLogin, Inc.
-# MIT License
 
 from base64 import b64decode, b64encode
 import json
@@ -22,36 +20,32 @@
 
 
 class OneLogin_Saml2_Auth_Test(unittest.TestCase):
-    data_path = join(dirname(dirname(dirname(dirname(__file__)))), 'data')
-    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), 'settings')
+    data_path = join(dirname(dirname(dirname(dirname(__file__)))), "data")
+    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), "settings")
 
     # assertRaisesRegexp deprecated on python3
     def assertRaisesRegex(self, exception, regexp, msg=None):
-        if hasattr(unittest.TestCase, 'assertRaisesRegex'):
+        if hasattr(unittest.TestCase, "assertRaisesRegex"):
             return super(OneLogin_Saml2_Auth_Test, self).assertRaisesRegex(exception, regexp, msg=msg)
         else:
             return self.assertRaisesRegexp(exception, regexp)
 
-    def loadSettingsJSON(self, name='settings1.json'):
+    def loadSettingsJSON(self, name="settings1.json"):
         filename = join(self.settings_path, name)
         if exists(filename):
-            stream = open(filename, 'r')
+            stream = open(filename, "r")
             settings = json.load(stream)
             stream.close()
             return settings
 
     def file_contents(self, filename):
-        f = open(filename, 'r')
+        f = open(filename, "r")
         content = f.read()
         f.close()
         return content
 
     def get_request(self):
-        return {
-            'http_host': 'example.com',
-            'script_name': '/index.html',
-            'get_data': {}
-        }
+        return {"http_host": "example.com", "script_name": "/index.html", "get_data": {}}
 
     def testGetSettings(self):
         """
@@ -74,7 +68,7 @@ def testGetSSOurl(self):
         settings_info = self.loadSettingsJSON()
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
 
-        sso_url = settings_info['idp']['singleSignOnService']['url']
+        sso_url = settings_info["idp"]["singleSignOnService"]["url"]
         self.assertEqual(auth.get_sso_url(), sso_url)
 
     def testGetSLOurl(self):
@@ -84,9 +78,24 @@ def testGetSLOurl(self):
         settings_info = self.loadSettingsJSON()
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
 
-        slo_url = settings_info['idp']['singleLogoutService']['url']
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
         self.assertEqual(auth.get_slo_url(), slo_url)
 
+    def testGetSLOresponseUrl(self):
+        """
+        Tests the get_slo_response_url method of the OneLogin_Saml2_Auth class
+        """
+        settings_info = self.loadSettingsJSON()
+        settings_info["idp"]["singleLogoutService"]["responseUrl"] = "http://idp.example.com/SingleLogoutReturn.php"
+        auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
+        slo_url = settings_info["idp"]["singleLogoutService"]["responseUrl"]
+        self.assertEqual(auth.get_slo_response_url(), slo_url)
+        # test that the function falls back to the url setting if responseUrl is not set
+        settings_info["idp"]["singleLogoutService"].pop("responseUrl")
+        auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
+        self.assertEqual(auth.get_slo_response_url(), slo_url)
+
     def testGetSessionIndex(self):
         """
         Tests the get_session_index method of the OneLogin_Saml2_Auth class
@@ -96,16 +105,14 @@ def testGetSessionIndex(self):
         self.assertIsNone(auth.get_session_index())
 
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
-        del request_data['get_data']
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        message = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
+        del request_data["get_data"]
+        request_data["post_data"] = {"SAMLResponse": message}
         auth2 = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
         self.assertIsNone(auth2.get_session_index())
 
         auth2.process_response()
-        self.assertEqual('_6273d77b8cde0c333ec79d22a9fa0003b9fe2d75cb', auth2.get_session_index())
+        self.assertEqual("_6273d77b8cde0c333ec79d22a9fa0003b9fe2d75cb", auth2.get_session_index())
 
     def testGetSessionExpiration(self):
         """
@@ -116,11 +123,9 @@ def testGetSessionExpiration(self):
         self.assertIsNone(auth.get_session_expiration())
 
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
-        del request_data['get_data']
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        message = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
+        del request_data["get_data"]
+        request_data["post_data"] = {"SAMLResponse": message}
         auth2 = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
         self.assertIsNone(auth2.get_session_expiration())
 
@@ -133,15 +138,13 @@ def testGetLastErrorReason(self):
         Case Invalid Response
         """
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
-        del request_data['get_data']
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        message = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
+        del request_data["get_data"]
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
         auth.process_response()
 
-        self.assertEqual(auth.get_last_error_reason(), 'Signature validation failed. SAML Response rejected')
+        self.assertEqual(auth.get_last_error_reason(), "Signature validation failed. SAML Response rejected")
 
     def testProcessNoResponse(self):
         """
@@ -149,9 +152,9 @@ def testProcessNoResponse(self):
         Case No Response, An exception is throw
         """
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=self.loadSettingsJSON())
-        with self.assertRaisesRegex(OneLogin_Saml2_Error, 'SAML Response not found'):
+        with self.assertRaisesRegex(OneLogin_Saml2_Error, "SAML Response not found"):
             auth.process_response()
-        self.assertEqual(auth.get_errors(), ['invalid_binding'])
+        self.assertEqual(auth.get_errors(), ["invalid_binding"])
 
     def testProcessResponseInvalid(self):
         """
@@ -161,19 +164,17 @@ def testProcessResponseInvalid(self):
         the error array is not empty, contains 'invalid_response
         """
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
-        del request_data['get_data']
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        message = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
+        del request_data["get_data"]
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
         auth.process_response()
 
         self.assertFalse(auth.is_authenticated())
         self.assertEqual(len(auth.get_attributes()), 0)
         self.assertEqual(auth.get_nameid(), None)
-        self.assertEqual(auth.get_attribute('uid'), None)
-        self.assertEqual(auth.get_errors(), ['invalid_response'])
+        self.assertEqual(auth.get_attribute("uid"), None)
+        self.assertEqual(auth.get_errors(), ["invalid_response"])
 
     def testProcessResponseInvalidRequestId(self):
         """
@@ -181,27 +182,25 @@ def testProcessResponseInvalidRequestId(self):
         Case Invalid Response, Invalid requestID
         """
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'responses', 'unsigned_response.xml.base64'))
+        message = self.file_contents(join(self.data_path, "responses", "unsigned_response.xml.base64"))
         plain_message = compat.to_string(b64decode(message))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
-        del request_data['get_data']
-        request_data['post_data'] = {
-            'SAMLResponse': compat.to_string(b64encode(compat.to_bytes(plain_message)))
-        }
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
+        del request_data["get_data"]
+        request_data["post_data"] = {"SAMLResponse": compat.to_string(b64encode(compat.to_bytes(plain_message)))}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
-        request_id = 'invalid'
+        request_id = "invalid"
         auth.process_response(request_id)
-        self.assertEqual('No Signature found. SAML Response rejected', auth.get_last_error_reason())
+        self.assertEqual("No Signature found. SAML Response rejected", auth.get_last_error_reason())
 
         auth.set_strict(True)
         auth.process_response(request_id)
-        self.assertEqual(auth.get_errors(), ['invalid_response'])
-        self.assertEqual('The InResponseTo of the Response: _57bcbf70-7b1f-012e-c821-782bcb13bb38, does not match the ID of the AuthNRequest sent by the SP: invalid', auth.get_last_error_reason())
+        self.assertEqual(auth.get_errors(), ["invalid_response"])
+        self.assertEqual("The InResponseTo of the Response: _57bcbf70-7b1f-012e-c821-782bcb13bb38, does not match the ID of the AuthNRequest sent by the SP: invalid", auth.get_last_error_reason())
 
-        valid_request_id = '_57bcbf70-7b1f-012e-c821-782bcb13bb38'
+        valid_request_id = "_57bcbf70-7b1f-012e-c821-782bcb13bb38"
         auth.process_response(valid_request_id)
-        self.assertEqual('No Signature found. SAML Response rejected', auth.get_last_error_reason())
+        self.assertEqual("No Signature found. SAML Response rejected", auth.get_last_error_reason())
 
     def testProcessResponseValid(self):
         """
@@ -211,22 +210,22 @@ def testProcessResponseValid(self):
         the error array is empty
         """
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
-        del request_data['get_data']
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        message = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
+        del request_data["get_data"]
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
 
         auth.process_response()
         self.assertTrue(auth.is_authenticated())
         self.assertEqual(len(auth.get_errors()), 0)
-        self.assertEqual('492882615acf31c8096b627245d76ae53036c090', auth.get_nameid())
+        self.assertEqual("492882615acf31c8096b627245d76ae53036c090", auth.get_nameid())
         attributes = auth.get_attributes()
         self.assertNotEqual(len(attributes), 0)
-        self.assertEqual(auth.get_attribute('mail'), attributes['mail'])
+        self.assertEqual(auth.get_attribute("mail"), attributes["mail"])
+        friendlyname_attributes = auth.get_friendlyname_attributes()
+        self.assertEqual(len(friendlyname_attributes), 0)
         session_index = auth.get_session_index()
-        self.assertEqual('_6273d77b8cde0c333ec79d22a9fa0003b9fe2d75cb', session_index)
+        self.assertEqual("_6273d77b8cde0c333ec79d22a9fa0003b9fe2d75cb", session_index)
         self.assertEqual("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", auth.get_nameid_format())
         self.assertIsNone(auth.get_nameid_nq())
         self.assertEqual("http://stuff.com/endpoints/metadata.php", auth.get_nameid_spnq())
@@ -239,8 +238,8 @@ def testRedirectTo(self):
         Case redirect without url parameter
         """
         request_data = self.get_request()
-        relay_state = 'http://sp.example.com'
-        request_data['get_data']['RelayState'] = relay_state
+        relay_state = "http://sp.example.com"
+        request_data["get_data"]["RelayState"] = relay_state
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
         target_url = auth.redirect_to()
         self.assertEqual(target_url, relay_state)
@@ -253,9 +252,9 @@ def testRedirectTowithUrl(self):
         Case redirect with url parameter
         """
         request_data = self.get_request()
-        relay_state = 'http://sp.example.com'
-        url_2 = 'http://sp2.example.com'
-        request_data['get_data']['RelayState'] = relay_state
+        relay_state = "http://sp.example.com"
+        url_2 = "http://sp2.example.com"
+        request_data["get_data"]["RelayState"] = relay_state
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
         target_url = auth.redirect_to(url_2)
         self.assertEqual(target_url, url_2)
@@ -266,9 +265,9 @@ def testProcessNoSLO(self):
         Case No Message, An exception is throw
         """
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=self.loadSettingsJSON())
-        with self.assertRaisesRegex(OneLogin_Saml2_Error, 'SAML LogoutRequest/LogoutResponse not found'):
+        with self.assertRaisesRegex(OneLogin_Saml2_Error, "SAML LogoutRequest/LogoutResponse not found"):
             auth.process_slo(True)
-        self.assertEqual(auth.get_errors(), ['invalid_binding'])
+        self.assertEqual(auth.get_errors(), ["invalid_binding"])
 
     def testProcessSLOResponseInvalid(self):
         """
@@ -276,8 +275,8 @@ def testProcessSLOResponseInvalid(self):
         Case Invalid Logout Response
         """
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
-        request_data['get_data']['SAMLResponse'] = message
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
+        request_data["get_data"]["SAMLResponse"] = message
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
 
         auth.process_slo(True)
@@ -286,7 +285,7 @@ def testProcessSLOResponseInvalid(self):
         auth.set_strict(True)
         auth.process_slo(True)
         # The Destination fails
-        self.assertEqual(auth.get_errors(), ['invalid_logout_response'])
+        self.assertEqual(auth.get_errors(), ["invalid_logout_response"])
 
         auth.set_strict(False)
         auth.process_slo(True)
@@ -295,21 +294,21 @@ def testProcessSLOResponseInvalid(self):
     def testProcessSLOResponseNoSucess(self):
         """
         Tests the process_slo method of the OneLogin_Saml2_Auth class
-        Case Logout Response not sucess
+        Case Logout Response not success
         """
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'invalids', 'status_code_responder.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_responses", "invalids", "status_code_responder.xml.base64"))
         # In order to avoid the destination problem
         plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
-        request_data['get_data']['SAMLResponse'] = message
+        request_data["get_data"]["SAMLResponse"] = message
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
 
         auth.set_strict(True)
         auth.process_slo(True)
-        self.assertEqual(auth.get_errors(), ['logout_not_success'])
+        self.assertEqual(auth.get_errors(), ["logout_not_success"])
 
     def testProcessSLOResponseRequestId(self):
         """
@@ -317,21 +316,21 @@ def testProcessSLOResponseRequestId(self):
         Case Logout Response with valid and invalid Request ID
         """
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
         # In order to avoid the destination problem
         plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
-        request_data['get_data']['SAMLResponse'] = message
+        request_data["get_data"]["SAMLResponse"] = message
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
 
-        request_id = 'wrongID'
+        request_id = "wrongID"
         auth.set_strict(True)
         auth.process_slo(True, request_id)
-        self.assertEqual(auth.get_errors(), ['invalid_logout_response'])
+        self.assertEqual(auth.get_errors(), ["invalid_logout_response"])
 
-        request_id = 'ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e'
+        request_id = "ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e"
         auth.process_slo(True, request_id)
         self.assertEqual(len(auth.get_errors()), 0)
 
@@ -341,13 +340,13 @@ def testProcessSLOResponseValid(self):
         Case Valid Logout Response
         """
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
         # In order to avoid the destination problem
         plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
-        request_data['get_data']['SAMLResponse'] = message
+        request_data["get_data"]["SAMLResponse"] = message
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
 
         # FIXME
@@ -371,7 +370,7 @@ def testProcessSLOResponseValidDeletingSession(self):
         Case Valid Logout Response, validating deleting the local session
         """
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
 
         # FIXME
         # if (!isset($_SESSION)) {
@@ -382,9 +381,9 @@ def testProcessSLOResponseValidDeletingSession(self):
         # In order to avoid the destination problem
         plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
-        request_data['get_data']['SAMLResponse'] = message
+        request_data["get_data"]["SAMLResponse"] = message
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
 
         auth.set_strict(True)
@@ -402,29 +401,29 @@ def testProcessSLORequestInvalidValid(self):
         """
         settings_info = self.loadSettingsJSON()
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request_deflated.xml.base64'))
-        request_data['get_data']['SAMLRequest'] = message
+        message = self.file_contents(join(self.data_path, "logout_requests", "logout_request_deflated.xml.base64"))
+        request_data["get_data"]["SAMLRequest"] = message
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings_info)
         target_url = auth.process_slo(True)
         parsed_query = parse_qs(urlparse(target_url)[4])
         self.assertEqual(len(auth.get_errors()), 0)
-        slo_url = settings_info['idp']['singleLogoutService']['url']
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
         self.assertIn(slo_url, target_url)
-        self.assertIn('SAMLResponse', parsed_query)
+        self.assertIn("SAMLResponse", parsed_query)
         # self.assertNotIn('RelayState', parsed_query)
 
         auth.set_strict(True)
         auth.process_slo(True)
         # Fail due destination missmatch
-        self.assertEqual(auth.get_errors(), ['invalid_logout_request'])
+        self.assertEqual(auth.get_errors(), ["invalid_logout_request"])
 
         auth.set_strict(False)
         target_url_2 = auth.process_slo(True)
         parsed_query_2 = parse_qs(urlparse(target_url_2)[4])
         self.assertEqual(len(auth.get_errors()), 0)
-        slo_url = settings_info['idp']['singleLogoutService']['url']
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
         self.assertIn(slo_url, target_url_2)
-        self.assertIn('SAMLResponse', parsed_query_2)
+        self.assertIn("SAMLResponse", parsed_query_2)
         # self.assertNotIn('RelayState', parsed_query_2)
 
     def testProcessSLORequestNotOnOrAfterFailed(self):
@@ -433,18 +432,18 @@ def testProcessSLORequestNotOnOrAfterFailed(self):
         Case Logout Request NotOnOrAfter failed
         """
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'logout_requests', 'invalids', 'not_after_failed.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_requests", "invalids", "not_after_failed.xml.base64"))
         # In order to avoid the destination problem
         plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
-        request_data['get_data']['SAMLRequest'] = message
+        request_data["get_data"]["SAMLRequest"] = message
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
 
         auth.set_strict(True)
         auth.process_slo(True)
-        self.assertEqual(auth.get_errors(), ['invalid_logout_request'])
+        self.assertEqual(auth.get_errors(), ["invalid_logout_request"])
 
     def testProcessSLORequestDeletingSession(self):
         """
@@ -454,13 +453,13 @@ def testProcessSLORequestDeletingSession(self):
         """
         settings_info = self.loadSettingsJSON()
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_requests", "logout_request_deflated.xml.base64"))
         # In order to avoid the destination problem
         plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
-        request_data['get_data']['SAMLRequest'] = message
+        request_data["get_data"]["SAMLRequest"] = message
         # FIXME
         # if (!isset($_SESSION)) {
         #     $_SESSION = array();
@@ -471,9 +470,9 @@ def testProcessSLORequestDeletingSession(self):
         auth.set_strict(True)
         target_url = auth.process_slo(True)
         parsed_query = parse_qs(urlparse(target_url)[4])
-        slo_url = settings_info['idp']['singleLogoutService']['url']
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
         self.assertIn(slo_url, target_url)
-        self.assertIn('SAMLResponse', parsed_query)
+        self.assertIn("SAMLResponse", parsed_query)
         # self.assertNotIn('RelayState', parsed_query)
 
         # FIXME // Session is not alive
@@ -485,9 +484,9 @@ def testProcessSLORequestDeletingSession(self):
         target_url_2 = auth.process_slo(True)
         target_url_2 = auth.process_slo(True)
         parsed_query_2 = parse_qs(urlparse(target_url_2)[4])
-        slo_url = settings_info['idp']['singleLogoutService']['url']
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
         self.assertIn(slo_url, target_url_2)
-        self.assertIn('SAMLResponse', parsed_query_2)
+        self.assertIn("SAMLResponse", parsed_query_2)
         # self.assertNotIn('RelayState', parsed_query_2)
 
         # FIXME // Session is alive
@@ -502,24 +501,24 @@ def testProcessSLORequestRelayState(self):
         """
         settings_info = self.loadSettingsJSON()
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_requests", "logout_request_deflated.xml.base64"))
         # In order to avoid the destination problem
         plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
-        request_data['get_data']['SAMLRequest'] = message
-        request_data['get_data']['RelayState'] = 'http://relaystate.com'
+        request_data["get_data"]["SAMLRequest"] = message
+        request_data["get_data"]["RelayState"] = "http://relaystate.com"
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings_info)
 
         auth.set_strict(True)
         target_url = auth.process_slo(False)
         parsed_query = parse_qs(urlparse(target_url)[4])
-        slo_url = settings_info['idp']['singleLogoutService']['url']
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
         self.assertIn(slo_url, target_url)
-        self.assertIn('SAMLResponse', parsed_query)
-        self.assertIn('RelayState', parsed_query)
-        self.assertIn('http://relaystate.com', parsed_query['RelayState'])
+        self.assertIn("SAMLResponse", parsed_query)
+        self.assertIn("RelayState", parsed_query)
+        self.assertIn("http://relaystate.com", parsed_query["RelayState"])
 
     def testProcessSLORequestSignedResponse(self):
         """
@@ -528,29 +527,29 @@ def testProcessSLORequestSignedResponse(self):
         a signed LogoutResponse is created and a redirection executed
         """
         settings_info = self.loadSettingsJSON()
-        settings_info['security']['logoutResponseSigned'] = True
+        settings_info["security"]["logoutResponseSigned"] = True
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_requests", "logout_request_deflated.xml.base64"))
         # In order to avoid the destination problem
         plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
-        request_data['get_data']['SAMLRequest'] = message
-        request_data['get_data']['RelayState'] = 'http://relaystate.com'
+        request_data["get_data"]["SAMLRequest"] = message
+        request_data["get_data"]["RelayState"] = "http://relaystate.com"
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings_info)
 
         auth.set_strict(True)
         target_url = auth.process_slo(False)
         parsed_query = parse_qs(urlparse(target_url)[4])
-        slo_url = settings_info['idp']['singleLogoutService']['url']
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
         self.assertIn(slo_url, target_url)
-        self.assertIn('SAMLResponse', parsed_query)
-        self.assertIn('RelayState', parsed_query)
-        self.assertIn('SigAlg', parsed_query)
-        self.assertIn('Signature', parsed_query)
-        self.assertIn('http://relaystate.com', parsed_query['RelayState'])
-        self.assertIn(OneLogin_Saml2_Constants.RSA_SHA1, parsed_query['SigAlg'])
+        self.assertIn("SAMLResponse", parsed_query)
+        self.assertIn("RelayState", parsed_query)
+        self.assertIn("SigAlg", parsed_query)
+        self.assertIn("Signature", parsed_query)
+        self.assertIn("http://relaystate.com", parsed_query["RelayState"])
+        self.assertIn(OneLogin_Saml2_Constants.RSA_SHA256, parsed_query["SigAlg"])
 
     def testLogin(self):
         """
@@ -563,12 +562,12 @@ def testLogin(self):
 
         target_url = auth.login()
         parsed_query = parse_qs(urlparse(target_url)[4])
-        sso_url = settings_info['idp']['singleSignOnService']['url']
+        sso_url = settings_info["idp"]["singleSignOnService"]["url"]
         self.assertIn(sso_url, target_url)
-        self.assertIn('SAMLRequest', parsed_query)
-        self.assertIn('RelayState', parsed_query)
+        self.assertIn("SAMLRequest", parsed_query)
+        self.assertIn("RelayState", parsed_query)
         hostname = OneLogin_Saml2_Utils.get_self_host(request_data)
-        self.assertIn(u'http://%s/index.html' % hostname, parsed_query['RelayState'])
+        self.assertIn("http://%s/index.html" % hostname, parsed_query["RelayState"])
 
     def testLoginWithRelayState(self):
         """
@@ -578,15 +577,15 @@ def testLoginWithRelayState(self):
         """
         settings_info = self.loadSettingsJSON()
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
-        relay_state = 'http://sp.example.com'
+        relay_state = "http://sp.example.com"
 
         target_url = auth.login(relay_state)
         parsed_query = parse_qs(urlparse(target_url)[4])
-        sso_url = settings_info['idp']['singleSignOnService']['url']
+        sso_url = settings_info["idp"]["singleSignOnService"]["url"]
         self.assertIn(sso_url, target_url)
-        self.assertIn('SAMLRequest', parsed_query)
-        self.assertIn('RelayState', parsed_query)
-        self.assertIn(relay_state, parsed_query['RelayState'])
+        self.assertIn("SAMLRequest", parsed_query)
+        self.assertIn("RelayState", parsed_query)
+        self.assertIn(relay_state, parsed_query["RelayState"])
 
     def testLoginSigned(self):
         """
@@ -594,20 +593,20 @@ def testLoginSigned(self):
         Case Login signed. An AuthnRequest signed is built an redirect executed
         """
         settings_info = self.loadSettingsJSON()
-        settings_info['security']['authnRequestsSigned'] = True
+        settings_info["security"]["authnRequestsSigned"] = True
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
-        return_to = u'http://example.com/returnto'
+        return_to = "http://example.com/returnto"
 
         target_url = auth.login(return_to)
         parsed_query = parse_qs(urlparse(target_url)[4])
-        sso_url = settings_info['idp']['singleSignOnService']['url']
+        sso_url = settings_info["idp"]["singleSignOnService"]["url"]
         self.assertIn(sso_url, target_url)
-        self.assertIn('SAMLRequest', parsed_query)
-        self.assertIn('RelayState', parsed_query)
-        self.assertIn('SigAlg', parsed_query)
-        self.assertIn('Signature', parsed_query)
-        self.assertIn(return_to, parsed_query['RelayState'])
-        self.assertIn(OneLogin_Saml2_Constants.RSA_SHA1, parsed_query['SigAlg'])
+        self.assertIn("SAMLRequest", parsed_query)
+        self.assertIn("RelayState", parsed_query)
+        self.assertIn("SigAlg", parsed_query)
+        self.assertIn("Signature", parsed_query)
+        self.assertIn(return_to, parsed_query["RelayState"])
+        self.assertIn(OneLogin_Saml2_Constants.RSA_SHA256, parsed_query["SigAlg"])
 
     def testLoginForceAuthN(self):
         """
@@ -615,31 +614,31 @@ def testLoginForceAuthN(self):
         Case AuthN Request is built with ForceAuthn and redirect executed
         """
         settings_info = self.loadSettingsJSON()
-        return_to = u'http://example.com/returnto'
+        return_to = "http://example.com/returnto"
 
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
         target_url = auth.login(return_to)
         parsed_query = parse_qs(urlparse(target_url)[4])
-        sso_url = settings_info['idp']['singleSignOnService']['url']
+        sso_url = settings_info["idp"]["singleSignOnService"]["url"]
         self.assertIn(sso_url, target_url)
-        self.assertIn('SAMLRequest', parsed_query)
-        request = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query['SAMLRequest'][0]))
+        self.assertIn("SAMLRequest", parsed_query)
+        request = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query["SAMLRequest"][0]))
         self.assertNotIn('ForceAuthn="true"', request)
 
         auth_2 = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
         target_url_2 = auth_2.login(return_to, False, False)
         parsed_query_2 = parse_qs(urlparse(target_url_2)[4])
         self.assertIn(sso_url, target_url_2)
-        self.assertIn('SAMLRequest', parsed_query_2)
-        request_2 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_2['SAMLRequest'][0]))
+        self.assertIn("SAMLRequest", parsed_query_2)
+        request_2 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_2["SAMLRequest"][0]))
         self.assertNotIn('ForceAuthn="true"', request_2)
 
         auth_3 = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
         target_url_3 = auth_3.login(return_to, True, False)
         parsed_query_3 = parse_qs(urlparse(target_url_3)[4])
         self.assertIn(sso_url, target_url_3)
-        self.assertIn('SAMLRequest', parsed_query_3)
-        request_3 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_3['SAMLRequest'][0]))
+        self.assertIn("SAMLRequest", parsed_query_3)
+        request_3 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_3["SAMLRequest"][0]))
         self.assertIn('ForceAuthn="true"', request_3)
 
     def testLoginIsPassive(self):
@@ -648,32 +647,32 @@ def testLoginIsPassive(self):
         Case AuthN Request is built with IsPassive and redirect executed
         """
         settings_info = self.loadSettingsJSON()
-        return_to = u'http://example.com/returnto'
-        settings_info['idp']['singleSignOnService']['url']
+        return_to = "http://example.com/returnto"
+        settings_info["idp"]["singleSignOnService"]["url"]
 
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
         target_url = auth.login(return_to)
         parsed_query = parse_qs(urlparse(target_url)[4])
-        sso_url = settings_info['idp']['singleSignOnService']['url']
+        sso_url = settings_info["idp"]["singleSignOnService"]["url"]
         self.assertIn(sso_url, target_url)
-        self.assertIn('SAMLRequest', parsed_query)
-        request = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query['SAMLRequest'][0]))
+        self.assertIn("SAMLRequest", parsed_query)
+        request = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query["SAMLRequest"][0]))
         self.assertNotIn('IsPassive="true"', request)
 
         auth_2 = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
         target_url_2 = auth_2.login(return_to, False, False)
         parsed_query_2 = parse_qs(urlparse(target_url_2)[4])
         self.assertIn(sso_url, target_url_2)
-        self.assertIn('SAMLRequest', parsed_query_2)
-        request_2 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_2['SAMLRequest'][0]))
+        self.assertIn("SAMLRequest", parsed_query_2)
+        request_2 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_2["SAMLRequest"][0]))
         self.assertNotIn('IsPassive="true"', request_2)
 
         auth_3 = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
         target_url_3 = auth_3.login(return_to, False, True)
         parsed_query_3 = parse_qs(urlparse(target_url_3)[4])
         self.assertIn(sso_url, target_url_3)
-        self.assertIn('SAMLRequest', parsed_query_3)
-        request_3 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_3['SAMLRequest'][0]))
+        self.assertIn("SAMLRequest", parsed_query_3)
+        request_3 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_3["SAMLRequest"][0]))
         self.assertIn('IsPassive="true"', request_3)
 
     def testLoginSetNameIDPolicy(self):
@@ -682,33 +681,33 @@ def testLoginSetNameIDPolicy(self):
         Case AuthN Request is built with and without NameIDPolicy
         """
         settings_info = self.loadSettingsJSON()
-        return_to = u'http://example.com/returnto'
-        settings_info['idp']['singleSignOnService']['url']
+        return_to = "http://example.com/returnto"
+        settings_info["idp"]["singleSignOnService"]["url"]
 
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
         target_url = auth.login(return_to)
         parsed_query = parse_qs(urlparse(target_url)[4])
-        sso_url = settings_info['idp']['singleSignOnService']['url']
+        sso_url = settings_info["idp"]["singleSignOnService"]["url"]
         self.assertIn(sso_url, target_url)
-        self.assertIn('SAMLRequest', parsed_query)
-        request = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query['SAMLRequest'][0]))
-        self.assertIn('<samlp:NameIDPolicy', request)
+        self.assertIn("SAMLRequest", parsed_query)
+        request = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query["SAMLRequest"][0]))
+        self.assertIn("<samlp:NameIDPolicy", request)
 
         auth_2 = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
         target_url_2 = auth_2.login(return_to, False, False, True)
         parsed_query_2 = parse_qs(urlparse(target_url_2)[4])
         self.assertIn(sso_url, target_url_2)
-        self.assertIn('SAMLRequest', parsed_query_2)
-        request_2 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_2['SAMLRequest'][0]))
-        self.assertIn('<samlp:NameIDPolicy', request_2)
+        self.assertIn("SAMLRequest", parsed_query_2)
+        request_2 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_2["SAMLRequest"][0]))
+        self.assertIn("<samlp:NameIDPolicy", request_2)
 
         auth_3 = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
         target_url_3 = auth_3.login(return_to, False, False, False)
         parsed_query_3 = parse_qs(urlparse(target_url_3)[4])
         self.assertIn(sso_url, target_url_3)
-        self.assertIn('SAMLRequest', parsed_query_3)
-        request_3 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_3['SAMLRequest'][0]))
-        self.assertNotIn('<samlp:NameIDPolicy', request_3)
+        self.assertIn("SAMLRequest", parsed_query_3)
+        request_3 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_3["SAMLRequest"][0]))
+        self.assertNotIn("<samlp:NameIDPolicy", request_3)
 
     def testLoginWithSubject(self):
         """
@@ -716,37 +715,37 @@ def testLoginWithSubject(self):
         Case AuthN Request is built with and without Subject
         """
         settings_info = self.loadSettingsJSON()
-        return_to = u'http://example.com/returnto'
-        sso_url = settings_info['idp']['singleSignOnService']['url']
+        return_to = "http://example.com/returnto"
+        sso_url = settings_info["idp"]["singleSignOnService"]["url"]
 
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
         target_url = auth.login(return_to)
         parsed_query = parse_qs(urlparse(target_url)[4])
         self.assertIn(sso_url, target_url)
-        self.assertIn('SAMLRequest', parsed_query)
-        request = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query['SAMLRequest'][0]))
-        self.assertNotIn('<saml:Subject>', request)
-        self.assertNotIn('<saml:NameID', request)
-        self.assertNotIn('<saml:saml:SubjectConfirmation', request)
+        self.assertIn("SAMLRequest", parsed_query)
+        request = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query["SAMLRequest"][0]))
+        self.assertNotIn("<saml:Subject>", request)
+        self.assertNotIn("<saml:NameID", request)
+        self.assertNotIn("<saml:saml:SubjectConfirmation", request)
 
         auth_2 = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
-        target_url_2 = auth_2.login(return_to, name_id_value_req='testuser@example.com')
+        target_url_2 = auth_2.login(return_to, name_id_value_req="testuser@example.com")
         parsed_query_2 = parse_qs(urlparse(target_url_2)[4])
         self.assertIn(sso_url, target_url_2)
-        self.assertIn('SAMLRequest', parsed_query_2)
-        request_2 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_2['SAMLRequest'][0]))
-        self.assertIn('<saml:Subject>', request_2)
+        self.assertIn("SAMLRequest", parsed_query_2)
+        request_2 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_2["SAMLRequest"][0]))
+        self.assertIn("<saml:Subject>", request_2)
         self.assertIn('Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">testuser@example.com</saml:NameID>', request_2)
         self.assertIn('<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">', request_2)
 
-        settings_info['sp']['NameIDFormat'] = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
+        settings_info["sp"]["NameIDFormat"] = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
         auth_3 = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
-        target_url_3 = auth_3.login(return_to, name_id_value_req='testuser@example.com')
+        target_url_3 = auth_3.login(return_to, name_id_value_req="testuser@example.com")
         parsed_query_3 = parse_qs(urlparse(target_url_3)[4])
         self.assertIn(sso_url, target_url_3)
-        self.assertIn('SAMLRequest', parsed_query_3)
-        request_3 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_3['SAMLRequest'][0]))
-        self.assertIn('<saml:Subject>', request_3)
+        self.assertIn("SAMLRequest", parsed_query_3)
+        request_3 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query_3["SAMLRequest"][0]))
+        self.assertIn("<saml:Subject>", request_3)
         self.assertIn('Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">testuser@example.com</saml:NameID>', request_3)
         self.assertIn('<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">', request_3)
 
@@ -762,12 +761,12 @@ def testLogout(self):
 
         target_url = auth.logout()
         parsed_query = parse_qs(urlparse(target_url)[4])
-        slo_url = settings_info['idp']['singleLogoutService']['url']
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
         self.assertIn(slo_url, target_url)
-        self.assertIn('SAMLRequest', parsed_query)
-        self.assertIn('RelayState', parsed_query)
+        self.assertIn("SAMLRequest", parsed_query)
+        self.assertIn("RelayState", parsed_query)
         hostname = OneLogin_Saml2_Utils.get_self_host(request_data)
-        self.assertIn(u'http://%s/index.html' % hostname, parsed_query['RelayState'])
+        self.assertIn("http://%s/index.html" % hostname, parsed_query["RelayState"])
 
     def testLogoutWithRelayState(self):
         """
@@ -777,15 +776,15 @@ def testLogoutWithRelayState(self):
         """
         settings_info = self.loadSettingsJSON()
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
-        relay_state = 'http://sp.example.com'
+        relay_state = "http://sp.example.com"
 
         target_url = auth.logout(relay_state)
         parsed_query = parse_qs(urlparse(target_url)[4])
-        slo_url = settings_info['idp']['singleLogoutService']['url']
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
         self.assertIn(slo_url, target_url)
-        self.assertIn('SAMLRequest', parsed_query)
-        self.assertIn('RelayState', parsed_query)
-        self.assertIn(relay_state, parsed_query['RelayState'])
+        self.assertIn("SAMLRequest", parsed_query)
+        self.assertIn("RelayState", parsed_query)
+        self.assertIn(relay_state, parsed_query["RelayState"])
 
     def testLogoutSigned(self):
         """
@@ -794,20 +793,20 @@ def testLogoutSigned(self):
         the assertion is built and redirect executed
         """
         settings_info = self.loadSettingsJSON()
-        settings_info['security']['logoutRequestSigned'] = True
+        settings_info["security"]["logoutRequestSigned"] = True
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
-        return_to = u'http://example.com/returnto'
+        return_to = "http://example.com/returnto"
 
         target_url = auth.logout(return_to)
         parsed_query = parse_qs(urlparse(target_url)[4])
-        slo_url = settings_info['idp']['singleLogoutService']['url']
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
         self.assertIn(slo_url, target_url)
-        self.assertIn('SAMLRequest', parsed_query)
-        self.assertIn('RelayState', parsed_query)
-        self.assertIn('SigAlg', parsed_query)
-        self.assertIn('Signature', parsed_query)
-        self.assertIn(return_to, parsed_query['RelayState'])
-        self.assertIn(OneLogin_Saml2_Constants.RSA_SHA1, parsed_query['SigAlg'])
+        self.assertIn("SAMLRequest", parsed_query)
+        self.assertIn("RelayState", parsed_query)
+        self.assertIn("SigAlg", parsed_query)
+        self.assertIn("Signature", parsed_query)
+        self.assertIn(return_to, parsed_query["RelayState"])
+        self.assertIn(OneLogin_Saml2_Constants.RSA_SHA256, parsed_query["SigAlg"])
 
     def testLogoutNoSLO(self):
         """
@@ -815,11 +814,11 @@ def testLogoutNoSLO(self):
         Case IdP no SLO endpoint.
         """
         settings_info = self.loadSettingsJSON()
-        del settings_info['idp']['singleLogoutService']
+        del settings_info["idp"]["singleLogoutService"]
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
         # The Header of the redirect produces an Exception
-        with self.assertRaisesRegex(OneLogin_Saml2_Error, 'The IdP does not support Single Log Out'):
-            auth.logout('http://example.com/returnto')
+        with self.assertRaisesRegex(OneLogin_Saml2_Error, "The IdP does not support Single Log Out"):
+            auth.logout("http://example.com/returnto")
 
     def testLogoutNameIDandSessionIndex(self):
         """
@@ -830,15 +829,15 @@ def testLogoutNameIDandSessionIndex(self):
         request_data = self.get_request()
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings_info)
 
-        name_id = 'name_id_example'
-        session_index = 'session_index_example'
+        name_id = "name_id_example"
+        session_index = "session_index_example"
         target_url = auth.logout(name_id=name_id, session_index=session_index)
         parsed_query = parse_qs(urlparse(target_url)[4])
-        slo_url = settings_info['idp']['singleLogoutService']['url']
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
         self.assertIn(slo_url, target_url)
-        self.assertIn('SAMLRequest', parsed_query)
+        self.assertIn("SAMLRequest", parsed_query)
 
-        logout_request = OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query['SAMLRequest'][0])
+        logout_request = OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query["SAMLRequest"][0])
         name_id_from_request = OneLogin_Saml2_Logout_Request.get_nameid(logout_request)
         sessions_index_in_request = OneLogin_Saml2_Logout_Request.get_session_indexes(logout_request)
         self.assertIn(session_index, sessions_index_in_request)
@@ -850,11 +849,9 @@ def testLogoutNameID(self):
         Case nameID loaded after process SAML Response
         """
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
-        del request_data['get_data']
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        message = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
+        del request_data["get_data"]
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
         auth.process_response()
 
@@ -863,8 +860,8 @@ def testLogoutNameID(self):
 
         target_url = auth.logout()
         parsed_query = parse_qs(urlparse(target_url)[4])
-        self.assertIn('SAMLRequest', parsed_query)
-        logout_request = OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query['SAMLRequest'][0])
+        self.assertIn("SAMLRequest", parsed_query)
+        logout_request = OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query["SAMLRequest"][0])
 
         name_id_from_request = OneLogin_Saml2_Logout_Request.get_nameid(logout_request)
         name_id_format_from_request = OneLogin_Saml2_Logout_Request.get_nameid_format(logout_request)
@@ -875,8 +872,8 @@ def testLogoutNameID(self):
         new_name_id_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
         target_url_2 = auth.logout(name_id=new_name_id, name_id_format=new_name_id_format)
         parsed_query = parse_qs(urlparse(target_url_2)[4])
-        self.assertIn('SAMLRequest', parsed_query)
-        logout_request = OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query['SAMLRequest'][0])
+        self.assertIn("SAMLRequest", parsed_query)
+        logout_request = OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query["SAMLRequest"][0])
 
         name_id_from_request = OneLogin_Saml2_Logout_Request.get_nameid(logout_request)
         name_id_format_from_request = OneLogin_Saml2_Logout_Request.get_nameid_format(logout_request)
@@ -888,7 +885,7 @@ def testSetStrict(self):
         Tests the set_strict method of the OneLogin_Saml2_Auth
         """
         settings_info = self.loadSettingsJSON()
-        settings_info['strict'] = False
+        settings_info["strict"] = False
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
 
         settings = auth.get_settings()
@@ -902,26 +899,22 @@ def testSetStrict(self):
         settings = auth.get_settings()
         self.assertFalse(settings.is_strict())
 
-        self.assertRaises(AssertionError, auth.set_strict, '42')
+        self.assertRaises(AssertionError, auth.set_strict, "42")
 
     def testIsAuthenticated(self):
         """
         Tests the is_authenticated method of the OneLogin_Saml2_Auth
         """
         request_data = self.get_request()
-        del request_data['get_data']
-        message = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        del request_data["get_data"]
+        message = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
         auth.process_response()
         self.assertFalse(auth.is_authenticated())
 
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        message = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
         auth.process_response()
         self.assertTrue(auth.is_authenticated())
@@ -932,30 +925,24 @@ def testGetNameId(self):
         """
         settings = self.loadSettingsJSON()
         request_data = self.get_request()
-        del request_data['get_data']
-        message = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        del request_data["get_data"]
+        message = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_response()
         self.assertFalse(auth.is_authenticated())
         self.assertEqual(auth.get_nameid(), None)
 
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        message = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_response()
         self.assertTrue(auth.is_authenticated())
         self.assertEqual("492882615acf31c8096b627245d76ae53036c090", auth.get_nameid())
 
-        settings_2 = self.loadSettingsJSON('settings2.json')
-        message = self.file_contents(join(self.data_path, 'responses', 'signed_message_encrypted_assertion2.xml.base64'))
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        settings_2 = self.loadSettingsJSON("settings2.json")
+        message = self.file_contents(join(self.data_path, "responses", "signed_message_encrypted_assertion2.xml.base64"))
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings_2)
         auth.process_response()
         self.assertTrue(auth.is_authenticated())
@@ -967,30 +954,24 @@ def testGetNameIdFormat(self):
         """
         settings = self.loadSettingsJSON()
         request_data = self.get_request()
-        del request_data['get_data']
-        message = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        del request_data["get_data"]
+        message = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_response()
         self.assertFalse(auth.is_authenticated())
         self.assertEqual(auth.get_nameid_format(), None)
 
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        message = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_response()
         self.assertTrue(auth.is_authenticated())
         self.assertEqual("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", auth.get_nameid_format())
 
-        settings_2 = self.loadSettingsJSON('settings2.json')
-        message = self.file_contents(join(self.data_path, 'responses', 'signed_message_encrypted_assertion2.xml.base64'))
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        settings_2 = self.loadSettingsJSON("settings2.json")
+        message = self.file_contents(join(self.data_path, "responses", "signed_message_encrypted_assertion2.xml.base64"))
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings_2)
         auth.process_response()
         self.assertTrue(auth.is_authenticated())
@@ -1001,11 +982,9 @@ def testGetNameIdNameQualifier(self):
         Tests the get_nameid_nq method of the OneLogin_Saml2_Auth
         """
         settings = self.loadSettingsJSON()
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response_with_namequalifier.xml.base64'))
+        message = self.file_contents(join(self.data_path, "responses", "valid_response_with_namequalifier.xml.base64"))
         request_data = self.get_request()
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         self.assertIsNone(auth.get_nameid_nq())
         auth.process_response()
@@ -1017,11 +996,9 @@ def testGetNameIdNameQualifier2(self):
         Tests the get_nameid_nq method of the OneLogin_Saml2_Auth
         """
         settings = self.loadSettingsJSON()
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
+        message = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
         request_data = self.get_request()
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         self.assertIsNone(auth.get_nameid_nq())
         auth.process_response()
@@ -1033,11 +1010,9 @@ def testGetNameIdSPNameQualifier(self):
         Tests the get_nameid_spnq method of the OneLogin_Saml2_Auth
         """
         settings = self.loadSettingsJSON()
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response_with_namequalifier.xml.base64'))
+        message = self.file_contents(join(self.data_path, "responses", "valid_response_with_namequalifier.xml.base64"))
         request_data = self.get_request()
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         self.assertIsNone(auth.get_nameid_spnq())
         auth.process_response()
@@ -1049,11 +1024,9 @@ def testGetNameIdSPNameQualifier2(self):
         Tests the get_nameid_spnq method of the OneLogin_Saml2_Auth
         """
         settings = self.loadSettingsJSON()
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
+        message = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
         request_data = self.get_request()
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         self.assertIsNone(auth.get_nameid_spnq())
         auth.process_response()
@@ -1065,17 +1038,17 @@ def testBuildRequestSignature(self):
         Tests the build_request_signature method of the OneLogin_Saml2_Auth
         """
         settings = self.loadSettingsJSON()
-        message = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request_deflated.xml.base64'))
-        relay_state = 'http://relaystate.com'
+        message = self.file_contents(join(self.data_path, "logout_requests", "logout_request_deflated.xml.base64"))
+        relay_state = "http://relaystate.com"
         parameters = {"SAMLRequest": message, "RelayState": relay_state}
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings)
 
         auth.add_request_signature(parameters)
-        valid_signature = 'Pb1EXAX5TyipSJ1SndEKZstLQTsT+1D00IZAhEepBM+OkAZQSToivu3njgJu47HZiZAqgXZFgloBuuWE/+GdcSsRYEMkEkiSDWTpUr25zKYLJDSg6GNo6iAHsKSuFt46Z54Xe/keYxYP03Hdy97EwuuSjBzzgRc5tmpV+KC7+a0='
+        valid_signature = "CqdIlbO6GieeJFV+PYqyqz1QVJunQXdZZl+ZyIby9O3/eMJM0XHi+TWReRrpgNxKkbmmvx5fp/t7mphbLiVYNMgGINEaaa/OfoaGwU9GM5YCVULA2t7qZBel1yrIXGMxijJizB7UPR2ZMo4G+Wdhx1zbmbB0GYM0A27w6YCe/+k="
         self.assertEqual(valid_signature, parameters["Signature"])
 
-        settings['sp']['privateKey'] = ''
-        settings['custom_base_path'] = u'invalid/path/'
+        settings["sp"]["privateKey"] = ""
+        settings["custom_base_path"] = "invalid/path/"
         auth2 = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings)
         with self.assertRaisesRegex(OneLogin_Saml2_Error, "Trying to sign the SAMLRequest but can't load the SP private key"):
             auth2.add_request_signature(parameters)
@@ -1085,18 +1058,18 @@ def testBuildResponseSignature(self):
         Tests the build_response_signature method of the OneLogin_Saml2_Auth
         """
         settings = self.loadSettingsJSON()
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
-        relay_state = 'http://relaystate.com'
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
+        relay_state = "http://relaystate.com"
         auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings)
 
-        parameters = {"SAMLResponse": message, 'RelayState': relay_state}
+        parameters = {"SAMLResponse": message, "RelayState": relay_state}
 
         auth.add_response_signature(parameters)
-        valid_signature = 'IcyWLRX6Dz3wHBfpcUaNLVDMGM3uo6z2Z11Gjq0/APPJaHboKGljffsgMVAGBml497yckq+eYKmmz+jpURV9yTj2sF9qfD6CwX2dEzSzMdRzB40X7pWyHgEJGIhs6BhaOt5oXEk4T+h3AczERqpVYFpL00yo7FNtyQkhZFpHFhM='
-        self.assertEqual(valid_signature, parameters['Signature'])
+        valid_signature = "fFGaOuO/2+ch/xlwU5o7iS6R+v2quWchLAtiDyQTxStFQZKY1NsBs/eYIin2Meq7oTl1Ks6tpT6JshH5OwhPh/08K7M2oa6FIKb99cjg+jIJ/WwpuJ5h9SH0XXP8y3RLhCxLIomHDsBOGQK8WvOlXFUg+9nvOaEMNi6raUWrGhA="
+        self.assertEqual(valid_signature, parameters["Signature"])
 
-        settings['sp']['privateKey'] = ''
-        settings['custom_base_path'] = u'invalid/path/'
+        settings["sp"]["privateKey"] = ""
+        settings["custom_base_path"] = "invalid/path/"
         auth2 = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings)
         with self.assertRaisesRegex(OneLogin_Saml2_Error, "Trying to sign the SAMLResponse but can't load the SP private key"):
             auth2.add_response_signature(parameters)
@@ -1105,186 +1078,231 @@ def testIsInValidLogoutResponseSign(self):
         """
         Tests the is_valid method of the OneLogin_Saml2_LogoutResponse
         """
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html',
-            'get_data': {}
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html", "get_data": {}}
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
 
         settings.set_strict(False)
-        request_data['get_data'] = {
-            'SAMLResponse': 'fZJva8IwEMa/Ssl7TZrW/gnqGHMMwSlM8cXeyLU9NaxNQi9lfvxVZczB5ptwSe733MPdjQma2qmFPdjOvyE5awiDU1MbUpevCetaoyyQJmWgQVK+VOvH14WSQ6Fca70tbc1ukPsEEGHrtTUsmM8mbDfKUhnFci8gliGINI/yXIAAiYnsw6JIRgWWAKlkwRZb6skJ64V6nKjDuSEPxvdPIowHIhpIsQkTFaYqSt9ZMEPy2oC/UEfvHSnOnfZFV38MjR1oN7TtgRv8tAZre9CGV9jYkGtT4Wnoju6Bauprme/ebOyErZbPi9XLfLnDoohwhHGc5WVSVhjCKM6rBMpYQpWJrIizfZ4IZNPxuTPqYrmd/m+EdONqPOfy8yG5rhxv0EMFHs52xvxWaHyd3tqD7+j37clWGGyh7vD+POiSrdZdWSIR49NrhR9R/teGTL8A',
-            'RelayState': 'https://pitbulk.no-ip.org/newonelogin/demo1/index.php',
-            'SigAlg': 'http://www.w3.org/2000/09/xmldsig#rsa-sha1',
-            'Signature': 'vfWbbc47PkP3ejx4bjKsRX7lo9Ml1WRoE5J5owF/0mnyKHfSY6XbhO1wwjBV5vWdrUVX+xp6slHyAf4YoAsXFS0qhan6txDiZY4Oec6yE+l10iZbzvie06I4GPak4QrQ4gAyXOSzwCrRmJu4gnpeUxZ6IqKtdrKfAYRAcVfNKGA='
+        request_data["get_data"] = {
+            "SAMLResponse": "fZJva8IwEMa/Ssl7TZrW/gnqGHMMwSlM8cXeyLU9NaxNQi9lfvxVZczB5ptwSe733MPdjQma2qmFPdjOvyE5awiDU1MbUpevCetaoyyQJmWgQVK+VOvH14WSQ6Fca70tbc1ukPsEEGHrtTUsmM8mbDfKUhnFci8gliGINI/yXIAAiYnsw6JIRgWWAKlkwRZb6skJ64V6nKjDuSEPxvdPIowHIhpIsQkTFaYqSt9ZMEPy2oC/UEfvHSnOnfZFV38MjR1oN7TtgRv8tAZre9CGV9jYkGtT4Wnoju6Bauprme/ebOyErZbPi9XLfLnDoohwhHGc5WVSVhjCKM6rBMpYQpWJrIizfZ4IZNPxuTPqYrmd/m+EdONqPOfy8yG5rhxv0EMFHs52xvxWaHyd3tqD7+j37clWGGyh7vD+POiSrdZdWSIR49NrhR9R/teGTL8A",
+            "RelayState": "https://pitbulk.no-ip.org/newonelogin/demo1/index.php",
+            "SigAlg": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
+            "Signature": "vfWbbc47PkP3ejx4bjKsRX7lo9Ml1WRoE5J5owF/0mnyKHfSY6XbhO1wwjBV5vWdrUVX+xp6slHyAf4YoAsXFS0qhan6txDiZY4Oec6yE+l10iZbzvie06I4GPak4QrQ4gAyXOSzwCrRmJu4gnpeUxZ6IqKtdrKfAYRAcVfNKGA=",
         }
 
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
         self.assertEqual([], auth.get_errors())
 
-        relay_state = request_data['get_data']['RelayState']
-        del request_data['get_data']['RelayState']
+        relay_state = request_data["get_data"]["RelayState"]
+        del request_data["get_data"]["RelayState"]
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
         self.assertIn("invalid_logout_response_signature", auth.get_errors())
-        request_data['get_data']['RelayState'] = relay_state
+        request_data["get_data"]["RelayState"] = relay_state
 
         settings.set_strict(True)
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('invalid_logout_response', auth.get_errors())
+        self.assertIn("invalid_logout_response", auth.get_errors())
 
         settings.set_strict(False)
-        old_signature = request_data['get_data']['Signature']
-        request_data['get_data']['Signature'] = 'vfWbbc47PkP3ejx4bjKsRX7lo9Ml1WRoE5J5owF/0mnyKHfSY6XbhO1wwjBV5vWdrUVX+xp6slHyAf4YoAsXFS0qhan6txDiZY4Oec6yE+l10iZbzvie06I4GPak4QrQ4gAyXOSzwCrRmJu4gnpeUxZ6IqKtdrKfAYRAcVf3333='
+        old_signature = request_data["get_data"]["Signature"]
+        request_data["get_data"][
+            "Signature"
+        ] = "vfWbbc47PkP3ejx4bjKsRX7lo9Ml1WRoE5J5owF/0mnyKHfSY6XbhO1wwjBV5vWdrUVX+xp6slHyAf4YoAsXFS0qhan6txDiZY4Oec6yE+l10iZbzvie06I4GPak4QrQ4gAyXOSzwCrRmJu4gnpeUxZ6IqKtdrKfAYRAcVf3333="
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('invalid_logout_response_signature', auth.get_errors())
+        self.assertIn("invalid_logout_response_signature", auth.get_errors())
 
-        request_data['get_data']['Signature'] = old_signature
-        old_signature_algorithm = request_data['get_data']['SigAlg']
-        del request_data['get_data']['SigAlg']
+        request_data["get_data"]["Signature"] = old_signature
+        old_signature_algorithm = request_data["get_data"]["SigAlg"]
+        del request_data["get_data"]["SigAlg"]
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
         self.assertEqual([], auth.get_errors())
 
-        request_data['get_data']['RelayState'] = 'http://example.com/relaystate'
+        request_data["get_data"]["RelayState"] = "http://example.com/relaystate"
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('invalid_logout_response_signature', auth.get_errors())
+        self.assertIn("invalid_logout_response_signature", auth.get_errors())
 
         settings.set_strict(True)
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message_6 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(request_data['get_data']['SAMLResponse']))
-        plain_message_6 = plain_message_6.replace('https://pitbulk.no-ip.org/newonelogin/demo1/index.php?sls', current_url)
-        plain_message_6 = plain_message_6.replace('https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php', 'http://idp.example.com/')
-        request_data['get_data']['SAMLResponse'] = compat.to_string(OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message_6))
+        plain_message_6 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(request_data["get_data"]["SAMLResponse"]))
+        plain_message_6 = plain_message_6.replace("https://pitbulk.no-ip.org/newonelogin/demo1/index.php?sls", current_url)
+        plain_message_6 = plain_message_6.replace("https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php", "http://idp.example.com/")
+        request_data["get_data"]["SAMLResponse"] = compat.to_string(OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message_6))
 
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('invalid_logout_response_signature', auth.get_errors())
+        self.assertIn("invalid_logout_response_signature", auth.get_errors())
 
         settings.set_strict(False)
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('invalid_logout_response_signature', auth.get_errors())
+        self.assertIn("invalid_logout_response_signature", auth.get_errors())
 
-        request_data['get_data']['SigAlg'] = 'http://www.w3.org/2000/09/xmldsig#dsa-sha1'
+        request_data["get_data"]["SigAlg"] = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('invalid_logout_response_signature', auth.get_errors())
+        self.assertIn("invalid_logout_response_signature", auth.get_errors())
 
         settings_info = self.loadSettingsJSON()
-        settings_info['strict'] = True
-        settings_info['security']['wantMessagesSigned'] = True
+        settings_info["strict"] = True
+        settings_info["security"]["wantMessagesSigned"] = True
         settings = OneLogin_Saml2_Settings(settings_info)
 
-        request_data['get_data']['SigAlg'] = old_signature_algorithm
-        old_signature = request_data['get_data']['Signature']
-        del request_data['get_data']['Signature']
-        request_data['get_data']['SAMLResponse'] = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message_6)
+        request_data["get_data"]["SigAlg"] = old_signature_algorithm
+        old_signature = request_data["get_data"]["Signature"]
+        del request_data["get_data"]["Signature"]
+        request_data["get_data"]["SAMLResponse"] = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message_6)
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('Signature validation failed. Logout Response rejected', auth.get_errors())
+        self.assertIn("Signature validation failed. Logout Response rejected", auth.get_errors())
 
-        request_data['get_data']['Signature'] = old_signature
-        settings_info['idp']['certFingerprint'] = 'afe71c28ef740bc87425be13a2263d37971da1f9'
-        del settings_info['idp']['x509cert']
+        request_data["get_data"]["Signature"] = old_signature
+        settings_info["idp"]["certFingerprint"] = "afe71c28ef740bc87425be13a2263d37971da1f9"
+        del settings_info["idp"]["x509cert"]
         settings_2 = OneLogin_Saml2_Settings(settings_info)
 
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings_2)
         auth.process_slo()
-        self.assertIn('Signature validation failed. Logout Response rejected', auth.get_errors())
+        self.assertIn("Signature validation failed. Logout Response rejected", auth.get_errors())
+
+    def testIsInValidLogoutResponseSignatureRejectingDeprecatedAlgorithm(self):
+        """
+        Tests the process_slo method of the OneLogin_Saml2_Auth
+        """
+        request_data = {
+            "http_host": "example.com",
+            "script_name": "index.html",
+            "get_data": {
+                "SAMLResponse": "fZHbasJAEIZfJey9ZrNZc1gSodRSBKtQxYveyGQz1kCyu2Q24OM3jS21UHo3p++f4Z+CoGud2th3O/hXJGcNYXDtWkNqapVs6I2yQA0pAx2S8lrtH142Ssy5cr31VtuW3SH/E0CEvW+sYcF6VbLTIktFLMWZgxQR8DSP85wDB4GJGMOqShYVaoBUsOCIPY1kyUahEScacG3Ig/FjiUdyxuOZ4IcoUVGq4vSNBSsk3xjwE3Xx3qkwJD+cz3NtuxBN7WxjPN1F1NLcXdwob77tONiS7bZPm93zenvCqopxgVJmuU50jREsZF4noKWAOuNZJbNznnBky+LTDDVd2S+/dje1m+MVOtfidEER3g8Vt2fsPfiBfmePtsbgCO2A/9tL07TaD1ojEQuXtw0/ouFfD19+AA==",
+                "RelayState": "http://stuff.com/endpoints/endpoints/index.php",
+                "SigAlg": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
+                "Signature": "OV9c4R0COSjN69fAKCpV7Uj/yx6/KFxvbluVCzdK3UuortpNMpgHFF2wYNlMSG9GcYGk6p3I8nB7Z+1TQchMWZOlO/StjAqgtZhtpiwPcWryNuq8vm/6hnJ3zMDhHTS7F8KG4qkCXmJ9sQD3Y31UNcuygBwIbNakvhDT5Qo9Nsw=",
+            },
+        }
+        settings_info = self.loadSettingsJSON("settings8.json")
+        settings_info["security"]["rejectDeprecatedAlgorithm"] = True
+        settings = OneLogin_Saml2_Settings(settings_info)
+        auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
+        auth.process_slo()
+        self.assertIn("Signature validation failed. Logout Response rejected", auth.get_errors())
+        self.assertEqual("Deprecated signature algorithm found: http://www.w3.org/2000/09/xmldsig#rsa-sha1", auth.get_last_error_reason())
 
     def testIsValidLogoutRequestSign(self):
         """
-        Tests the is_valid method of the OneLogin_Saml2_LogoutRequest
+        Tests the process_slo method of the OneLogin_Saml2_Auth
         """
         request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html',
-            'get_data': {
-                'SAMLRequest': 'lVLBitswEP0Vo7tjeWzJtki8LIRCYLvbNksPewmyPc6K2pJqyXQ/v1LSQlroQi/DMJr33rwZbZ2cJysezNms/gt+X9H55G2etBOXlx1ZFy2MdMoJLWd0wvfieP/xQcCGCrsYb3ozkRvI+wjpHC5eGU2Sw35HTg3lA8hqZFwWFcMKsStpxbEsxoLXeQN9OdY1VAgk+YqLC8gdCUQB7tyKB+281D6UaF6mtEiBPudcABcMXkiyD26Ulv6CevXeOpFlVvlunb5ttEmV3ZjlnGn8YTRO5qx0NuBs8kzpAd829tXeucmR5NH4J/203I8el6gFRUqbFPJnyEV51Wq30by4TLW0/9ZyarYTxt4sBsjUYLMZvRykl1Fxm90SXVkfwx4P++T4KSafVzmpUcVJ/sfSrQZJPphllv79W8WKGtLx0ir8IrVTqD1pT2MH3QAMSs4KTvui71jeFFiwirOmprwPkYW063+5uRq4urHiiC4e8hCX3J5wqAEGaPpw9XB5JmkBdeDqSlkz6CmUXdl0Qae5kv2F/1384wu3PwE=',
-                'RelayState': '_1037fbc88ec82ce8e770b2bed1119747bb812a07e6',
-                'SigAlg': 'http://www.w3.org/2000/09/xmldsig#rsa-sha1',
-                'Signature': 'XCwCyI5cs7WhiJlB5ktSlWxSBxv+6q2xT3c8L7dLV6NQG9LHWhN7gf8qNsahSXfCzA0Ey9dp5BQ0EdRvAk2DIzKmJY6e3hvAIEp1zglHNjzkgcQmZCcrkK9Czi2Y1WkjOwR/WgUTUWsGJAVqVvlRZuS3zk3nxMrLH6f7toyvuJc='
-            }
+            "http_host": "example.com",
+            "script_name": "index.html",
+            "get_data": {
+                "SAMLRequest": "lVLBitswEP0Vo7tjeWzJtki8LIRCYLvbNksPewmyPc6K2pJqyXQ/v1LSQlroQi/DMJr33rwZbZ2cJysezNms/gt+X9H55G2etBOXlx1ZFy2MdMoJLWd0wvfieP/xQcCGCrsYb3ozkRvI+wjpHC5eGU2Sw35HTg3lA8hqZFwWFcMKsStpxbEsxoLXeQN9OdY1VAgk+YqLC8gdCUQB7tyKB+281D6UaF6mtEiBPudcABcMXkiyD26Ulv6CevXeOpFlVvlunb5ttEmV3ZjlnGn8YTRO5qx0NuBs8kzpAd829tXeucmR5NH4J/203I8el6gFRUqbFPJnyEV51Wq30by4TLW0/9ZyarYTxt4sBsjUYLMZvRykl1Fxm90SXVkfwx4P++T4KSafVzmpUcVJ/sfSrQZJPphllv79W8WKGtLx0ir8IrVTqD1pT2MH3QAMSs4KTvui71jeFFiwirOmprwPkYW063+5uRq4urHiiC4e8hCX3J5wqAEGaPpw9XB5JmkBdeDqSlkz6CmUXdl0Qae5kv2F/1384wu3PwE=",
+                "RelayState": "_1037fbc88ec82ce8e770b2bed1119747bb812a07e6",
+                "SigAlg": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
+                "Signature": "XCwCyI5cs7WhiJlB5ktSlWxSBxv+6q2xT3c8L7dLV6NQG9LHWhN7gf8qNsahSXfCzA0Ey9dp5BQ0EdRvAk2DIzKmJY6e3hvAIEp1zglHNjzkgcQmZCcrkK9Czi2Y1WkjOwR/WgUTUWsGJAVqVvlRZuS3zk3nxMrLH6f7toyvuJc=",
+            },
         }
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
 
-        request = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(request_data['get_data']['SAMLRequest']))
+        request = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(request_data["get_data"]["SAMLRequest"]))
 
         settings.set_strict(False)
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
         self.assertEqual([], auth.get_errors())
 
-        relay_state = request_data['get_data']['RelayState']
-        del request_data['get_data']['RelayState']
+        relay_state = request_data["get_data"]["RelayState"]
+        del request_data["get_data"]["RelayState"]
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('invalid_logout_request_signature', auth.get_errors())
+        self.assertIn("invalid_logout_request_signature", auth.get_errors())
 
-        request_data['get_data']['RelayState'] = relay_state
+        request_data["get_data"]["RelayState"] = relay_state
 
         settings.set_strict(True)
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('invalid_logout_request', auth.get_errors())
+        self.assertIn("invalid_logout_request", auth.get_errors())
 
         settings.set_strict(False)
-        old_signature = request_data['get_data']['Signature']
-        request_data['get_data']['Signature'] = 'vfWbbc47PkP3ejx4bjKsRX7lo9Ml1WRoE5J5owF/0mnyKHfSY6XbhO1wwjBV5vWdrUVX+xp6slHyAf4YoAsXFS0qhan6txDiZY4Oec6yE+l10iZbzvie06I4GPak4QrQ4gAyXOSzwCrRmJu4gnpeUxZ6IqKtdrKfAYRAcVf3333='
+        old_signature = request_data["get_data"]["Signature"]
+        request_data["get_data"][
+            "Signature"
+        ] = "vfWbbc47PkP3ejx4bjKsRX7lo9Ml1WRoE5J5owF/0mnyKHfSY6XbhO1wwjBV5vWdrUVX+xp6slHyAf4YoAsXFS0qhan6txDiZY4Oec6yE+l10iZbzvie06I4GPak4QrQ4gAyXOSzwCrRmJu4gnpeUxZ6IqKtdrKfAYRAcVf3333="
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('invalid_logout_request_signature', auth.get_errors())
+        self.assertIn("invalid_logout_request_signature", auth.get_errors())
 
-        request_data['get_data']['Signature'] = old_signature
-        old_signature_algorithm = request_data['get_data']['SigAlg']
-        del request_data['get_data']['SigAlg']
+        request_data["get_data"]["Signature"] = old_signature
+        old_signature_algorithm = request_data["get_data"]["SigAlg"]
+        del request_data["get_data"]["SigAlg"]
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
         self.assertEqual([], auth.get_errors())
 
         settings.set_strict(True)
-        request_2 = request.replace('https://pitbulk.no-ip.org/newonelogin/demo1/index.php?sls', current_url)
-        request_2 = request_2.replace('https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php', 'http://idp.example.com/')
-        request_data['get_data']['SAMLRequest'] = OneLogin_Saml2_Utils.deflate_and_base64_encode(request_2)
+        request_2 = request.replace("https://pitbulk.no-ip.org/newonelogin/demo1/index.php?sls", current_url)
+        request_2 = request_2.replace("https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php", "http://idp.example.com/")
+        request_data["get_data"]["SAMLRequest"] = OneLogin_Saml2_Utils.deflate_and_base64_encode(request_2)
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('invalid_logout_request_signature', auth.get_errors())
+        self.assertIn("invalid_logout_request_signature", auth.get_errors())
 
         settings.set_strict(False)
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('invalid_logout_request_signature', auth.get_errors())
+        self.assertIn("invalid_logout_request_signature", auth.get_errors())
 
-        request_data['get_data']['SigAlg'] = 'http://www.w3.org/2000/09/xmldsig#dsa-sha1'
+        request_data["get_data"]["SigAlg"] = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('invalid_logout_request_signature', auth.get_errors())
+        self.assertIn("invalid_logout_request_signature", auth.get_errors())
 
         settings_info = self.loadSettingsJSON()
-        settings_info['strict'] = True
-        settings_info['security']['wantMessagesSigned'] = True
+        settings_info["strict"] = True
+        settings_info["security"]["wantMessagesSigned"] = True
         settings = OneLogin_Saml2_Settings(settings_info)
-        request_data['get_data']['SigAlg'] = old_signature_algorithm
-        old_signature = request_data['get_data']['Signature']
-        del request_data['get_data']['Signature']
+        request_data["get_data"]["SigAlg"] = old_signature_algorithm
+        old_signature = request_data["get_data"]["Signature"]
+        del request_data["get_data"]["Signature"]
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_slo()
-        self.assertIn('Signature validation failed. Logout Request rejected', auth.get_errors())
+        self.assertIn("Signature validation failed. Logout Request rejected", auth.get_errors())
 
-        request_data['get_data']['Signature'] = old_signature
-        settings_info['idp']['certFingerprint'] = 'afe71c28ef740bc87425be13a2263d37971da1f9'
-        del settings_info['idp']['x509cert']
+        request_data["get_data"]["Signature"] = old_signature
+        settings_info["idp"]["certFingerprint"] = "afe71c28ef740bc87425be13a2263d37971da1f9"
+        del settings_info["idp"]["x509cert"]
         settings_2 = OneLogin_Saml2_Settings(settings_info)
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings_2)
         auth.process_slo()
-        self.assertIn('Signature validation failed. Logout Request rejected', auth.get_errors())
+        self.assertIn("Signature validation failed. Logout Request rejected", auth.get_errors())
+
+    def testIsInValidLogoutRequestSignatureRejectingDeprecatedAlgorithm(self):
+        """
+        Tests the process_slo method of the OneLogin_Saml2_Auth
+        """
+        request_data = {
+            "http_host": "example.com",
+            "script_name": "index.html",
+            "get_data": {
+                "SAMLRequest": "fZJNa+MwEIb/itHdiTz6sC0SQyEsBPoB27KHXoIsj7cGW3IlGfLzV7G7kN1DL2KYmeedmRcdgp7GWT26326JP/FzwRCz6zTaoNbKkSzeKqfDEJTVEwYVjXp9eHpUsKNq9i4640Zyh3xP6BDQx8FZkp1PR3KpqexAl72QmpUCS8SW01IiZz2TVVGD4X1VQYlAsl/oQyKPJAklPIQFzzZEbWNK0YLnlOVA3wqpQCoB7yQ7pWsGq+NKfcQ4q/0+xKXvd8ZNe7Td7AYbw10UxrCbP2aSPbv4Yl/8Qx/R3+SB5bTOoXiDQvFNvjnc7lXrIr75kh+6eYdXPc0jrkMO+/umjXhOtpxP2Q/nJx2/9+uWGbq8X1tV9NqGAW0kzaVvoe1AAJeCSWqYaUVRM2SilKKuqDTpFSlszdcK29RthVm9YriZebYdXpsLdhVAB7VJzif3haYMqqTVcl0JMBR4y+s2zak3sf/4v8l/vlHzBw==",
+                "RelayState": "_1037fbc88ec82ce8e770b2bed1119747bb812a07e6",
+                "SigAlg": "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
+                "Signature": "Ouxo9BV6zmq4yrgamT9EbSKy/UmvSxGS8z26lIMgKOEP4LFR/N23RftdANmo4HafrzSfA0YTXwhKDqbOByS0j+Ql8OdQOes7vGioSjo5qq/Bi+5i6jXwQfphnfcHAQiJL4gYVIifkhhHRWpvYeiysF1Y9J02me0izwazFmoRXr4=",
+            },
+        }
+        settings_info = self.loadSettingsJSON("settings8.json")
+        settings_info = self.loadSettingsJSON("settings8.json")
+        settings_info["security"]["rejectDeprecatedAlgorithm"] = True
+        settings = OneLogin_Saml2_Settings(settings_info)
+        auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
+        auth.process_slo()
+        self.assertIn("Signature validation failed. Logout Request rejected", auth.get_errors())
+        self.assertEqual("Deprecated signature algorithm found: http://www.w3.org/2000/09/xmldsig#rsa-sha1", auth.get_last_error_reason())
 
     def testGetLastRequestID(self):
         settings_info = self.loadSettingsJSON()
@@ -1303,138 +1321,139 @@ def testGetLastRequestID(self):
 
     def testGetLastSAMLResponse(self):
         settings = self.loadSettingsJSON()
-        message = self.file_contents(join(self.data_path, 'responses', 'signed_message_response.xml.base64'))
-        message_wrapper = {'post_data': {'SAMLResponse': message}}
+        message = self.file_contents(join(self.data_path, "responses", "signed_message_response.xml.base64"))
+        message_wrapper = {"post_data": {"SAMLResponse": message}}
         auth = OneLogin_Saml2_Auth(message_wrapper, old_settings=settings)
         auth.process_response()
-        expected_message = self.file_contents(join(self.data_path, 'responses', 'pretty_signed_message_response.xml'))
+        expected_message = self.file_contents(join(self.data_path, "responses", "pretty_signed_message_response.xml"))
         self.assertEqual(auth.get_last_response_xml(True), expected_message)
 
         # with encrypted assertion
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
-        message_wrapper = {'post_data': {'SAMLResponse': message}}
+        message = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
+        message_wrapper = {"post_data": {"SAMLResponse": message}}
         auth = OneLogin_Saml2_Auth(message_wrapper, old_settings=settings)
         auth.process_response()
-        decrypted_response = self.file_contents(join(self.data_path, 'responses', 'decrypted_valid_encrypted_assertion.xml'))
+        decrypted_response = self.file_contents(join(self.data_path, "responses", "decrypted_valid_encrypted_assertion.xml"))
         self.assertEqual(auth.get_last_response_xml(False), decrypted_response)
-        pretty_decrypted_response = self.file_contents(join(self.data_path, 'responses', 'pretty_decrypted_valid_encrypted_assertion.xml'))
+        pretty_decrypted_response = self.file_contents(join(self.data_path, "responses", "pretty_decrypted_valid_encrypted_assertion.xml"))
         self.assertEqual(auth.get_last_response_xml(True), pretty_decrypted_response)
 
     def testGetLastAuthnRequest(self):
         settings = self.loadSettingsJSON()
-        auth = OneLogin_Saml2_Auth({'http_host': 'localhost', 'script_name': 'thing'}, old_settings=settings)
+        auth = OneLogin_Saml2_Auth({"http_host": "localhost", "script_name": "thing"}, old_settings=settings)
         auth.login()
         expectedFragment = (
             '  Destination="http://idp.example.com/SSOService.php"\n'
             '  ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"\n'
             '  AssertionConsumerServiceURL="http://stuff.com/endpoints/endpoints/acs.php">\n'
-            '    <saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer>\n'
-            '    <samlp:NameIDPolicy\n'
+            "    <saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer>\n"
+            "    <samlp:NameIDPolicy\n"
             '        Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"\n'
             '        AllowCreate="true" />\n'
             '    <samlp:RequestedAuthnContext Comparison="exact">\n'
-            '        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>\n'
-            '    </samlp:RequestedAuthnContext>\n'
+            "        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef>\n"
+            "    </samlp:RequestedAuthnContext>\n"
         )
         self.assertIn(expectedFragment, auth.get_last_request_xml())
 
     def testGetLastAuthnContexts(self):
         settings = self.loadSettingsJSON()
         request_data = self.get_request()
-        message = self.file_contents(
-            join(self.data_path, 'responses', 'valid_response.xml.base64'))
-        del request_data['get_data']
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        message = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
+        del request_data["get_data"]
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
 
         auth.process_response()
-        self.assertEqual(auth.get_last_authn_contexts(), ['urn:oasis:names:tc:SAML:2.0:ac:classes:Password'])
+        self.assertEqual(auth.get_last_authn_contexts(), ["urn:oasis:names:tc:SAML:2.0:ac:classes:Password"])
 
     def testGetLastLogoutRequest(self):
         settings = self.loadSettingsJSON()
-        auth = OneLogin_Saml2_Auth({'http_host': 'localhost', 'script_name': 'thing'}, old_settings=settings)
+        auth = OneLogin_Saml2_Auth({"http_host": "localhost", "script_name": "thing"}, old_settings=settings)
         auth.logout()
         expectedFragment = (
             '  Destination="http://idp.example.com/SingleLogoutService.php">\n'
-            '    <saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer>\n'
+            "    <saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer>\n"
             '    <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://idp.example.com/</saml:NameID>\n'
-            '    \n</samlp:LogoutRequest>'
+            "    \n</samlp:LogoutRequest>"
         )
         self.assertIn(expectedFragment, auth.get_last_request_xml())
 
-        request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml'))
+        request = self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml"))
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(request)
-        message_wrapper = {'get_data': {'SAMLRequest': message}}
+        message_wrapper = {"get_data": {"SAMLRequest": message}}
         auth = OneLogin_Saml2_Auth(message_wrapper, old_settings=settings)
         auth.process_slo()
         self.assertEqual(request, auth.get_last_request_xml())
 
     def testGetLastLogoutResponse(self):
         settings = self.loadSettingsJSON()
-        request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml'))
+        request = self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml"))
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(request)
-        message_wrapper = {'get_data': {'SAMLRequest': message}}
+        message_wrapper = {"get_data": {"SAMLRequest": message}}
         auth = OneLogin_Saml2_Auth(message_wrapper, old_settings=settings)
         auth.process_slo()
         expectedFragment = (
             '  Destination="http://idp.example.com/SingleLogoutService.php"\n'
             '  InResponseTo="ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e">\n'
-            '    <saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer>\n'
-            '    <samlp:Status>\n'
+            "    <saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer>\n"
+            "    <samlp:Status>\n"
             '        <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />\n'
-            '    </samlp:Status>\n'
-            '</samlp:LogoutResponse>'
+            "    </samlp:Status>\n"
+            "</samlp:LogoutResponse>"
         )
         self.assertIn(expectedFragment, auth.get_last_response_xml())
 
-        response = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response.xml'))
+        response = self.file_contents(join(self.data_path, "logout_responses", "logout_response.xml"))
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(response)
-        message_wrapper = {'get_data': {'SAMLResponse': message}}
+        message_wrapper = {"get_data": {"SAMLResponse": message}}
         auth = OneLogin_Saml2_Auth(message_wrapper, old_settings=settings)
         auth.process_slo()
         self.assertEqual(response, auth.get_last_response_xml())
 
     def testGetInfoFromLastResponseReceived(self):
         """
-        Tests the get_last_message_id, get_last_assertion_id and get_last_assertion_not_on_or_after
+        Tests the get_last_response_in_response_to, get_last_message_id, get_last_assertion_id, get_last_assertion_not_on_or_after and get_last_assertion_issue_instant
         of the OneLogin_Saml2_Auth class
         """
         settings = self.loadSettingsJSON()
         request_data = self.get_request()
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
-        del request_data['get_data']
-        request_data['post_data'] = {
-            'SAMLResponse': message
-        }
+        message = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
+        del request_data["get_data"]
+        request_data["post_data"] = {"SAMLResponse": message}
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
 
         auth.process_response()
-        self.assertEqual(auth.get_last_message_id(), 'pfx42be40bf-39c3-77f0-c6ae-8bf2e23a1a2e')
-        self.assertEqual(auth.get_last_assertion_id(), 'pfx57dfda60-b211-4cda-0f63-6d5deb69e5bb')
+        self.assertEqual(auth.get_last_response_in_response_to(), "ONELOGIN_5fe9d6e499b2f0913206aab3f7191729049bb807")
+        self.assertEqual(auth.get_last_message_id(), "pfx42be40bf-39c3-77f0-c6ae-8bf2e23a1a2e")
+        self.assertEqual(auth.get_last_assertion_id(), "pfx57dfda60-b211-4cda-0f63-6d5deb69e5bb")
         self.assertIsNone(auth.get_last_assertion_not_on_or_after())
+        self.assertEqual(auth.get_last_assertion_issue_instant(), 1392773821)
 
         # NotOnOrAfter is only calculated with strict = true
         # If invalid, response id and assertion id are not obtained
 
-        settings['strict'] = True
+        settings["strict"] = True
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_response()
         self.assertNotEqual(len(auth.get_errors()), 0)
+        self.assertIsNone(auth.get_last_response_in_response_to())
         self.assertIsNone(auth.get_last_message_id())
         self.assertIsNone(auth.get_last_assertion_id())
         self.assertIsNone(auth.get_last_assertion_not_on_or_after())
+        self.assertIsNone(auth.get_last_assertion_issue_instant())
 
-        request_data['https'] = 'on'
-        request_data['http_host'] = 'pitbulk.no-ip.org'
-        request_data['script_name'] = '/newonelogin/demo1/index.php?acs'
+        request_data["https"] = "on"
+        request_data["http_host"] = "pitbulk.no-ip.org"
+        request_data["script_name"] = "/newonelogin/demo1/index.php?acs"
         auth = OneLogin_Saml2_Auth(request_data, old_settings=settings)
         auth.process_response()
         self.assertEqual(len(auth.get_errors()), 0)
-        self.assertEqual(auth.get_last_message_id(), 'pfx42be40bf-39c3-77f0-c6ae-8bf2e23a1a2e')
-        self.assertEqual(auth.get_last_assertion_id(), 'pfx57dfda60-b211-4cda-0f63-6d5deb69e5bb')
+        self.assertEqual(auth.get_last_response_in_response_to(), "ONELOGIN_5fe9d6e499b2f0913206aab3f7191729049bb807")
+        self.assertEqual(auth.get_last_message_id(), "pfx42be40bf-39c3-77f0-c6ae-8bf2e23a1a2e")
+        self.assertEqual(auth.get_last_assertion_id(), "pfx57dfda60-b211-4cda-0f63-6d5deb69e5bb")
         self.assertEqual(auth.get_last_assertion_not_on_or_after(), 2671081021)
+        self.assertEqual(auth.get_last_assertion_issue_instant(), 1392773821)
 
     def testGetIdFromLogoutRequest(self):
         """
@@ -1442,12 +1461,12 @@ def testGetIdFromLogoutRequest(self):
         Case Valid Logout request
         """
         settings = self.loadSettingsJSON()
-        request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml'))
+        request = self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml"))
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(request)
-        message_wrapper = {'get_data': {'SAMLRequest': message}}
+        message_wrapper = {"get_data": {"SAMLRequest": message}}
         auth = OneLogin_Saml2_Auth(message_wrapper, old_settings=settings)
         auth.process_slo()
-        self.assertIn(auth.get_last_message_id(), 'ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e')
+        self.assertIn(auth.get_last_message_id(), "ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e")
 
     def testGetIdFromLogoutResponse(self):
         """
@@ -1455,9 +1474,9 @@ def testGetIdFromLogoutResponse(self):
         Case Valid Logout response
         """
         settings = self.loadSettingsJSON()
-        response = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response.xml'))
+        response = self.file_contents(join(self.data_path, "logout_responses", "logout_response.xml"))
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(response)
-        message_wrapper = {'get_data': {'SAMLResponse': message}}
+        message_wrapper = {"get_data": {"SAMLResponse": message}}
         auth = OneLogin_Saml2_Auth(message_wrapper, old_settings=settings)
         auth.process_slo()
-        self.assertIn(auth.get_last_message_id(), '_f9ee61bd9dbf63606faa9ae3b10548d5b3656fb859')
+        self.assertIn(auth.get_last_message_id(), "_f9ee61bd9dbf63606faa9ae3b10548d5b3656fb859")
diff --git a/tests/src/OneLogin/saml2_tests/authn_request_test.py b/tests/src/OneLogin/saml2_tests/authn_request_test.py
index 3f1262f2..b3e187a5 100644
--- a/tests/src/OneLogin/saml2_tests/authn_request_test.py
+++ b/tests/src/OneLogin/saml2_tests/authn_request_test.py
@@ -1,7 +1,5 @@
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2010-2018 OneLogin, Inc.
-# MIT License
 
 import json
 from os.path import dirname, join, exists
@@ -22,24 +20,24 @@
 
 
 class OneLogin_Saml2_Authn_Request_Test(unittest.TestCase):
-    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), 'settings')
+    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), "settings")
 
     # assertRegexpMatches deprecated on python3
     def assertRegex(self, text, regexp, msg=None):
-        if hasattr(unittest.TestCase, 'assertRegex'):
+        if hasattr(unittest.TestCase, "assertRegex"):
             return super(OneLogin_Saml2_Authn_Request_Test, self).assertRegex(text, regexp, msg)
         else:
             return self.assertRegexpMatches(text, regexp, msg)
 
-    def loadSettingsJSON(self, name='settings1.json'):
+    def loadSettingsJSON(self, name="settings1.json"):
         filename = join(self.settings_path, name)
         if exists(filename):
-            stream = open(filename, 'r')
+            stream = open(filename, "r")
             settings = json.load(stream)
             stream.close()
             return settings
         else:
-            raise Exception('Settings json file does not exist')
+            raise Exception("Settings json file does not exist")
 
     def setUp(self):
         self.__settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
@@ -52,26 +50,21 @@ def testCreateRequest(self):
 
         saml_settings = self.loadSettingsJSON()
         settings = OneLogin_Saml2_Settings(saml_settings)
-        settings._OneLogin_Saml2_Settings__organization = {
-            u'en-US': {
-                u'url': u'http://sp.example.com',
-                u'name': u'sp_test'
-            }
-        }
+        settings._organization = {"en-US": {"url": "http://sp.example.com", "name": "sp_test"}}
 
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertNotIn('ProviderName="SP test"', inflated)
 
-        saml_settings['organization'] = {}
+        saml_settings["organization"] = {}
         settings = OneLogin_Saml2_Settings(saml_settings)
 
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertNotIn('ProviderName="SP test"', inflated)
 
     def testGetXML(self):
@@ -80,26 +73,26 @@ def testGetXML(self):
         going through intermediate steps
         """
         saml_settings = self.loadSettingsJSON()
-        saml_settings['organization'] = {
-            u'en-US': {
-                u'url': u'http://sp.example.com',
-                u'name': u'sp_test',
-                u'displayname': u'SP test',
+        saml_settings["organization"] = {
+            "en-US": {
+                "url": "http://sp.example.com",
+                "name": "sp_test",
+                "displayname": "SP test",
             }
         }
         settings = OneLogin_Saml2_Settings(saml_settings)
 
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         inflated = authn_request.get_xml()
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertIn('ProviderName="SP test"', inflated)
 
-        saml_settings['organization'] = {}
+        saml_settings["organization"] = {}
         settings = OneLogin_Saml2_Settings(saml_settings)
 
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         inflated = authn_request.get_xml()
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertNotIn('ProviderName="SP test"', inflated)
 
     def testCreateRequestAuthContext(self):
@@ -112,43 +105,43 @@ def testCreateRequestAuthContext(self):
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertIn(OneLogin_Saml2_Constants.AC_PASSWORD, inflated)
         self.assertNotIn(OneLogin_Saml2_Constants.AC_X509, inflated)
 
-        saml_settings['security']['requestedAuthnContext'] = True
+        saml_settings["security"]["requestedAuthnContext"] = True
         settings = OneLogin_Saml2_Settings(saml_settings)
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertIn(OneLogin_Saml2_Constants.AC_PASSWORD_PROTECTED, inflated)
         self.assertNotIn(OneLogin_Saml2_Constants.AC_X509, inflated)
 
-        del saml_settings['security']['requestedAuthnContext']
+        del saml_settings["security"]["requestedAuthnContext"]
         settings = OneLogin_Saml2_Settings(saml_settings)
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertIn(OneLogin_Saml2_Constants.AC_PASSWORD_PROTECTED, inflated)
         self.assertNotIn(OneLogin_Saml2_Constants.AC_X509, inflated)
 
-        saml_settings['security']['requestedAuthnContext'] = False
+        saml_settings["security"]["requestedAuthnContext"] = False
         settings = OneLogin_Saml2_Settings(saml_settings)
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertNotIn(OneLogin_Saml2_Constants.AC_PASSWORD_PROTECTED, inflated)
         self.assertNotIn(OneLogin_Saml2_Constants.AC_X509, inflated)
 
-        saml_settings['security']['requestedAuthnContext'] = (OneLogin_Saml2_Constants.AC_PASSWORD_PROTECTED, OneLogin_Saml2_Constants.AC_X509)
+        saml_settings["security"]["requestedAuthnContext"] = (OneLogin_Saml2_Constants.AC_PASSWORD_PROTECTED, OneLogin_Saml2_Constants.AC_X509)
         settings = OneLogin_Saml2_Settings(saml_settings)
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertIn(OneLogin_Saml2_Constants.AC_PASSWORD_PROTECTED, inflated)
         self.assertIn(OneLogin_Saml2_Constants.AC_X509, inflated)
 
@@ -162,24 +155,24 @@ def testCreateRequestAuthContextComparision(self):
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertIn(OneLogin_Saml2_Constants.AC_PASSWORD, inflated)
         self.assertNotIn(OneLogin_Saml2_Constants.AC_X509, inflated)
 
-        saml_settings['security']['requestedAuthnContext'] = True
+        saml_settings["security"]["requestedAuthnContext"] = True
         settings = OneLogin_Saml2_Settings(saml_settings)
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertIn('RequestedAuthnContext Comparison="exact"', inflated)
 
-        saml_settings['security']['requestedAuthnContextComparison'] = 'minimun'
+        saml_settings["security"]["requestedAuthnContextComparison"] = "minimun"
         settings = OneLogin_Saml2_Settings(saml_settings)
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertIn('RequestedAuthnContext Comparison="minimun"', inflated)
 
     def testCreateRequestForceAuthN(self):
@@ -192,19 +185,19 @@ def testCreateRequestForceAuthN(self):
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertNotIn('ForceAuthn="true"', inflated)
 
         authn_request_2 = OneLogin_Saml2_Authn_Request(settings, False, False)
         authn_request_encoded_2 = authn_request_2.get_request()
         inflated_2 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded_2))
-        self.assertRegex(inflated_2, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated_2, "^<samlp:AuthnRequest")
         self.assertNotIn('ForceAuthn="true"', inflated_2)
 
         authn_request_3 = OneLogin_Saml2_Authn_Request(settings, True, False)
         authn_request_encoded_3 = authn_request_3.get_request()
         inflated_3 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded_3))
-        self.assertRegex(inflated_3, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated_3, "^<samlp:AuthnRequest")
         self.assertIn('ForceAuthn="true"', inflated_3)
 
     def testCreateRequestIsPassive(self):
@@ -217,19 +210,19 @@ def testCreateRequestIsPassive(self):
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertNotIn('IsPassive="true"', inflated)
 
         authn_request_2 = OneLogin_Saml2_Authn_Request(settings, False, False)
         authn_request_encoded_2 = authn_request_2.get_request()
         inflated_2 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded_2))
-        self.assertRegex(inflated_2, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated_2, "^<samlp:AuthnRequest")
         self.assertNotIn('IsPassive="true"', inflated_2)
 
         authn_request_3 = OneLogin_Saml2_Authn_Request(settings, False, True)
         authn_request_encoded_3 = authn_request_3.get_request()
         inflated_3 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded_3))
-        self.assertRegex(inflated_3, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated_3, "^<samlp:AuthnRequest")
         self.assertIn('IsPassive="true"', inflated_3)
 
     def testCreateRequestSetNameIDPolicy(self):
@@ -242,20 +235,20 @@ def testCreateRequestSetNameIDPolicy(self):
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
-        self.assertIn('<samlp:NameIDPolicy', inflated)
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
+        self.assertIn("<samlp:NameIDPolicy", inflated)
 
         authn_request_2 = OneLogin_Saml2_Authn_Request(settings, False, False, True)
         authn_request_encoded_2 = authn_request_2.get_request()
         inflated_2 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded_2))
-        self.assertRegex(inflated_2, '^<samlp:AuthnRequest')
-        self.assertIn('<samlp:NameIDPolicy', inflated_2)
+        self.assertRegex(inflated_2, "^<samlp:AuthnRequest")
+        self.assertIn("<samlp:NameIDPolicy", inflated_2)
 
         authn_request_3 = OneLogin_Saml2_Authn_Request(settings, False, False, False)
         authn_request_encoded_3 = authn_request_3.get_request()
         inflated_3 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded_3))
-        self.assertRegex(inflated_3, '^<samlp:AuthnRequest')
-        self.assertNotIn('<samlp:NameIDPolicy', inflated_3)
+        self.assertRegex(inflated_3, "^<samlp:AuthnRequest")
+        self.assertNotIn("<samlp:NameIDPolicy", inflated_3)
 
     def testCreateRequestSubject(self):
         """
@@ -267,24 +260,24 @@ def testCreateRequestSubject(self):
         authn_request = OneLogin_Saml2_Authn_Request(settings)
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
-        self.assertNotIn('<saml:Subject>', inflated)
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
+        self.assertNotIn("<saml:Subject>", inflated)
 
-        authn_request_2 = OneLogin_Saml2_Authn_Request(settings, name_id_value_req='testuser@example.com')
+        authn_request_2 = OneLogin_Saml2_Authn_Request(settings, name_id_value_req="testuser@example.com")
         authn_request_encoded_2 = authn_request_2.get_request()
         inflated_2 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded_2))
-        self.assertRegex(inflated_2, '^<samlp:AuthnRequest')
-        self.assertIn('<saml:Subject>', inflated_2)
+        self.assertRegex(inflated_2, "^<samlp:AuthnRequest")
+        self.assertIn("<saml:Subject>", inflated_2)
         self.assertIn('Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">testuser@example.com</saml:NameID>', inflated_2)
         self.assertIn('<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">', inflated_2)
 
-        saml_settings['sp']['NameIDFormat'] = 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
+        saml_settings["sp"]["NameIDFormat"] = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
         settings = OneLogin_Saml2_Settings(saml_settings)
-        authn_request_3 = OneLogin_Saml2_Authn_Request(settings, name_id_value_req='testuser@example.com')
+        authn_request_3 = OneLogin_Saml2_Authn_Request(settings, name_id_value_req="testuser@example.com")
         authn_request_encoded_3 = authn_request_3.get_request()
         inflated_3 = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded_3))
-        self.assertRegex(inflated_3, '^<samlp:AuthnRequest')
-        self.assertIn('<saml:Subject>', inflated_3)
+        self.assertRegex(inflated_3, "^<samlp:AuthnRequest")
+        self.assertIn("<saml:Subject>", inflated_3)
         self.assertIn('Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">testuser@example.com</saml:NameID>', inflated_3)
         self.assertIn('<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">', inflated_3)
 
@@ -294,16 +287,14 @@ def testCreateDeflatedSAMLRequestURLParameter(self):
         The creation of a deflated SAML Request
         """
         authn_request = OneLogin_Saml2_Authn_Request(self.__settings)
-        parameters = {
-            'SAMLRequest': authn_request.get_request()
-        }
-        auth_url = OneLogin_Saml2_Utils.redirect('http://idp.example.com/SSOService.php', parameters, True)
-        self.assertRegex(auth_url, r'^http://idp\.example\.com\/SSOService\.php\?SAMLRequest=')
+        parameters = {"SAMLRequest": authn_request.get_request()}
+        auth_url = OneLogin_Saml2_Utils.redirect("http://idp.example.com/SSOService.php", parameters, True)
+        self.assertRegex(auth_url, r"^http://idp\.example\.com\/SSOService\.php\?SAMLRequest=")
         exploded = urlparse(auth_url)
         exploded = parse_qs(exploded[4])
-        payload = exploded['SAMLRequest'][0]
+        payload = exploded["SAMLRequest"][0]
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(payload))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
 
     def testCreateEncSAMLRequest(self):
         """
@@ -311,29 +302,21 @@ def testCreateEncSAMLRequest(self):
         The creation of a deflated SAML Request
         """
         settings = self.loadSettingsJSON()
-        settings['organization'] = {
-            'es': {
-                'name': 'sp_prueba',
-                'displayname': 'SP prueba',
-                'url': 'http://sp.example.com'
-            }
-        }
-        settings['security']['wantNameIdEncrypted'] = True
+        settings["organization"] = {"es": {"name": "sp_prueba", "displayname": "SP prueba", "url": "http://sp.example.com"}}
+        settings["security"]["wantNameIdEncrypted"] = True
         settings = OneLogin_Saml2_Settings(settings)
 
         authn_request = OneLogin_Saml2_Authn_Request(settings)
-        parameters = {
-            'SAMLRequest': authn_request.get_request()
-        }
-        auth_url = OneLogin_Saml2_Utils.redirect('http://idp.example.com/SSOService.php', parameters, True)
-        self.assertRegex(auth_url, r'^http://idp\.example\.com\/SSOService\.php\?SAMLRequest=')
+        parameters = {"SAMLRequest": authn_request.get_request()}
+        auth_url = OneLogin_Saml2_Utils.redirect("http://idp.example.com/SSOService.php", parameters, True)
+        self.assertRegex(auth_url, r"^http://idp\.example\.com\/SSOService\.php\?SAMLRequest=")
         exploded = urlparse(auth_url)
         exploded = parse_qs(exploded[4])
-        payload = exploded['SAMLRequest'][0]
+        payload = exploded["SAMLRequest"][0]
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(payload))
-        self.assertRegex(inflated, '^<samlp:AuthnRequest')
+        self.assertRegex(inflated, "^<samlp:AuthnRequest")
         self.assertRegex(inflated, 'AssertionConsumerServiceURL="http://stuff.com/endpoints/endpoints/acs.php">')
-        self.assertRegex(inflated, '<saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer>')
+        self.assertRegex(inflated, "<saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer>")
         self.assertRegex(inflated, 'Format="urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted"')
         self.assertRegex(inflated, 'ProviderName="SP prueba"')
 
@@ -347,7 +330,7 @@ def testGetID(self):
         authn_request_encoded = authn_request.get_request()
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded))
         document = OneLogin_Saml2_XML.to_etree(inflated)
-        self.assertEqual(authn_request.get_id(), document.get('ID', None))
+        self.assertEqual(authn_request.get_id(), document.get("ID", None))
 
     def testAttributeConsumingService(self):
         """
@@ -362,7 +345,7 @@ def testAttributeConsumingService(self):
 
         self.assertNotIn('AttributeConsumingServiceIndex="1"', inflated)
 
-        saml_settings = self.loadSettingsJSON('settings4.json')
+        saml_settings = self.loadSettingsJSON("settings4.json")
         settings = OneLogin_Saml2_Settings(saml_settings)
 
         authn_request = OneLogin_Saml2_Authn_Request(settings)
diff --git a/tests/src/OneLogin/saml2_tests/error_test.py b/tests/src/OneLogin/saml2_tests/error_test.py
index cd7546b7..23ed4931 100644
--- a/tests/src/OneLogin/saml2_tests/error_test.py
+++ b/tests/src/OneLogin/saml2_tests/error_test.py
@@ -1,7 +1,5 @@
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2010-2018 OneLogin, Inc.
-# MIT License
 
 import unittest
 from onelogin.saml2.errors import OneLogin_Saml2_Error
@@ -13,5 +11,5 @@ class OneLogin_Saml2_Error_Test(unittest.TestCase):
     """
 
     def runTest(self):
-        exception = OneLogin_Saml2_Error('test')
-        self.assertEqual(str(exception), 'test')
+        exception = OneLogin_Saml2_Error("test")
+        self.assertEqual(str(exception), "test")
diff --git a/tests/src/OneLogin/saml2_tests/idp_metadata_parser_test.py b/tests/src/OneLogin/saml2_tests/idp_metadata_parser_test.py
index f4859244..4f352f69 100644
--- a/tests/src/OneLogin/saml2_tests/idp_metadata_parser_test.py
+++ b/tests/src/OneLogin/saml2_tests/idp_metadata_parser_test.py
@@ -1,12 +1,7 @@
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2010-2018 OneLogin, Inc.
-# MIT License
 
-try:
-    from urllib.error import URLError
-except ImportError:
-    from urllib2 import URLError
+from urllib.error import URLError
 
 from copy import deepcopy
 import json
@@ -24,21 +19,21 @@ class OneLogin_Saml2_IdPMetadataParser_Test(unittest.TestCase):
     # Set self.maxDiff to None to see it." from showing up.
     maxDiff = None
 
-    data_path = join(dirname(dirname(dirname(dirname(__file__)))), 'data')
-    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), 'settings')
+    data_path = join(dirname(dirname(dirname(dirname(__file__)))), "data")
+    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), "settings")
 
-    def loadSettingsJSON(self, filename='settings1.json'):
+    def loadSettingsJSON(self, filename="settings1.json"):
         filename = join(self.settings_path, filename)
         if exists(filename):
-            stream = open(filename, 'r')
+            stream = open(filename, "r")
             settings = json.load(stream)
             stream.close()
             return settings
         else:
-            raise Exception('Settings json file does not exist')
+            raise Exception("Settings json file does not exist")
 
     def file_contents(self, filename):
-        f = open(filename, 'r')
+        f = open(filename, "r")
         content = f.read()
         f.close()
         return content
@@ -48,25 +43,32 @@ def testGetMetadata(self):
         Tests the get_metadata method of the OneLogin_Saml2_IdPMetadataParser
         """
         with self.assertRaises(Exception):
-            data = OneLogin_Saml2_IdPMetadataParser.get_metadata('http://google.es')
+            data = OneLogin_Saml2_IdPMetadataParser.get_metadata("http://google.es", validate_cert=False)
 
         try:
-            data = OneLogin_Saml2_IdPMetadataParser.get_metadata('https://idp.testshib.org/idp/shibboleth')
+            data = OneLogin_Saml2_IdPMetadataParser.get_metadata("https://raw.githubusercontent.com/SAML-Toolkits/python3-saml/master/tests/data/metadata/testshib-providers.xml", validate_cert=False)
             self.assertTrue(data is not None and data is not {})
         except URLError:
             pass
 
+    def testGetMetadataWithHeaders(self):
+        data = OneLogin_Saml2_IdPMetadataParser.get_metadata(
+            "https://raw.githubusercontent.com/SAML-Toolkits/python3-saml/master/tests/data/metadata/testshib-providers.xml", validate_cert=False, headers={"User-Agent": "Mozilla/5.0"}
+        )
+        self.assertIsNotNone(data)
+        self.assertIn(b"entityID=", data)
+
     def testParseRemote(self):
         """
         Tests the parse_remote method of the OneLogin_Saml2_IdPMetadataParser
         """
         with self.assertRaises(Exception):
-            data = OneLogin_Saml2_IdPMetadataParser.parse_remote('http://google.es')
+            data = OneLogin_Saml2_IdPMetadataParser.parse_remote("http://google.es", validate_cert=False)
 
         try:
-            data = OneLogin_Saml2_IdPMetadataParser.parse_remote('https://idp.testshib.org/idp/shibboleth')
+            data = OneLogin_Saml2_IdPMetadataParser.parse_remote("https://raw.githubusercontent.com/SAML-Toolkits/python3-saml/master/tests/data/metadata/testshib-providers.xml", validate_cert=False)
         except URLError:
-            xml = self.file_contents(join(self.data_path, 'metadata', 'testshib-providers.xml'))
+            xml = self.file_contents(join(self.data_path, "metadata", "testshib-providers.xml"))
             data = OneLogin_Saml2_IdPMetadataParser.parse(xml)
 
         self.assertTrue(data is not None and data is not {})
@@ -88,18 +90,27 @@ def testParseRemote(self):
         expected_settings = json.loads(expected_settings_json)
         self.assertEqual(expected_settings, data)
 
+    def testParseRemoteWithHeaders(self):
+        """
+        Tests the parse_remote method passing headers of the OneLogin_Saml2_IdPMetadataParser
+        """
+        data = OneLogin_Saml2_IdPMetadataParser.parse_remote("https://raw.githubusercontent.com/SAML-Toolkits/python3-saml/master/tests/data/metadata/testshib-providers.xml", validate_cert=False)
+        self.assertEqual(data["idp"]["entityId"], "https://idp.testshib.org/idp/shibboleth")
+        self.assertIsNotNone(data["idp"]["singleSignOnService"]["url"])
+        self.assertIsNotNone(data["idp"]["x509cert"])
+
     def testParse(self):
         """
         Tests the parse method of the OneLogin_Saml2_IdPMetadataParser
         """
         with self.assertRaises(XMLSyntaxError):
-            data = OneLogin_Saml2_IdPMetadataParser.parse('')
+            data = OneLogin_Saml2_IdPMetadataParser.parse("")
 
-        xml_sp_metadata = self.file_contents(join(self.data_path, 'metadata', 'metadata_settings1.xml'))
+        xml_sp_metadata = self.file_contents(join(self.data_path, "metadata", "metadata_settings1.xml"))
         data = OneLogin_Saml2_IdPMetadataParser.parse(xml_sp_metadata)
         self.assertEqual({}, data)
 
-        xml_idp_metadata = self.file_contents(join(self.data_path, 'metadata', 'idp_metadata.xml'))
+        xml_idp_metadata = self.file_contents(join(self.data_path, "metadata", "idp_metadata.xml"))
         data = OneLogin_Saml2_IdPMetadataParser.parse(xml_idp_metadata)
 
         # W/o further specification, expect to get the redirect binding SSO
@@ -147,18 +158,14 @@ def test_parse_testshib_required_binding_sso_redirect(self):
         }
         """
         try:
-            xmldoc = OneLogin_Saml2_IdPMetadataParser.get_metadata(
-                'https://idp.testshib.org/idp/shibboleth')
+            xmldoc = OneLogin_Saml2_IdPMetadataParser.get_metadata("https://idp.testshib.org/idp/shibboleth")
         except URLError:
-            xmldoc = self.file_contents(join(self.data_path, 'metadata', 'testshib-providers.xml'))
+            xmldoc = self.file_contents(join(self.data_path, "metadata", "testshib-providers.xml"))
 
         # Parse, require SSO REDIRECT binding, implicitly.
         settings1 = OneLogin_Saml2_IdPMetadataParser.parse(xmldoc)
         # Parse, require SSO REDIRECT binding, explicitly.
-        settings2 = OneLogin_Saml2_IdPMetadataParser.parse(
-            xmldoc,
-            required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT
-        )
+        settings2 = OneLogin_Saml2_IdPMetadataParser.parse(xmldoc, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT)
         expected_settings = json.loads(expected_settings_json)
         self.assertEqual(expected_settings, settings1)
         self.assertEqual(expected_settings, settings2)
@@ -185,16 +192,12 @@ def test_parse_testshib_required_binding_sso_post(self):
         }
         """
         try:
-            xmldoc = OneLogin_Saml2_IdPMetadataParser.get_metadata(
-                'https://idp.testshib.org/idp/shibboleth')
+            xmldoc = OneLogin_Saml2_IdPMetadataParser.get_metadata("https://idp.testshib.org/idp/shibboleth")
         except URLError:
-            xmldoc = self.file_contents(join(self.data_path, 'metadata', 'testshib-providers.xml'))
+            xmldoc = self.file_contents(join(self.data_path, "metadata", "testshib-providers.xml"))
 
         # Parse, require POST binding.
-        settings = OneLogin_Saml2_IdPMetadataParser.parse(
-            xmldoc,
-            required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST
-        )
+        settings = OneLogin_Saml2_IdPMetadataParser.parse(xmldoc, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST)
         expected_settings = json.loads(expected_settings_json)
         self.assertEqual(expected_settings, settings)
 
@@ -225,7 +228,7 @@ def test_parse_required_binding_all(self):
           }
         }
         """
-        xmldoc = self.file_contents(join(self.data_path, 'metadata', 'idp_metadata2.xml'))
+        xmldoc = self.file_contents(join(self.data_path, "metadata", "idp_metadata2.xml"))
 
         expected_settings = json.loads(expected_settings_json)
 
@@ -234,50 +237,30 @@ def test_parse_required_binding_all(self):
 
         # Parse, require SLO and SSO REDIRECT binding, explicitly.
         settings2 = OneLogin_Saml2_IdPMetadataParser.parse(
-            xmldoc,
-            required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT,
-            required_slo_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT
+            xmldoc, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT, required_slo_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT
         )
         expected_settings1_2 = deepcopy(expected_settings)
         self.assertEqual(expected_settings1_2, settings1)
         self.assertEqual(expected_settings1_2, settings2)
 
-        settings3 = OneLogin_Saml2_IdPMetadataParser.parse(
-            xmldoc,
-            required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST,
-            required_slo_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST
-        )
+        settings3 = OneLogin_Saml2_IdPMetadataParser.parse(xmldoc, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST, required_slo_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST)
 
         expected_settings3 = deepcopy(expected_settings)
-        del expected_settings3['idp']['singleLogoutService']
-        del expected_settings3['idp']['singleSignOnService']
+        del expected_settings3["idp"]["singleLogoutService"]
+        del expected_settings3["idp"]["singleSignOnService"]
         self.assertEqual(expected_settings3, settings3)
 
-        settings4 = OneLogin_Saml2_IdPMetadataParser.parse(
-            xmldoc,
-            required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST,
-            required_slo_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT
-        )
-        settings5 = OneLogin_Saml2_IdPMetadataParser.parse(
-            xmldoc,
-            required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST
-        )
+        settings4 = OneLogin_Saml2_IdPMetadataParser.parse(xmldoc, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST, required_slo_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT)
+        settings5 = OneLogin_Saml2_IdPMetadataParser.parse(xmldoc, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST)
         expected_settings4_5 = deepcopy(expected_settings)
-        del expected_settings4_5['idp']['singleSignOnService']
+        del expected_settings4_5["idp"]["singleSignOnService"]
         self.assertEqual(expected_settings4_5, settings4)
         self.assertEqual(expected_settings4_5, settings5)
 
-        settings6 = OneLogin_Saml2_IdPMetadataParser.parse(
-            xmldoc,
-            required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT,
-            required_slo_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST
-        )
-        settings7 = OneLogin_Saml2_IdPMetadataParser.parse(
-            xmldoc,
-            required_slo_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST
-        )
+        settings6 = OneLogin_Saml2_IdPMetadataParser.parse(xmldoc, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT, required_slo_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST)
+        settings7 = OneLogin_Saml2_IdPMetadataParser.parse(xmldoc, required_slo_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST)
         expected_settings6_7 = deepcopy(expected_settings)
-        del expected_settings6_7['idp']['singleLogoutService']
+        del expected_settings6_7["idp"]["singleLogoutService"]
         self.assertEqual(expected_settings6_7, settings6)
         self.assertEqual(expected_settings6_7, settings7)
 
@@ -287,18 +270,42 @@ def test_parse_with_entity_id(self):
         Case: Provide entity_id to identify the desired IdPDescriptor from
               EntitiesDescriptor
         """
-        xml_idp_metadata = self.file_contents(join(self.data_path, 'metadata', 'idp_multiple_descriptors.xml'))
+        xml_idp_metadata = self.file_contents(join(self.data_path, "metadata", "idp_multiple_descriptors.xml"))
 
         # should find first descriptor
         data = OneLogin_Saml2_IdPMetadataParser.parse(xml_idp_metadata)
         self.assertEqual("https://foo.example.com/access/saml/idp.xml", data["idp"]["entityId"])
 
+        expected_settings_json = """
+        {
+            "security": {"authnRequestsSigned": true},
+            "sp": {
+                "NameIDFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
+            },
+            "idp": {
+                "singleLogoutService": {
+                    "url": "https://hello.example.com/access/saml/logout",
+                    "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+                },
+                "entityId": "https://foo.example.com/access/saml/idp.xml",
+                "x509cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURxekNDQXhTZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBRENCaGpFTE1Ba0dBMVVFQmhNQ1FWVXgKRERBS0JnTlZCQWdUQTA1VFZ6RVBNQTBHQTFVRUJ4TUdVM2xrYm1WNU1Rd3dDZ1lEVlFRS0RBTlFTVlF4Q1RBSApCZ05WQkFzTUFERVlNQllHQTFVRUF3d1BiR0YzY21WdVkyVndhWFF1WTI5dE1TVXdJd1lKS29aSWh2Y05BUWtCCkRCWnNZWGR5Wlc1alpTNXdhWFJBWjIxaGFXd3VZMjl0TUI0WERURXlNRFF4T1RJeU5UUXhPRm9YRFRNeU1EUXgKTkRJeU5UUXhPRm93Z1lZeEN6QUpCZ05WQkFZVEFrRlZNUXd3Q2dZRFZRUUlFd05PVTFjeER6QU5CZ05WQkFjVApCbE41Wkc1bGVURU1NQW9HQTFVRUNnd0RVRWxVTVFrd0J3WURWUVFMREFBeEdEQVdCZ05WQkFNTUQyeGhkM0psCmJtTmxjR2wwTG1OdmJURWxNQ01HQ1NxR1NJYjNEUUVKQVF3V2JHRjNjbVZ1WTJVdWNHbDBRR2R0WVdsc0xtTnYKYlRDQm56QU5CZ2txaGtpRzl3MEJBUUVGQUFPQmpRQXdnWWtDZ1lFQXFqaWUzUjJvaStwRGFldndJeXMvbWJVVApubkdsa3h0ZGlrcnExMXZleHd4SmlQTmhtaHFSVzNtVXVKRXpsbElkVkw2RW14R1lUcXBxZjkzSGxoa3NhZUowCjhVZ2pQOVVtTVlyaFZKdTFqY0ZXVjdmei9yKzIxL2F3VG5EVjlzTVlRcXVJUllZeTdiRzByMU9iaXdkb3ZudGsKN2dGSTA2WjB2WmFjREU1Ym9xVUNBd0VBQWFPQ0FTVXdnZ0VoTUFrR0ExVWRFd1FDTUFBd0N3WURWUjBQQkFRRApBZ1VnTUIwR0ExVWREZ1FXQkJTUk9OOEdKOG8rOGpnRnRqa3R3WmRxeDZCUnlUQVRCZ05WSFNVRUREQUtCZ2dyCkJnRUZCUWNEQVRBZEJnbGdoa2dCaHZoQ0FRMEVFQllPVkdWemRDQllOVEE1SUdObGNuUXdnYk1HQTFVZEl3U0IKcXpDQnFJQVVrVGpmQmlmS1B2STRCYlk1TGNHWGFzZWdVY21oZ1l5a2dZa3dnWVl4Q3pBSkJnTlZCQVlUQWtGVgpNUXd3Q2dZRFZRUUlFd05PVTFjeER6QU5CZ05WQkFjVEJsTjVaRzVsZVRFTU1Bb0dBMVVFQ2d3RFVFbFVNUWt3CkJ3WURWUVFMREFBeEdEQVdCZ05WQkFNTUQyeGhkM0psYm1ObGNHbDBMbU52YlRFbE1DTUdDU3FHU0liM0RRRUoKQVF3V2JHRjNjbVZ1WTJVdWNHbDBRR2R0WVdsc0xtTnZiWUlCQVRBTkJna3Foa2lHOXcwQkFRc0ZBQU9CZ1FDRQpUQWVKVERTQVc2ejFVRlRWN1FyZWg0VUxGT1JhajkrZUN1RjNLV0RIYyswSVFDajlyZG5ERzRRL3dmNy9yYVEwCkpuUFFDU0NkclBMSmV5b1BIN1FhVHdvYUY3ZHpWdzRMQ3N5TkpURld4NGNNNTBWdzZSNWZET2dpQzhic2ZmUzgKQkptb3VscnJaRE5OVmpHOG1XNmNMeHJZdlZRT3JSVmVjQ0ZJZ3NzQ2JBPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=",
+                "singleSignOnService": {
+                    "url": "https://hello.example.com/access/saml/login",
+                    "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+                }
+            }
+        }
+        """
+        expected_settings = json.loads(expected_settings_json)
+        self.assertEqual(expected_settings, data)
+
         # should find desired descriptor
         data2 = OneLogin_Saml2_IdPMetadataParser.parse(xml_idp_metadata, entity_id="https://bar.example.com/access/saml/idp.xml")
         self.assertEqual("https://bar.example.com/access/saml/idp.xml", data2["idp"]["entityId"])
 
-        expected_settings_json = """
+        expected_settings_json2 = """
         {
+            "security": {"authnRequestsSigned": false},
             "sp": {
                 "NameIDFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
             },
@@ -316,15 +323,15 @@ def test_parse_with_entity_id(self):
             }
         }
         """
-        expected_settings = json.loads(expected_settings_json)
-        self.assertEqual(expected_settings, data2)
+        expected_settings2 = json.loads(expected_settings_json2)
+        self.assertEqual(expected_settings2, data2)
 
     def test_parse_multi_certs(self):
         """
         Tests the parse method of the OneLogin_Saml2_IdPMetadataParser
         Case: IdP metadata contains multiple certs
         """
-        xml_idp_metadata = self.file_contents(join(self.data_path, 'metadata', 'idp_metadata_multi_certs.xml'))
+        xml_idp_metadata = self.file_contents(join(self.data_path, "metadata", "idp_metadata_multi_certs.xml"))
         data = OneLogin_Saml2_IdPMetadataParser.parse(xml_idp_metadata)
 
         expected_settings_json = """
@@ -362,7 +369,7 @@ def test_parse_multi_singing_certs(self):
         Tests the parse method of the OneLogin_Saml2_IdPMetadataParser
         Case: IdP metadata contains multiple signing certs and no encryption certs
         """
-        xml_idp_metadata = self.file_contents(join(self.data_path, 'metadata', 'idp_metadata_multi_signing_certs.xml'))
+        xml_idp_metadata = self.file_contents(join(self.data_path, "metadata", "idp_metadata_multi_signing_certs.xml"))
         data = OneLogin_Saml2_IdPMetadataParser.parse(xml_idp_metadata)
 
         expected_settings_json = """
@@ -399,7 +406,7 @@ def test_parse_multi_same_signing_and_encrypt_cert(self):
         Case: IdP metadata contains multiple signature cert and encrypt cert
               that is the same
         """
-        xml_idp_metadata = self.file_contents(join(self.data_path, 'metadata', 'idp_metadata_same_sign_and_encrypt_cert.xml'))
+        xml_idp_metadata = self.file_contents(join(self.data_path, "metadata", "idp_metadata_same_sign_and_encrypt_cert.xml"))
         data = OneLogin_Saml2_IdPMetadataParser.parse(xml_idp_metadata)
 
         expected_settings_json = """
@@ -420,7 +427,7 @@ def test_parse_multi_same_signing_and_encrypt_cert(self):
         expected_settings = json.loads(expected_settings_json)
         self.assertEqual(expected_settings, data)
 
-        xml_idp_metadata_2 = self.file_contents(join(self.data_path, 'metadata', 'idp_metadata_different_sign_and_encrypt_cert.xml'))
+        xml_idp_metadata_2 = self.file_contents(join(self.data_path, "metadata", "idp_metadata_different_sign_and_encrypt_cert.xml"))
         data_2 = OneLogin_Saml2_IdPMetadataParser.parse(xml_idp_metadata_2)
         expected_settings_json_2 = """
         {
@@ -457,7 +464,7 @@ def test_merge_settings(self):
         with self.assertRaises(TypeError):
             settings_result = OneLogin_Saml2_IdPMetadataParser.merge_settings({}, None)
 
-        xml_idp_metadata = self.file_contents(join(self.data_path, 'metadata', 'idp_metadata.xml'))
+        xml_idp_metadata = self.file_contents(join(self.data_path, "metadata", "idp_metadata.xml"))
 
         # Parse XML metadata.
         data = OneLogin_Saml2_IdPMetadataParser.parse(xml_idp_metadata)
@@ -583,7 +590,7 @@ def test_merge_settings(self):
         self.assertEqual(expected_settings2, settings_result2)
 
         # Test merging multiple certs
-        xml_idp_metadata = self.file_contents(join(self.data_path, 'metadata', 'idp_metadata_multi_certs.xml'))
+        xml_idp_metadata = self.file_contents(join(self.data_path, "metadata", "idp_metadata_multi_certs.xml"))
         data3 = OneLogin_Saml2_IdPMetadataParser.parse(xml_idp_metadata)
         settings_result3 = OneLogin_Saml2_IdPMetadataParser.merge_settings(settings, data3)
         expected_settings3_json = """
diff --git a/tests/src/OneLogin/saml2_tests/logout_request_test.py b/tests/src/OneLogin/saml2_tests/logout_request_test.py
index d4c8ee6c..76994175 100644
--- a/tests/src/OneLogin/saml2_tests/logout_request_test.py
+++ b/tests/src/OneLogin/saml2_tests/logout_request_test.py
@@ -1,7 +1,5 @@
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2010-2018 OneLogin, Inc.
-# MIT License
 
 import json
 from os.path import dirname, join, exists
@@ -20,35 +18,35 @@
 
 
 class OneLogin_Saml2_Logout_Request_Test(unittest.TestCase):
-    data_path = join(dirname(dirname(dirname(dirname(__file__)))), 'data')
-    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), 'settings')
+    data_path = join(dirname(dirname(dirname(dirname(__file__)))), "data")
+    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), "settings")
 
     # assertRegexpMatches deprecated on python3
     def assertRegex(self, text, regexp, msg=None):
-        if hasattr(unittest.TestCase, 'assertRegex'):
+        if hasattr(unittest.TestCase, "assertRegex"):
             return super(OneLogin_Saml2_Logout_Request_Test, self).assertRegex(text, regexp, msg)
         else:
             return self.assertRegexpMatches(text, regexp, msg)
 
     # assertRaisesRegexp deprecated on python3
     def assertRaisesRegex(self, exception, regexp, msg=None):
-        if hasattr(unittest.TestCase, 'assertRaisesRegex'):
+        if hasattr(unittest.TestCase, "assertRaisesRegex"):
             return super(OneLogin_Saml2_Logout_Request_Test, self).assertRaisesRegex(exception, regexp, msg=msg)
         else:
             return self.assertRaisesRegexp(exception, regexp)
 
-    def loadSettingsJSON(self, name='settings1.json'):
+    def loadSettingsJSON(self, name="settings1.json"):
         filename = join(self.settings_path, name)
         if exists(filename):
-            stream = open(filename, 'r')
+            stream = open(filename, "r")
             settings = json.load(stream)
             stream.close()
             return settings
         else:
-            raise Exception('Settings json file does not exist')
+            raise Exception("Settings json file does not exist")
 
     def file_contents(self, filename):
-        f = open(filename, 'r')
+        f = open(filename, "r")
         content = f.read()
         f.close()
         return content
@@ -58,19 +56,19 @@ def testConstructor(self):
         Tests the OneLogin_Saml2_LogoutRequest Constructor.
         """
         settings_info = self.loadSettingsJSON()
-        settings_info['security']['nameIdEncrypted'] = True
+        settings_info["security"]["nameIdEncrypted"] = True
         settings = OneLogin_Saml2_Settings(settings_info)
 
         logout_request = OneLogin_Saml2_Logout_Request(settings)
 
-        parameters = {'SAMLRequest': logout_request.get_request()}
-        logout_url = OneLogin_Saml2_Utils.redirect('http://idp.example.com/SingleLogoutService.php', parameters, True)
-        self.assertRegex(logout_url, r'^http://idp\.example\.com\/SingleLogoutService\.php\?SAMLRequest=')
+        parameters = {"SAMLRequest": logout_request.get_request()}
+        logout_url = OneLogin_Saml2_Utils.redirect("http://idp.example.com/SingleLogoutService.php", parameters, True)
+        self.assertRegex(logout_url, r"^http://idp\.example\.com\/SingleLogoutService\.php\?SAMLRequest=")
         url_parts = urlparse(logout_url)
         exploded = parse_qs(url_parts.query)
-        payload = exploded['SAMLRequest'][0]
+        payload = exploded["SAMLRequest"][0]
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(payload))
-        self.assertRegex(inflated, '^<samlp:LogoutRequest')
+        self.assertRegex(inflated, "^<samlp:LogoutRequest")
 
     def testCreateDeflatedSAMLLogoutRequestURLParameter(self):
         """
@@ -80,14 +78,14 @@ def testCreateDeflatedSAMLLogoutRequestURLParameter(self):
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
         logout_request = OneLogin_Saml2_Logout_Request(settings)
 
-        parameters = {'SAMLRequest': logout_request.get_request()}
-        logout_url = OneLogin_Saml2_Utils.redirect('http://idp.example.com/SingleLogoutService.php', parameters, True)
-        self.assertRegex(logout_url, r'^http://idp\.example\.com\/SingleLogoutService\.php\?SAMLRequest=')
+        parameters = {"SAMLRequest": logout_request.get_request()}
+        logout_url = OneLogin_Saml2_Utils.redirect("http://idp.example.com/SingleLogoutService.php", parameters, True)
+        self.assertRegex(logout_url, r"^http://idp\.example\.com\/SingleLogoutService\.php\?SAMLRequest=")
         url_parts = urlparse(logout_url)
         exploded = parse_qs(url_parts.query)
-        payload = exploded['SAMLRequest'][0]
+        payload = exploded["SAMLRequest"][0]
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(payload))
-        self.assertRegex(inflated, '^<samlp:LogoutRequest')
+        self.assertRegex(inflated, "^<samlp:LogoutRequest")
 
     def testConstructorWithNameIdFormatOnSettings(self):
         """
@@ -95,17 +93,14 @@ def testConstructorWithNameIdFormatOnSettings(self):
         Case: Defines NameIDFormat from settings
         """
         settings_info = self.loadSettingsJSON()
-        name_id = 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c'
-        name_id_format = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
-        settings_info['sp']['NameIDFormat'] = name_id_format
+        name_id = "ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c"
+        name_id_format = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
+        settings_info["sp"]["NameIDFormat"] = name_id_format
         settings = OneLogin_Saml2_Settings(settings_info)
         logout_request = OneLogin_Saml2_Logout_Request(settings, name_id=name_id)
         logout_request_xml = OneLogin_Saml2_Utils.decode_base64_and_inflate(logout_request.get_request())
         name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(logout_request_xml)
-        expected_name_id_data = {
-            'Value': name_id,
-            'Format': name_id_format
-        }
+        expected_name_id_data = {"Value": name_id, "Format": name_id_format}
         self.assertEqual(expected_name_id_data, name_id_data)
 
     def testConstructorWithoutNameIdFormat(self):
@@ -114,16 +109,14 @@ def testConstructorWithoutNameIdFormat(self):
         Case: Checks that NameIDFormat is not added
         """
         settings_info = self.loadSettingsJSON()
-        name_id = 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c'
-        name_id_format = 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'
-        settings_info['sp']['NameIDFormat'] = name_id_format
+        name_id = "ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c"
+        name_id_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
+        settings_info["sp"]["NameIDFormat"] = name_id_format
         settings = OneLogin_Saml2_Settings(settings_info)
         logout_request = OneLogin_Saml2_Logout_Request(settings, name_id=name_id)
         logout_request_xml = OneLogin_Saml2_Utils.decode_base64_and_inflate(logout_request.get_request())
         name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(logout_request_xml)
-        expected_name_id_data = {
-            'Value': name_id
-        }
+        expected_name_id_data = {"Value": name_id}
         self.assertEqual(expected_name_id_data, name_id_data)
 
     def testConstructorEncryptIdUsingX509certMulti(self):
@@ -131,54 +124,54 @@ def testConstructorEncryptIdUsingX509certMulti(self):
         Tests the OneLogin_Saml2_LogoutRequest Constructor.
         Case: Able to generate encryptedID with MultiCert
         """
-        settings_info = self.loadSettingsJSON('settings8.json')
-        settings_info['security']['nameIdEncrypted'] = True
+        settings_info = self.loadSettingsJSON("settings8.json")
+        settings_info["security"]["nameIdEncrypted"] = True
         settings = OneLogin_Saml2_Settings(settings_info)
 
         logout_request = OneLogin_Saml2_Logout_Request(settings)
 
-        parameters = {'SAMLRequest': logout_request.get_request()}
-        logout_url = OneLogin_Saml2_Utils.redirect('http://idp.example.com/SingleLogoutService.php', parameters, True)
-        self.assertRegex(logout_url, r'^http://idp\.example\.com\/SingleLogoutService\.php\?SAMLRequest=')
+        parameters = {"SAMLRequest": logout_request.get_request()}
+        logout_url = OneLogin_Saml2_Utils.redirect("http://idp.example.com/SingleLogoutService.php", parameters, True)
+        self.assertRegex(logout_url, r"^http://idp\.example\.com\/SingleLogoutService\.php\?SAMLRequest=")
         url_parts = urlparse(logout_url)
         exploded = parse_qs(url_parts.query)
-        payload = exploded['SAMLRequest'][0]
+        payload = exploded["SAMLRequest"][0]
         inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(payload))
-        self.assertRegex(inflated, '^<samlp:LogoutRequest')
-        self.assertRegex(inflated, '<saml:EncryptedID>')
+        self.assertRegex(inflated, "^<samlp:LogoutRequest")
+        self.assertRegex(inflated, "<saml:EncryptedID>")
 
     def testGetIDFromSAMLLogoutRequest(self):
         """
         Tests the get_id method of the OneLogin_Saml2_LogoutRequest
         """
-        logout_request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml'))
+        logout_request = self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml"))
         id1 = OneLogin_Saml2_Logout_Request.get_id(logout_request)
-        self.assertEqual('ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e', id1)
+        self.assertEqual("ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e", id1)
 
         dom = parseString(logout_request)
         id2 = OneLogin_Saml2_Logout_Request.get_id(dom.toxml())
-        self.assertEqual('ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e', id2)
+        self.assertEqual("ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e", id2)
 
     def testGetIDFromDeflatedSAMLLogoutRequest(self):
         """
         Tests the get_id method of the OneLogin_Saml2_LogoutRequest
         """
-        deflated_logout_request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request_deflated.xml.base64'))
+        deflated_logout_request = self.file_contents(join(self.data_path, "logout_requests", "logout_request_deflated.xml.base64"))
         logout_request = OneLogin_Saml2_Utils.decode_base64_and_inflate(deflated_logout_request)
         id1 = OneLogin_Saml2_Logout_Request.get_id(logout_request)
-        self.assertEqual('ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e', id1)
+        self.assertEqual("ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e", id1)
 
     def testGetNameIdData(self):
         """
         Tests the get_nameid_data method of the OneLogin_Saml2_LogoutRequest
         """
         expected_name_id_data = {
-            'Value': 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c',
-            'Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
-            'SPNameQualifier': 'http://idp.example.com/'
+            "Value": "ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c",
+            "Format": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
+            "SPNameQualifier": "http://idp.example.com/",
         }
 
-        request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml'))
+        request = self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml"))
         name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(request)
         self.assertEqual(expected_name_id_data, name_id_data)
 
@@ -186,54 +179,48 @@ def testGetNameIdData(self):
         name_id_data_2 = OneLogin_Saml2_Logout_Request.get_nameid_data(dom.toxml())
         self.assertEqual(expected_name_id_data, name_id_data_2)
 
-        request_2 = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request_encrypted_nameid.xml'))
-        with self.assertRaisesRegex(Exception, 'Key is required in order to decrypt the NameID'):
+        request_2 = self.file_contents(join(self.data_path, "logout_requests", "logout_request_encrypted_nameid.xml"))
+        with self.assertRaisesRegex(Exception, "Key is required in order to decrypt the NameID"):
             OneLogin_Saml2_Logout_Request.get_nameid(request_2)
 
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
         key = settings.get_sp_key()
         name_id_data_4 = OneLogin_Saml2_Logout_Request.get_nameid_data(request_2, key)
         expected_name_id_data = {
-            'Value': 'ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69',
-            'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress',
-            'SPNameQualifier': 'https://pitbulk.no-ip.org/newonelogin/demo1/metadata.php'
+            "Value": "ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69",
+            "Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress",
+            "SPNameQualifier": "https://pitbulk.no-ip.org/newonelogin/demo1/metadata.php",
         }
         self.assertEqual(expected_name_id_data, name_id_data_4)
 
         dom_2 = parseString(request_2)
-        encrypted_id_nodes = dom_2.getElementsByTagName('saml:EncryptedID')
+        encrypted_id_nodes = dom_2.getElementsByTagName("saml:EncryptedID")
         encrypted_data = encrypted_id_nodes[0].firstChild.nextSibling
         encrypted_id_nodes[0].removeChild(encrypted_data)
-        with self.assertRaisesRegex(Exception, 'NameID not found in the Logout Request'):
+        with self.assertRaisesRegex(Exception, "NameID not found in the Logout Request"):
             OneLogin_Saml2_Logout_Request.get_nameid(dom_2.toxml(), key)
 
-        inv_request = self.file_contents(join(self.data_path, 'logout_requests', 'invalids', 'no_nameId.xml'))
-        with self.assertRaisesRegex(Exception, 'NameID not found in the Logout Request'):
+        inv_request = self.file_contents(join(self.data_path, "logout_requests", "invalids", "no_nameId.xml"))
+        with self.assertRaisesRegex(Exception, "NameID not found in the Logout Request"):
             OneLogin_Saml2_Logout_Request.get_nameid(inv_request)
 
         idp_data = settings.get_idp_data()
         expected_name_id_data = {
-            'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress',
-            'NameQualifier': idp_data['entityId'],
-            'Value': 'ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69'
+            "Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress",
+            "NameQualifier": idp_data["entityId"],
+            "Value": "ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69",
         }
 
-        logout_request = OneLogin_Saml2_Logout_Request(settings, None, expected_name_id_data['Value'], None, idp_data['entityId'], expected_name_id_data['Format'])
+        logout_request = OneLogin_Saml2_Logout_Request(settings, None, expected_name_id_data["Value"], None, idp_data["entityId"], expected_name_id_data["Format"])
         name_id_data_3 = OneLogin_Saml2_Logout_Request.get_nameid_data(logout_request.get_xml())
         self.assertEqual(expected_name_id_data, name_id_data_3)
 
-        expected_name_id_data = {
-            'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress',
-            'Value': 'ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69'
-        }
-        logout_request = OneLogin_Saml2_Logout_Request(settings, None, expected_name_id_data['Value'], None, None, expected_name_id_data['Format'])
+        expected_name_id_data = {"Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress", "Value": "ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69"}
+        logout_request = OneLogin_Saml2_Logout_Request(settings, None, expected_name_id_data["Value"], None, None, expected_name_id_data["Format"])
         name_id_data_4 = OneLogin_Saml2_Logout_Request.get_nameid_data(logout_request.get_xml())
         self.assertEqual(expected_name_id_data, name_id_data_4)
 
-        expected_name_id_data = {
-            'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:entity',
-            'Value': 'http://idp.example.com/'
-        }
+        expected_name_id_data = {"Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:entity", "Value": "http://idp.example.com/"}
         logout_request = OneLogin_Saml2_Logout_Request(settings)
         name_id_data_5 = OneLogin_Saml2_Logout_Request.get_nameid_data(logout_request.get_xml())
         self.assertEqual(expected_name_id_data, name_id_data_5)
@@ -242,33 +229,33 @@ def testGetNameId(self):
         """
         Tests the get_nameid of the OneLogin_Saml2_LogoutRequest
         """
-        request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml'))
+        request = self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml"))
         name_id = OneLogin_Saml2_Logout_Request.get_nameid(request)
-        self.assertEqual(name_id, 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c')
+        self.assertEqual(name_id, "ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c")
 
-        request_2 = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request_encrypted_nameid.xml'))
-        with self.assertRaisesRegex(Exception, 'Key is required in order to decrypt the NameID'):
+        request_2 = self.file_contents(join(self.data_path, "logout_requests", "logout_request_encrypted_nameid.xml"))
+        with self.assertRaisesRegex(Exception, "Key is required in order to decrypt the NameID"):
             OneLogin_Saml2_Logout_Request.get_nameid(request_2)
 
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
         key = settings.get_sp_key()
         name_id_3 = OneLogin_Saml2_Logout_Request.get_nameid(request_2, key)
-        self.assertEqual('ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69', name_id_3)
+        self.assertEqual("ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69", name_id_3)
 
     def testGetIssuer(self):
         """
         Tests the get_issuer of the OneLogin_Saml2_LogoutRequest
         """
-        request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml'))
+        request = self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml"))
 
         issuer = OneLogin_Saml2_Logout_Request.get_issuer(request)
-        self.assertEqual('http://idp.example.com/', issuer)
+        self.assertEqual("http://idp.example.com/", issuer)
 
         dom = parseString(request)
         issuer_2 = OneLogin_Saml2_Logout_Request.get_issuer(dom.toxml())
-        self.assertEqual('http://idp.example.com/', issuer_2)
+        self.assertEqual("http://idp.example.com/", issuer_2)
 
-        issuer_node = dom.getElementsByTagName('saml:Issuer')[0]
+        issuer_node = dom.getElementsByTagName("saml:Issuer")[0]
         issuer_node.parentNode.removeChild(issuer_node)
         issuer_3 = OneLogin_Saml2_Logout_Request.get_issuer(dom.toxml())
         self.assertIsNone(issuer_3)
@@ -277,7 +264,7 @@ def testGetSessionIndexes(self):
         """
         Tests the get_session_indexes of the OneLogin_Saml2_LogoutRequest
         """
-        request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml'))
+        request = self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml"))
 
         session_indexes = OneLogin_Saml2_Logout_Request.get_session_indexes(request)
         self.assertEqual(len(session_indexes), 0)
@@ -286,19 +273,19 @@ def testGetSessionIndexes(self):
         session_indexes_2 = OneLogin_Saml2_Logout_Request.get_session_indexes(dom.toxml())
         self.assertEqual(len(session_indexes_2), 0)
 
-        request_2 = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request_with_sessionindex.xml'))
+        request_2 = self.file_contents(join(self.data_path, "logout_requests", "logout_request_with_sessionindex.xml"))
         session_indexes_3 = OneLogin_Saml2_Logout_Request.get_session_indexes(request_2)
-        self.assertEqual(['_ac72a76526cb6ca19f8438e73879a0e6c8ae5131'], session_indexes_3)
+        self.assertEqual(["_ac72a76526cb6ca19f8438e73879a0e6c8ae5131"], session_indexes_3)
 
     def testIsInvalidXML(self):
         """
         Tests the is_valid method of the OneLogin_Saml2_LogoutRequest
         Case Invalid XML
         """
-        request = OneLogin_Saml2_Utils.b64encode('<xml>invalid</xml>')
+        request = OneLogin_Saml2_Utils.b64encode("<xml>invalid</xml>")
         request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html',
+            "http_host": "example.com",
+            "script_name": "index.html",
         }
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
 
@@ -315,20 +302,17 @@ def testIsInvalidIssuer(self):
         Tests the is_valid method of the OneLogin_Saml2_LogoutRequest
         Case Invalid Issuer
         """
-        request = self.file_contents(join(self.data_path, 'logout_requests', 'invalids', 'invalid_issuer.xml'))
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
+        request = self.file_contents(join(self.data_path, "logout_requests", "invalids", "invalid_issuer.xml"))
+        request_data = {"http_host": "example.com", "script_name": "index.html"}
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        request = request.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        request = request.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
         logout_request = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
         self.assertTrue(logout_request.is_valid(request_data))
 
         settings.set_strict(True)
         logout_request2 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
-        with self.assertRaisesRegex(Exception, 'Invalid issuer in the Logout Request'):
+        with self.assertRaisesRegex(Exception, "Invalid issuer in the Logout Request"):
             logout_request2.is_valid(request_data, raise_exceptions=True)
 
     def testIsInvalidDestination(self):
@@ -336,26 +320,23 @@ def testIsInvalidDestination(self):
         Tests the is_valid method of the OneLogin_Saml2_LogoutRequest
         Case Invalid Destination
         """
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
-        request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml'))
+        request_data = {"http_host": "example.com", "script_name": "index.html"}
+        request = self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml"))
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
         logout_request = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
         self.assertTrue(logout_request.is_valid(request_data))
 
         settings.set_strict(True)
         logout_request2 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
-        with self.assertRaisesRegex(Exception, 'The LogoutRequest was received at'):
+        with self.assertRaisesRegex(Exception, "The LogoutRequest was received at"):
             logout_request2.is_valid(request_data, raise_exceptions=True)
 
         dom = parseString(request)
-        dom.documentElement.setAttribute('Destination', None)
+        dom.documentElement.setAttribute("Destination", None)
         logout_request3 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(dom.toxml()))
         self.assertTrue(logout_request3.is_valid(request_data))
 
-        dom.documentElement.removeAttribute('Destination')
+        dom.documentElement.removeAttribute("Destination")
         logout_request4 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(dom.toxml()))
         self.assertTrue(logout_request4.is_valid(request_data))
 
@@ -364,13 +345,10 @@ def testIsInvalidNotOnOrAfter(self):
         Tests the is_valid method of the OneLogin_Saml2_LogoutRequest
         Case Invalid NotOnOrAfter
         """
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
-        request = self.file_contents(join(self.data_path, 'logout_requests', 'invalids', 'not_after_failed.xml'))
+        request_data = {"http_host": "example.com", "script_name": "index.html"}
+        request = self.file_contents(join(self.data_path, "logout_requests", "invalids", "not_after_failed.xml"))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        request = request.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        request = request.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
 
         logout_request = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
@@ -378,18 +356,15 @@ def testIsInvalidNotOnOrAfter(self):
 
         settings.set_strict(True)
         logout_request2 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
-        with self.assertRaisesRegex(Exception, 'Could not validate timestamp: expired. Check system clock.'):
+        with self.assertRaisesRegex(Exception, "Could not validate timestamp: expired. Check system clock."):
             logout_request2.is_valid(request_data, raise_exceptions=True)
 
     def testIsValid(self):
         """
         Tests the is_valid method of the OneLogin_Saml2_LogoutRequest
         """
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
-        request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml'))
+        request_data = {"http_host": "example.com", "script_name": "index.html"}
+        request = self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml"))
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
 
         logout_request = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
@@ -409,19 +384,74 @@ def testIsValid(self):
         self.assertFalse(logout_request4.is_valid(request_data))
 
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        request = request.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        request = request.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         logout_request5 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
         self.assertTrue(logout_request5.is_valid(request_data))
 
+    def testIsValidWithCapitalization(self):
+        """
+        Tests the is_valid method of the OneLogin_Saml2_LogoutRequest
+        """
+        request_data = {"http_host": "exaMPLe.com", "script_name": "index.html"}
+        request = self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml"))
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
+
+        logout_request = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
+        self.assertTrue(logout_request.is_valid(request_data))
+
+        settings.set_strict(True)
+        logout_request2 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
+        self.assertFalse(logout_request2.is_valid(request_data))
+
+        settings.set_strict(False)
+        dom = parseString(request)
+        logout_request3 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(dom.toxml()))
+        self.assertTrue(logout_request3.is_valid(request_data))
+
+        settings.set_strict(True)
+        logout_request4 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(dom.toxml()))
+        self.assertFalse(logout_request4.is_valid(request_data))
+
+        current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
+        request = request.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url.lower())
+        logout_request5 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
+        self.assertTrue(logout_request5.is_valid(request_data))
+
+    def testIsInValidWithCapitalization(self):
+        """
+        Tests the is_valid method of the OneLogin_Saml2_LogoutRequest
+        """
+        request_data = {"http_host": "example.com", "script_name": "INdex.html"}
+        request = self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml"))
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
+
+        logout_request = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
+        self.assertTrue(logout_request.is_valid(request_data))
+
+        settings.set_strict(True)
+        logout_request2 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
+        self.assertFalse(logout_request2.is_valid(request_data))
+
+        settings.set_strict(False)
+        dom = parseString(request)
+        logout_request3 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(dom.toxml()))
+        self.assertTrue(logout_request3.is_valid(request_data))
+
+        settings.set_strict(True)
+        logout_request4 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(dom.toxml()))
+        self.assertFalse(logout_request4.is_valid(request_data))
+
+        current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
+        request = request.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url.lower())
+        logout_request5 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
+        self.assertFalse(logout_request5.is_valid(request_data))
+
     def testIsValidWithXMLEncoding(self):
         """
         Tests the is_valid method of the OneLogin_Saml2_LogoutRequest
         """
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
-        request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request_with_encoding.xml'))
+        request_data = {"http_host": "example.com", "script_name": "index.html"}
+        request = self.file_contents(join(self.data_path, "logout_requests", "logout_request_with_encoding.xml"))
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
 
         logout_request = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
@@ -441,15 +471,15 @@ def testIsValidWithXMLEncoding(self):
         self.assertFalse(logout_request4.is_valid(request_data))
 
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        request = request.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        request = request.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         logout_request5 = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request))
         self.assertTrue(logout_request5.is_valid(request_data))
 
     def testIsValidRaisesExceptionWhenRaisesArgumentIsTrue(self):
-        request = OneLogin_Saml2_Utils.b64encode('<xml>invalid</xml>')
+        request = OneLogin_Saml2_Utils.b64encode("<xml>invalid</xml>")
         request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html',
+            "http_host": "example.com",
+            "script_name": "index.html",
         }
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
         settings.set_strict(True)
@@ -466,15 +496,15 @@ def testGetXML(self):
         Tests that we can get the logout request XML directly without
         going through intermediate steps
         """
-        request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml'))
+        request = self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml"))
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
 
         logout_request_generated = OneLogin_Saml2_Logout_Request(settings)
         expectedFragment = (
             'Destination="http://idp.example.com/SingleLogoutService.php">\n'
-            '    <saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer>\n'
+            "    <saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer>\n"
             '    <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://idp.example.com/</saml:NameID>\n'
-            '    \n</samlp:LogoutRequest>'
+            "    \n</samlp:LogoutRequest>"
         )
         self.assertIn(expectedFragment, logout_request_generated.get_xml())
 
diff --git a/tests/src/OneLogin/saml2_tests/logout_response_test.py b/tests/src/OneLogin/saml2_tests/logout_response_test.py
index 054e9762..45b8c6ed 100644
--- a/tests/src/OneLogin/saml2_tests/logout_response_test.py
+++ b/tests/src/OneLogin/saml2_tests/logout_response_test.py
@@ -1,7 +1,5 @@
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2010-2018 OneLogin, Inc.
-# MIT License
 
 import json
 from os.path import dirname, join, exists
@@ -22,35 +20,35 @@
 
 
 class OneLogin_Saml2_Logout_Response_Test(unittest.TestCase):
-    data_path = join(dirname(dirname(dirname(dirname(__file__)))), 'data')
-    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), 'settings')
+    data_path = join(dirname(dirname(dirname(dirname(__file__)))), "data")
+    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), "settings")
 
     # assertRegexpMatches deprecated on python3
     def assertRegex(self, text, regexp, msg=None):
-        if hasattr(unittest.TestCase, 'assertRegex'):
+        if hasattr(unittest.TestCase, "assertRegex"):
             return super(OneLogin_Saml2_Logout_Response_Test, self).assertRegex(text, regexp, msg)
         else:
             return self.assertRegexpMatches(text, regexp, msg)
 
     # assertRaisesRegexp deprecated on python3
     def assertRaisesRegex(self, exception, regexp, msg=None):
-        if hasattr(unittest.TestCase, 'assertRaisesRegex'):
+        if hasattr(unittest.TestCase, "assertRaisesRegex"):
             return super(OneLogin_Saml2_Logout_Response_Test, self).assertRaisesRegex(exception, regexp, msg=msg)
         else:
             return self.assertRaisesRegexp(exception, regexp)
 
-    def loadSettingsJSON(self, name='settings1.json'):
+    def loadSettingsJSON(self, name="settings1.json"):
         filename = join(self.settings_path, name)
         if exists(filename):
-            stream = open(filename, 'r')
+            stream = open(filename, "r")
             settings = json.load(stream)
             stream.close()
             return settings
         else:
-            raise Exception('Settings json file does not exist')
+            raise Exception("Settings json file does not exist")
 
     def file_contents(self, filename):
-        f = open(filename, 'r')
+        f = open(filename, "r")
         content = f.read()
         f.close()
         return content
@@ -60,9 +58,9 @@ def testConstructor(self):
         Tests the OneLogin_Saml2_LogoutResponse Constructor.
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
         response = OneLogin_Saml2_Logout_Response(settings, message)
-        self.assertRegex(compat.to_string(OneLogin_Saml2_XML.to_string(response.document)), '<samlp:LogoutResponse')
+        self.assertRegex(compat.to_string(OneLogin_Saml2_XML.to_string(response.document)), "<samlp:LogoutResponse")
 
     def testCreateDeflatedSAMLLogoutResponseURLParameter(self):
         """
@@ -70,31 +68,31 @@ def testCreateDeflatedSAMLLogoutResponseURLParameter(self):
         The creation of a deflated SAML Logout Response
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        in_response_to = 'ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e'
+        in_response_to = "ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e"
         response_builder = OneLogin_Saml2_Logout_Response(settings)
         response_builder.build(in_response_to)
-        parameters = {'SAMLResponse': response_builder.get_response()}
+        parameters = {"SAMLResponse": response_builder.get_response()}
 
-        logout_url = OneLogin_Saml2_Utils.redirect('http://idp.example.com/SingleLogoutService.php', parameters, True)
+        logout_url = OneLogin_Saml2_Utils.redirect("http://idp.example.com/SingleLogoutService.php", parameters, True)
 
-        self.assertRegex(logout_url, r'^http://idp\.example\.com\/SingleLogoutService\.php\?SAMLResponse=')
+        self.assertRegex(logout_url, r"^http://idp\.example\.com\/SingleLogoutService\.php\?SAMLResponse=")
         url_parts = urlparse(logout_url)
         exploded = parse_qs(url_parts.query)
-        inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(exploded['SAMLResponse'][0]))
-        self.assertRegex(inflated, '^<samlp:LogoutResponse')
+        inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(exploded["SAMLResponse"][0]))
+        self.assertRegex(inflated, "^<samlp:LogoutResponse")
 
     def testGetStatus(self):
         """
         Tests the get_status method of the OneLogin_Saml2_LogoutResponse
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
         response = OneLogin_Saml2_Logout_Response(settings, message)
         status = response.get_status()
         self.assertEqual(status, OneLogin_Saml2_Constants.STATUS_SUCCESS)
 
         dom = parseString(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
-        status_code_node = dom.getElementsByTagName('samlp:StatusCode')[0]
+        status_code_node = dom.getElementsByTagName("samlp:StatusCode")[0]
         status_code_node.parentNode.removeChild(status_code_node)
         xml = dom.toxml()
         message_2 = OneLogin_Saml2_Utils.deflate_and_base64_encode(xml)
@@ -106,14 +104,14 @@ def testGetIssuer(self):
         Tests the get_issuer of the OneLogin_Saml2_LogoutResponse
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
         response = OneLogin_Saml2_Logout_Response(settings, message)
 
         issuer = response.get_issuer()
-        self.assertEqual('http://idp.example.com/', issuer)
+        self.assertEqual("http://idp.example.com/", issuer)
 
         dom = parseString(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
-        issuer_node = dom.getElementsByTagName('saml:Issuer')[0]
+        issuer_node = dom.getElementsByTagName("saml:Issuer")[0]
         issuer_node.parentNode.removeChild(issuer_node)
         xml = dom.toxml()
         message_2 = OneLogin_Saml2_Utils.deflate_and_base64_encode(xml)
@@ -126,23 +124,19 @@ def testQuery(self):
         Tests the private method __query of the OneLogin_Saml2_LogoutResponse
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
         response = OneLogin_Saml2_Logout_Response(settings, message)
 
         issuer = response.get_issuer()
-        self.assertEqual('http://idp.example.com/', issuer)
+        self.assertEqual("http://idp.example.com/", issuer)
 
     def testIsInvalidXML(self):
         """
         Tests the is_valid method of the OneLogin_Saml2_LogoutResponse
         Case Invalid XML
         """
-        message = OneLogin_Saml2_Utils.deflate_and_base64_encode('<xml>invalid</xml>')
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html',
-            'get_data': {}
-        }
+        message = OneLogin_Saml2_Utils.deflate_and_base64_encode("<xml>invalid</xml>")
+        request_data = {"http_host": "example.com", "script_name": "index.html", "get_data": {}}
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
 
         response = OneLogin_Saml2_Logout_Response(settings, message)
@@ -157,20 +151,16 @@ def testIsInValidRequestId(self):
         Tests the is_valid method of the OneLogin_Saml2_LogoutResponse
         Case invalid request Id
         """
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html',
-            'get_data': {}
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html", "get_data": {}}
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
 
         plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
 
-        request_id = 'invalid_request_id'
+        request_id = "invalid_request_id"
 
         settings.set_strict(False)
         response = OneLogin_Saml2_Logout_Response(settings, message)
@@ -179,8 +169,8 @@ def testIsInValidRequestId(self):
         settings.set_strict(True)
         response_2 = OneLogin_Saml2_Logout_Response(settings, message)
         self.assertFalse(response_2.is_valid(request_data, request_id))
-        self.assertIn('The InResponseTo of the Logout Response:', response_2.get_error())
-        with self.assertRaisesRegex(Exception, 'The InResponseTo of the Logout Response:'):
+        self.assertIn("The InResponseTo of the Logout Response:", response_2.get_error())
+        with self.assertRaisesRegex(Exception, "The InResponseTo of the Logout Response:"):
             response_2.is_valid(request_data, request_id, raise_exceptions=True)
 
     def testIsInValidIssuer(self):
@@ -188,18 +178,14 @@ def testIsInValidIssuer(self):
         Tests the is_valid method of the OneLogin_Saml2_LogoutResponse
         Case invalid Issuer
         """
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html',
-            'get_data': {}
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html", "get_data": {}}
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
 
         plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
-        plain_message = plain_message.replace('http://idp.example.com/', 'http://invalid.issuer.example.com')
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
+        plain_message = plain_message.replace("http://idp.example.com/", "http://invalid.issuer.example.com")
         message = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
 
         settings.set_strict(False)
@@ -208,7 +194,7 @@ def testIsInValidIssuer(self):
 
         settings.set_strict(True)
         response_2 = OneLogin_Saml2_Logout_Response(settings, message)
-        with self.assertRaisesRegex(Exception, 'Invalid issuer in the Logout Response'):
+        with self.assertRaisesRegex(Exception, "Invalid issuer in the Logout Response"):
             response_2.is_valid(request_data, raise_exceptions=True)
 
     def testIsInValidDestination(self):
@@ -216,13 +202,9 @@ def testIsInValidDestination(self):
         Tests the is_valid method of the OneLogin_Saml2_LogoutResponse
         Case invalid Destination
         """
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html',
-            'get_data': {}
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html", "get_data": {}}
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
 
         settings.set_strict(False)
         response = OneLogin_Saml2_Logout_Response(settings, message)
@@ -230,19 +212,19 @@ def testIsInValidDestination(self):
 
         settings.set_strict(True)
         response_2 = OneLogin_Saml2_Logout_Response(settings, message)
-        with self.assertRaisesRegex(Exception, 'The LogoutResponse was received at'):
+        with self.assertRaisesRegex(Exception, "The LogoutResponse was received at"):
             response_2.is_valid(request_data, raise_exceptions=True)
 
         # Empty destination
         dom = parseString(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
-        dom.firstChild.setAttribute('Destination', '')
+        dom.firstChild.setAttribute("Destination", "")
         xml = dom.toxml()
         message_3 = OneLogin_Saml2_Utils.deflate_and_base64_encode(xml)
         response_3 = OneLogin_Saml2_Logout_Response(settings, message_3)
         self.assertTrue(response_3.is_valid(request_data))
 
         # No destination
-        dom.firstChild.removeAttribute('Destination')
+        dom.firstChild.removeAttribute("Destination")
         xml = dom.toxml()
         message_4 = OneLogin_Saml2_Utils.deflate_and_base64_encode(xml)
         response_4 = OneLogin_Saml2_Logout_Response(settings, message_4)
@@ -252,65 +234,102 @@ def testIsValid(self):
         """
         Tests the is_valid method of the OneLogin_Saml2_LogoutResponse
         """
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html',
-            'get_data': {}
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html", "get_data": {}}
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
 
         response = OneLogin_Saml2_Logout_Response(settings, message)
         self.assertTrue(response.is_valid(request_data))
 
         settings.set_strict(True)
         response_2 = OneLogin_Saml2_Logout_Response(settings, message)
-        with self.assertRaisesRegex(Exception, 'The LogoutResponse was received at'):
+        with self.assertRaisesRegex(Exception, "The LogoutResponse was received at"):
             response_2.is_valid(request_data, raise_exceptions=True)
 
         plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         message_3 = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
 
         response_3 = OneLogin_Saml2_Logout_Response(settings, message_3)
         self.assertTrue(response_3.is_valid(request_data))
 
+    def testIsValidWithCapitalization(self):
+        """
+        Tests the is_valid method of the OneLogin_Saml2_LogoutResponse
+        """
+        request_data = {"http_host": "exaMPLe.com", "script_name": "index.html", "get_data": {}}
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
+
+        response = OneLogin_Saml2_Logout_Response(settings, message)
+        self.assertTrue(response.is_valid(request_data))
+
+        settings.set_strict(True)
+        response_2 = OneLogin_Saml2_Logout_Response(settings, message)
+        with self.assertRaisesRegex(Exception, "The LogoutResponse was received at"):
+            response_2.is_valid(request_data, raise_exceptions=True)
+
+        plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
+
+        current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data).lower()
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
+        message_3 = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
+
+        response_3 = OneLogin_Saml2_Logout_Response(settings, message_3)
+        self.assertTrue(response_3.is_valid(request_data))
+
+    def testIsInValidWithCapitalization(self):
+        """
+        Tests the is_valid method of the OneLogin_Saml2_LogoutResponse
+        """
+        request_data = {"http_host": "example.com", "script_name": "INdex.html", "get_data": {}}
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_deflated.xml.base64"))
+
+        response = OneLogin_Saml2_Logout_Response(settings, message)
+        self.assertTrue(response.is_valid(request_data))
+
+        settings.set_strict(True)
+        response_2 = OneLogin_Saml2_Logout_Response(settings, message)
+        with self.assertRaisesRegex(Exception, "The LogoutResponse was received at"):
+            response_2.is_valid(request_data, raise_exceptions=True)
+
+        plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
+        current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data).lower()
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
+        message_3 = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
+
+        response_3 = OneLogin_Saml2_Logout_Response(settings, message_3)
+        self.assertFalse(response_3.is_valid(request_data))
+
     def testIsValidWithXMLEncoding(self):
         """
         Tests the is_valid method of the OneLogin_Saml2_LogoutResponse
         """
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html',
-            'get_data': {}
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html", "get_data": {}}
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_with_encoding_deflated.xml.base64'))
+        message = self.file_contents(join(self.data_path, "logout_responses", "logout_response_with_encoding_deflated.xml.base64"))
 
         response = OneLogin_Saml2_Logout_Response(settings, message)
         self.assertTrue(response.is_valid(request_data))
 
         settings.set_strict(True)
         response_2 = OneLogin_Saml2_Logout_Response(settings, message)
-        with self.assertRaisesRegex(Exception, 'The LogoutResponse was received at'):
+        with self.assertRaisesRegex(Exception, "The LogoutResponse was received at"):
             response_2.is_valid(request_data, raise_exceptions=True)
 
         plain_message = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(message))
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/sls.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/sls.php", current_url)
         message_3 = OneLogin_Saml2_Utils.deflate_and_base64_encode(plain_message)
 
         response_3 = OneLogin_Saml2_Logout_Response(settings, message_3)
         self.assertTrue(response_3.is_valid(request_data))
 
     def testIsValidRaisesExceptionWhenRaisesArgumentIsTrue(self):
-        message = OneLogin_Saml2_Utils.deflate_and_base64_encode('<xml>invalid</xml>')
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html',
-            'get_data': {}
-        }
+        message = OneLogin_Saml2_Utils.deflate_and_base64_encode("<xml>invalid</xml>")
+        request_data = {"http_host": "example.com", "script_name": "index.html", "get_data": {}}
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
         settings.set_strict(True)
 
@@ -326,7 +345,7 @@ def testGetXML(self):
         Tests that we can get the logout response XML directly without
         going through intermediate steps
         """
-        response = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response.xml'))
+        response = self.file_contents(join(self.data_path, "logout_responses", "logout_response.xml"))
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
 
         logout_response_generated = OneLogin_Saml2_Logout_Response(settings)
@@ -334,13 +353,29 @@ def testGetXML(self):
         expectedFragment = (
             'Destination="http://idp.example.com/SingleLogoutService.php"\n'
             '  InResponseTo="InResponseValue">\n'
-            '    <saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer>\n'
-            '    <samlp:Status>\n'
+            "    <saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer>\n"
+            "    <samlp:Status>\n"
             '        <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />\n'
-            '    </samlp:Status>\n'
-            '</samlp:LogoutResponse>'
+            "    </samlp:Status>\n"
+            "</samlp:LogoutResponse>"
         )
         self.assertIn(expectedFragment, logout_response_generated.get_xml())
 
         logout_response_processed = OneLogin_Saml2_Logout_Response(settings, OneLogin_Saml2_Utils.deflate_and_base64_encode(response))
         self.assertEqual(response, logout_response_processed.get_xml())
+
+    def testBuildWithStatus(self):
+        """
+        Tests the build method when called specifying a non-default status for the LogoutResponse.
+        """
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
+
+        response_builder = OneLogin_Saml2_Logout_Response(settings)
+        response_builder.build("InResponseValue", status=OneLogin_Saml2_Constants.STATUS_REQUESTER)
+        generated_encoded_response = response_builder.get_response()
+
+        # Parse and verify the status of the response, as the receiver will do:
+        parsed_response = OneLogin_Saml2_Logout_Response(settings, generated_encoded_response)
+        expectedFragment = "    <samlp:Status>\n" '        <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Requester" />\n' "    </samlp:Status>\n"
+        self.assertIn(expectedFragment, parsed_response.get_xml())
+        self.assertEqual(parsed_response.get_status(), OneLogin_Saml2_Constants.STATUS_REQUESTER)
diff --git a/tests/src/OneLogin/saml2_tests/metadata_test.py b/tests/src/OneLogin/saml2_tests/metadata_test.py
index 58afb5b9..71468542 100644
--- a/tests/src/OneLogin/saml2_tests/metadata_test.py
+++ b/tests/src/OneLogin/saml2_tests/metadata_test.py
@@ -1,12 +1,10 @@
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2010-2018 OneLogin, Inc.
-# MIT License
 
 import json
 from os.path import dirname, join, exists
 from time import strftime
-from datetime import datetime
+from datetime import datetime, timezone
 import unittest
 
 from onelogin.saml2 import compat
@@ -18,18 +16,18 @@
 
 
 class OneLogin_Saml2_Metadata_Test(unittest.TestCase):
-    def loadSettingsJSON(self, filename='settings1.json'):
-        filename = join(dirname(__file__), '..', '..', '..', 'settings', filename)
+    def loadSettingsJSON(self, filename="settings1.json"):
+        filename = join(dirname(__file__), "..", "..", "..", "settings", filename)
         if exists(filename):
-            stream = open(filename, 'r')
+            stream = open(filename, "r")
             settings = json.load(stream)
             stream.close()
             return settings
         else:
-            raise Exception('Settings json file does not exist')
+            raise Exception("Settings json file does not exist")
 
     def file_contents(self, filename):
-        f = open(filename, 'r')
+        f = open(filename, "r")
         content = f.read()
         f.close()
         return content
@@ -44,15 +42,11 @@ def testBuilder(self):
         organization = settings.get_organization()
         contacts = settings.get_contacts()
 
-        metadata = OneLogin_Saml2_Metadata.builder(
-            sp_data, security['authnRequestsSigned'],
-            security['wantAssertionsSigned'], None, None, contacts,
-            organization
-        )
+        metadata = OneLogin_Saml2_Metadata.builder(sp_data, security["authnRequestsSigned"], security["wantAssertionsSigned"], None, None, contacts, organization)
 
         self.assertIsNotNone(metadata)
 
-        self.assertIn('<md:SPSSODescriptor', metadata)
+        self.assertIn("<md:SPSSODescriptor", metadata)
         self.assertIn('entityID="http://stuff.com/endpoints/metadata.php"', metadata)
         self.assertIn('AuthnRequestsSigned="false"', metadata)
         self.assertIn('WantAssertionsSigned="false"', metadata)
@@ -62,23 +56,20 @@ def testBuilder(self):
         self.assertIn('<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"', metadata)
         self.assertIn('Location="http://stuff.com/endpoints/endpoints/sls.php"', metadata)
 
-        self.assertIn('<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>', metadata)
+        self.assertIn("<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>", metadata)
 
         self.assertIn('<md:OrganizationName xml:lang="en-US">sp_test</md:OrganizationName>', metadata)
         self.assertIn('<md:ContactPerson contactType="technical">', metadata)
-        self.assertIn('<md:GivenName>technical_name</md:GivenName>', metadata)
+        self.assertIn("<md:GivenName>technical_name</md:GivenName>", metadata)
 
-        security['authnRequestsSigned'] = True
-        security['wantAssertionsSigned'] = True
-        del sp_data['singleLogoutService']['url']
+        security["authnRequestsSigned"] = True
+        security["wantAssertionsSigned"] = True
+        del sp_data["singleLogoutService"]["url"]
 
-        metadata2 = OneLogin_Saml2_Metadata.builder(
-            sp_data, security['authnRequestsSigned'],
-            security['wantAssertionsSigned']
-        )
+        metadata2 = OneLogin_Saml2_Metadata.builder(sp_data, security["authnRequestsSigned"], security["wantAssertionsSigned"])
 
         self.assertIsNotNone(metadata2)
-        self.assertIn('<md:SPSSODescriptor', metadata2)
+        self.assertIn("<md:SPSSODescriptor", metadata2)
 
         self.assertIn('AuthnRequestsSigned="true"', metadata2)
         self.assertIn('WantAssertionsSigned="true"', metadata2)
@@ -86,75 +77,44 @@ def testBuilder(self):
         self.assertNotIn('<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"', metadata2)
         self.assertNotIn(' Location="http://stuff.com/endpoints/endpoints/sls.php"/>', metadata2)
 
-        metadata3 = OneLogin_Saml2_Metadata.builder(
-            sp_data, security['authnRequestsSigned'],
-            security['wantAssertionsSigned'],
-            '2014-10-01T11:04:29Z',
-            'P1Y',
-            contacts,
-            organization
-        )
+        metadata3 = OneLogin_Saml2_Metadata.builder(sp_data, security["authnRequestsSigned"], security["wantAssertionsSigned"], "2014-10-01T11:04:29Z", "P1Y", contacts, organization)
         self.assertIsNotNone(metadata3)
-        self.assertIn('<md:SPSSODescriptor', metadata3)
+        self.assertIn("<md:SPSSODescriptor", metadata3)
         self.assertIn('cacheDuration="P1Y"', metadata3)
         self.assertIn('validUntil="2014-10-01T11:04:29Z"', metadata3)
 
         # Test no validUntil, only cacheDuration:
-        metadata4 = OneLogin_Saml2_Metadata.builder(
-            sp_data, security['authnRequestsSigned'],
-            security['wantAssertionsSigned'],
-            '',
-            86400 * 10,  # 10 days
-            contacts,
-            organization
-        )
+        metadata4 = OneLogin_Saml2_Metadata.builder(sp_data, security["authnRequestsSigned"], security["wantAssertionsSigned"], "", 86400 * 10, contacts, organization)  # 10 days
         self.assertIsNotNone(metadata4)
-        self.assertIn('<md:SPSSODescriptor', metadata4)
+        self.assertIn("<md:SPSSODescriptor", metadata4)
         self.assertIn('cacheDuration="PT864000S"', metadata4)
-        self.assertNotIn('validUntil', metadata4)
+        self.assertNotIn("validUntil", metadata4)
 
         # Test no cacheDuration, only validUntil:
-        metadata5 = OneLogin_Saml2_Metadata.builder(
-            sp_data, security['authnRequestsSigned'],
-            security['wantAssertionsSigned'],
-            '2014-10-01T11:04:29Z',
-            '',
-            contacts,
-            organization
-        )
+        metadata5 = OneLogin_Saml2_Metadata.builder(sp_data, security["authnRequestsSigned"], security["wantAssertionsSigned"], "2014-10-01T11:04:29Z", "", contacts, organization)
         self.assertIsNotNone(metadata5)
-        self.assertIn('<md:SPSSODescriptor', metadata5)
-        self.assertNotIn('cacheDuration', metadata5)
+        self.assertIn("<md:SPSSODescriptor", metadata5)
+        self.assertNotIn("cacheDuration", metadata5)
         self.assertIn('validUntil="2014-10-01T11:04:29Z"', metadata5)
 
-        datetime_value = datetime.now()
-        metadata6 = OneLogin_Saml2_Metadata.builder(
-            sp_data, security['authnRequestsSigned'],
-            security['wantAssertionsSigned'],
-            datetime_value,
-            'P1Y',
-            contacts,
-            organization
-        )
+        datetime_value = datetime.now(timezone.utc)
+        metadata6 = OneLogin_Saml2_Metadata.builder(sp_data, security["authnRequestsSigned"], security["wantAssertionsSigned"], datetime_value, "P1Y", contacts, organization)
         self.assertIsNotNone(metadata5)
-        self.assertIn('<md:SPSSODescriptor', metadata6)
+        self.assertIn("<md:SPSSODescriptor", metadata6)
         self.assertIn('cacheDuration="P1Y"', metadata6)
-        parsed_datetime = strftime(r'%Y-%m-%dT%H:%M:%SZ', datetime_value.timetuple())
+        parsed_datetime = strftime(r"%Y-%m-%dT%H:%M:%SZ", datetime_value.timetuple())
         self.assertIn('validUntil="%s"' % parsed_datetime, metadata6)
 
     def testBuilderAttributeConsumingService(self):
-        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON('settings4.json'))
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON("settings4.json"))
         sp_data = settings.get_sp_data()
         security = settings.get_security_data()
         organization = settings.get_organization()
         contacts = settings.get_contacts()
 
-        metadata = OneLogin_Saml2_Metadata.builder(
-            sp_data, security['authnRequestsSigned'],
-            security['wantAssertionsSigned'], None, None, contacts,
-            organization
-        )
-        self.assertIn("""        <md:AttributeConsumingService index="1">
+        metadata = OneLogin_Saml2_Metadata.builder(sp_data, security["authnRequestsSigned"], security["wantAssertionsSigned"], None, None, contacts, organization)
+        self.assertIn(
+            """        <md:AttributeConsumingService index="1">
             <md:ServiceName xml:lang="en">Test Service</md:ServiceName>
             <md:ServiceDescription xml:lang="en">Test Service</md:ServiceDescription>
             <md:RequestedAttribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName" />
@@ -162,21 +122,20 @@ def testBuilderAttributeConsumingService(self):
             <md:RequestedAttribute Name="urn:oid:2.16.840.1.113730.3.1.241" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="displayName" />
             <md:RequestedAttribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail" />
             <md:RequestedAttribute Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="uid" />
-        </md:AttributeConsumingService>""", metadata)
+        </md:AttributeConsumingService>""",
+            metadata,
+        )
 
     def testBuilderAttributeConsumingServiceWithMultipleAttributeValue(self):
-        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON('settings5.json'))
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON("settings5.json"))
         sp_data = settings.get_sp_data()
         security = settings.get_security_data()
         organization = settings.get_organization()
         contacts = settings.get_contacts()
 
-        metadata = OneLogin_Saml2_Metadata.builder(
-            sp_data, security['authnRequestsSigned'],
-            security['wantAssertionsSigned'], None, None, contacts,
-            organization
-        )
-        self.assertIn("""        <md:AttributeConsumingService index="1">
+        metadata = OneLogin_Saml2_Metadata.builder(sp_data, security["authnRequestsSigned"], security["wantAssertionsSigned"], None, None, contacts, organization)
+        self.assertIn(
+            """        <md:AttributeConsumingService index="1">
             <md:ServiceName xml:lang="en">Test Service</md:ServiceName>
             <md:ServiceDescription xml:lang="en">Test Service</md:ServiceDescription>
             <md:RequestedAttribute Name="userType" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
@@ -184,7 +143,9 @@ def testBuilderAttributeConsumingServiceWithMultipleAttributeValue(self):
                 <saml:AttributeValue xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">admin</saml:AttributeValue>
             </md:RequestedAttribute>
             <md:RequestedAttribute Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="uid" />
-        </md:AttributeConsumingService>""", metadata)
+        </md:AttributeConsumingService>""",
+            metadata,
+        )
 
     def testSignMetadata(self):
         """
@@ -194,21 +155,18 @@ def testSignMetadata(self):
         sp_data = settings.get_sp_data()
         security = settings.get_security_data()
 
-        metadata = OneLogin_Saml2_Metadata.builder(
-            sp_data, security['authnRequestsSigned'],
-            security['wantAssertionsSigned']
-        )
+        metadata = OneLogin_Saml2_Metadata.builder(sp_data, security["authnRequestsSigned"], security["wantAssertionsSigned"])
 
         self.assertIsNotNone(metadata)
 
         cert_path = settings.get_cert_path()
-        key = self.file_contents(join(cert_path, 'sp.key'))
-        cert = self.file_contents(join(cert_path, 'sp.crt'))
+        key = self.file_contents(join(cert_path, "sp.key"))
+        cert = self.file_contents(join(cert_path, "sp.crt"))
 
         signed_metadata = compat.to_string(OneLogin_Saml2_Metadata.sign_metadata(metadata, key, cert))
         self.assertTrue(OneLogin_Saml2_Utils.validate_metadata_sign(signed_metadata, cert))
 
-        self.assertIn('<md:SPSSODescriptor', signed_metadata)
+        self.assertIn("<md:SPSSODescriptor", signed_metadata)
         self.assertIn('entityID="http://stuff.com/endpoints/metadata.php"', signed_metadata)
         self.assertIn('ID="ONELOGIN_', signed_metadata)
         self.assertIn('AuthnRequestsSigned="false"', signed_metadata)
@@ -219,23 +177,23 @@ def testSignMetadata(self):
         self.assertIn('<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"', signed_metadata)
         self.assertIn(' Location="http://stuff.com/endpoints/endpoints/sls.php"/>', signed_metadata)
 
-        self.assertIn('<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>', signed_metadata)
+        self.assertIn("<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>", signed_metadata)
 
         self.assertIn('<ds:SignedInfo>\n<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>', signed_metadata)
-        self.assertIn('<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>', signed_metadata)
-        self.assertIn('<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>', signed_metadata)
-        self.assertIn('<ds:Reference', signed_metadata)
-        self.assertIn('<ds:KeyInfo>\n<ds:X509Data>\n<ds:X509Certificate>', signed_metadata)
+        self.assertIn('<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>', signed_metadata)
+        self.assertIn('<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>', signed_metadata)
+        self.assertIn("<ds:Reference", signed_metadata)
+        self.assertIn("<ds:KeyInfo>\n<ds:X509Data>\n<ds:X509Certificate>", signed_metadata)
 
         with self.assertRaises(Exception) as context:
-            OneLogin_Saml2_Metadata.sign_metadata('', key, cert)
+            OneLogin_Saml2_Metadata.sign_metadata("", key, cert)
             exception = context.exception
             self.assertIn("Empty string supplied as input", str(exception))
 
         signed_metadata_2 = compat.to_string(OneLogin_Saml2_Metadata.sign_metadata(metadata, key, cert, OneLogin_Saml2_Constants.RSA_SHA256, OneLogin_Saml2_Constants.SHA384))
         self.assertTrue(OneLogin_Saml2_Utils.validate_metadata_sign(signed_metadata_2, cert))
 
-        self.assertIn('<md:SPSSODescriptor', signed_metadata_2)
+        self.assertIn("<md:SPSSODescriptor", signed_metadata_2)
         self.assertIn('entityID="http://stuff.com/endpoints/metadata.php"', signed_metadata_2)
         self.assertIn('ID="ONELOGIN_', signed_metadata_2)
         self.assertIn('AuthnRequestsSigned="false"', signed_metadata_2)
@@ -246,17 +204,17 @@ def testSignMetadata(self):
         self.assertIn('<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"', signed_metadata_2)
         self.assertIn(' Location="http://stuff.com/endpoints/endpoints/sls.php"/>', signed_metadata_2)
 
-        self.assertIn('<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>', signed_metadata_2)
+        self.assertIn("<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>", signed_metadata_2)
 
         self.assertIn('<ds:SignedInfo>\n<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>', signed_metadata_2)
         self.assertIn('<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>', signed_metadata_2)
         self.assertIn('<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>', signed_metadata_2)
-        self.assertIn('<ds:Reference', signed_metadata_2)
-        self.assertIn('<ds:KeyInfo>\n<ds:X509Data>\n<ds:X509Certificate>', signed_metadata_2)
+        self.assertIn("<ds:Reference", signed_metadata_2)
+        self.assertIn("<ds:KeyInfo>\n<ds:X509Data>\n<ds:X509Certificate>", signed_metadata_2)
 
         root = OneLogin_Saml2_XML.to_etree(signed_metadata_2)
-        first_child = OneLogin_Saml2_XML.query(root, '/md:EntityDescriptor/*[1]')[0]
-        self.assertEqual('{http://www.w3.org/2000/09/xmldsig#}Signature', first_child.tag)
+        first_child = OneLogin_Saml2_XML.query(root, "/md:EntityDescriptor/*[1]")[0]
+        self.assertEqual("{http://www.w3.org/2000/09/xmldsig#}Signature", first_child.tag)
 
     def testAddX509KeyDescriptors(self):
         """
@@ -273,24 +231,24 @@ def testAddX509KeyDescriptors(self):
         self.assertNotIn('<md:KeyDescriptor use="signing"', metadata_without_descriptors)
         self.assertNotIn('<md:KeyDescriptor use="encryption"', metadata_without_descriptors)
 
-        metadata_without_descriptors = OneLogin_Saml2_Metadata.add_x509_key_descriptors(metadata, '')
+        metadata_without_descriptors = OneLogin_Saml2_Metadata.add_x509_key_descriptors(metadata, "")
         self.assertNotIn('<md:KeyDescriptor use="signing"', metadata_without_descriptors)
         self.assertNotIn('<md:KeyDescriptor use="encryption"', metadata_without_descriptors)
 
         cert_path = settings.get_cert_path()
-        cert = self.file_contents(join(cert_path, 'sp.crt'))
+        cert = self.file_contents(join(cert_path, "sp.crt"))
 
         metadata_with_descriptors = compat.to_string(OneLogin_Saml2_Metadata.add_x509_key_descriptors(metadata, cert))
         self.assertIn('<md:KeyDescriptor use="signing"', metadata_with_descriptors)
         self.assertIn('<md:KeyDescriptor use="encryption"', metadata_with_descriptors)
 
         with self.assertRaises(Exception) as context:
-            OneLogin_Saml2_Metadata.add_x509_key_descriptors('', cert)
+            OneLogin_Saml2_Metadata.add_x509_key_descriptors("", cert)
             exception = context.exception
             self.assertIn("Error parsing metadata", str(exception))
 
         base_path = dirname(dirname(dirname(dirname(__file__))))
-        unparsed_metadata = self.file_contents(join(base_path, 'data', 'metadata', 'unparsed_metadata.xml'))
+        unparsed_metadata = self.file_contents(join(base_path, "data", "metadata", "unparsed_metadata.xml"))
 
         with self.assertRaises(Exception) as context:
             OneLogin_Saml2_Metadata.add_x509_key_descriptors(unparsed_metadata, cert)
diff --git a/tests/src/OneLogin/saml2_tests/response_test.py b/tests/src/OneLogin/saml2_tests/response_test.py
index 3ce359d9..6249258b 100644
--- a/tests/src/OneLogin/saml2_tests/response_test.py
+++ b/tests/src/OneLogin/saml2_tests/response_test.py
@@ -1,66 +1,70 @@
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2010-2018 OneLogin, Inc.
-# MIT License
 
 from base64 import b64decode
+
 from lxml import etree
-from datetime import datetime
-from datetime import timedelta
-from freezegun import freeze_time
 import json
+import sys
 from os.path import dirname, join, exists
 import unittest
 from xml.dom.minidom import parseString
 
 from onelogin.saml2 import compat
+from onelogin.saml2.errors import OneLogin_Saml2_ValidationError
 from onelogin.saml2.response import OneLogin_Saml2_Response
 from onelogin.saml2.settings import OneLogin_Saml2_Settings
 from onelogin.saml2.utils import OneLogin_Saml2_Utils
 
 
 class OneLogin_Saml2_Response_Test(unittest.TestCase):
-    data_path = join(dirname(dirname(dirname(dirname(__file__)))), 'data')
-    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), 'settings')
+    data_path = join(dirname(dirname(dirname(dirname(__file__)))), "data")
+    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), "settings")
 
     # assertRaisesRegexp deprecated on python3
     def assertRaisesRegex(self, exception, regexp, msg=None):
-        if hasattr(unittest.TestCase, 'assertRaisesRegex'):
+        if hasattr(unittest.TestCase, "assertRaisesRegex"):
             return super(OneLogin_Saml2_Response_Test, self).assertRaisesRegex(exception, regexp, msg=msg)
         else:
             return self.assertRaisesRegexp(exception, regexp)
 
-    def loadSettingsJSON(self, name='settings1.json'):
+    def loadSettingsJSON(self, name="settings1.json"):
         filename = join(self.settings_path, name)
         if exists(filename):
-            stream = open(filename, 'r')
+            stream = open(filename, "r")
             settings = json.load(stream)
             stream.close()
             return settings
 
     def file_contents(self, filename):
-        f = open(filename, 'r')
+        f = open(filename, "r")
         content = f.read()
         f.close()
         return content
 
     def get_request_data(self):
-        return {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
+        return {"http_host": "example.com", "script_name": "index.html"}
+
+    def get_request_data_domain_capitalized(self):
+        return {"http_host": "StuFF.Com", "script_name": "endpoints/endpoints/acs.php"}
+
+    def get_request_data_path_capitalized(self):
+        return {"http_host": "stuff.com", "script_name": "Endpoints/endPoints/acs.php"}
+
+    def get_request_data_both_capitalized(self):
+        return {"http_host": "StuFF.Com", "script_name": "Endpoints/endPoints/aCs.php"}
 
     def testConstruct(self):
         """
         Tests the OneLogin_Saml2_Response Constructor.
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
 
         self.assertIsInstance(response, OneLogin_Saml2_Response)
 
-        xml_enc = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_enc = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_enc = OneLogin_Saml2_Response(settings, xml_enc)
 
         self.assertIsInstance(response_enc, OneLogin_Saml2_Response)
@@ -73,119 +77,119 @@ def testGetXMLDocument(self):
         json_settings = self.loadSettingsJSON()
         settings = OneLogin_Saml2_Settings(json_settings)
 
-        xml = self.file_contents(join(self.data_path, 'responses', 'signed_message_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "signed_message_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        pretty_xml = self.file_contents(join(self.data_path, 'responses', 'pretty_signed_message_response.xml'))
-        self.assertEqual(etree.tostring(response.get_xml_document(), encoding='unicode', pretty_print=True), pretty_xml)
+        pretty_xml = self.file_contents(join(self.data_path, "responses", "pretty_signed_message_response.xml"))
+        self.assertEqual(etree.tostring(response.get_xml_document(), encoding="unicode", pretty_print=True), pretty_xml)
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
-        decrypted = self.file_contents(join(self.data_path, 'responses', 'decrypted_valid_encrypted_assertion.xml'))
-        self.assertEqual(etree.tostring(response_2.get_xml_document(), encoding='unicode'), decrypted)
+        decrypted = self.file_contents(join(self.data_path, "responses", "decrypted_valid_encrypted_assertion.xml"))
+        self.assertEqual(etree.tostring(response_2.get_xml_document(), encoding="unicode"), decrypted)
 
     def testReturnNameId(self):
         """
         Tests the get_nameid method of the OneLogin_Saml2_Response
         """
         json_settings = self.loadSettingsJSON()
-        json_settings['strict'] = False
+        json_settings["strict"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        self.assertEqual('support@onelogin.com', response.get_nameid())
+        self.assertEqual("support@onelogin.com", response.get_nameid())
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'response_encrypted_nameid.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "response_encrypted_nameid.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
-        self.assertEqual('2de11defd199f8d5bb63f9b7deb265ba5c675c10', response_2.get_nameid())
+        self.assertEqual("2de11defd199f8d5bb63f9b7deb265ba5c675c10", response_2.get_nameid())
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
-        self.assertEqual('_68392312d490db6d355555cfbbd8ec95d746516f60', response_3.get_nameid())
+        self.assertEqual("_68392312d490db6d355555cfbbd8ec95d746516f60", response_3.get_nameid())
 
-        json_settings['strict'] = True
-        json_settings['security']['wantNameId'] = True
+        json_settings["strict"] = True
+        json_settings["security"]["wantNameId"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
 
-        xml_4 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_nameid.xml.base64'))
+        xml_4 = self.file_contents(join(self.data_path, "responses", "invalids", "no_nameid.xml.base64"))
         response_4 = OneLogin_Saml2_Response(settings, xml_4)
-        with self.assertRaisesRegex(Exception, 'NameID not found in the assertion of the Response'):
+        with self.assertRaisesRegex(Exception, "NameID not found in the assertion of the Response"):
             response_4.get_nameid()
 
-        json_settings['security']['wantNameId'] = False
+        json_settings["security"]["wantNameId"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
         response_5 = OneLogin_Saml2_Response(settings, xml_4)
         self.assertIsNone(response_5.get_nameid())
 
-        json_settings['strict'] = False
-        json_settings['security']['wantNameId'] = False
+        json_settings["strict"] = False
+        json_settings["security"]["wantNameId"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
         response_6 = OneLogin_Saml2_Response(settings, xml_4)
         self.assertIsNone(response_6.get_nameid())
 
-        json_settings['security']['wantNameId'] = True
+        json_settings["security"]["wantNameId"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
         response_7 = OneLogin_Saml2_Response(settings, xml_4)
         self.assertIsNone(response_7.get_nameid())
 
-        del json_settings['security']['wantNameId']
+        del json_settings["security"]["wantNameId"]
         settings = OneLogin_Saml2_Settings(json_settings)
         response_8 = OneLogin_Saml2_Response(settings, xml_4)
         self.assertIsNone(response_8.get_nameid())
 
-        json_settings['strict'] = True
+        json_settings["strict"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
         response_9 = OneLogin_Saml2_Response(settings, xml_4)
-        with self.assertRaisesRegex(Exception, 'NameID not found in the assertion of the Response'):
+        with self.assertRaisesRegex(Exception, "NameID not found in the assertion of the Response"):
             response_9.get_nameid()
 
-        json_settings['strict'] = False
+        json_settings["strict"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'wrong_spnamequalifier.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "invalids", "wrong_spnamequalifier.xml.base64"))
         response_10 = OneLogin_Saml2_Response(settings, xml_5)
-        self.assertEqual('test@example.com', response_10.get_nameid())
+        self.assertEqual("test@example.com", response_10.get_nameid())
 
-        json_settings['strict'] = True
+        json_settings["strict"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
 
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'wrong_spnamequalifier.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "invalids", "wrong_spnamequalifier.xml.base64"))
         response_11 = OneLogin_Saml2_Response(settings, xml_5)
-        with self.assertRaisesRegex(Exception, 'The SPNameQualifier value mistmatch the SP entityID value.'):
+        with self.assertRaisesRegex(Exception, "The SPNameQualifier value mistmatch the SP entityID value."):
             response_11.get_nameid()
 
-        json_settings['strict'] = True
-        json_settings['security']['wantNameId'] = True
+        json_settings["strict"] = True
+        json_settings["security"]["wantNameId"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
 
-        xml_6 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'empty_nameid.xml.base64'))
+        xml_6 = self.file_contents(join(self.data_path, "responses", "invalids", "empty_nameid.xml.base64"))
         response_12 = OneLogin_Saml2_Response(settings, xml_6)
-        with self.assertRaisesRegex(Exception, 'An empty NameID value found'):
+        with self.assertRaisesRegex(Exception, "An empty NameID value found"):
             response_12.get_nameid()
 
-        json_settings['security']['wantNameId'] = False
+        json_settings["security"]["wantNameId"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
         response_13 = OneLogin_Saml2_Response(settings, xml_6)
         self.assertIsNone(response_13.get_nameid())
 
-        json_settings['strict'] = False
-        json_settings['security']['wantNameId'] = False
+        json_settings["strict"] = False
+        json_settings["security"]["wantNameId"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
         response_14 = OneLogin_Saml2_Response(settings, xml_6)
         self.assertIsNone(response_14.get_nameid())
 
-        json_settings['security']['wantNameId'] = True
+        json_settings["security"]["wantNameId"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
         response_15 = OneLogin_Saml2_Response(settings, xml_6)
         self.assertIsNone(response_15.get_nameid())
 
-        del json_settings['security']['wantNameId']
+        del json_settings["security"]["wantNameId"]
         settings = OneLogin_Saml2_Settings(json_settings)
         response_16 = OneLogin_Saml2_Response(settings, xml_6)
         self.assertIsNone(response_16.get_nameid())
 
-        json_settings['strict'] = True
+        json_settings["strict"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
         response_17 = OneLogin_Saml2_Response(settings, xml_6)
-        with self.assertRaisesRegex(Exception, 'An empty NameID value found'):
+        with self.assertRaisesRegex(Exception, "An empty NameID value found"):
             response_17.get_nameid()
 
     def testReturnNameIdFormat(self):
@@ -193,104 +197,104 @@ def testReturnNameIdFormat(self):
         Tests the get_nameid_format method of the OneLogin_Saml2_Response
         """
         json_settings = self.loadSettingsJSON()
-        json_settings['strict'] = False
+        json_settings["strict"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        self.assertEqual('urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', response.get_nameid_format())
+        self.assertEqual("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", response.get_nameid_format())
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'response_encrypted_nameid.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "response_encrypted_nameid.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
-        self.assertEqual('urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified', response_2.get_nameid_format())
+        self.assertEqual("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", response_2.get_nameid_format())
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
-        self.assertEqual('urn:oasis:names:tc:SAML:2.0:nameid-format:transient', response_3.get_nameid_format())
+        self.assertEqual("urn:oasis:names:tc:SAML:2.0:nameid-format:transient", response_3.get_nameid_format())
 
-        json_settings['strict'] = True
-        json_settings['security']['wantNameId'] = True
+        json_settings["strict"] = True
+        json_settings["security"]["wantNameId"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
 
-        xml_4 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_nameid.xml.base64'))
+        xml_4 = self.file_contents(join(self.data_path, "responses", "invalids", "no_nameid.xml.base64"))
         response_4 = OneLogin_Saml2_Response(settings, xml_4)
-        with self.assertRaisesRegex(Exception, 'NameID not found in the assertion of the Response'):
+        with self.assertRaisesRegex(Exception, "NameID not found in the assertion of the Response"):
             response_4.get_nameid_format()
 
-        json_settings['security']['wantNameId'] = False
+        json_settings["security"]["wantNameId"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
         response_5 = OneLogin_Saml2_Response(settings, xml_4)
         self.assertIsNone(response_5.get_nameid_format())
 
-        json_settings['strict'] = False
-        json_settings['security']['wantNameId'] = False
+        json_settings["strict"] = False
+        json_settings["security"]["wantNameId"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
         response_6 = OneLogin_Saml2_Response(settings, xml_4)
         self.assertIsNone(response_6.get_nameid_format())
 
-        json_settings['security']['wantNameId'] = True
+        json_settings["security"]["wantNameId"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
         response_7 = OneLogin_Saml2_Response(settings, xml_4)
         self.assertIsNone(response_7.get_nameid_format())
 
-        del json_settings['security']['wantNameId']
+        del json_settings["security"]["wantNameId"]
         settings = OneLogin_Saml2_Settings(json_settings)
         response_8 = OneLogin_Saml2_Response(settings, xml_4)
         self.assertIsNone(response_8.get_nameid_format())
 
-        json_settings['strict'] = True
+        json_settings["strict"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
         response_9 = OneLogin_Saml2_Response(settings, xml_4)
-        with self.assertRaisesRegex(Exception, 'NameID not found in the assertion of the Response'):
+        with self.assertRaisesRegex(Exception, "NameID not found in the assertion of the Response"):
             response_9.get_nameid_format()
 
-        json_settings['strict'] = False
+        json_settings["strict"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'wrong_spnamequalifier.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "invalids", "wrong_spnamequalifier.xml.base64"))
         response_10 = OneLogin_Saml2_Response(settings, xml_5)
-        self.assertEqual('urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', response_10.get_nameid_format())
+        self.assertEqual("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", response_10.get_nameid_format())
 
-        json_settings['strict'] = True
+        json_settings["strict"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
 
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'wrong_spnamequalifier.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "invalids", "wrong_spnamequalifier.xml.base64"))
         response_11 = OneLogin_Saml2_Response(settings, xml_5)
-        with self.assertRaisesRegex(Exception, 'The SPNameQualifier value mistmatch the SP entityID value.'):
+        with self.assertRaisesRegex(Exception, "The SPNameQualifier value mistmatch the SP entityID value."):
             response_11.get_nameid_format()
 
-        json_settings['strict'] = True
-        json_settings['security']['wantNameId'] = True
+        json_settings["strict"] = True
+        json_settings["security"]["wantNameId"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
 
-        xml_6 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'empty_nameid.xml.base64'))
+        xml_6 = self.file_contents(join(self.data_path, "responses", "invalids", "empty_nameid.xml.base64"))
         response_12 = OneLogin_Saml2_Response(settings, xml_6)
-        with self.assertRaisesRegex(Exception, 'An empty NameID value found'):
+        with self.assertRaisesRegex(Exception, "An empty NameID value found"):
             response_12.get_nameid_format()
 
-        json_settings['security']['wantNameId'] = False
+        json_settings["security"]["wantNameId"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
         response_13 = OneLogin_Saml2_Response(settings, xml_6)
-        self.assertEqual('urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', response_13.get_nameid_format())
+        self.assertEqual("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", response_13.get_nameid_format())
 
-        json_settings['strict'] = False
-        json_settings['security']['wantNameId'] = False
+        json_settings["strict"] = False
+        json_settings["security"]["wantNameId"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
         response_14 = OneLogin_Saml2_Response(settings, xml_6)
-        self.assertEqual('urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', response_14.get_nameid_format())
+        self.assertEqual("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", response_14.get_nameid_format())
 
-        json_settings['security']['wantNameId'] = True
+        json_settings["security"]["wantNameId"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
         response_15 = OneLogin_Saml2_Response(settings, xml_6)
-        self.assertEqual('urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', response_15.get_nameid_format())
+        self.assertEqual("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", response_15.get_nameid_format())
 
-        del json_settings['security']['wantNameId']
+        del json_settings["security"]["wantNameId"]
         settings = OneLogin_Saml2_Settings(json_settings)
         response_16 = OneLogin_Saml2_Response(settings, xml_6)
-        self.assertEqual('urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', response_16.get_nameid_format())
+        self.assertEqual("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", response_16.get_nameid_format())
 
-        json_settings['strict'] = True
+        json_settings["strict"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
         response_17 = OneLogin_Saml2_Response(settings, xml_6)
-        with self.assertRaisesRegex(Exception, 'An empty NameID value found'):
+        with self.assertRaisesRegex(Exception, "An empty NameID value found"):
             response_17.get_nameid_format()
 
     def testReturnNameIdNameQualifier(self):
@@ -298,33 +302,33 @@ def testReturnNameIdNameQualifier(self):
         Tests the get_nameid_nq method of the OneLogin_Saml2_Response
         """
         json_settings = self.loadSettingsJSON()
-        json_settings['strict'] = False
+        json_settings["strict"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertIsNone(response.get_nameid_nq())
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'response_encrypted_nameid.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "response_encrypted_nameid.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
         self.assertIsNone(response_2.get_nameid_nq())
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
         self.assertIsNone(response_3.get_nameid_nq())
 
-        xml_4 = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
+        xml_4 = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
         response_4 = OneLogin_Saml2_Response(settings, xml_4)
         self.assertIsNone(response_4.get_nameid_nq())
 
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'valid_response_with_namequalifier.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "valid_response_with_namequalifier.xml.base64"))
         response_5 = OneLogin_Saml2_Response(settings, xml_5)
-        self.assertEqual('https://test.example.com/saml/metadata', response_5.get_nameid_nq())
+        self.assertEqual("https://test.example.com/saml/metadata", response_5.get_nameid_nq())
 
-        json_settings['strict'] = True
+        json_settings["strict"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
-        xml_6 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_nameid.xml.base64'))
+        xml_6 = self.file_contents(join(self.data_path, "responses", "invalids", "no_nameid.xml.base64"))
         response_6 = OneLogin_Saml2_Response(settings, xml_6)
-        with self.assertRaisesRegex(Exception, 'NameID not found in the assertion of the Response'):
+        with self.assertRaisesRegex(Exception, "NameID not found in the assertion of the Response"):
             response_6.get_nameid_nq()
 
     def testReturnNameIdNameSPQualifier(self):
@@ -332,33 +336,33 @@ def testReturnNameIdNameSPQualifier(self):
         Tests the get_nameid_spnq method of the OneLogin_Saml2_Response
         """
         json_settings = self.loadSettingsJSON()
-        json_settings['strict'] = False
+        json_settings["strict"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertIsNone(response.get_nameid_spnq())
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'response_encrypted_nameid.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "response_encrypted_nameid.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
         self.assertEqual("http://stuff.com/endpoints/metadata.php", response_2.get_nameid_spnq())
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
         self.assertEqual("http://stuff.com/endpoints/metadata.php", response_3.get_nameid_spnq())
 
-        xml_4 = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
+        xml_4 = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
         response_4 = OneLogin_Saml2_Response(settings, xml_4)
         self.assertEqual("http://stuff.com/endpoints/metadata.php", response_4.get_nameid_spnq())
 
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'valid_response_with_namequalifier.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "valid_response_with_namequalifier.xml.base64"))
         response_5 = OneLogin_Saml2_Response(settings, xml_5)
         self.assertIsNone(response_5.get_nameid_spnq())
 
-        json_settings['strict'] = True
+        json_settings["strict"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
-        xml_6 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_nameid.xml.base64'))
+        xml_6 = self.file_contents(join(self.data_path, "responses", "invalids", "no_nameid.xml.base64"))
         response_6 = OneLogin_Saml2_Response(settings, xml_6)
-        with self.assertRaisesRegex(Exception, 'NameID not found in the assertion of the Response'):
+        with self.assertRaisesRegex(Exception, "NameID not found in the assertion of the Response"):
             response_6.get_nameid_spnq()
 
     def testGetNameIdData(self):
@@ -366,140 +370,133 @@ def testGetNameIdData(self):
         Tests the get_nameid_data method of the OneLogin_Saml2_Response
         """
         json_settings = self.loadSettingsJSON()
-        json_settings['strict'] = False
+        json_settings["strict"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        expected_nameid_data = {
-            'Value': 'support@onelogin.com',
-            'Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
-        }
+        expected_nameid_data = {"Value": "support@onelogin.com", "Format": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"}
         nameid_data = response.get_nameid_data()
         self.assertEqual(expected_nameid_data, nameid_data)
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'response_encrypted_nameid.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "response_encrypted_nameid.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
         expected_nameid_data_2 = {
-            'Value': '2de11defd199f8d5bb63f9b7deb265ba5c675c10',
-            'Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
-            'SPNameQualifier': 'http://stuff.com/endpoints/metadata.php'
+            "Value": "2de11defd199f8d5bb63f9b7deb265ba5c675c10",
+            "Format": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified",
+            "SPNameQualifier": "http://stuff.com/endpoints/metadata.php",
         }
         nameid_data_2 = response_2.get_nameid_data()
         self.assertEqual(expected_nameid_data_2, nameid_data_2)
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
         expected_nameid_data_3 = {
-            'Value': '_68392312d490db6d355555cfbbd8ec95d746516f60',
-            'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
-            'SPNameQualifier': 'http://stuff.com/endpoints/metadata.php'
+            "Value": "_68392312d490db6d355555cfbbd8ec95d746516f60",
+            "Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
+            "SPNameQualifier": "http://stuff.com/endpoints/metadata.php",
         }
         nameid_data_3 = response_3.get_nameid_data()
         self.assertEqual(expected_nameid_data_3, nameid_data_3)
 
-        json_settings['strict'] = True
-        json_settings['security']['wantNameId'] = True
+        json_settings["strict"] = True
+        json_settings["security"]["wantNameId"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
 
-        xml_4 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_nameid.xml.base64'))
+        xml_4 = self.file_contents(join(self.data_path, "responses", "invalids", "no_nameid.xml.base64"))
         response_4 = OneLogin_Saml2_Response(settings, xml_4)
-        with self.assertRaisesRegex(Exception, 'NameID not found in the assertion of the Response'):
+        with self.assertRaisesRegex(Exception, "NameID not found in the assertion of the Response"):
             response_4.get_nameid_data()
 
-        json_settings['security']['wantNameId'] = False
+        json_settings["security"]["wantNameId"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
         response_5 = OneLogin_Saml2_Response(settings, xml_4)
         nameid_data_5 = response_5.get_nameid_data()
         self.assertEqual({}, nameid_data_5)
 
-        json_settings['strict'] = False
-        json_settings['security']['wantNameId'] = False
+        json_settings["strict"] = False
+        json_settings["security"]["wantNameId"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
         response_6 = OneLogin_Saml2_Response(settings, xml_4)
         nameid_data_6 = response_6.get_nameid_data()
         self.assertEqual({}, nameid_data_6)
 
-        json_settings['security']['wantNameId'] = True
+        json_settings["security"]["wantNameId"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
         response_7 = OneLogin_Saml2_Response(settings, xml_4)
         nameid_data_7 = response_7.get_nameid_data()
         self.assertEqual({}, nameid_data_7)
 
-        del json_settings['security']['wantNameId']
+        del json_settings["security"]["wantNameId"]
         settings = OneLogin_Saml2_Settings(json_settings)
         response_8 = OneLogin_Saml2_Response(settings, xml_4)
         nameid_data_8 = response_8.get_nameid_data()
         self.assertEqual({}, nameid_data_8)
 
-        json_settings['strict'] = True
+        json_settings["strict"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
         response_9 = OneLogin_Saml2_Response(settings, xml_4)
-        with self.assertRaisesRegex(Exception, 'NameID not found in the assertion of the Response'):
+        with self.assertRaisesRegex(Exception, "NameID not found in the assertion of the Response"):
             response_9.get_nameid_data()
 
-        expected_nameid_data_4 = {
-            'Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
-            'SPNameQualifier': 'wrong-sp-entityid',
-            'Value': 'test@example.com'
-        }
-        json_settings['strict'] = False
+        expected_nameid_data_4 = {"Format": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", "SPNameQualifier": "wrong-sp-entityid", "Value": "test@example.com"}
+        json_settings["strict"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'wrong_spnamequalifier.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "invalids", "wrong_spnamequalifier.xml.base64"))
         response_10 = OneLogin_Saml2_Response(settings, xml_5)
         nameid_data_10 = response_10.get_nameid_data()
         self.assertEqual(expected_nameid_data_4, nameid_data_10)
 
-        json_settings['strict'] = True
+        json_settings["strict"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
 
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'wrong_spnamequalifier.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "invalids", "wrong_spnamequalifier.xml.base64"))
         response_11 = OneLogin_Saml2_Response(settings, xml_5)
-        with self.assertRaisesRegex(Exception, 'The SPNameQualifier value mistmatch the SP entityID value.'):
+        with self.assertRaisesRegex(Exception, "The SPNameQualifier value mistmatch the SP entityID value."):
             response_11.get_nameid_data()
 
         expected_nameid_data_5 = {
-            'Value': None,
-            'Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
+            "Value": None,
+            "Format": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
         }
 
-        json_settings['strict'] = True
-        json_settings['security']['wantNameId'] = True
+        json_settings["strict"] = True
+        json_settings["security"]["wantNameId"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
 
-        xml_6 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'empty_nameid.xml.base64'))
+        xml_6 = self.file_contents(join(self.data_path, "responses", "invalids", "empty_nameid.xml.base64"))
         response_12 = OneLogin_Saml2_Response(settings, xml_6)
-        with self.assertRaisesRegex(Exception, 'An empty NameID value found'):
+        with self.assertRaisesRegex(Exception, "An empty NameID value found"):
             response_12.get_nameid_data()
 
-        json_settings['security']['wantNameId'] = False
+        json_settings["security"]["wantNameId"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
         response_13 = OneLogin_Saml2_Response(settings, xml_6)
         nameid_data_13 = response_13.get_nameid_data()
         self.assertEqual(expected_nameid_data_5, nameid_data_13)
 
-        json_settings['strict'] = False
-        json_settings['security']['wantNameId'] = False
+        json_settings["strict"] = False
+        json_settings["security"]["wantNameId"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
         response_14 = OneLogin_Saml2_Response(settings, xml_6)
         nameid_data_14 = response_14.get_nameid_data()
         self.assertEqual(expected_nameid_data_5, nameid_data_14)
 
-        json_settings['security']['wantNameId'] = True
+        json_settings["security"]["wantNameId"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
         response_15 = OneLogin_Saml2_Response(settings, xml_6)
         nameid_data_15 = response_15.get_nameid_data()
         self.assertEqual(expected_nameid_data_5, nameid_data_15)
 
-        del json_settings['security']['wantNameId']
+        del json_settings["security"]["wantNameId"]
         settings = OneLogin_Saml2_Settings(json_settings)
         response_16 = OneLogin_Saml2_Response(settings, xml_6)
         nameid_data_16 = response_16.get_nameid_data()
         self.assertEqual(expected_nameid_data_5, nameid_data_16)
 
-        json_settings['strict'] = True
+        json_settings["strict"] = True
         settings = OneLogin_Saml2_Settings(json_settings)
         response_17 = OneLogin_Saml2_Response(settings, xml_6)
-        with self.assertRaisesRegex(Exception, 'An empty NameID value found'):
+        with self.assertRaisesRegex(Exception, "An empty NameID value found"):
             response_17.get_nameid_data()
 
     def testCheckStatus(self):
@@ -507,22 +504,22 @@ def testCheckStatus(self):
         Tests the check_status method of the OneLogin_Saml2_Response
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         response.check_status()
 
-        xml_enc = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_enc = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_enc = OneLogin_Saml2_Response(settings, xml_enc)
         response_enc.check_status()
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'status_code_responder.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "invalids", "status_code_responder.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
-        with self.assertRaisesRegex(Exception, 'The status code of the Response was not Success, was Responder'):
+        with self.assertRaisesRegex(Exception, "The status code of the Response was not Success, was Responder"):
             response_2.check_status()
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'status_code_responer_and_msg.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "invalids", "status_code_responer_and_msg.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
-        with self.assertRaisesRegex(Exception, 'The status code of the Response was not Success, was Responder -> something_is_wrong'):
+        with self.assertRaisesRegex(Exception, "The status code of the Response was not Success, was Responder -> something_is_wrong"):
             response_3.check_status()
 
     def testCheckOneCondition(self):
@@ -530,7 +527,7 @@ def testCheckOneCondition(self):
         Tests the check_one_condition method of SamlResponse
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_conditions.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "no_conditions.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertFalse(response.check_one_condition())
 
@@ -538,9 +535,9 @@ def testCheckOneCondition(self):
         settings.set_strict(True)
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertFalse(response.is_valid(self.get_request_data()))
-        self.assertEqual('The Assertion must include a Conditions element', response.get_error())
+        self.assertEqual("The Assertion must include a Conditions element", response.get_error())
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
         self.assertTrue(response_2.check_one_condition())
 
@@ -549,7 +546,7 @@ def testCheckOneAuthnStatement(self):
         Tests the check_one_authnstatement method of SamlResponse
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_authnstatement.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "no_authnstatement.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertFalse(response.check_one_authnstatement())
 
@@ -557,9 +554,9 @@ def testCheckOneAuthnStatement(self):
         settings.set_strict(True)
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertFalse(response.is_valid(self.get_request_data()))
-        self.assertEqual('The Assertion must include an AuthnStatement element', response.get_error())
+        self.assertEqual("The Assertion must include an AuthnStatement element", response.get_error())
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
         self.assertTrue(response_2.check_one_authnstatement())
 
@@ -568,17 +565,17 @@ def testGetAudiences(self):
         Tests the get_audiences method of the OneLogin_Saml2_Response
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'no_audience.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "no_audience.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertEqual([], response.get_audiences())
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
-        self.assertEqual(['{audience}'], response_2.get_audiences())
+        self.assertEqual(["{audience}"], response_2.get_audiences())
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
-        self.assertEqual(['http://stuff.com/endpoints/metadata.php'], response_3.get_audiences())
+        self.assertEqual(["http://stuff.com/endpoints/metadata.php"], response_3.get_audiences())
 
     def testQueryAssertions(self):
         """
@@ -586,59 +583,59 @@ def testQueryAssertions(self):
         OneLogin_Saml2_Response using the get_issuers call
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'adfs_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "adfs_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        self.assertEqual(['http://login.example.com/issuer'], response.get_issuers())
+        self.assertEqual(["http://login.example.com/issuer"], response.get_issuers())
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
-        self.assertEqual(['http://idp.example.com/'], response_2.get_issuers())
+        self.assertEqual(["http://idp.example.com/"], response_2.get_issuers())
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'double_signed_encrypted_assertion.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "double_signed_encrypted_assertion.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
-        self.assertEqual(['http://idp.example.com/', 'https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php'], sorted(response_3.get_issuers()))
+        self.assertEqual(["http://idp.example.com/", "https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php"], sorted(response_3.get_issuers()))
 
-        xml_4 = self.file_contents(join(self.data_path, 'responses', 'double_signed_response.xml.base64'))
+        xml_4 = self.file_contents(join(self.data_path, "responses", "double_signed_response.xml.base64"))
         response_4 = OneLogin_Saml2_Response(settings, xml_4)
-        self.assertEqual(['https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php'], response_4.get_issuers())
+        self.assertEqual(["https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php"], response_4.get_issuers())
 
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'signed_message_encrypted_assertion.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "signed_message_encrypted_assertion.xml.base64"))
         response_5 = OneLogin_Saml2_Response(settings, xml_5)
-        self.assertEqual(['http://idp.example.com/', 'https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php'], sorted(response_5.get_issuers()))
+        self.assertEqual(["http://idp.example.com/", "https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php"], sorted(response_5.get_issuers()))
 
-        xml_6 = self.file_contents(join(self.data_path, 'responses', 'signed_assertion_response.xml.base64'))
+        xml_6 = self.file_contents(join(self.data_path, "responses", "signed_assertion_response.xml.base64"))
         response_6 = OneLogin_Saml2_Response(settings, xml_6)
-        self.assertEqual(['https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php'], response_6.get_issuers())
+        self.assertEqual(["https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php"], response_6.get_issuers())
 
-        xml_7 = self.file_contents(join(self.data_path, 'responses', 'signed_encrypted_assertion.xml.base64'))
+        xml_7 = self.file_contents(join(self.data_path, "responses", "signed_encrypted_assertion.xml.base64"))
         response_7 = OneLogin_Saml2_Response(settings, xml_7)
-        self.assertEqual(['http://idp.example.com/'], response_7.get_issuers())
+        self.assertEqual(["http://idp.example.com/"], response_7.get_issuers())
 
     def testGetIssuers(self):
         """
         Tests the get_issuers method of the OneLogin_Saml2_Response
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'adfs_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "adfs_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        self.assertEqual(['http://login.example.com/issuer'], response.get_issuers())
+        self.assertEqual(["http://login.example.com/issuer"], response.get_issuers())
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
-        self.assertEqual(['http://idp.example.com/'], response_2.get_issuers())
+        self.assertEqual(["http://idp.example.com/"], response_2.get_issuers())
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'double_signed_encrypted_assertion.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "double_signed_encrypted_assertion.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
-        self.assertEqual(['http://idp.example.com/', 'https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php'], sorted(response_3.get_issuers()))
+        self.assertEqual(["http://idp.example.com/", "https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php"], sorted(response_3.get_issuers()))
 
-        xml_4 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_issuer_response.xml.base64'))
+        xml_4 = self.file_contents(join(self.data_path, "responses", "invalids", "no_issuer_response.xml.base64"))
         response_4 = OneLogin_Saml2_Response(settings, xml_4)
         response_4.get_issuers()
-        self.assertEqual(['https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php'], response_4.get_issuers())
+        self.assertEqual(["https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php"], response_4.get_issuers())
 
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_issuer_assertion.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "invalids", "no_issuer_assertion.xml.base64"))
         response_5 = OneLogin_Saml2_Response(settings, xml_5)
-        with self.assertRaisesRegex(Exception, 'Issuer of the Assertion not found or multiple.'):
+        with self.assertRaisesRegex(Exception, "Issuer of the Assertion not found or multiple."):
             response_5.get_issuers()
 
     def testGetSessionIndex(self):
@@ -646,70 +643,129 @@ def testGetSessionIndex(self):
         Tests the get_session_index method of the OneLogin_Saml2_Response
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        self.assertEqual('_531c32d283bdff7e04e487bcdbc4dd8d', response.get_session_index())
+        self.assertEqual("_531c32d283bdff7e04e487bcdbc4dd8d", response.get_session_index())
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
-        self.assertEqual('_7164a9a9f97828bfdb8d0ebc004a05d2e7d873f70c', response_2.get_session_index())
+        self.assertEqual("_7164a9a9f97828bfdb8d0ebc004a05d2e7d873f70c", response_2.get_session_index())
 
     def testGetAttributes(self):
         """
-        Tests the getAttributes method of the OneLogin_Saml2_Response
+        Tests the get_attributes method of the OneLogin_Saml2_Response
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        expected_attributes = {
-            'uid': ['demo'],
-            'another_value': ['value']
-        }
+        expected_attributes = {"uid": ["demo"], "another_value": ["value"]}
         self.assertEqual(expected_attributes, response.get_attributes())
 
         # An assertion that has no attributes should return an empty
         # array when asked for the attributes
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'response2.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "response2.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
         self.assertEqual({}, response_2.get_attributes())
 
         # Encrypted Attributes are not supported
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'encrypted_attrs.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "invalids", "encrypted_attrs.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
         self.assertEqual({}, response_3.get_attributes())
 
+        # Test retrieving duplicate attributes
+        xml_4 = self.file_contents(join(self.data_path, "responses", "response1_with_duplicate_attributes.xml.base64"))
+        response_4 = OneLogin_Saml2_Response(settings, xml_4)
+        with self.assertRaises(OneLogin_Saml2_ValidationError) as duplicate_name_exc:
+            response_4.get_attributes()
+        self.assertIn("Found an Attribute element with duplicated Name", str(duplicate_name_exc.exception))
+
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON("settings11.json"))
+        expected_attributes = {"another_value": ["value"], "duplicate_name": ["name1", "name2"], "friendly1": ["friendly1"], "friendly2": ["friendly2"], "uid": ["demo"]}
+
+        response_5 = OneLogin_Saml2_Response(settings, xml_4)
+        self.assertEqual(expected_attributes, response_5.get_attributes())
+
+    def testGetFriendlyAttributes(self):
+        """
+        Tests the get_friendlyname_attributes method of the OneLogin_Saml2_Response
+        """
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
+
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
+        response = OneLogin_Saml2_Response(settings, xml)
+        self.assertEqual({}, response.get_friendlyname_attributes())
+
+        expected_attributes = {"username": ["demo"]}
+        xml_2 = self.file_contents(join(self.data_path, "responses", "response1_with_friendlyname.xml.base64"))
+        response_2 = OneLogin_Saml2_Response(settings, xml_2)
+        self.assertEqual(expected_attributes, response_2.get_friendlyname_attributes())
+
+        xml_3 = self.file_contents(join(self.data_path, "responses", "response2.xml.base64"))
+        response_3 = OneLogin_Saml2_Response(settings, xml_3)
+        self.assertEqual({}, response_3.get_friendlyname_attributes())
+
+        xml_4 = self.file_contents(join(self.data_path, "responses", "invalids", "encrypted_attrs.xml.base64"))
+        response_4 = OneLogin_Saml2_Response(settings, xml_4)
+        self.assertEqual({}, response_4.get_friendlyname_attributes())
+
+        # Test retrieving duplicate attributes
+        xml_5 = self.file_contents(join(self.data_path, "responses", "response1_with_duplicate_attributes.xml.base64"))
+        response_5 = OneLogin_Saml2_Response(settings, xml_5)
+        with self.assertRaises(OneLogin_Saml2_ValidationError) as duplicate_name_exc:
+            response_5.get_friendlyname_attributes()
+        self.assertIn("Found an Attribute element with duplicated FriendlyName", str(duplicate_name_exc.exception))
+
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON("settings11.json"))
+        expected_attributes = {"username": ["demo"], "friendlytest": ["friendly1", "friendly2"]}
+
+        response_6 = OneLogin_Saml2_Response(settings, xml_5)
+        self.assertEqual(expected_attributes, response_6.get_friendlyname_attributes())
+
+    def testGetEncryptedAttributes(self):
+        """
+        Tests the get_attributes method of the OneLogin_Saml2_Response with an encrypted response
+        """
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON("settings8.json"))
+        xml = self.file_contents(join(self.data_path, "responses", "signed_message_encrypted_assertion2.xml.base64"))
+        response = OneLogin_Saml2_Response(settings, xml)
+        self.assertEqual(
+            {
+                "uid": ["smartin"],
+                "mail": ["smartin@yaco.es"],
+                "cn": ["Sixto3"],
+                "sn": ["Martin2"],
+                "phone": [],
+                "eduPersonAffiliation": ["user", "admin"],
+            },
+            response.get_attributes(),
+        )
+
     def testGetNestedNameIDAttributes(self):
         """
         Tests the getAttributes method of the OneLogin_Saml2_Response with nested
         nameID data
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'response_with_nested_nameid_values.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response_with_nested_nameid_values.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        expected_attributes = {
-            'uid': ['demo'],
-            'another_value': [{
-                'NameID': {
-                    'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
-                    'NameQualifier': 'https://idpID',
-                    'value': 'value'
-                }
-            }]
-        }
+        expected_attributes = {"uid": ["demo"], "another_value": [{"NameID": {"Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "NameQualifier": "https://idpID", "value": "value"}}]}
         self.assertEqual(expected_attributes, response.get_attributes())
 
+        expected_attributes = {"another_friendly_value": [{"NameID": {"Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "NameQualifier": "https://idpID", "value": "value"}}]}
+        self.assertEqual(expected_attributes, response.get_friendlyname_attributes())
+
     def testOnlyRetrieveAssertionWithIDThatMatchesSignatureReference(self):
         """
         Tests the get_nameid method of the OneLogin_Saml2_Response
         The Assertion is unsigned so the method fails
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'wrapped_response_2.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "wrapped_response_2.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        with self.assertRaisesRegex(Exception, 'Invalid Signature Element {urn:oasis:names:tc:SAML:2.0:metadata}EntityDescriptor SAML Response rejected'):
+        with self.assertRaisesRegex(Exception, "Invalid Signature Element {urn:oasis:names:tc:SAML:2.0:metadata}EntityDescriptor SAML Response rejected"):
             response.is_valid(self.get_request_data(), raise_exceptions=True)
         nameid = response.get_nameid()
-        self.assertEqual('root@example.com', nameid)
+        self.assertEqual("root@example.com", nameid)
 
     def testDoesNotAllowSignatureWrappingAttack(self):
         """
@@ -717,9 +773,9 @@ def testDoesNotAllowSignatureWrappingAttack(self):
         Test that the SignatureWrappingAttack is not allowed
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'response4.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response4.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        self.assertEqual('test@onelogin.com', response.get_nameid())
+        self.assertEqual("test@onelogin.com", response.get_nameid())
         self.assertFalse(response.is_valid(self.get_request_data()))
 
     def testNodeTextAttack(self):
@@ -727,29 +783,29 @@ def testNodeTextAttack(self):
         Tests the get_nameid and get_attributes methods of the OneLogin_Saml2_Response
         Test that the node text with comment attack (VU#475445) is not allowed
         """
-        xml = self.file_contents(join(self.data_path, 'responses', 'response_node_text_attack.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response_node_text_attack.xml.base64"))
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
         response = OneLogin_Saml2_Response(settings, xml)
         attributes = response.get_attributes()
         nameid = response.get_nameid()
-        self.assertEqual("smith", attributes.get('surname')[0])
-        self.assertEqual('support@onelogin.com', nameid)
+        self.assertEqual("smith", attributes.get("surname")[0])
+        self.assertEqual("support@onelogin.com", nameid)
 
     def testGetSessionNotOnOrAfter(self):
         """
         Tests the get_session_not_on_or_after method of the OneLogin_Saml2_Response
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertEqual(1290203857, response.get_session_not_on_or_after())
 
         # An assertion that do not specified Session timeout should return NULL
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'response2.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "response2.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
         self.assertEqual(None, response_2.get_session_not_on_or_after())
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
         self.assertEqual(2696012228, response_3.get_session_not_on_or_after())
 
@@ -761,46 +817,46 @@ def testGetInResponseTo(self):
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
 
         # Response without an InResponseTo element should return None
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertIsNone(response.get_in_response_to())
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
-        self.assertEqual('ONELOGIN_be60b8caf8e9d19b7a3551b244f116c947ff247d', response_3.get_in_response_to())
+        self.assertEqual("ONELOGIN_be60b8caf8e9d19b7a3551b244f116c947ff247d", response_3.get_in_response_to())
 
     def testIsInvalidXML(self):
         """
         Tests the is_valid method of the OneLogin_Saml2_Response
         Case Invalid XML
         """
-        message = compat.to_string(OneLogin_Saml2_Utils.b64encode('<samlp:Response Version="2.0" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status><saml:Assertion>invalid</saml:Assertion></samlp:Response>'))
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html',
-            'get_data': {}
-        }
+        message = compat.to_string(
+            OneLogin_Saml2_Utils.b64encode(
+                '<samlp:Response Version="2.0" ID="_8e8dc5f69a98cc4c1ff3427e5ce34606fd672f91e6" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status><saml:Assertion>invalid</saml:Assertion></samlp:Response>'
+            )
+        )
+        request_data = {"http_host": "example.com", "script_name": "index.html", "get_data": {}}
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
 
         response = OneLogin_Saml2_Response(settings, message)
         response.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
         settings.set_strict(True)
         response_2 = OneLogin_Saml2_Response(settings, message)
         self.assertFalse(response_2.is_valid(request_data))
-        self.assertEqual('Invalid SAML Response. Not match the saml-schema-protocol-2.0.xsd', response_2.get_error())
+        self.assertEqual("Invalid SAML Response. Not match the saml-schema-protocol-2.0.xsd", response_2.get_error())
 
     def testValidateNumAssertions(self):
         """
         Tests the validate_num_assertions method of the OneLogin_Saml2_Response
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertTrue(response.validate_num_assertions())
 
-        xml_multi_assertion = self.file_contents(join(self.data_path, 'responses', 'invalids', 'multiple_assertions.xml.base64'))
+        xml_multi_assertion = self.file_contents(join(self.data_path, "responses", "invalids", "multiple_assertions.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_multi_assertion)
         self.assertFalse(response_2.validate_num_assertions())
 
@@ -809,23 +865,23 @@ def testValidateTimestamps(self):
         Tests the validate_timestamps method of the OneLogin_Saml2_Response
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertTrue(response.validate_timestamps())
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
         self.assertTrue(response_2.validate_timestamps())
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'expired_response.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "expired_response.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
         self.assertFalse(response_3.validate_timestamps())
 
-        xml_4 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'not_after_failed.xml.base64'))
+        xml_4 = self.file_contents(join(self.data_path, "responses", "invalids", "not_after_failed.xml.base64"))
         response_4 = OneLogin_Saml2_Response(settings, xml_4)
         self.assertFalse(response_4.validate_timestamps())
 
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'not_before_failed.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "invalids", "not_before_failed.xml.base64"))
         response_5 = OneLogin_Saml2_Response(settings, xml_5)
         self.assertFalse(response_5.validate_timestamps())
 
@@ -835,9 +891,9 @@ def testValidateVersion(self):
         Case invalid version
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_saml2.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "no_saml2.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        with self.assertRaisesRegex(Exception, 'Unsupported SAML version'):
+        with self.assertRaisesRegex(Exception, "Unsupported SAML version"):
             response.is_valid(self.get_request_data(), raise_exceptions=True)
 
     def testValidateID(self):
@@ -846,9 +902,9 @@ def testValidateID(self):
         Case invalid no ID
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_id.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "no_id.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        with self.assertRaisesRegex(Exception, 'Missing ID attribute on SAML Response'):
+        with self.assertRaisesRegex(Exception, "Missing ID attribute on SAML Response"):
             response.is_valid(self.get_request_data(), raise_exceptions=True)
 
     def testIsInValidReference(self):
@@ -857,12 +913,12 @@ def testIsInValidReference(self):
         Case invalid reference
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertFalse(response.is_valid(self.get_request_data()))
-        self.assertEqual('Signature validation failed. SAML Response rejected', response.get_error())
+        self.assertEqual("Signature validation failed. SAML Response rejected", response.get_error())
 
-        with self.assertRaisesRegex(Exception, 'Signature validation failed. SAML Response rejected'):
+        with self.assertRaisesRegex(Exception, "Signature validation failed. SAML Response rejected"):
             response.is_valid(self.get_request_data(), raise_exceptions=True)
 
     def testIsInValidExpired(self):
@@ -871,14 +927,14 @@ def testIsInValidExpired(self):
         Case expired response
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'expired_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "expired_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         response.is_valid(self.get_request_data())
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
         settings.set_strict(True)
         response_2 = OneLogin_Saml2_Response(settings, xml)
-        with self.assertRaisesRegex(Exception, 'Could not validate timestamp: expired. Check system clock.'):
+        with self.assertRaisesRegex(Exception, "Could not validate timestamp: expired. Check system clock."):
             response_2.is_valid(self.get_request_data(), raise_exceptions=True)
 
     def testIsInValidNoStatement(self):
@@ -887,15 +943,15 @@ def testIsInValidNoStatement(self):
         Case no statement
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_signature.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "no_signature.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         response.is_valid(self.get_request_data())
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
         settings.set_strict(True)
         response_2 = OneLogin_Saml2_Response(settings, xml)
         self.assertFalse(response_2.is_valid(self.get_request_data()))
-        self.assertEqual('There is no AttributeStatement on the Response', response_2.get_error())
+        self.assertEqual("There is no AttributeStatement on the Response", response_2.get_error())
 
     def testIsValidOptionalStatement(self):
         """
@@ -908,25 +964,25 @@ def testIsValidOptionalStatement(self):
         settings.set_strict(True)
 
         # want AttributeStatement True by default
-        self.assertTrue(settings.get_security_data()['wantAttributeStatement'])
+        self.assertTrue(settings.get_security_data()["wantAttributeStatement"])
 
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'signed_assertion_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "signed_assertion_response.xml.base64"))
 
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertFalse(response.is_valid(self.get_request_data()))
-        self.assertEqual('There is no AttributeStatement on the Response', response.get_error())
+        self.assertEqual("There is no AttributeStatement on the Response", response.get_error())
 
         # change wantAttributeStatement to optional
-        json_settings['security']['wantAttributeStatement'] = False
+        json_settings["security"]["wantAttributeStatement"] = False
         settings = OneLogin_Saml2_Settings(json_settings)
 
         # check settings
-        self.assertFalse(settings.get_security_data()['wantAttributeStatement'])
+        self.assertFalse(settings.get_security_data()["wantAttributeStatement"])
 
         response = OneLogin_Saml2_Response(settings, xml)
         response.is_valid(self.get_request_data())
-        self.assertNotEqual('There is no AttributeStatement on the Response', response.get_error())
-        self.assertEqual('Signature validation failed. SAML Response rejected', response.get_error())
+        self.assertNotEqual("There is no AttributeStatement on the Response", response.get_error())
+        self.assertEqual("Signature validation failed. SAML Response rejected", response.get_error())
 
     def testIsInValidNoKey(self):
         """
@@ -934,9 +990,22 @@ def testIsInValidNoKey(self):
         Case no key
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_key.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "no_key.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        with self.assertRaisesRegex(Exception, 'Signature validation failed. SAML Response rejected'):
+        with self.assertRaisesRegex(Exception, "Signature validation failed. SAML Response rejected"):
+            response.is_valid(self.get_request_data(), raise_exceptions=True)
+
+    def testIsInValidDeprecatedAlgorithm(self):
+        """
+        Tests the is_valid method of the OneLogin_Saml2_Response
+        Case Deprecated algorithm used
+        """
+        settings_dict = self.loadSettingsJSON()
+        settings_dict["security"]["rejectDeprecatedAlgorithm"] = True
+        settings = OneLogin_Saml2_Settings(settings_dict)
+        xml = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
+        response = OneLogin_Saml2_Response(settings, xml)
+        with self.assertRaisesRegex(Exception, "Deprecated signature algorithm found: http://www.w3.org/2000/09/xmldsig#rsa-sha1"):
             response.is_valid(self.get_request_data(), raise_exceptions=True)
 
     def testIsInValidMultipleAssertions(self):
@@ -946,9 +1015,9 @@ def testIsInValidMultipleAssertions(self):
         """
 
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'multiple_assertions.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "multiple_assertions.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        with self.assertRaisesRegex(Exception, 'SAML Response must contain 1 assertion'):
+        with self.assertRaisesRegex(Exception, "SAML Response must contain 1 assertion"):
             response.is_valid(self.get_request_data(), raise_exceptions=True)
 
     def testIsInValidEncAttrs(self):
@@ -957,14 +1026,14 @@ def testIsInValidEncAttrs(self):
         Case invalid Encrypted Attrs
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'encrypted_attrs.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "encrypted_attrs.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         response.is_valid(self.get_request_data())
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
         settings.set_strict(True)
         response_2 = OneLogin_Saml2_Response(settings, xml)
-        with self.assertRaisesRegex(Exception, 'There is an EncryptedAttribute in the Response and this SP not support them'):
+        with self.assertRaisesRegex(Exception, "There is an EncryptedAttribute in the Response and this SP not support them"):
             response_2.is_valid(self.get_request_data(), raise_exceptions=True)
 
     def testIsInValidDuplicatedAttrs(self):
@@ -973,9 +1042,9 @@ def testIsInValidDuplicatedAttrs(self):
         Case duplicated Attrs
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'duplicated_attributes.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "duplicated_attributes.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        with self.assertRaisesRegex(Exception, 'Found an Attribute element with duplicated Name'):
+        with self.assertRaisesRegex(Exception, "Found an Attribute element with duplicated Name"):
             response.get_attributes()
 
     def testIsInValidDestination(self):
@@ -984,35 +1053,75 @@ def testIsInValidDestination(self):
         Case Invalid Response, Invalid Destination
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        message = self.file_contents(join(self.data_path, 'responses', 'unsigned_response.xml.base64'))
+        message = self.file_contents(join(self.data_path, "responses", "unsigned_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, message)
         response.is_valid(self.get_request_data())
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
         settings.set_strict(True)
         response_2 = OneLogin_Saml2_Response(settings, message)
         self.assertFalse(response_2.is_valid(self.get_request_data()))
-        self.assertIn('The response was received at', response_2.get_error())
+        self.assertIn("The response was received at", response_2.get_error())
 
         # Empty Destination
         dom = parseString(b64decode(message))
-        dom.firstChild.setAttribute('Destination', '')
+        dom.firstChild.setAttribute("Destination", "")
         message_2 = OneLogin_Saml2_Utils.b64encode(dom.toxml())
         response_3 = OneLogin_Saml2_Response(settings, message_2)
         self.assertFalse(response_3.is_valid(self.get_request_data()))
-        self.assertIn('The response has an empty Destination value', response_3.get_error())
+        self.assertIn("The response has an empty Destination value", response_3.get_error())
 
-        message_3 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'empty_destination.xml.base64'))
+        message_3 = self.file_contents(join(self.data_path, "responses", "invalids", "empty_destination.xml.base64"))
         response_4 = OneLogin_Saml2_Response(settings, message_3)
         self.assertFalse(response_4.is_valid(self.get_request_data()))
-        self.assertEqual('The response has an empty Destination value', response_4.get_error())
+        self.assertEqual("The response has an empty Destination value", response_4.get_error())
 
         # No Destination
-        dom.firstChild.removeAttribute('Destination')
+        dom.firstChild.removeAttribute("Destination")
         message_4 = OneLogin_Saml2_Utils.b64encode(dom.toxml())
         response_5 = OneLogin_Saml2_Response(settings, message_4)
         self.assertFalse(response_5.is_valid(self.get_request_data()))
-        self.assertIn('A valid SubjectConfirmation was not found on this Response', response_5.get_error())
+        self.assertIn("A valid SubjectConfirmation was not found on this Response", response_5.get_error())
+
+        settings.set_strict(True)
+        response_2 = OneLogin_Saml2_Response(settings, message)
+        self.assertFalse(response_2.is_valid(self.get_request_data()))
+        self.assertIn("The response was received at", response_2.get_error())
+
+    def testIsInValidDestinationCapitalizationOfElements(self):
+        """
+        Tests the is_valid method of the OneLogin_Saml2_Response class
+        Case Invalid Response due to differences in capitalization of path
+        """
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
+        message = self.file_contents(join(self.data_path, "responses", "unsigned_response.xml.base64"))
+
+        # Test path capitalized
+        settings.set_strict(True)
+        response = OneLogin_Saml2_Response(settings, message)
+        self.assertFalse(response.is_valid(self.get_request_data_path_capitalized()))
+        self.assertIn("The response was received at", response.get_error())
+
+        # Test both domain and path capitalized
+        response_2 = OneLogin_Saml2_Response(settings, message)
+        self.assertFalse(response_2.is_valid(self.get_request_data_both_capitalized()))
+        self.assertIn("The response was received at", response_2.get_error())
+
+    def testIsValidDestinationCapitalizationOfHost(self):
+        """
+        Tests the is_valid method of the OneLogin_Saml2_Response class
+        Case Valid Response, even if host is differently capitalized (per RFC)
+        """
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
+        message = self.file_contents(join(self.data_path, "responses", "unsigned_response.xml.base64"))
+        # Test domain capitalized
+        settings.set_strict(True)
+        response = OneLogin_Saml2_Response(settings, message)
+        self.assertFalse(response.is_valid(self.get_request_data_domain_capitalized()))
+        self.assertNotIn("The response was received at", response.get_error())
+
+        # Assert we got past the destination check, which appears later
+        self.assertIn("A valid SubjectConfirmation was not found", response.get_error())
 
     def testIsInValidAudience(self):
         """
@@ -1020,21 +1129,21 @@ def testIsInValidAudience(self):
         Case Invalid Response, Invalid Audience
         """
         request_data = {
-            'http_host': 'stuff.com',
-            'script_name': '/endpoints/endpoints/acs.php',
+            "http_host": "stuff.com",
+            "script_name": "/endpoints/endpoints/acs.php",
         }
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        message = self.file_contents(join(self.data_path, 'responses', 'invalids', 'invalid_audience.xml.base64'))
+        message = self.file_contents(join(self.data_path, "responses", "invalids", "invalid_audience.xml.base64"))
 
         response = OneLogin_Saml2_Response(settings, message)
         response.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
         settings.set_strict(True)
         response_2 = OneLogin_Saml2_Response(settings, message)
 
         self.assertFalse(response_2.is_valid(request_data))
-        self.assertIn('is not a valid audience for this Response', response_2.get_error())
+        self.assertIn("is not a valid audience for this Response", response_2.get_error())
 
     def testIsInValidAuthenticationContext(self):
         """
@@ -1044,19 +1153,19 @@ def testIsInValidAuthenticationContext(self):
         that didn't complete the two-factor step.
         """
         request_data = self.get_request_data()
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
-        two_factor_context = 'urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken'
-        password_context = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Password'
+        message = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
+        two_factor_context = "urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken"
+        password_context = "urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
         settings_dict = self.loadSettingsJSON()
-        settings_dict['security']['requestedAuthnContext'] = [two_factor_context]
-        settings_dict['security']['failOnAuthnContextMismatch'] = True
-        settings_dict['strict'] = True
+        settings_dict["security"]["requestedAuthnContext"] = [two_factor_context]
+        settings_dict["security"]["failOnAuthnContextMismatch"] = True
+        settings_dict["strict"] = True
         settings = OneLogin_Saml2_Settings(settings_dict)
 
         # check that we catch when the contexts don't match
         response = OneLogin_Saml2_Response(settings, message)
         self.assertFalse(response.is_valid(request_data))
-        self.assertIn('The AuthnContext "%s" didn\'t include requested context "%s"' % (password_context, two_factor_context), response.get_error())
+        self.assertIn('The AuthnContext "%s" was not a requested context "%s"' % (password_context, two_factor_context), response.get_error())
 
         # now drop in the expected AuthnContextClassRef and see that it passes
         original_message = compat.to_string(OneLogin_Saml2_Utils.b64decode(message))
@@ -1065,14 +1174,14 @@ def testIsInValidAuthenticationContext(self):
         response = OneLogin_Saml2_Response(settings, two_factor_message)
         response.is_valid(request_data)
         # check that we got as far as destination validation, which comes later
-        self.assertIn('The response was received at', response.get_error())
+        self.assertIn("The response was received at", response.get_error())
 
         # with the default setting, check that we succeed with our original context
-        settings_dict['security']['requestedAuthnContext'] = True
+        settings_dict["security"]["requestedAuthnContext"] = True
         settings = OneLogin_Saml2_Settings(settings_dict)
         response = OneLogin_Saml2_Response(settings, message)
         response.is_valid(request_data)
-        self.assertIn('The response was received at', response.get_error())
+        self.assertIn("The response was received at", response.get_error())
 
     def testIsInValidIssuer(self):
         """
@@ -1080,36 +1189,33 @@ def testIsInValidIssuer(self):
         Case Invalid Response, Invalid Issuer
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html"}
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'invalid_issuer_assertion.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "invalid_issuer_assertion.xml.base64"))
         plain_message = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml))
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message = OneLogin_Saml2_Utils.b64encode(plain_message)
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'invalid_issuer_message.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "invalids", "invalid_issuer_message.xml.base64"))
         plain_message_2 = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml_2))
-        plain_message_2 = plain_message_2.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message_2 = plain_message_2.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message_2 = OneLogin_Saml2_Utils.b64encode(plain_message_2)
 
         response = OneLogin_Saml2_Response(settings, message)
         response.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
         response_2 = OneLogin_Saml2_Response(settings, message_2)
         response_2.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_2.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_2.get_error())
 
         settings.set_strict(True)
         response_3 = OneLogin_Saml2_Response(settings, message)
-        with self.assertRaisesRegex(Exception, 'Invalid issuer in the Assertion/Response'):
+        with self.assertRaisesRegex(Exception, "Invalid issuer in the Assertion/Response"):
             response_3.is_valid(request_data, raise_exceptions=True)
 
         response_4 = OneLogin_Saml2_Response(settings, message_2)
-        with self.assertRaisesRegex(Exception, 'Invalid issuer in the Assertion/Response'):
+        with self.assertRaisesRegex(Exception, "Invalid issuer in the Assertion/Response"):
             response_4.is_valid(request_data, raise_exceptions=True)
 
     def testIsInValidSessionIndex(self):
@@ -1118,45 +1224,39 @@ def testIsInValidSessionIndex(self):
         Case Invalid Response, Invalid SessionIndex
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html"}
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'invalid_sessionindex.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "invalid_sessionindex.xml.base64"))
         plain_message = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml))
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message = OneLogin_Saml2_Utils.b64encode(plain_message)
 
         response = OneLogin_Saml2_Response(settings, message)
         response.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
         settings.set_strict(True)
         response_2 = OneLogin_Saml2_Response(settings, message)
-        with self.assertRaisesRegex(Exception, 'The attributes have expired, based on the SessionNotOnOrAfter of the AttributeStatement of this Response'):
+        with self.assertRaisesRegex(Exception, "The attributes have expired, based on the SessionNotOnOrAfter of the AttributeStatement of this Response"):
             response_2.is_valid(request_data, raise_exceptions=True)
 
     def testDatetimeWithMiliseconds(self):
         """
         Tests the is_valid method of the OneLogin_Saml2_Response class
-        Somtimes IdPs uses datetimes with miliseconds, this
+        Sometimes IdPs uses datetimes with miliseconds, this
         test is to verify that the toolkit supports them
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html"}
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
 
-        xml = self.file_contents(join(self.data_path, 'responses', 'unsigned_response_with_miliseconds.xm.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "unsigned_response_with_miliseconds.xm.base64"))
         plain_message = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml))
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message = OneLogin_Saml2_Utils.b64encode(plain_message)
         response = OneLogin_Saml2_Response(settings, message)
         response.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
     def testIsInValidSubjectConfirmation(self):
         """
@@ -1164,88 +1264,85 @@ def testIsInValidSubjectConfirmation(self):
         Case Invalid Response, Invalid SubjectConfirmation
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html"}
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_subjectconfirmation_method.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "no_subjectconfirmation_method.xml.base64"))
         plain_message = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml))
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message = OneLogin_Saml2_Utils.b64encode(plain_message)
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_subjectconfirmation_data.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "invalids", "no_subjectconfirmation_data.xml.base64"))
         plain_message_2 = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml_2))
-        plain_message_2 = plain_message_2.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message_2 = plain_message_2.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message_2 = OneLogin_Saml2_Utils.b64encode(plain_message_2)
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'invalid_subjectconfirmation_inresponse.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "invalids", "invalid_subjectconfirmation_inresponse.xml.base64"))
         plain_message_3 = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml_3))
-        plain_message_3 = plain_message_3.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message_3 = plain_message_3.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message_3 = OneLogin_Saml2_Utils.b64encode(plain_message_3)
 
-        xml_4 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'invalid_subjectconfirmation_recipient.xml.base64'))
+        xml_4 = self.file_contents(join(self.data_path, "responses", "invalids", "invalid_subjectconfirmation_recipient.xml.base64"))
         plain_message_4 = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml_4))
-        plain_message_4 = plain_message_4.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message_4 = plain_message_4.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message_4 = OneLogin_Saml2_Utils.b64encode(plain_message_4)
 
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'invalid_subjectconfirmation_noa.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "invalids", "invalid_subjectconfirmation_noa.xml.base64"))
         plain_message_5 = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml_5))
-        plain_message_5 = plain_message_5.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message_5 = plain_message_5.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message_5 = OneLogin_Saml2_Utils.b64encode(plain_message_5)
 
-        xml_6 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'invalid_subjectconfirmation_nb.xml.base64'))
+        xml_6 = self.file_contents(join(self.data_path, "responses", "invalids", "invalid_subjectconfirmation_nb.xml.base64"))
         plain_message_6 = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml_6))
-        plain_message_6 = plain_message_6.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message_6 = plain_message_6.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message_6 = OneLogin_Saml2_Utils.b64encode(plain_message_6)
 
         response = OneLogin_Saml2_Response(settings, message)
         response.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
         response_2 = OneLogin_Saml2_Response(settings, message_2)
         response_2.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_2.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_2.get_error())
 
         response_3 = OneLogin_Saml2_Response(settings, message_3)
         response_3.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_3.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_3.get_error())
 
         response_4 = OneLogin_Saml2_Response(settings, message_4)
         response_4.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_4.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_4.get_error())
 
         response_5 = OneLogin_Saml2_Response(settings, message_5)
         response_5.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_5.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_5.get_error())
 
         response_6 = OneLogin_Saml2_Response(settings, message_6)
         response_6.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_6.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_6.get_error())
 
         settings.set_strict(True)
         response = OneLogin_Saml2_Response(settings, message)
-        with self.assertRaisesRegex(Exception, 'A valid SubjectConfirmation was not found on this Response'):
+        with self.assertRaisesRegex(Exception, "A valid SubjectConfirmation was not found on this Response"):
             response.is_valid(request_data, raise_exceptions=True)
 
         response_2 = OneLogin_Saml2_Response(settings, message_2)
-        with self.assertRaisesRegex(Exception, 'A valid SubjectConfirmation was not found on this Response'):
+        with self.assertRaisesRegex(Exception, "A valid SubjectConfirmation was not found on this Response"):
             response_2.is_valid(request_data, raise_exceptions=True)
 
         response_3 = OneLogin_Saml2_Response(settings, message_3)
-        with self.assertRaisesRegex(Exception, 'A valid SubjectConfirmation was not found on this Response'):
+        with self.assertRaisesRegex(Exception, "A valid SubjectConfirmation was not found on this Response"):
             response_3.is_valid(request_data, raise_exceptions=True)
 
         response_4 = OneLogin_Saml2_Response(settings, message_4)
-        with self.assertRaisesRegex(Exception, 'A valid SubjectConfirmation was not found on this Response'):
+        with self.assertRaisesRegex(Exception, "A valid SubjectConfirmation was not found on this Response"):
             response_4.is_valid(request_data, raise_exceptions=True)
 
         response_5 = OneLogin_Saml2_Response(settings, message_5)
-        with self.assertRaisesRegex(Exception, 'A valid SubjectConfirmation was not found on this Response'):
+        with self.assertRaisesRegex(Exception, "A valid SubjectConfirmation was not found on this Response"):
             response_5.is_valid(request_data, raise_exceptions=True)
 
         response_6 = OneLogin_Saml2_Response(settings, message_6)
-        with self.assertRaisesRegex(Exception, 'A valid SubjectConfirmation was not found on this Response'):
+        with self.assertRaisesRegex(Exception, "A valid SubjectConfirmation was not found on this Response"):
             response_6.is_valid(request_data, raise_exceptions=True)
 
     def testIsInValidRequestId(self):
@@ -1254,29 +1351,26 @@ def testIsInValidRequestId(self):
         Case Invalid Response, Invalid requestID
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html"}
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        xml = self.file_contents(join(self.data_path, 'responses', 'unsigned_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "unsigned_response.xml.base64"))
         plain_message = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml))
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message = OneLogin_Saml2_Utils.b64encode(plain_message)
 
         response = OneLogin_Saml2_Response(settings, message)
-        request_id = 'invalid'
+        request_id = "invalid"
         response.is_valid(request_data, request_id)
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
         settings.set_strict(True)
         response = OneLogin_Saml2_Response(settings, message)
-        with self.assertRaisesRegex(Exception, 'The InResponseTo of the Response'):
+        with self.assertRaisesRegex(Exception, "The InResponseTo of the Response"):
             response.is_valid(request_data, request_id, raise_exceptions=True)
 
-        valid_request_id = '_57bcbf70-7b1f-012e-c821-782bcb13bb38'
+        valid_request_id = "_57bcbf70-7b1f-012e-c821-782bcb13bb38"
         response.is_valid(request_data, valid_request_id)
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
     def testIsInValidSignIssues(self):
         """
@@ -1284,67 +1378,64 @@ def testIsInValidSignIssues(self):
         Case Invalid Response, Invalid signing issues
         """
         settings_info = self.loadSettingsJSON()
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html"}
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        xml = self.file_contents(join(self.data_path, 'responses', 'unsigned_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "unsigned_response.xml.base64"))
         plain_message = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml))
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message = OneLogin_Saml2_Utils.b64encode(plain_message)
 
-        settings_info['security']['wantAssertionsSigned'] = False
+        settings_info["security"]["wantAssertionsSigned"] = False
         settings = OneLogin_Saml2_Settings(settings_info)
         response = OneLogin_Saml2_Response(settings, message)
         response.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
-        settings_info['security']['wantAssertionsSigned'] = True
+        settings_info["security"]["wantAssertionsSigned"] = True
         settings_2 = OneLogin_Saml2_Settings(settings_info)
         response_2 = OneLogin_Saml2_Response(settings_2, message)
         response_2.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_2.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_2.get_error())
 
-        settings_info['strict'] = True
-        settings_info['security']['wantAssertionsSigned'] = False
+        settings_info["strict"] = True
+        settings_info["security"]["wantAssertionsSigned"] = False
         settings_3 = OneLogin_Saml2_Settings(settings_info)
         response_3 = OneLogin_Saml2_Response(settings_3, message)
         response_3.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_3.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_3.get_error())
 
-        settings_info['security']['wantAssertionsSigned'] = True
+        settings_info["security"]["wantAssertionsSigned"] = True
         settings_4 = OneLogin_Saml2_Settings(settings_info)
         response_4 = OneLogin_Saml2_Response(settings_4, message)
-        with self.assertRaisesRegex(Exception, 'The Assertion of the Response is not signed and the SP require it'):
+        with self.assertRaisesRegex(Exception, "The Assertion of the Response is not signed and the SP require it"):
             response_4.is_valid(request_data, raise_exceptions=True)
 
-        settings_info['security']['wantAssertionsSigned'] = False
-        settings_info['strict'] = False
+        settings_info["security"]["wantAssertionsSigned"] = False
+        settings_info["strict"] = False
 
-        settings_info['security']['wantMessagesSigned'] = False
+        settings_info["security"]["wantMessagesSigned"] = False
         settings_5 = OneLogin_Saml2_Settings(settings_info)
         response_5 = OneLogin_Saml2_Response(settings_5, message)
         response_5.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_5.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_5.get_error())
 
-        settings_info['security']['wantMessagesSigned'] = True
+        settings_info["security"]["wantMessagesSigned"] = True
         settings_6 = OneLogin_Saml2_Settings(settings_info)
         response_6 = OneLogin_Saml2_Response(settings_6, message)
         response_6.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_6.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_6.get_error())
 
-        settings_info['strict'] = True
-        settings_info['security']['wantMessagesSigned'] = False
+        settings_info["strict"] = True
+        settings_info["security"]["wantMessagesSigned"] = False
         settings_7 = OneLogin_Saml2_Settings(settings_info)
         response_7 = OneLogin_Saml2_Response(settings_7, message)
         response_7.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_7.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_7.get_error())
 
-        settings_info['security']['wantMessagesSigned'] = True
+        settings_info["security"]["wantMessagesSigned"] = True
         settings_8 = OneLogin_Saml2_Settings(settings_info)
         response_8 = OneLogin_Saml2_Response(settings_8, message)
-        with self.assertRaisesRegex(Exception, 'The Message of the Response is not signed and the SP require it'):
+        with self.assertRaisesRegex(Exception, "The Message of the Response is not signed and the SP require it"):
             response_8.is_valid(request_data, raise_exceptions=True)
 
     def testIsInValidEncIssues(self):
@@ -1353,67 +1444,74 @@ def testIsInValidEncIssues(self):
         Case Invalid Response, Invalid encryptation issues
         """
         settings_info = self.loadSettingsJSON()
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html"}
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        xml = self.file_contents(join(self.data_path, 'responses', 'unsigned_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "unsigned_response.xml.base64"))
         plain_message = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml))
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message = OneLogin_Saml2_Utils.b64encode(plain_message)
 
-        settings_info['security']['wantAssertionsEncrypted'] = True
+        settings_info["security"]["wantAssertionsEncrypted"] = True
         settings = OneLogin_Saml2_Settings(settings_info)
         response = OneLogin_Saml2_Response(settings, message)
         response.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
-        settings_info['strict'] = True
-        settings_info['security']['wantAssertionsEncrypted'] = False
+        settings_info["strict"] = True
+        settings_info["security"]["wantAssertionsEncrypted"] = False
         settings = OneLogin_Saml2_Settings(settings_info)
         response_2 = OneLogin_Saml2_Response(settings, message)
         response_2.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_2.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_2.get_error())
 
-        settings_info['security']['wantAssertionsEncrypted'] = True
+        settings_info["security"]["wantAssertionsEncrypted"] = True
         settings = OneLogin_Saml2_Settings(settings_info)
         response_3 = OneLogin_Saml2_Response(settings, message)
 
         self.assertFalse(response_3.is_valid(request_data))
-        self.assertEqual('The assertion of the Response is not encrypted and the SP require it', response_3.get_error())
+        self.assertEqual("The assertion of the Response is not encrypted and the SP require it", response_3.get_error())
 
-        settings_info['security']['wantAssertionsEncrypted'] = False
-        settings_info['security']['wantNameIdEncrypted'] = True
-        settings_info['strict'] = False
+        settings_info["security"]["wantAssertionsEncrypted"] = False
+        settings_info["security"]["wantNameIdEncrypted"] = True
+        settings_info["strict"] = False
         settings = OneLogin_Saml2_Settings(settings_info)
         response_4 = OneLogin_Saml2_Response(settings, message)
         response_4.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_4.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_4.get_error())
 
-        settings_info['strict'] = True
+        settings_info["strict"] = True
         settings = OneLogin_Saml2_Settings(settings_info)
         response_5 = OneLogin_Saml2_Response(settings, message)
 
         self.assertFalse(response_5.is_valid(request_data))
-        self.assertEqual('The NameID of the Response is not encrypted and the SP require it', response_5.get_error())
+        self.assertEqual("The NameID of the Response is not encrypted and the SP require it", response_5.get_error())
 
-        settings_info_2 = self.loadSettingsJSON('settings3.json')
-        settings_info_2['strict'] = True
-        settings_info_2['security']['wantNameIdEncrypted'] = True
+    def testIsInValidEncIssues_2(self):
+        settings_info_2 = self.loadSettingsJSON("settings3.json")
+        settings_info_2["strict"] = True
+        settings_info_2["security"]["wantNameIdEncrypted"] = True
         settings_2 = OneLogin_Saml2_Settings(settings_info_2)
 
+        request_data = {"script_name": "", "request_uri": "?acs", "http_host": "pytoolkit.com", "server_port": 8000}
+
+        message_2 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion_encrypted_nameid.xml.base64"))
+        response_6 = OneLogin_Saml2_Response(settings_2, message_2)
+
+        if sys.version_info > (3, 2, 0):
+            with self.assertWarns(Warning):
+                self.assertFalse(response_6.is_valid(request_data))
+                self.assertEqual("The attributes have expired, based on the SessionNotOnOrAfter of the AttributeStatement of this Response", response_6.get_error())
+
         request_data = {
-            'http_host': 'pytoolkit.com',
-            'server_port': 8000,
-            'script_name': '',
-            'request_uri': '?acs',
+            "script_name": "",
+            "request_uri": "?acs",
+            "http_host": "pytoolkit.com:8000",
         }
 
-        message_2 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion_encrypted_nameid.xml.base64'))
+        message_2 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion_encrypted_nameid.xml.base64"))
         response_6 = OneLogin_Saml2_Response(settings_2, message_2)
         self.assertFalse(response_6.is_valid(request_data))
-        self.assertEqual('The attributes have expired, based on the SessionNotOnOrAfter of the AttributeStatement of this Response', response_6.get_error())
+        self.assertEqual("The attributes have expired, based on the SessionNotOnOrAfter of the AttributeStatement of this Response", response_6.get_error())
 
     def testIsInValidCert(self):
         """
@@ -1421,12 +1519,12 @@ def testIsInValidCert(self):
         Case invalid cert
         """
         settings_info = self.loadSettingsJSON()
-        settings_info['idp']['x509cert'] = 'NotValidCert'
+        settings_info["idp"]["x509cert"] = "NotValidCert"
         settings = OneLogin_Saml2_Settings(settings_info)
-        xml = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
 
-        with self.assertRaisesRegex(Exception, 'Signature validation failed. SAML Response rejected'):
+        with self.assertRaisesRegex(Exception, "Signature validation failed. SAML Response rejected"):
             response.is_valid(self.get_request_data(), raise_exceptions=True)
 
     def testIsInValidCert2(self):
@@ -1435,9 +1533,11 @@ def testIsInValidCert2(self):
         Case invalid cert2
         """
         settings_info = self.loadSettingsJSON()
-        settings_info['idp']['x509cert'] = 'MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290 MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9 uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0 WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0 Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ='
+        settings_info["idp"][
+            "x509cert"
+        ] = "MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290 MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9 uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0 WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0 Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ="
         settings = OneLogin_Saml2_Settings(settings_info)
-        xml = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertFalse(response.is_valid(self.get_request_data()))
 
@@ -1448,10 +1548,10 @@ def testIsValid(self):
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
 
-        xml = self.file_contents(join(self.data_path, 'responses', 'valid_unsigned_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "valid_unsigned_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         response.is_valid(self.get_request_data())
-        self.assertEqual('No Signature found. SAML Response rejected', response.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response.get_error())
 
     def testIsValid2(self):
         """
@@ -1462,36 +1562,36 @@ def testIsValid2(self):
         settings = OneLogin_Saml2_Settings(settings_info)
 
         # expired cert
-        xml = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
 
         self.assertTrue(response.is_valid(self.get_request_data()))
 
-        settings_info_2 = self.loadSettingsJSON('settings2.json')
+        settings_info_2 = self.loadSettingsJSON("settings2.json")
         settings_2 = OneLogin_Saml2_Settings(settings_info_2)
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'valid_response2.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "valid_response2.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings_2, xml_2)
         self.assertTrue(response_2.is_valid(self.get_request_data()))
 
-        settings_info_3 = self.loadSettingsJSON('settings2.json')
-        idp_cert = OneLogin_Saml2_Utils.format_cert(settings_info_3['idp']['x509cert'])
-        settings_info_3['idp']['certFingerprint'] = OneLogin_Saml2_Utils.calculate_x509_fingerprint(idp_cert)
-        settings_info_3['idp']['x509cert'] = ''
+        settings_info_3 = self.loadSettingsJSON("settings10.json")
+        idp_cert = OneLogin_Saml2_Utils.format_cert(settings_info_3["idp"]["x509cert"])
+        settings_info_3["idp"]["certFingerprint"] = OneLogin_Saml2_Utils.calculate_x509_fingerprint(idp_cert)
+        settings_info_3["idp"]["x509cert"] = ""
         settings_3 = OneLogin_Saml2_Settings(settings_info_3)
         response_3 = OneLogin_Saml2_Response(settings_3, xml_2)
         self.assertTrue(response_3.is_valid(self.get_request_data()))
 
-        settings_info_3['idp']['certFingerprintAlgorithm'] = 'sha1'
+        settings_info_3["idp"]["certFingerprintAlgorithm"] = "sha1"
         settings_4 = OneLogin_Saml2_Settings(settings_info_3)
         response_4 = OneLogin_Saml2_Response(settings_4, xml_2)
         self.assertTrue(response_4.is_valid(self.get_request_data()))
 
-        settings_info_3['idp']['certFingerprintAlgorithm'] = 'sha256'
+        settings_info_3["idp"]["certFingerprintAlgorithm"] = "sha256"
         settings_5 = OneLogin_Saml2_Settings(settings_info_3)
         response_5 = OneLogin_Saml2_Response(settings_5, xml_2)
         self.assertFalse(response_5.is_valid(self.get_request_data()))
 
-        settings_info_3['idp']['certFingerprint'] = OneLogin_Saml2_Utils.calculate_x509_fingerprint(idp_cert, 'sha256')
+        settings_info_3["idp"]["certFingerprint"] = OneLogin_Saml2_Utils.calculate_x509_fingerprint(idp_cert, "sha256")
         settings_6 = OneLogin_Saml2_Settings(settings_info_3)
         response_6 = OneLogin_Saml2_Response(settings_6, xml_2)
         self.assertTrue(response_6.is_valid(self.get_request_data()))
@@ -1507,45 +1607,42 @@ def testIsValidEnc(self):
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
 
         # expired cert
-        xml = self.file_contents(join(self.data_path, 'responses', 'double_signed_encrypted_assertion.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "double_signed_encrypted_assertion.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertTrue(response.is_valid(self.get_request_data()))
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'signed_encrypted_assertion.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "signed_encrypted_assertion.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
         self.assertTrue(response_2.is_valid(self.get_request_data()))
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'signed_message_encrypted_assertion.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "signed_message_encrypted_assertion.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
         self.assertTrue(response_3.is_valid(self.get_request_data()))
 
-        settings_2 = OneLogin_Saml2_Settings(self.loadSettingsJSON('settings2.json'))
-        xml_4 = self.file_contents(join(self.data_path, 'responses', 'double_signed_encrypted_assertion2.xml.base64'))
+        settings_2 = OneLogin_Saml2_Settings(self.loadSettingsJSON("settings2.json"))
+        xml_4 = self.file_contents(join(self.data_path, "responses", "double_signed_encrypted_assertion2.xml.base64"))
         response_4 = OneLogin_Saml2_Response(settings_2, xml_4)
         self.assertTrue(response_4.is_valid(self.get_request_data()))
 
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'signed_encrypted_assertion2.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "signed_encrypted_assertion2.xml.base64"))
         response_5 = OneLogin_Saml2_Response(settings_2, xml_5)
         self.assertTrue(response_5.is_valid(self.get_request_data()))
 
-        xml_6 = self.file_contents(join(self.data_path, 'responses', 'signed_message_encrypted_assertion2.xml.base64'))
+        xml_6 = self.file_contents(join(self.data_path, "responses", "signed_message_encrypted_assertion2.xml.base64"))
         response_6 = OneLogin_Saml2_Response(settings_2, xml_6)
         self.assertTrue(response_6.is_valid(self.get_request_data()))
 
         settings.set_strict(True)
-        xml_7 = self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion.xml.base64'))
+        xml_7 = self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion.xml.base64"))
         # In order to avoid the destination problem
         plain_message = compat.to_string(OneLogin_Saml2_Utils.b64decode(xml_7))
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': 'index.html'
-        }
+        request_data = {"http_host": "example.com", "script_name": "index.html"}
         current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
-        plain_message = plain_message.replace('http://stuff.com/endpoints/endpoints/acs.php', current_url)
+        plain_message = plain_message.replace("http://stuff.com/endpoints/endpoints/acs.php", current_url)
         message = compat.to_string(OneLogin_Saml2_Utils.b64encode(plain_message))
         response_7 = OneLogin_Saml2_Response(settings, message)
         response_7.is_valid(request_data)
-        self.assertEqual('No Signature found. SAML Response rejected', response_7.get_error())
+        self.assertEqual("No Signature found. SAML Response rejected", response_7.get_error())
 
     def testIsValidSign(self):
         """
@@ -1558,47 +1655,47 @@ def testIsValidSign(self):
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
 
         # expired cert
-        xml = self.file_contents(join(self.data_path, 'responses', 'signed_message_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "signed_message_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertTrue(response.is_valid(self.get_request_data()))
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'signed_assertion_response.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "signed_assertion_response.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
         self.assertTrue(response_2.is_valid(self.get_request_data()))
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'double_signed_response.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "double_signed_response.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
         self.assertTrue(response_3.is_valid(self.get_request_data()))
 
-        settings_2 = OneLogin_Saml2_Settings(self.loadSettingsJSON('settings2.json'))
-        xml_4 = self.file_contents(join(self.data_path, 'responses', 'signed_message_response2.xml.base64'))
+        settings_2 = OneLogin_Saml2_Settings(self.loadSettingsJSON("settings2.json"))
+        xml_4 = self.file_contents(join(self.data_path, "responses", "signed_message_response2.xml.base64"))
         response_4 = OneLogin_Saml2_Response(settings_2, xml_4)
         self.assertTrue(response_4.is_valid(self.get_request_data()))
 
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'signed_assertion_response2.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "signed_assertion_response2.xml.base64"))
         response_5 = OneLogin_Saml2_Response(settings_2, xml_5)
         self.assertTrue(response_5.is_valid(self.get_request_data()))
 
-        xml_6 = self.file_contents(join(self.data_path, 'responses', 'double_signed_response2.xml.base64'))
+        xml_6 = self.file_contents(join(self.data_path, "responses", "double_signed_response2.xml.base64"))
         response_6 = OneLogin_Saml2_Response(settings_2, xml_6)
         self.assertTrue(response_6.is_valid(self.get_request_data()))
 
         dom = parseString(b64decode(xml_4))
-        dom.firstChild.firstChild.firstChild.nodeValue = 'https://example.com/other-idp'
+        dom.firstChild.firstChild.firstChild.nodeValue = "https://example.com/other-idp"
         xml_7 = OneLogin_Saml2_Utils.b64encode(dom.toxml())
         response_7 = OneLogin_Saml2_Response(settings, xml_7)
         # Modified message
         self.assertFalse(response_7.is_valid(self.get_request_data()))
 
         dom_2 = parseString(OneLogin_Saml2_Utils.b64decode(xml_5))
-        dom_2.firstChild.firstChild.firstChild.nodeValue = 'https://example.com/other-idp'
+        dom_2.firstChild.firstChild.firstChild.nodeValue = "https://example.com/other-idp"
         xml_8 = OneLogin_Saml2_Utils.b64encode(dom_2.toxml())
         response_8 = OneLogin_Saml2_Response(settings, xml_8)
         # Modified message
         self.assertFalse(response_8.is_valid(self.get_request_data()))
 
         dom_3 = parseString(OneLogin_Saml2_Utils.b64decode(xml_6))
-        dom_3.firstChild.firstChild.firstChild.nodeValue = 'https://example.com/other-idp'
+        dom_3.firstChild.firstChild.firstChild.nodeValue = "https://example.com/other-idp"
         xml_9 = OneLogin_Saml2_Utils.b64encode(dom_3.toxml())
         response_9 = OneLogin_Saml2_Response(settings, xml_9)
         # Modified message
@@ -1615,58 +1712,67 @@ def testIsValidSignFingerprint(self):
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON("settings6.json"))
 
         # expired cert
-        xml = self.file_contents(join(self.data_path, 'responses', 'signed_message_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "signed_message_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertTrue(response.is_valid(self.get_request_data()))
 
-        xml_2 = self.file_contents(join(self.data_path, 'responses', 'signed_assertion_response.xml.base64'))
+        xml_2 = self.file_contents(join(self.data_path, "responses", "signed_assertion_response.xml.base64"))
         response_2 = OneLogin_Saml2_Response(settings, xml_2)
         self.assertTrue(response_2.is_valid(self.get_request_data()))
 
-        xml_3 = self.file_contents(join(self.data_path, 'responses', 'double_signed_response.xml.base64'))
+        xml_3 = self.file_contents(join(self.data_path, "responses", "double_signed_response.xml.base64"))
         response_3 = OneLogin_Saml2_Response(settings, xml_3)
         self.assertTrue(response_3.is_valid(self.get_request_data()))
 
-        settings_2 = OneLogin_Saml2_Settings(self.loadSettingsJSON('settings2.json'))
-        xml_4 = self.file_contents(join(self.data_path, 'responses', 'signed_message_response2.xml.base64'))
+        settings_2 = OneLogin_Saml2_Settings(self.loadSettingsJSON("settings2.json"))
+        xml_4 = self.file_contents(join(self.data_path, "responses", "signed_message_response2.xml.base64"))
         response_4 = OneLogin_Saml2_Response(settings_2, xml_4)
         self.assertTrue(response_4.is_valid(self.get_request_data()))
 
-        xml_5 = self.file_contents(join(self.data_path, 'responses', 'signed_assertion_response2.xml.base64'))
+        xml_5 = self.file_contents(join(self.data_path, "responses", "signed_assertion_response2.xml.base64"))
         response_5 = OneLogin_Saml2_Response(settings_2, xml_5)
         self.assertTrue(response_5.is_valid(self.get_request_data()))
 
-        xml_6 = self.file_contents(join(self.data_path, 'responses', 'double_signed_response2.xml.base64'))
+        xml_6 = self.file_contents(join(self.data_path, "responses", "double_signed_response2.xml.base64"))
         response_6 = OneLogin_Saml2_Response(settings_2, xml_6)
         self.assertTrue(response_6.is_valid(self.get_request_data()))
 
         dom = parseString(b64decode(xml_4))
-        dom.firstChild.firstChild.firstChild.nodeValue = 'https://example.com/other-idp'
+        dom.firstChild.firstChild.firstChild.nodeValue = "https://example.com/other-idp"
         xml_7 = OneLogin_Saml2_Utils.b64encode(dom.toxml())
         response_7 = OneLogin_Saml2_Response(settings, xml_7)
         # Modified message
         self.assertFalse(response_7.is_valid(self.get_request_data()))
 
         dom_2 = parseString(OneLogin_Saml2_Utils.b64decode(xml_5))
-        dom_2.firstChild.firstChild.firstChild.nodeValue = 'https://example.com/other-idp'
+        dom_2.firstChild.firstChild.firstChild.nodeValue = "https://example.com/other-idp"
         xml_8 = OneLogin_Saml2_Utils.b64encode(dom_2.toxml())
         response_8 = OneLogin_Saml2_Response(settings, xml_8)
         # Modified message
         self.assertFalse(response_8.is_valid(self.get_request_data()))
 
         dom_3 = parseString(OneLogin_Saml2_Utils.b64decode(xml_6))
-        dom_3.firstChild.firstChild.firstChild.nodeValue = 'https://example.com/other-idp'
+        dom_3.firstChild.firstChild.firstChild.nodeValue = "https://example.com/other-idp"
         xml_9 = OneLogin_Saml2_Utils.b64encode(dom_3.toxml())
         response_9 = OneLogin_Saml2_Response(settings, xml_9)
         # Modified message
         self.assertFalse(response_9.is_valid(self.get_request_data()))
 
-    def testIsValidSignWithEmptyReferenceURI(self):
-        settings_info = self.loadSettingsJSON()
-        del settings_info['idp']['x509cert']
-        settings_info['idp']['certFingerprint'] = "194d97e4d8c9c8cfa4b721e5ee497fd9660e5213"
+    def testMessageSignedIsValidSignWithEmptyReferenceURI(self):
+        settings_info = self.loadSettingsJSON("settings10.json")
+        del settings_info["idp"]["x509cert"]
+        settings_info["idp"]["certFingerprint"] = "657302a5e11a4794a1e50a705988d66c9377575d"
         settings = OneLogin_Saml2_Settings(settings_info)
-        xml = self.file_contents(join(self.data_path, 'responses', 'response_without_reference_uri.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response_without_reference_uri.xml.base64"))
+        response = OneLogin_Saml2_Response(settings, xml)
+        self.assertTrue(response.is_valid(self.get_request_data()))
+
+    def testAssertionSignedIsValidSignWithEmptyReferenceURI(self):
+        settings_info = self.loadSettingsJSON("settings10.json")
+        del settings_info["idp"]["x509cert"]
+        settings_info["idp"]["certFingerprint"] = "657302a5e11a4794a1e50a705988d66c9377575d"
+        settings = OneLogin_Saml2_Settings(settings_info)
+        xml = self.file_contents(join(self.data_path, "responses", "response_without_assertion_reference_uri.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
         self.assertTrue(response.is_valid(self.get_request_data()))
 
@@ -1678,24 +1784,16 @@ def testIsValidWithoutInResponseTo(self):
 
         # prepare strict settings
         settings_info = self.loadSettingsJSON()
-        settings_info['strict'] = True
-        settings_info['idp']['entityId'] = 'https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php'
-        settings_info['sp']['entityId'] = 'https://pitbulk.no-ip.org/newonelogin/demo1/metadata.php'
+        settings_info["strict"] = True
+        settings_info["idp"]["entityId"] = "https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php"
+        settings_info["sp"]["entityId"] = "https://pitbulk.no-ip.org/newonelogin/demo1/metadata.php"
 
         settings = OneLogin_Saml2_Settings(settings_info)
 
-        xml = self.file_contents(join(self.data_path, 'responses', 'valid_response_without_inresponseto.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "valid_response_without_inresponseto.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
 
-        not_on_or_after = datetime.strptime('2014-02-19T09:37:01Z', '%Y-%m-%dT%H:%M:%SZ')
-        not_on_or_after -= timedelta(seconds=150)
-
-        with freeze_time(not_on_or_after):
-            self.assertTrue(response.is_valid({
-                'https': 'on',
-                'http_host': 'pitbulk.no-ip.org',
-                'script_name': 'newonelogin/demo1/index.php?acs'
-            }))
+        self.assertTrue(response.is_valid({"https": "on", "http_host": "pitbulk.no-ip.org", "script_name": "newonelogin/demo1/index.php?acs"}))
 
     def testIsValidRaisesExceptionWhenRaisesArgumentIsTrue(self):
         """
@@ -1704,7 +1802,7 @@ def testIsValidRaisesExceptionWhenRaisesArgumentIsTrue(self):
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
         settings.set_strict(True)
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_conditions.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "no_conditions.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
 
         self.assertFalse(response.is_valid(self.get_request_data()))
@@ -1717,9 +1815,9 @@ def testStatusCheckBeforeAssertionCheck(self):
         Tests the status of a response is checked before the assertion count. As failed statuses will have no assertions
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'status_code_responder.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "invalids", "status_code_responder.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        with self.assertRaisesRegex(Exception, 'The status code of the Response was not Success, was Responder'):
+        with self.assertRaisesRegex(Exception, "The status code of the Response was not Success, was Responder"):
             response.is_valid(self.get_request_data(), raise_exceptions=True)
 
     def testGetId(self):
@@ -1727,18 +1825,18 @@ def testGetId(self):
         Tests that we can retrieve the ID of the Response
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'signed_message_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "signed_message_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        self.assertEqual(response.get_id(), 'pfxc3d2b542-0f7e-8767-8e87-5b0dc6913375')
+        self.assertEqual(response.get_id(), "pfxf209cd60-f060-722b-02e9-4850ac5a2e41")
 
     def testGetAssertionId(self):
         """
         Tests that we can retrieve the ID of the Assertion
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        xml = self.file_contents(join(self.data_path, 'responses', 'signed_message_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "signed_message_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, xml)
-        self.assertEqual(response.get_assertion_id(), '_cccd6024116641fe48e0ae2c51220d02755f96c98d')
+        self.assertEqual(response.get_assertion_id(), "_cccd6024116641fe48e0ae2c51220d02755f96c98d")
 
     def testGetAssertionNotOnOrAfter(self):
         """
@@ -1748,7 +1846,7 @@ def testGetAssertionNotOnOrAfter(self):
         settings_data = self.loadSettingsJSON()
         request_data = self.get_request_data()
         settings = OneLogin_Saml2_Settings(settings_data)
-        message = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
+        message = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
         response = OneLogin_Saml2_Response(settings, message)
         self.assertIsNone(response.get_assertion_not_on_or_after())
 
@@ -1756,7 +1854,7 @@ def testGetAssertionNotOnOrAfter(self):
         self.assertIsNone(response.get_error())
         self.assertIsNone(response.get_assertion_not_on_or_after())
 
-        settings_data['strict'] = True
+        settings_data["strict"] = True
         settings = OneLogin_Saml2_Settings(settings_data)
         response = OneLogin_Saml2_Response(settings, message)
 
@@ -1764,9 +1862,9 @@ def testGetAssertionNotOnOrAfter(self):
         self.assertNotEqual(response.get_error(), None)
         self.assertIsNone(response.get_assertion_not_on_or_after())
 
-        request_data['https'] = 'on'
-        request_data['http_host'] = 'pitbulk.no-ip.org'
-        request_data['script_name'] = '/newonelogin/demo1/index.php?acs'
+        request_data["https"] = "on"
+        request_data["http_host"] = "pitbulk.no-ip.org"
+        request_data["script_name"] = "/newonelogin/demo1/index.php?acs"
         response.is_valid(request_data)
         self.assertIsNone(response.get_error())
         self.assertEqual(response.get_assertion_not_on_or_after(), 2671081021)
diff --git a/tests/src/OneLogin/saml2_tests/settings_test.py b/tests/src/OneLogin/saml2_tests/settings_test.py
index 75031009..85386fc3 100644
--- a/tests/src/OneLogin/saml2_tests/settings_test.py
+++ b/tests/src/OneLogin/saml2_tests/settings_test.py
@@ -1,7 +1,5 @@
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2010-2018 OneLogin, Inc.
-# MIT License
 
 import json
 from os.path import dirname, join, exists, sep
@@ -14,21 +12,21 @@
 
 
 class OneLogin_Saml2_Settings_Test(unittest.TestCase):
-    data_path = join(dirname(dirname(dirname(dirname(__file__)))), 'data')
-    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), 'settings')
+    data_path = join(dirname(dirname(dirname(dirname(__file__)))), "data")
+    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), "settings")
 
-    def loadSettingsJSON(self, name='settings1.json'):
+    def loadSettingsJSON(self, name="settings1.json"):
         filename = join(self.settings_path, name)
         if exists(filename):
-            stream = open(filename, 'r')
+            stream = open(filename, "r")
             settings = json.load(stream)
             stream.close()
             return settings
         else:
-            raise Exception('Settings json file does not exist')
+            raise Exception("Settings json file does not exist")
 
     def file_contents(self, filename):
-        f = open(filename, 'r')
+        f = open(filename, "r")
         content = f.read()
         f.close()
         return content
@@ -42,75 +40,93 @@ def testLoadSettingsFromDict(self):
         settings = OneLogin_Saml2_Settings(settings_info)
         self.assertEqual(len(settings.get_errors()), 0)
 
-        del settings_info['contactPerson']
-        del settings_info['organization']
+        del settings_info["contactPerson"]
+        del settings_info["organization"]
         settings = OneLogin_Saml2_Settings(settings_info)
         self.assertEqual(len(settings.get_errors()), 0)
 
-        del settings_info['security']
+        del settings_info["security"]
         settings = OneLogin_Saml2_Settings(settings_info)
         self.assertEqual(len(settings.get_errors()), 0)
 
-        del settings_info['sp']['NameIDFormat']
-        del settings_info['idp']['x509cert']
-        settings_info['idp']['certFingerprint'] = 'afe71c28ef740bc87425be13a2263d37971daA1f9'
+        del settings_info["sp"]["NameIDFormat"]
+        del settings_info["idp"]["x509cert"]
+        settings_info["idp"]["certFingerprint"] = "afe71c28ef740bc87425be13a2263d37971daA1f9"
         settings = OneLogin_Saml2_Settings(settings_info)
         self.assertEqual(len(settings.get_errors()), 0)
 
-        settings_info['idp']['singleSignOnService']['url'] = 'invalid_url'
+        settings_info["idp"]["singleSignOnService"]["url"] = "invalid_url"
         try:
             settings_2 = OneLogin_Saml2_Settings(settings_info)
             self.assertNotEqual(len(settings_2.get_errors()), 0)
         except Exception as e:
-            self.assertIn('Invalid dict settings: idp_sso_url_invalid', str(e))
+            self.assertIn("Invalid dict settings: idp_sso_url_invalid", str(e))
 
-        settings_info['idp']['singleSignOnService']['url'] = 'http://invalid_domain'
+        settings_info["idp"]["singleSignOnService"]["url"] = "http://invalid_domain"
         try:
             settings_3 = OneLogin_Saml2_Settings(settings_info)
             self.assertNotEqual(len(settings_3.get_errors()), 0)
         except Exception as e:
-            self.assertIn('Invalid dict settings: idp_sso_url_invalid', str(e))
+            self.assertIn("Invalid dict settings: idp_sso_url_invalid", str(e))
+
+        settings_info["idp"]["singleSignOnService"]["url"] = "http://single-label-domain"
+        settings_info["security"] = {}
+        settings_info["security"]["allowSingleLabelDomains"] = True
+        settings_4 = OneLogin_Saml2_Settings(settings_info)
+        self.assertEqual(len(settings_4.get_errors()), 0)
 
-        del settings_info['sp']
-        del settings_info['idp']
+        del settings_info["security"]
+        del settings_info["sp"]
+        del settings_info["idp"]
         try:
-            settings_4 = OneLogin_Saml2_Settings(settings_info)
-            self.assertNotEqual(len(settings_4.get_errors()), 0)
+            settings_5 = OneLogin_Saml2_Settings(settings_info)
+            self.assertNotEqual(len(settings_5.get_errors()), 0)
         except Exception as e:
-            self.assertIn('Invalid dict settings', str(e))
-            self.assertIn('idp_not_found', str(e))
-            self.assertIn('sp_not_found', str(e))
+            self.assertIn("Invalid dict settings", str(e))
+            self.assertIn("idp_not_found", str(e))
+            self.assertIn("sp_not_found", str(e))
 
         settings_info = self.loadSettingsJSON()
-        settings_info['security']['authnRequestsSigned'] = True
-        settings_info['custom_base_path'] = dirname(__file__)
+        settings_info["security"]["authnRequestsSigned"] = True
+        settings_info["custom_base_path"] = dirname(__file__)
         try:
-            settings_5 = OneLogin_Saml2_Settings(settings_info)
-            self.assertNotEqual(len(settings_5.get_errors()), 0)
+            settings_6 = OneLogin_Saml2_Settings(settings_info)
+            self.assertNotEqual(len(settings_6.get_errors()), 0)
         except Exception as e:
-            self.assertIn('Invalid dict settings: sp_cert_not_found_and_required', str(e))
+            self.assertIn("Invalid dict settings: sp_cert_not_found_and_required", str(e))
 
+        # test if the cert-file is loaded correct with the default filename
         settings_info = self.loadSettingsJSON()
         settings_info['security']['nameIdEncrypted'] = True
         del settings_info['idp']['x509cert']
+        settings_7 = OneLogin_Saml2_Settings(settings_info)
+        self.assertEqual(len(settings_7.get_errors()), 0)
+
+        # test if the cert-file is loaded correct with a custom filename
+        settings_info['idp']['cert_filename'] = "Test_Root_CA.crt"
+        settings_8 = OneLogin_Saml2_Settings(settings_info)
+        self.assertEqual(len(settings_8.get_errors()), 0)
+
+        # test for the correct error, if there is no cert at all
+        settings_info['idp']['cert_filename'] = "not_existing_file.crt"
         try:
-            settings_6 = OneLogin_Saml2_Settings(settings_info)
-            self.assertNotEqual(len(settings_6.get_errors()), 0)
+            settings_9 = OneLogin_Saml2_Settings(settings_info)
+            self.assertNotEqual(len(settings_9.get_errors()), 0)
         except Exception as e:
-            self.assertIn('Invalid dict settings: idp_cert_not_found_and_required', str(e))
+            self.assertIn("Invalid dict settings: idp_cert_not_found_and_required", str(e))
 
     def testLoadSettingsFromInvalidData(self):
         """
         Tests the OneLogin_Saml2_Settings Constructor.
         Case load setting
         """
-        invalid_settings = ('param1', 'param2')
+        invalid_settings = ("param1", "param2")
 
         try:
             OneLogin_Saml2_Settings(invalid_settings)
             self.assertTrue(False)
         except Exception as e:
-            self.assertIn('Unsupported settings object', str(e))
+            self.assertIn("Unsupported settings object", str(e))
 
         settings = OneLogin_Saml2_Settings(custom_base_path=self.settings_path)
         self.assertEqual(len(settings.get_errors()), 0)
@@ -120,7 +136,7 @@ def testLoadSettingsFromFile(self):
         Tests the OneLogin_Saml2_Settings Constructor.
         Case load setting from file
         """
-        custom_base_path = join(dirname(__file__), '..', '..', '..', 'settings')
+        custom_base_path = join(dirname(__file__), "..", "..", "..", "settings")
         settings = OneLogin_Saml2_Settings(custom_base_path=custom_base_path)
         self.assertEqual(len(settings.get_errors()), 0)
 
@@ -128,9 +144,9 @@ def testLoadSettingsFromFile(self):
         try:
             OneLogin_Saml2_Settings(custom_base_path=custom_base_path)
         except Exception as e:
-            self.assertIn('Settings file not found', str(e))
+            self.assertIn("Settings file not found", str(e))
 
-        custom_base_path = join(dirname(__file__), '..', '..', '..', 'data', 'customPath')
+        custom_base_path = join(dirname(__file__), "..", "..", "..", "data", "customPath")
         settings_3 = OneLogin_Saml2_Settings(custom_base_path=custom_base_path)
         self.assertEqual(len(settings_3.get_errors()), 0)
 
@@ -139,31 +155,94 @@ def testGetCertPath(self):
         Tests getCertPath method of the OneLogin_Saml2_Settings
         """
         settings = OneLogin_Saml2_Settings(custom_base_path=self.settings_path)
-        self.assertEqual(self.settings_path + sep + 'certs' + sep, settings.get_cert_path())
+        self.assertEqual(self.settings_path + sep + "certs" + sep, settings.get_cert_path())
 
-    def testGetLibPath(self):
+    def testSetCertPath(self):
         """
-        Tests getLibPath method of the OneLogin_Saml2_Settings
+        Tests setCertPath method of the OneLogin_Saml2_Settings
         """
         settings = OneLogin_Saml2_Settings(custom_base_path=self.settings_path)
-        base = settings.get_base_path()
-        self.assertEqual(join(base, 'lib') + sep, settings.get_lib_path())
+        self.assertEqual(self.settings_path + sep + "certs" + sep, settings.get_cert_path())
+
+        settings.set_cert_path("/tmp")
+        self.assertEqual("/tmp", settings.get_cert_path())
 
-    def testGetExtLibPath(self):
+    def testGetLibPath(self):
         """
-        Tests getExtLibPath method of the OneLogin_Saml2_Settings
+        Tests getLibPath method of the OneLogin_Saml2_Settings
         """
+        settingsInfo = self.loadSettingsJSON()
+        settings = OneLogin_Saml2_Settings(settingsInfo)
+        path = settings.get_base_path()
+        self.assertEqual(settings.get_lib_path(), join(dirname(dirname(dirname(dirname(dirname(__file__))))), "src/onelogin/saml2/"))
+        self.assertEqual(path, join(dirname(dirname(dirname(dirname(dirname(__file__))))), "src/onelogin/saml2/../../../tests/data/customPath/"))
+
+        del settingsInfo["custom_base_path"]
+        settings = OneLogin_Saml2_Settings(settingsInfo)
+        path = settings.get_base_path()
+        self.assertEqual(settings.get_lib_path(), join(dirname(dirname(dirname(dirname(dirname(__file__))))), "src/onelogin/saml2/"))
+        self.assertEqual(path, join(dirname(dirname(dirname(dirname(dirname(__file__))))), "src/"))
+
         settings = OneLogin_Saml2_Settings(custom_base_path=self.settings_path)
-        base = settings.get_base_path()
-        self.assertEqual(join(base, 'extlib') + sep, settings.get_ext_lib_path())
+        path = settings.get_base_path()
+        self.assertEqual(settings.get_lib_path(), join(dirname(dirname(dirname(dirname(dirname(__file__))))), "src/onelogin/saml2/"))
+        self.assertEqual(path, join(dirname(dirname(dirname(dirname(__file__)))), "settings/"))
 
     def testGetSchemasPath(self):
         """
         Tests getSchemasPath method of the OneLogin_Saml2_Settings
         """
+        settingsInfo = self.loadSettingsJSON()
+        settings = OneLogin_Saml2_Settings(settingsInfo)
+        path = settings.get_base_path()
+        self.assertEqual(settings.get_schemas_path(), join(dirname(dirname(dirname(dirname(dirname(__file__))))), "src/onelogin/saml2/schemas/"))
+        self.assertEqual(path, join(dirname(dirname(dirname(dirname(dirname(__file__))))), "src/onelogin/saml2/../../../tests/data/customPath/"))
+
+        del settingsInfo["custom_base_path"]
+        settings = OneLogin_Saml2_Settings(settingsInfo)
+        path = settings.get_base_path()
+        self.assertEqual(settings.get_schemas_path(), join(dirname(dirname(dirname(dirname(dirname(__file__))))), "src/onelogin/saml2/schemas/"))
+        self.assertEqual(path, join(dirname(dirname(dirname(dirname(dirname(__file__))))), "src/"))
+
         settings = OneLogin_Saml2_Settings(custom_base_path=self.settings_path)
-        base = settings.get_base_path()
-        self.assertEqual(join(base, 'lib', 'schemas') + sep, settings.get_schemas_path())
+        path = settings.get_base_path()
+        self.assertEqual(settings.get_schemas_path(), join(dirname(dirname(dirname(dirname(dirname(__file__))))), "src/onelogin/saml2/schemas/"))
+        self.assertEqual(path, join(dirname(dirname(dirname(dirname(__file__)))), "settings/"))
+
+    def testGetIdPSSOurl(self):
+        """
+        Tests the get_idp_sso_url method of the OneLogin_Saml2_Settings class
+        """
+        settings_info = self.loadSettingsJSON()
+        settings = OneLogin_Saml2_Settings(settings_info)
+
+        sso_url = settings_info["idp"]["singleSignOnService"]["url"]
+        self.assertEqual(settings.get_idp_sso_url(), sso_url)
+
+    def testGetIdPSLOurl(self):
+        """
+        Tests the get_idp_slo_url method of the OneLogin_Saml2_Settings class
+        """
+        settings_info = self.loadSettingsJSON()
+        settings = OneLogin_Saml2_Settings(settings_info)
+
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
+        self.assertEqual(settings.get_idp_slo_url(), slo_url)
+
+    def testGetIdPSLOresponseUrl(self):
+        """
+        Tests the get_idp_slo_response_url method of the OneLogin_Saml2_Settings class
+        """
+        settings_info = self.loadSettingsJSON()
+        settings_info["idp"]["singleLogoutService"]["responseUrl"] = "http://idp.example.com/SingleLogoutReturn.php"
+        settings = OneLogin_Saml2_Settings(settings_info)
+        slo_url = settings_info["idp"]["singleLogoutService"]["responseUrl"]
+        self.assertEqual(settings.get_idp_slo_response_url(), slo_url)
+        # test that the function falls back to the url setting if responseUrl is not set
+        settings_info["idp"]["singleLogoutService"].pop("responseUrl")
+        settings = OneLogin_Saml2_Settings(settings_info)
+        slo_url = settings_info["idp"]["singleLogoutService"]["url"]
+        self.assertEqual(settings.get_idp_slo_response_url(), slo_url)
 
     def testGetSPCert(self):
         """
@@ -175,12 +254,12 @@ def testGetSPCert(self):
         self.assertEqual(cert, settings.get_sp_cert())
 
         cert_2 = "-----BEGIN CERTIFICATE-----\nMIICbDCCAdWgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBTMQswCQYDVQQGEwJ1czET\nMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRgwFgYD\nVQQDDA9pZHAuZXhhbXBsZS5jb20wHhcNMTQwOTIzMTIyNDA4WhcNNDIwMjA4MTIy\nNDA4WjBTMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UE\nCgwMT25lbG9naW4gSW5jMRgwFgYDVQQDDA9pZHAuZXhhbXBsZS5jb20wgZ8wDQYJ\nKoZIhvcNAQEBBQADgY0AMIGJAoGBAOWA+YHU7cvPOrBOfxCscsYTJB+kH3MaA9BF\nrSHFS+KcR6cw7oPSktIJxUgvDpQbtfNcOkE/tuOPBDoech7AXfvH6d7Bw7xtW8PP\nJ2mB5Hn/HGW2roYhxmfh3tR5SdwN6i4ERVF8eLkvwCHsNQyK2Ref0DAJvpBNZMHC\npS24916/AgMBAAGjUDBOMB0GA1UdDgQWBBQ77/qVeiigfhYDITplCNtJKZTM8DAf\nBgNVHSMEGDAWgBQ77/qVeiigfhYDITplCNtJKZTM8DAMBgNVHRMEBTADAQH/MA0G\nCSqGSIb3DQEBDQUAA4GBAJO2j/1uO80E5C2PM6Fk9mzerrbkxl7AZ/mvlbOn+sNZ\nE+VZ1AntYuG8ekbJpJtG1YfRfc7EA9mEtqvv4dhv7zBy4nK49OR+KpIBjItWB5kY\nvrqMLKBa32sMbgqqUqeF1ENXKjpvLSuPdfGJZA3dNa/+Dyb8GGqWe707zLyc5F8m\n-----END CERTIFICATE-----\n"
-        settings_data['sp']['x509cert'] = cert_2
+        settings_data["sp"]["x509cert"] = cert_2
         settings = OneLogin_Saml2_Settings(settings_data)
         self.assertEqual(cert_2, settings.get_sp_cert())
 
-        del settings_data['sp']['x509cert']
-        del settings_data['custom_base_path']
+        del settings_data["sp"]["x509cert"]
+        del settings_data["custom_base_path"]
         custom_base_path = dirname(__file__)
 
         settings_3 = OneLogin_Saml2_Settings(settings_data, custom_base_path=custom_base_path)
@@ -196,7 +275,7 @@ def testGetSPCertNew(self):
         self.assertEqual(cert, settings.get_sp_cert())
         self.assertIsNone(settings.get_sp_cert_new())
 
-        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON('settings7.json'))
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON("settings7.json"))
         cert_new = "-----BEGIN CERTIFICATE-----\nMIICVDCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQ0FADBHMQswCQYDVQQGEwJ1czEQ\nMA4GA1UECAwHZXhhbXBsZTEQMA4GA1UECgwHZXhhbXBsZTEUMBIGA1UEAwwLZXhh\nbXBsZS5jb20wHhcNMTcwNDA3MDgzMDAzWhcNMjcwNDA1MDgzMDAzWjBHMQswCQYD\nVQQGEwJ1czEQMA4GA1UECAwHZXhhbXBsZTEQMA4GA1UECgwHZXhhbXBsZTEUMBIG\nA1UEAwwLZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKhP\nS4/0azxbQekHHewQGKD7Pivr3CDpsrKxY3xlVanxj427OwzOb5KUVzsDEazumt6s\nZFY8HfidsjXY4EYA4ZzyL7ciIAR5vlAsIYN9nJ4AwVDnN/RjVwj+TN6BqWPLpVIp\nHc6Dl005HyE0zJnk1DZDn2tQVrIzbD3FhCp7YeotAgMBAAGjUDBOMB0GA1UdDgQW\nBBRYZx4thASfNvR/E7NsCF2IaZ7wIDAfBgNVHSMEGDAWgBRYZx4thASfNvR/E7Ns\nCF2IaZ7wIDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBDQUAA4GBACz4aobx9aG3\nkh+rNyrlgM3K6dYfnKG1/YH5sJCAOvg8kDr0fQAQifH8lFVWumKUMoAe0bFTfwWt\np/VJ8MprrEJth6PFeZdczpuv+fpLcNj2VmNVJqvQYvS4m36OnBFh1QFZW8UrbFIf\ndtm2nuZ+twSKqfKwjLdqcoX0p39h7Uw/\n-----END CERTIFICATE-----\n"
         self.assertEqual(cert, settings.get_sp_cert())
         self.assertEqual(cert_new, settings.get_sp_cert_new())
@@ -211,17 +290,39 @@ def testGetSPKey(self):
         self.assertEqual(key, settings.get_sp_key())
 
         key_2 = "-----BEGIN PRIVATE KEY-----\nMIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAOWA+YHU7cvPOrBO\nfxCscsYTJB+kH3MaA9BFrSHFS+KcR6cw7oPSktIJxUgvDpQbtfNcOkE/tuOPBDoe\nch7AXfvH6d7Bw7xtW8PPJ2mB5Hn/HGW2roYhxmfh3tR5SdwN6i4ERVF8eLkvwCHs\nNQyK2Ref0DAJvpBNZMHCpS24916/AgMBAAECgYEA0wDXZPS9hKqMTNh+nnfONioX\nBjhA6fQ7GVtWKDxa3ofMoPyt7ejGL/Hnvcv13Vn02UAsFx1bKrCstDqVtYwrWrnm\nywXyH+o9paJnTmd+cRIjWU8mRvCrxzH5I/Bcvbp1qZoASuqZEaGwNjM6JpW2o3QT\nmHGMALcLUPfEvhApssECQQDy2e65E86HcFhi/Ta8TQ0odDCNbiWA0bI1Iu8B7z+N\nAy1D1+WnCd7w2u9U6CF/k2nFHCsvxEoeANM0z7h5T/XvAkEA8e4JqKmDrfdiakQT\n7nf9svU2jXZtxSbPiIRMafNikDvzZ1vJCZkvdmaWYL70GlDZIwc9ad67rHZ/n/fq\nX1d0MQJAbRpRsJ5gY+KqItbFt3UaWzlP8sowWR5cZJjsLb9RmsV5mYguKYw6t5R0\nf33GRu1wUFimYlBaR/5w5MIJi57LywJATO1a5uWX+G5MPewNxmsjIY91XEAHIYR4\nwzkGLz5z3dciS4BVCZdLD0QJlxPA/MkuckPwFET9uhYn+M7VGKHvUQJBANSDwsY+\nBdCGpi/WRV37HUfwLl07damaFbW3h08PQx8G8SuF7DpN+FPBcI6VhzrIWNRBxWpr\nkgeGioKNfFWzSaM=\n-----END PRIVATE KEY-----\n"
-        settings_data['sp']['privateKey'] = key_2
+        settings_data["sp"]["privateKey"] = key_2
         settings_2 = OneLogin_Saml2_Settings(settings_data)
         self.assertEqual(key_2, settings_2.get_sp_key())
 
-        del settings_data['sp']['privateKey']
-        del settings_data['custom_base_path']
+        del settings_data["sp"]["privateKey"]
+        del settings_data["custom_base_path"]
         custom_base_path = dirname(__file__)
 
         settings_3 = OneLogin_Saml2_Settings(settings_data, custom_base_path=custom_base_path)
         self.assertIsNone(settings_3.get_sp_key())
 
+    def testGetIDPCert(self):
+        """
+        Tests the get_idp_cert method of the OneLogin_Saml2_Settings
+        """
+
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON("settings9.json"))
+        cert = "-----BEGIN CERTIFICATE-----\nMIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMC\nTk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYD\nVQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG\n9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4\nMTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xi\nZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2Zl\naWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5v\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LO\nNoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHIS\nKOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d\n1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8\nBUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7n\nbK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2Qar\nQ4/67OZfHd7R+POBXhophSMv1ZOo\n-----END CERTIFICATE-----"
+        self.assertEqual(cert, settings.get_idp_cert())
+
+        settings_data = self.loadSettingsJSON()
+
+        settings = OneLogin_Saml2_Settings(settings_data)
+        settings_data["idp"]["x509cert"] = cert
+        self.assertEqual(cert, settings.get_idp_cert())
+
+        del settings_data["idp"]["x509cert"]
+        del settings_data["custom_base_path"]
+        custom_base_path = dirname(__file__)
+
+        settings_3 = OneLogin_Saml2_Settings(settings_data, custom_base_path=custom_base_path)
+        self.assertIsNone(settings_3.get_idp_cert())
+
     def testFormatIdPCert(self):
         """
         Tests the format_idp_cert method of the OneLogin_Saml2_Settings
@@ -232,7 +333,7 @@ def testFormatIdPCert(self):
         self.assertEqual(cert, settings.get_idp_cert())
 
         cert_2 = "-----BEGIN CERTIFICATE-----\nMIICbDCCAdWgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBTMQswCQYDVQQGEwJ1czET\nMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRgwFgYD\nVQQDDA9pZHAuZXhhbXBsZS5jb20wHhcNMTQwOTIzMTIyNDA4WhcNNDIwMjA4MTIy\nNDA4WjBTMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UE\nCgwMT25lbG9naW4gSW5jMRgwFgYDVQQDDA9pZHAuZXhhbXBsZS5jb20wgZ8wDQYJ\nKoZIhvcNAQEBBQADgY0AMIGJAoGBAOWA+YHU7cvPOrBOfxCscsYTJB+kH3MaA9BF\nrSHFS+KcR6cw7oPSktIJxUgvDpQbtfNcOkE/tuOPBDoech7AXfvH6d7Bw7xtW8PP\nJ2mB5Hn/HGW2roYhxmfh3tR5SdwN6i4ERVF8eLkvwCHsNQyK2Ref0DAJvpBNZMHC\npS24916/AgMBAAGjUDBOMB0GA1UdDgQWBBQ77/qVeiigfhYDITplCNtJKZTM8DAf\nBgNVHSMEGDAWgBQ77/qVeiigfhYDITplCNtJKZTM8DAMBgNVHRMEBTADAQH/MA0G\nCSqGSIb3DQEBDQUAA4GBAJO2j/1uO80E5C2PM6Fk9mzerrbkxl7AZ/mvlbOn+sNZ\nE+VZ1AntYuG8ekbJpJtG1YfRfc7EA9mEtqvv4dhv7zBy4nK49OR+KpIBjItWB5kY\nvrqMLKBa32sMbgqqUqeF1ENXKjpvLSuPdfGJZA3dNa/+Dyb8GGqWe707zLyc5F8m\n-----END CERTIFICATE-----\n"
-        settings_data['idp']['x509cert'] = cert_2
+        settings_data["idp"]["x509cert"] = cert_2
         settings = OneLogin_Saml2_Settings(settings_data)
         self.assertEqual(cert_2, settings.get_idp_cert())
 
@@ -246,12 +347,12 @@ def testFormatSPCert(self):
         settings = OneLogin_Saml2_Settings(settings_data)
         self.assertEqual(cert, settings.get_sp_cert())
 
-        settings_data['sp']['x509cert'] = cert
+        settings_data["sp"]["x509cert"] = cert
         settings = OneLogin_Saml2_Settings(settings_data)
         self.assertEqual(cert, settings.get_sp_cert())
 
         cert_2 = "-----BEGIN CERTIFICATE-----\nMIICbDCCAdWgAwIBAgIBADANBgkqhkiG9w0BAQ0FADBTMQswCQYDVQQGEwJ1czET\nMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UECgwMT25lbG9naW4gSW5jMRgwFgYD\nVQQDDA9pZHAuZXhhbXBsZS5jb20wHhcNMTQwOTIzMTIyNDA4WhcNNDIwMjA4MTIy\nNDA4WjBTMQswCQYDVQQGEwJ1czETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMGA1UE\nCgwMT25lbG9naW4gSW5jMRgwFgYDVQQDDA9pZHAuZXhhbXBsZS5jb20wgZ8wDQYJ\nKoZIhvcNAQEBBQADgY0AMIGJAoGBAOWA+YHU7cvPOrBOfxCscsYTJB+kH3MaA9BF\nrSHFS+KcR6cw7oPSktIJxUgvDpQbtfNcOkE/tuOPBDoech7AXfvH6d7Bw7xtW8PP\nJ2mB5Hn/HGW2roYhxmfh3tR5SdwN6i4ERVF8eLkvwCHsNQyK2Ref0DAJvpBNZMHC\npS24916/AgMBAAGjUDBOMB0GA1UdDgQWBBQ77/qVeiigfhYDITplCNtJKZTM8DAf\nBgNVHSMEGDAWgBQ77/qVeiigfhYDITplCNtJKZTM8DAMBgNVHRMEBTADAQH/MA0G\nCSqGSIb3DQEBDQUAA4GBAJO2j/1uO80E5C2PM6Fk9mzerrbkxl7AZ/mvlbOn+sNZ\nE+VZ1AntYuG8ekbJpJtG1YfRfc7EA9mEtqvv4dhv7zBy4nK49OR+KpIBjItWB5kY\nvrqMLKBa32sMbgqqUqeF1ENXKjpvLSuPdfGJZA3dNa/+Dyb8GGqWe707zLyc5F8m\n-----END CERTIFICATE-----\n"
-        settings_data['sp']['x509cert'] = cert_2
+        settings_data["sp"]["x509cert"] = cert_2
         settings = OneLogin_Saml2_Settings(settings_data)
         self.assertEqual(cert_2, settings.get_sp_cert())
 
@@ -261,12 +362,12 @@ def testFormatSPKey(self):
         """
         settings_data = self.loadSettingsJSON()
         key = "-----BEGIN RSA PRIVATE KEY-----\nMIICXgIBAAKBgQDivbhR7P516x/S3BqKxupQe0LONoliupiBOesCO3SHbDrl3+q9\nIbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+\nPbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQAB\nAoGAD4/Z4LWVWV6D1qMIp1Gzr0ZmdWTE1SPdZ7Ej8glGnCzPdguCPuzbhGXmIg0V\nJ5D+02wsqws1zd48JSMXXM8zkYZVwQYIPUsNn5FetQpwxDIMPmhHg+QNBgwOnk8J\nK2sIjjLPL7qY7Itv7LT7Gvm5qSOkZ33RCgXcgz+okEIQMYkCQQDzbTOyDL0c5WQV\n6A2k06T/azdhUdGXF9C0+WkWSfNaovmTgRXh1G+jMlr82Snz4p4/STt7P/XtyWzF\n3pkVgZr3AkEA7nPjXwHlttNEMo6AtxHd47nizK2NUN803ElIUT8P9KSCoERmSXq6\n6PDekGNic4ldpsSvOeYCk8MAYoDBy9kvVwJBAMLgX4xg6lzhv7hR5+pWjTb1rIY6\nrCHbrPfU264+UZXz9v2BT/VUznLF81WMvStD9xAPHpFS6R0OLghSZhdzhI0CQQDL\n8Duvfxzrn4b9QlmduV8wLERoT6rEVxKLsPVz316TGrxJvBZLk/cV0SRZE1cZf4uk\nXSWMfEcJ/0Zt+LdG1CqjAkEAqwLSglJ9Dy3HpgMz4vAAyZWzAxvyA1zW0no9GOLc\nPQnYaNUN/Fy2SYtETXTb0CQ9X1rt8ffkFP7ya+5TC83aMg==\n-----END RSA PRIVATE KEY-----\n"
-        settings_data['sp']['privateKey'] = key
+        settings_data["sp"]["privateKey"] = key
         settings = OneLogin_Saml2_Settings(settings_data)
         self.assertEqual(key, settings.get_sp_key())
 
         key_2 = "-----BEGIN PRIVATE KEY-----\nMIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAOWA+YHU7cvPOrBO\nfxCscsYTJB+kH3MaA9BFrSHFS+KcR6cw7oPSktIJxUgvDpQbtfNcOkE/tuOPBDoe\nch7AXfvH6d7Bw7xtW8PPJ2mB5Hn/HGW2roYhxmfh3tR5SdwN6i4ERVF8eLkvwCHs\nNQyK2Ref0DAJvpBNZMHCpS24916/AgMBAAECgYEA0wDXZPS9hKqMTNh+nnfONioX\nBjhA6fQ7GVtWKDxa3ofMoPyt7ejGL/Hnvcv13Vn02UAsFx1bKrCstDqVtYwrWrnm\nywXyH+o9paJnTmd+cRIjWU8mRvCrxzH5I/Bcvbp1qZoASuqZEaGwNjM6JpW2o3QT\nmHGMALcLUPfEvhApssECQQDy2e65E86HcFhi/Ta8TQ0odDCNbiWA0bI1Iu8B7z+N\nAy1D1+WnCd7w2u9U6CF/k2nFHCsvxEoeANM0z7h5T/XvAkEA8e4JqKmDrfdiakQT\n7nf9svU2jXZtxSbPiIRMafNikDvzZ1vJCZkvdmaWYL70GlDZIwc9ad67rHZ/n/fq\nX1d0MQJAbRpRsJ5gY+KqItbFt3UaWzlP8sowWR5cZJjsLb9RmsV5mYguKYw6t5R0\nf33GRu1wUFimYlBaR/5w5MIJi57LywJATO1a5uWX+G5MPewNxmsjIY91XEAHIYR4\nwzkGLz5z3dciS4BVCZdLD0QJlxPA/MkuckPwFET9uhYn+M7VGKHvUQJBANSDwsY+\nBdCGpi/WRV37HUfwLl07damaFbW3h08PQx8G8SuF7DpN+FPBcI6VhzrIWNRBxWpr\nkgeGioKNfFWzSaM=\n-----END PRIVATE KEY-----\n"
-        settings_data['sp']['privateKey'] = key_2
+        settings_data["sp"]["privateKey"] = key_2
         settings_2 = OneLogin_Saml2_Settings(settings_data)
         self.assertEqual(key_2, settings_2.get_sp_key())
 
@@ -287,112 +388,93 @@ def testCheckSettings(self):
             OneLogin_Saml2_Settings(settings_info)
             self.assertTrue(False)
         except Exception as e:
-            self.assertIn('Invalid dict settings: invalid_syntax', str(e))
+            self.assertIn("Invalid dict settings: invalid_syntax", str(e))
 
-        settings_info['strict'] = True
+        settings_info["strict"] = True
         try:
             OneLogin_Saml2_Settings(settings_info)
             self.assertTrue(False)
         except Exception as e:
-            self.assertIn('idp_not_found', str(e))
-            self.assertIn('sp_not_found', str(e))
-
-        settings_info['idp'] = {}
-        settings_info['idp']['x509cert'] = ''
-        settings_info['sp'] = {}
-        settings_info['sp']['entityID'] = 'SPentityId'
-        settings_info['security'] = {}
-        settings_info['security']['signMetadata'] = False
+            self.assertIn("idp_not_found", str(e))
+            self.assertIn("sp_not_found", str(e))
+
+        settings_info["idp"] = {}
+        settings_info["idp"]["x509cert"] = ""
+        settings_info["sp"] = {}
+        settings_info["sp"]["entityID"] = "SPentityId"
+        settings_info["security"] = {}
+        settings_info["security"]["signMetadata"] = False
         try:
             OneLogin_Saml2_Settings(settings_info)
             self.assertTrue(False)
         except Exception as e:
-            self.assertIn('idp_entityId_not_found', str(e))
-            self.assertIn('idp_sso_not_found', str(e))
-            self.assertIn('sp_entityId_not_found', str(e))
-            self.assertIn('sp_acs_not_found', str(e))
+            self.assertIn("idp_entityId_not_found", str(e))
+            self.assertIn("idp_sso_not_found", str(e))
+            self.assertIn("sp_entityId_not_found", str(e))
+            self.assertIn("sp_acs_not_found", str(e))
 
         # AttributeConsumingService tests
         # serviceName, requestedAttributes are required
-        settings_info['sp']['attributeConsumingService'] = {
-            "serviceDescription": "Test Service"
-        }
+        settings_info["sp"]["attributeConsumingService"] = {"serviceDescription": "Test Service"}
         try:
             OneLogin_Saml2_Settings(settings_info)
             self.assertTrue(False)
         except Exception as e:
-            self.assertIn('sp_attributeConsumingService_serviceName_not_found', str(e))
-            self.assertIn('sp_attributeConsumingService_requestedAttributes_not_found', str(e))
+            self.assertIn("sp_attributeConsumingService_serviceName_not_found", str(e))
+            self.assertIn("sp_attributeConsumingService_requestedAttributes_not_found", str(e))
 
         # requestedAttributes/name is required
-        settings_info['sp']['attributeConsumingService'] = {
+        settings_info["sp"]["attributeConsumingService"] = {
             "serviceName": {},
             "serviceDescription": ["Test Service"],
-            "requestedAttributes": [{
-                "nameFormat": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
-                "friendlyName": "givenName",
-                "isRequired": "False"
-            }
-            ]
+            "requestedAttributes": [{"nameFormat": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", "friendlyName": "givenName", "isRequired": "False"}],
         }
         try:
             OneLogin_Saml2_Settings(settings_info)
             self.assertTrue(False)
         except Exception as e:
-            self.assertIn('sp_attributeConsumingService_requestedAttributes_name_not_found', str(e))
-            self.assertIn('sp_attributeConsumingService_requestedAttributes_isRequired_type_invalid', str(e))
-            self.assertIn('sp_attributeConsumingService_serviceDescription_type_invalid', str(e))
-            self.assertIn('sp_attributeConsumingService_serviceName_type_invalid', str(e))
-
-        settings_info['idp']['entityID'] = 'entityId'
-        settings_info['idp']['singleSignOnService'] = {}
-        settings_info['idp']['singleSignOnService']['url'] = 'invalid_value'
-        settings_info['idp']['singleLogoutService'] = {}
-        settings_info['idp']['singleLogoutService']['url'] = 'invalid_value'
-        settings_info['sp']['assertionConsumerService'] = {}
-        settings_info['sp']['assertionConsumerService']['url'] = 'invalid_value'
-        settings_info['sp']['singleLogoutService'] = {}
-        settings_info['sp']['singleLogoutService']['url'] = 'invalid_value'
+            self.assertIn("sp_attributeConsumingService_requestedAttributes_name_not_found", str(e))
+            self.assertIn("sp_attributeConsumingService_requestedAttributes_isRequired_type_invalid", str(e))
+            self.assertIn("sp_attributeConsumingService_serviceDescription_type_invalid", str(e))
+            self.assertIn("sp_attributeConsumingService_serviceName_type_invalid", str(e))
+
+        settings_info["idp"]["entityID"] = "entityId"
+        settings_info["idp"]["singleSignOnService"] = {}
+        settings_info["idp"]["singleSignOnService"]["url"] = "invalid_value"
+        settings_info["idp"]["singleLogoutService"] = {}
+        settings_info["idp"]["singleLogoutService"]["url"] = "invalid_value"
+        settings_info["sp"]["assertionConsumerService"] = {}
+        settings_info["sp"]["assertionConsumerService"]["url"] = "invalid_value"
+        settings_info["sp"]["singleLogoutService"] = {}
+        settings_info["sp"]["singleLogoutService"]["url"] = "invalid_value"
         try:
             OneLogin_Saml2_Settings(settings_info)
             self.assertTrue(False)
         except Exception as e:
-            self.assertIn('idp_sso_url_invalid', str(e))
-            self.assertIn('idp_slo_url_invalid', str(e))
-            self.assertIn('sp_acs_url_invalid', str(e))
-            self.assertIn('sp_sls_url_invalid', str(e))
+            self.assertIn("idp_sso_url_invalid", str(e))
+            self.assertIn("idp_slo_url_invalid", str(e))
+            self.assertIn("sp_acs_url_invalid", str(e))
+            self.assertIn("sp_sls_url_invalid", str(e))
 
-        settings_info['security']['wantAssertionsSigned'] = True
+        settings_info["security"]["wantAssertionsSigned"] = True
         try:
             OneLogin_Saml2_Settings(settings_info)
             self.assertTrue(False)
         except Exception as e:
-            self.assertIn('idp_cert_or_fingerprint_not_found_and_required', str(e))
+            self.assertIn("idp_cert_or_fingerprint_not_found_and_required", str(e))
 
         settings_info = self.loadSettingsJSON()
-        settings_info['security']['signMetadata'] = {}
-        settings_info['security']['signMetadata']['keyFileName'] = 'metadata.key'
-        settings_info['organization'] = {
-            'en-US': {
-                'name': 'miss_information'
-            }
-        }
-        settings_info['contactPerson'] = {
-            'support': {
-                'givenName': 'support_name'
-            },
-            'auxiliar': {
-                'givenName': 'auxiliar_name',
-                'emailAddress': 'auxiliar@example.com'
-            }
-        }
+        settings_info["security"]["signMetadata"] = {}
+        settings_info["security"]["signMetadata"]["keyFileName"] = "metadata.key"
+        settings_info["organization"] = {"en-US": {"name": "miss_information"}}
+        settings_info["contactPerson"] = {"support": {"givenName": "support_name"}, "auxiliar": {"givenName": "auxiliar_name", "emailAddress": "auxiliar@example.com"}}
         try:
             OneLogin_Saml2_Settings(settings_info)
             self.assertTrue(False)
         except Exception as e:
-            self.assertIn('sp_signMetadata_invalid', str(e))
-            self.assertIn('organization_not_enought_data', str(e))
-            self.assertIn('contact_type_invalid', str(e))
+            self.assertIn("sp_signMetadata_invalid", str(e))
+            self.assertIn("organization_not_enought_data", str(e))
+            self.assertIn("contact_type_invalid", str(e))
 
     def testGetSPMetadata(self):
         """
@@ -400,28 +482,28 @@ def testGetSPMetadata(self):
         Case unsigned metadata
         """
         settings_info = self.loadSettingsJSON()
-        settings_info['security']['wantNameIdEncrypted'] = False
-        settings_info['security']['wantAssertionsEncrypted'] = False
+        settings_info["security"]["wantNameIdEncrypted"] = False
+        settings_info["security"]["wantAssertionsEncrypted"] = False
         settings = OneLogin_Saml2_Settings(settings_info)
         metadata = compat.to_string(settings.get_sp_metadata())
 
         self.assertNotEqual(len(metadata), 0)
-        self.assertIn('<md:SPSSODescriptor', metadata)
+        self.assertIn("<md:SPSSODescriptor", metadata)
         self.assertIn('entityID="http://stuff.com/endpoints/metadata.php"', metadata)
         self.assertIn('AuthnRequestsSigned="false"', metadata)
         self.assertIn('WantAssertionsSigned="false"', metadata)
         self.assertIn('<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://stuff.com/endpoints/endpoints/acs.php" index="1"/>', metadata)
         self.assertIn('<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://stuff.com/endpoints/endpoints/sls.php"/>', metadata)
-        self.assertIn('<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>', metadata)
-        self.assertEqual(1, metadata.count('<md:KeyDescriptor'))
+        self.assertIn("<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>", metadata)
+        self.assertEqual(1, metadata.count("<md:KeyDescriptor"))
         self.assertEqual(1, metadata.count('<md:KeyDescriptor use="signing"'))
         self.assertEqual(0, metadata.count('<md:KeyDescriptor use="encryption"'))
 
-        settings_info['security']['wantNameIdEncrypted'] = False
-        settings_info['security']['wantAssertionsEncrypted'] = True
+        settings_info["security"]["wantNameIdEncrypted"] = False
+        settings_info["security"]["wantAssertionsEncrypted"] = True
         settings = OneLogin_Saml2_Settings(settings_info)
         metadata = compat.to_string(settings.get_sp_metadata())
-        self.assertEqual(2, metadata.count('<md:KeyDescriptor'))
+        self.assertEqual(2, metadata.count("<md:KeyDescriptor"))
         self.assertEqual(1, metadata.count('<md:KeyDescriptor use="signing"'))
         self.assertEqual(1, metadata.count('<md:KeyDescriptor use="encryption"'))
 
@@ -430,22 +512,22 @@ def testGetSPMetadataWithx509certNew(self):
         Tests the getSPMetadata method of the OneLogin_Saml2_Settings
         Case with x509certNew
         """
-        settings_info = self.loadSettingsJSON('settings7.json')
-        settings_info['security']['wantNameIdEncrypted'] = False
-        settings_info['security']['wantAssertionsEncrypted'] = False
+        settings_info = self.loadSettingsJSON("settings7.json")
+        settings_info["security"]["wantNameIdEncrypted"] = False
+        settings_info["security"]["wantAssertionsEncrypted"] = False
         settings = OneLogin_Saml2_Settings(settings_info)
         metadata = compat.to_string(settings.get_sp_metadata())
         self.assertNotEqual(len(metadata), 0)
-        self.assertIn('<md:SPSSODescriptor', metadata)
-        self.assertEqual(2, metadata.count('<md:KeyDescriptor'))
+        self.assertIn("<md:SPSSODescriptor", metadata)
+        self.assertEqual(2, metadata.count("<md:KeyDescriptor"))
         self.assertEqual(2, metadata.count('<md:KeyDescriptor use="signing"'))
         self.assertEqual(0, metadata.count('<md:KeyDescriptor use="encryption"'))
 
-        settings_info['security']['wantNameIdEncrypted'] = True
-        settings_info['security']['wantAssertionsEncrypted'] = False
+        settings_info["security"]["wantNameIdEncrypted"] = True
+        settings_info["security"]["wantAssertionsEncrypted"] = False
         settings = OneLogin_Saml2_Settings(settings_info)
         metadata = compat.to_string(settings.get_sp_metadata())
-        self.assertEqual(4, metadata.count('<md:KeyDescriptor'))
+        self.assertEqual(4, metadata.count("<md:KeyDescriptor"))
         self.assertEqual(2, metadata.count('<md:KeyDescriptor use="signing"'))
         self.assertEqual(2, metadata.count('<md:KeyDescriptor use="encryption"'))
 
@@ -455,34 +537,34 @@ def testGetSPMetadataSigned(self):
         Case signed metadata
         """
         settings_info = self.loadSettingsJSON()
-        if 'security' not in settings_info:
-            settings_info['security'] = {}
+        if "security" not in settings_info:
+            settings_info["security"] = {}
 
-        settings_info['security']['signMetadata'] = {}
+        settings_info["security"]["signMetadata"] = {}
 
         try:
             OneLogin_Saml2_Settings(settings_info)
             self.assertTrue(False)
         except Exception as e:
-            self.assertIn('sp_signMetadata_invalid', str(e))
+            self.assertIn("sp_signMetadata_invalid", str(e))
 
         # Default cert/key
-        settings_info['security']['signMetadata'] = True
+        settings_info["security"]["signMetadata"] = True
         self.generateAndCheckMetadata(settings_info)
 
         # Now try again with SP keys set directly in settings and not from files:
-        del settings_info['custom_base_path']
+        del settings_info["custom_base_path"]
         with self.assertRaises(OneLogin_Saml2_Error):
             OneLogin_Saml2_Settings(settings_info).get_sp_metadata()
 
         # Now the keys should not be found, so metadata generation won't work:
-        del settings_info['sp']['x509cert']
-        del settings_info['sp']['privateKey']
+        del settings_info["sp"]["x509cert"]
+        del settings_info["sp"]["privateKey"]
         with self.assertRaises(OneLogin_Saml2_Error):
             OneLogin_Saml2_Settings(settings_info).get_sp_metadata()
         # Set the keys in the settings:
-        settings_info['sp']['x509cert'] = self.file_contents(join(self.data_path, 'customPath', 'certs', 'sp.crt'))
-        settings_info['sp']['privateKey'] = self.file_contents(join(self.data_path, 'customPath', 'certs', 'sp.key'))
+        settings_info["sp"]["x509cert"] = self.file_contents(join(self.data_path, "customPath", "certs", "sp.crt"))
+        settings_info["sp"]["privateKey"] = self.file_contents(join(self.data_path, "customPath", "certs", "sp.key"))
         self.generateAndCheckMetadata(settings_info)
 
     def generateAndCheckMetadata(self, settings):
@@ -493,17 +575,17 @@ def generateAndCheckMetadata(self, settings):
             settings = OneLogin_Saml2_Settings(settings)
 
         metadata = compat.to_string(settings.get_sp_metadata())
-        self.assertIn('<md:SPSSODescriptor', metadata)
+        self.assertIn("<md:SPSSODescriptor", metadata)
         self.assertIn('entityID="http://stuff.com/endpoints/metadata.php"', metadata)
         self.assertIn('AuthnRequestsSigned="false"', metadata)
         self.assertIn('WantAssertionsSigned="false"', metadata)
         self.assertIn('<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://stuff.com/endpoints/endpoints/acs.php" index="1"/>', metadata)
         self.assertIn('<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://stuff.com/endpoints/endpoints/sls.php"/>', metadata)
-        self.assertIn('<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>', metadata)
+        self.assertIn("<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>", metadata)
         self.assertIn('<ds:SignedInfo>\n<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>', metadata)
-        self.assertIn('<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>', metadata)
-        self.assertIn('<ds:Reference', metadata)
-        self.assertIn('<ds:KeyInfo>\n<ds:X509Data>\n<ds:X509Certificate>', metadata)
+        self.assertIn('<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>', metadata)
+        self.assertIn("<ds:Reference", metadata)
+        self.assertIn("<ds:KeyInfo>\n<ds:X509Data>\n<ds:X509Certificate>", metadata)
 
     def testGetSPMetadataSignedNoMetadataCert(self):
         """
@@ -511,36 +593,30 @@ def testGetSPMetadataSignedNoMetadataCert(self):
         Case signed metadata with specific certs
         """
         settings_info = self.loadSettingsJSON()
-        if 'security' not in settings_info:
-            settings_info['security'] = {}
-        settings_info['security']['signMetadata'] = {}
+        if "security" not in settings_info:
+            settings_info["security"] = {}
+        settings_info["security"]["signMetadata"] = {}
 
         with self.assertRaises(Exception) as context:
             OneLogin_Saml2_Settings(settings_info)
             exception = context.exception
             self.assertIn("sp_signMetadata_invalid", str(exception))
 
-        settings_info['security']['signMetadata'] = {
-            'keyFileName': 'noexist.key',
-            'certFileName': 'sp.crt'
-        }
+        settings_info["security"]["signMetadata"] = {"keyFileName": "noexist.key", "certFileName": "sp.crt"}
         settings = OneLogin_Saml2_Settings(settings_info)
         with self.assertRaises(Exception) as context:
             settings.get_sp_metadata()
             exception = context.exception
             self.assertIn("Private key file not readable", str(exception))
 
-        settings_info['security']['signMetadata'] = {
-            'keyFileName': 'sp.key',
-            'certFileName': 'noexist.crt'
-        }
+        settings_info["security"]["signMetadata"] = {"keyFileName": "sp.key", "certFileName": "noexist.crt"}
         settings = OneLogin_Saml2_Settings(settings_info)
         with self.assertRaises(Exception) as context:
             settings.get_sp_metadata()
             exception = context.exception
             self.assertIn("Public cert file not readable", str(exception))
 
-        settings_info['security']['signMetadata'] = 'invalid_value'
+        settings_info["security"]["signMetadata"] = "invalid_value"
         settings = OneLogin_Saml2_Settings(settings_info)
         with self.assertRaises(Exception) as context:
             settings.get_sp_metadata()
@@ -556,19 +632,19 @@ def testValidateMetadata(self):
         metadata = settings.get_sp_metadata()
         self.assertEqual(len(settings.validate_metadata(metadata)), 0)
 
-        xml = self.file_contents(join(self.data_path, 'metadata', 'metadata_settings1.xml'))
+        xml = self.file_contents(join(self.data_path, "metadata", "metadata_settings1.xml"))
         self.assertEqual(len(settings.validate_metadata(xml)), 0)
 
-        xml_2 = '<xml>invalid</xml>'
-        self.assertIn('invalid_xml', settings.validate_metadata(xml_2))
+        xml_2 = "<xml>invalid</xml>"
+        self.assertIn("invalid_xml", settings.validate_metadata(xml_2))
 
-        xml_3 = self.file_contents(join(self.data_path, 'metadata', 'entities_metadata.xml'))
-        self.assertIn('noEntityDescriptor_xml', settings.validate_metadata(xml_3))
+        xml_3 = self.file_contents(join(self.data_path, "metadata", "entities_metadata.xml"))
+        self.assertIn("noEntityDescriptor_xml", settings.validate_metadata(xml_3))
 
-        xml_4 = self.file_contents(join(self.data_path, 'metadata', 'idp_metadata.xml'))
-        self.assertIn('onlySPSSODescriptor_allowed_xml', settings.validate_metadata(xml_4))
+        xml_4 = self.file_contents(join(self.data_path, "metadata", "idp_metadata.xml"))
+        self.assertIn("onlySPSSODescriptor_allowed_xml", settings.validate_metadata(xml_4))
 
-        xml_5 = self.file_contents(join(self.data_path, 'metadata', 'no_expiration_mark_metadata.xml'))
+        xml_5 = self.file_contents(join(self.data_path, "metadata", "no_expiration_mark_metadata.xml"))
         self.assertEqual(len(settings.validate_metadata(xml_5)), 0)
 
     def testValidateMetadataExpired(self):
@@ -576,10 +652,10 @@ def testValidateMetadataExpired(self):
         Tests the validateMetadata method of the OneLogin_Saml2_Settings
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        metadata = self.file_contents(join(self.data_path, 'metadata', 'expired_metadata_settings1.xml'))
+        metadata = self.file_contents(join(self.data_path, "metadata", "expired_metadata_settings1.xml"))
         errors = settings.validate_metadata(metadata)
         self.assertNotEqual(len(metadata), 0)
-        self.assertIn('expired_xml', errors)
+        self.assertIn("expired_xml", errors)
 
     def testValidateMetadataNoXML(self):
         """
@@ -587,17 +663,17 @@ def testValidateMetadataNoXML(self):
         Case no metadata
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        metadata = ''
+        metadata = ""
         with self.assertRaises(Exception) as context:
             settings.validate_metadata(metadata)
             exception = context.exception
             self.assertIn("t", str(exception))
 
-        metadata = '<no xml>'
+        metadata = "<no xml>"
         errors = settings.validate_metadata(metadata)
 
         self.assertNotEqual(len(errors), 0)
-        self.assertIn('unloaded_xml', errors)
+        self.assertIn("unloaded_xml", errors)
 
     def testValidateMetadataNoEntity(self):
         """
@@ -605,10 +681,10 @@ def testValidateMetadataNoEntity(self):
         Case invalid xml metadata
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        metadata = self.file_contents(join(self.data_path, 'metadata', 'noentity_metadata_settings1.xml'))
+        metadata = self.file_contents(join(self.data_path, "metadata", "noentity_metadata_settings1.xml"))
         errors = settings.validate_metadata(metadata)
         self.assertNotEqual(len(metadata), 0)
-        self.assertIn('invalid_xml', errors)
+        self.assertIn("invalid_xml", errors)
 
     def testGetIdPData(self):
         """
@@ -618,18 +694,18 @@ def testGetIdPData(self):
 
         idp_data = settings.get_idp_data()
         self.assertNotEqual(len(idp_data), 0)
-        self.assertIn('entityId', idp_data)
-        self.assertIn('singleSignOnService', idp_data)
-        self.assertIn('singleLogoutService', idp_data)
-        self.assertIn('x509cert', idp_data)
+        self.assertIn("entityId", idp_data)
+        self.assertIn("singleSignOnService", idp_data)
+        self.assertIn("singleLogoutService", idp_data)
+        self.assertIn("x509cert", idp_data)
 
-        self.assertEqual('http://idp.example.com/', idp_data['entityId'])
-        self.assertEqual('http://idp.example.com/SSOService.php', idp_data['singleSignOnService']['url'])
-        self.assertEqual('http://idp.example.com/SingleLogoutService.php', idp_data['singleLogoutService']['url'])
+        self.assertEqual("http://idp.example.com/", idp_data["entityId"])
+        self.assertEqual("http://idp.example.com/SSOService.php", idp_data["singleSignOnService"]["url"])
+        self.assertEqual("http://idp.example.com/SingleLogoutService.php", idp_data["singleLogoutService"]["url"])
 
-        x509cert = 'MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMCTk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYDVQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xiZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2ZlaWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LONoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7nbK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2QarQ4/67OZfHd7R+POBXhophSMv1ZOo'
+        x509cert = "MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMCTk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYDVQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xiZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2ZlaWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LONoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7nbK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2QarQ4/67OZfHd7R+POBXhophSMv1ZOo"
         formated_x509_cert = OneLogin_Saml2_Utils.format_cert(x509cert)
-        self.assertEqual(formated_x509_cert, idp_data['x509cert'])
+        self.assertEqual(formated_x509_cert, idp_data["x509cert"])
 
     def testGetSPData(self):
         """
@@ -639,15 +715,15 @@ def testGetSPData(self):
 
         sp_data = settings.get_sp_data()
         self.assertNotEqual(len(sp_data), 0)
-        self.assertIn('entityId', sp_data)
-        self.assertIn('assertionConsumerService', sp_data)
-        self.assertIn('singleLogoutService', sp_data)
-        self.assertIn('NameIDFormat', sp_data)
+        self.assertIn("entityId", sp_data)
+        self.assertIn("assertionConsumerService", sp_data)
+        self.assertIn("singleLogoutService", sp_data)
+        self.assertIn("NameIDFormat", sp_data)
 
-        self.assertEqual('http://stuff.com/endpoints/metadata.php', sp_data['entityId'])
-        self.assertEqual('http://stuff.com/endpoints/endpoints/acs.php', sp_data['assertionConsumerService']['url'])
-        self.assertEqual('http://stuff.com/endpoints/endpoints/sls.php', sp_data['singleLogoutService']['url'])
-        self.assertEqual('urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified', sp_data['NameIDFormat'])
+        self.assertEqual("http://stuff.com/endpoints/metadata.php", sp_data["entityId"])
+        self.assertEqual("http://stuff.com/endpoints/endpoints/acs.php", sp_data["assertionConsumerService"]["url"])
+        self.assertEqual("http://stuff.com/endpoints/endpoints/sls.php", sp_data["singleLogoutService"]["url"])
+        self.assertEqual("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", sp_data["NameIDFormat"])
 
     def testGetSecurityData(self):
         """
@@ -657,55 +733,55 @@ def testGetSecurityData(self):
 
         security = settings.get_security_data()
         self.assertNotEqual(len(security), 0)
-        self.assertIn('nameIdEncrypted', security)
-        self.assertIn('authnRequestsSigned', security)
-        self.assertIn('logoutRequestSigned', security)
-        self.assertIn('logoutResponseSigned', security)
-        self.assertIn('signMetadata', security)
-        self.assertIn('wantMessagesSigned', security)
-        self.assertIn('wantAssertionsSigned', security)
-        self.assertIn('requestedAuthnContext', security)
-        self.assertIn('wantNameId', security)
-        self.assertIn('wantNameIdEncrypted', security)
+        self.assertIn("nameIdEncrypted", security)
+        self.assertIn("authnRequestsSigned", security)
+        self.assertIn("logoutRequestSigned", security)
+        self.assertIn("logoutResponseSigned", security)
+        self.assertIn("signMetadata", security)
+        self.assertIn("wantMessagesSigned", security)
+        self.assertIn("wantAssertionsSigned", security)
+        self.assertIn("requestedAuthnContext", security)
+        self.assertIn("wantNameId", security)
+        self.assertIn("wantNameIdEncrypted", security)
 
     def testGetDefaultSecurityValues(self):
         """
         Tests default values of Security advanced sesettings
         """
         settings_json = self.loadSettingsJSON()
-        del settings_json['security']
+        del settings_json["security"]
         settings = OneLogin_Saml2_Settings(settings_json)
         security = settings.get_security_data()
 
-        self.assertIn('nameIdEncrypted', security)
-        self.assertFalse(security.get('nameIdEncrypted'))
+        self.assertIn("nameIdEncrypted", security)
+        self.assertFalse(security.get("nameIdEncrypted"))
 
-        self.assertIn('authnRequestsSigned', security)
-        self.assertFalse(security.get('authnRequestsSigned'))
+        self.assertIn("authnRequestsSigned", security)
+        self.assertFalse(security.get("authnRequestsSigned"))
 
-        self.assertIn('logoutRequestSigned', security)
-        self.assertFalse(security.get('logoutRequestSigned'))
+        self.assertIn("logoutRequestSigned", security)
+        self.assertFalse(security.get("logoutRequestSigned"))
 
-        self.assertIn('logoutResponseSigned', security)
-        self.assertFalse(security.get('logoutResponseSigned'))
+        self.assertIn("logoutResponseSigned", security)
+        self.assertFalse(security.get("logoutResponseSigned"))
 
-        self.assertIn('signMetadata', security)
-        self.assertFalse(security.get('signMetadata'))
+        self.assertIn("signMetadata", security)
+        self.assertFalse(security.get("signMetadata"))
 
-        self.assertIn('wantMessagesSigned', security)
-        self.assertFalse(security.get('wantMessagesSigned'))
+        self.assertIn("wantMessagesSigned", security)
+        self.assertFalse(security.get("wantMessagesSigned"))
 
-        self.assertIn('wantAssertionsSigned', security)
-        self.assertFalse(security.get('wantAssertionsSigned'))
+        self.assertIn("wantAssertionsSigned", security)
+        self.assertFalse(security.get("wantAssertionsSigned"))
 
-        self.assertIn('requestedAuthnContext', security)
-        self.assertTrue(security.get('requestedAuthnContext'))
+        self.assertIn("requestedAuthnContext", security)
+        self.assertTrue(security.get("requestedAuthnContext"))
 
-        self.assertIn('wantNameId', security)
-        self.assertTrue(security.get('wantNameId'))
+        self.assertIn("wantNameId", security)
+        self.assertTrue(security.get("wantNameId"))
 
-        self.assertIn('wantNameIdEncrypted', security)
-        self.assertFalse(security.get('wantNameIdEncrypted'))
+        self.assertIn("wantNameIdEncrypted", security)
+        self.assertFalse(security.get("wantNameIdEncrypted"))
 
     def testGetContacts(self):
         """
@@ -715,10 +791,10 @@ def testGetContacts(self):
 
         contacts = settings.get_contacts()
         self.assertNotEqual(len(contacts), 0)
-        self.assertEqual('technical_name', contacts['technical']['givenName'])
-        self.assertEqual('technical@example.com', contacts['technical']['emailAddress'])
-        self.assertEqual('support_name', contacts['support']['givenName'])
-        self.assertEqual('support@example.com', contacts['support']['emailAddress'])
+        self.assertEqual("technical_name", contacts["technical"]["givenName"])
+        self.assertEqual("technical@example.com", contacts["technical"]["emailAddress"])
+        self.assertEqual("support_name", contacts["support"]["givenName"])
+        self.assertEqual("support@example.com", contacts["support"]["emailAddress"])
 
     def testGetOrganization(self):
         """
@@ -728,9 +804,9 @@ def testGetOrganization(self):
 
         organization = settings.get_organization()
         self.assertNotEqual(len(organization), 0)
-        self.assertEqual('sp_test', organization['en-US']['name'])
-        self.assertEqual('SP test', organization['en-US']['displayname'])
-        self.assertEqual('http://sp.example.com', organization['en-US']['url'])
+        self.assertEqual("sp_test", organization["en-US"]["name"])
+        self.assertEqual("SP test", organization["en-US"]["displayname"])
+        self.assertEqual("http://sp.example.com", organization["en-US"]["url"])
 
     def testSetStrict(self):
         """
@@ -745,23 +821,23 @@ def testSetStrict(self):
 
         settings.set_strict(False)
         self.assertFalse(settings.is_strict())
-        self.assertRaises(AssertionError, settings.set_strict, 'a')
+        self.assertRaises(AssertionError, settings.set_strict, "a")
 
     def testIsStrict(self):
         """
         Tests the isStrict method of the OneLogin_Saml2_Settings
         """
         settings_info = self.loadSettingsJSON()
-        del settings_info['strict']
+        del settings_info["strict"]
 
         settings = OneLogin_Saml2_Settings(settings_info)
-        self.assertFalse(settings.is_strict())
+        self.assertTrue(settings.is_strict())
 
-        settings_info['strict'] = False
+        settings_info["strict"] = False
         settings_2 = OneLogin_Saml2_Settings(settings_info)
         self.assertFalse(settings_2.is_strict())
 
-        settings_info['strict'] = True
+        settings_info["strict"] = True
         settings_3 = OneLogin_Saml2_Settings(settings_info)
         self.assertTrue(settings_3.is_strict())
 
@@ -770,15 +846,15 @@ def testIsDebugActive(self):
         Tests the isDebugActive method of the OneLogin_Saml2_Settings
         """
         settings_info = self.loadSettingsJSON()
-        del settings_info['debug']
+        del settings_info["debug"]
 
         settings = OneLogin_Saml2_Settings(settings_info)
         self.assertFalse(settings.is_debug_active())
 
-        settings_info['debug'] = False
+        settings_info["debug"] = False
         settings_2 = OneLogin_Saml2_Settings(settings_info)
         self.assertFalse(settings_2.is_debug_active())
 
-        settings_info['debug'] = True
+        settings_info["debug"] = True
         settings_3 = OneLogin_Saml2_Settings(settings_info)
         self.assertTrue(settings_3.is_debug_active())
diff --git a/tests/src/OneLogin/saml2_tests/signed_response_test.py b/tests/src/OneLogin/saml2_tests/signed_response_test.py
index 45afb505..844fc930 100644
--- a/tests/src/OneLogin/saml2_tests/signed_response_test.py
+++ b/tests/src/OneLogin/saml2_tests/signed_response_test.py
@@ -1,7 +1,5 @@
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2010-2018 OneLogin, Inc.
-# MIT License
 
 import json
 from os.path import dirname, join, exists
@@ -13,20 +11,20 @@
 
 
 class OneLogin_Saml2_SignedResponse_Test(unittest.TestCase):
-    data_path = join(dirname(__file__), '..', '..', '..', 'data')
+    data_path = join(dirname(__file__), "..", "..", "..", "data")
 
     def loadSettingsJSON(self):
-        filename = join(dirname(__file__), '..', '..', '..', 'settings', 'settings1.json')
+        filename = join(dirname(__file__), "..", "..", "..", "settings", "settings1.json")
         if exists(filename):
-            stream = open(filename, 'r')
+            stream = open(filename, "r")
             settings = json.load(stream)
             stream.close()
             return settings
         else:
-            raise Exception('Settings json file does not exist')
+            raise Exception("Settings json file does not exist")
 
     def file_contents(self, filename):
-        f = open(filename, 'r')
+        f = open(filename, "r")
         content = f.read()
         f.close()
         return content
@@ -37,10 +35,10 @@ def testResponseSignedAssertionNot(self):
         Case valid signed response, unsigned assertion
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        message = self.file_contents(join(self.data_path, 'responses', 'open_saml_response.xml'))
+        message = self.file_contents(join(self.data_path, "responses", "open_saml_response.xml"))
         response = OneLogin_Saml2_Response(settings, OneLogin_Saml2_Utils.b64encode(message))
 
-        self.assertEqual('someone@example.org', response.get_nameid())
+        self.assertEqual("someone@example.org", response.get_nameid())
 
     def testResponseAndAssertionSigned(self):
         """
@@ -48,7 +46,7 @@ def testResponseAndAssertionSigned(self):
         Case valid signed response, signed assertion
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
-        message = self.file_contents(join(self.data_path, 'responses', 'simple_saml_php.xml'))
+        message = self.file_contents(join(self.data_path, "responses", "simple_saml_php.xml"))
         response = OneLogin_Saml2_Response(settings, OneLogin_Saml2_Utils.b64encode(message))
 
-        self.assertEqual('someone@example.com', response.get_nameid())
+        self.assertEqual("someone@example.com", response.get_nameid())
diff --git a/tests/src/OneLogin/saml2_tests/utils_test.py b/tests/src/OneLogin/saml2_tests/utils_test.py
index 366a125b..60637e5f 100644
--- a/tests/src/OneLogin/saml2_tests/utils_test.py
+++ b/tests/src/OneLogin/saml2_tests/utils_test.py
@@ -1,45 +1,44 @@
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2010-2018 OneLogin, Inc.
-# MIT License
 
 from base64 import b64decode
 import json
 from lxml import etree
 from os.path import dirname, join, exists
 import unittest
-from defusedxml.lxml import fromstring
+import sys
 from xml.dom.minidom import parseString
 
 from onelogin.saml2 import compat
 from onelogin.saml2.constants import OneLogin_Saml2_Constants
 from onelogin.saml2.settings import OneLogin_Saml2_Settings
 from onelogin.saml2.utils import OneLogin_Saml2_Utils
+from onelogin.saml2.xmlparser import fromstring
 
 
 class OneLogin_Saml2_Utils_Test(unittest.TestCase):
-    data_path = join(dirname(dirname(dirname(dirname(__file__)))), 'data')
-    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), 'settings')
+    data_path = join(dirname(dirname(dirname(dirname(__file__)))), "data")
+    settings_path = join(dirname(dirname(dirname(dirname(__file__)))), "settings")
 
     # assertRegexpMatches deprecated on python3
     def assertRaisesRegex(self, exception, regexp, msg=None):
-        if hasattr(unittest.TestCase, 'assertRaisesRegex'):
+        if hasattr(unittest.TestCase, "assertRaisesRegex"):
             return super(OneLogin_Saml2_Utils_Test, self).assertRaisesRegex(exception, regexp, msg=msg)
         else:
             return self.assertRaisesRegexp(exception, regexp)
 
-    def loadSettingsJSON(self, name='settings1.json'):
+    def loadSettingsJSON(self, name="settings1.json"):
         filename = join(self.settings_path, name)
         if exists(filename):
-            stream = open(filename, 'r')
+            stream = open(filename, "r")
             settings = json.load(stream)
             stream.close()
             return settings
         else:
-            raise Exception('Settings json file does not exist')
+            raise Exception("Settings json file does not exist")
 
     def file_contents(self, filename):
-        f = open(filename, 'r')
+        f = open(filename, "r")
         content = f.read()
         f.close()
         return content
@@ -49,21 +48,21 @@ def testFormatCert(self):
         Tests the format_cert method of the OneLogin_Saml2_Utils
         """
         settings_info = self.loadSettingsJSON()
-        cert = settings_info['idp']['x509cert']
-        self.assertNotIn('-----BEGIN CERTIFICATE-----', cert)
-        self.assertNotIn('-----END CERTIFICATE-----', cert)
+        cert = settings_info["idp"]["x509cert"]
+        self.assertNotIn("-----BEGIN CERTIFICATE-----", cert)
+        self.assertNotIn("-----END CERTIFICATE-----", cert)
         self.assertEqual(len(cert), 860)
 
         formated_cert1 = OneLogin_Saml2_Utils.format_cert(cert)
-        self.assertIn('-----BEGIN CERTIFICATE-----', formated_cert1)
-        self.assertIn('-----END CERTIFICATE-----', formated_cert1)
+        self.assertIn("-----BEGIN CERTIFICATE-----", formated_cert1)
+        self.assertIn("-----END CERTIFICATE-----", formated_cert1)
 
         formated_cert2 = OneLogin_Saml2_Utils.format_cert(cert, True)
         self.assertEqual(formated_cert1, formated_cert2)
 
         formated_cert3 = OneLogin_Saml2_Utils.format_cert(cert, False)
-        self.assertNotIn('-----BEGIN CERTIFICATE-----', formated_cert3)
-        self.assertNotIn('-----END CERTIFICATE-----', formated_cert3)
+        self.assertNotIn("-----BEGIN CERTIFICATE-----", formated_cert3)
+        self.assertNotIn("-----END CERTIFICATE-----", formated_cert3)
         self.assertEqual(len(formated_cert3), 860)
 
     def testFormatPrivateKey(self):
@@ -72,51 +71,49 @@ def testFormatPrivateKey(self):
         """
         key = "-----BEGIN RSA PRIVATE KEY-----\nMIICXgIBAAKBgQDivbhR7P516x/S3BqKxupQe0LONoliupiBOesCO3SHbDrl3+q9\nIbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+\nPbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQAB\nAoGAD4/Z4LWVWV6D1qMIp1Gzr0ZmdWTE1SPdZ7Ej8glGnCzPdguCPuzbhGXmIg0V\nJ5D+02wsqws1zd48JSMXXM8zkYZVwQYIPUsNn5FetQpwxDIMPmhHg+QNBgwOnk8J\nK2sIjjLPL7qY7Itv7LT7Gvm5qSOkZ33RCgXcgz+okEIQMYkCQQDzbTOyDL0c5WQV\n6A2k06T/azdhUdGXF9C0+WkWSfNaovmTgRXh1G+jMlr82Snz4p4/STt7P/XtyWzF\n3pkVgZr3AkEA7nPjXwHlttNEMo6AtxHd47nizK2NUN803ElIUT8P9KSCoERmSXq6\n6PDekGNic4ldpsSvOeYCk8MAYoDBy9kvVwJBAMLgX4xg6lzhv7hR5+pWjTb1rIY6\nrCHbrPfU264+UZXz9v2BT/VUznLF81WMvStD9xAPHpFS6R0OLghSZhdzhI0CQQDL\n8Duvfxzrn4b9QlmduV8wLERoT6rEVxKLsPVz316TGrxJvBZLk/cV0SRZE1cZf4uk\nXSWMfEcJ/0Zt+LdG1CqjAkEAqwLSglJ9Dy3HpgMz4vAAyZWzAxvyA1zW0no9GOLc\nPQnYaNUN/Fy2SYtETXTb0CQ9X1rt8ffkFP7ya+5TC83aMg==\n-----END RSA PRIVATE KEY-----\n"
         formated_key = OneLogin_Saml2_Utils.format_private_key(key, True)
-        self.assertIn('-----BEGIN RSA PRIVATE KEY-----', formated_key)
-        self.assertIn('-----END RSA PRIVATE KEY-----', formated_key)
+        self.assertIn("-----BEGIN RSA PRIVATE KEY-----", formated_key)
+        self.assertIn("-----END RSA PRIVATE KEY-----", formated_key)
         self.assertEqual(len(formated_key), 891)
 
         formated_key = OneLogin_Saml2_Utils.format_private_key(key, False)
-        self.assertNotIn('-----BEGIN RSA PRIVATE KEY-----', formated_key)
-        self.assertNotIn('-----END RSA PRIVATE KEY-----', formated_key)
+        self.assertNotIn("-----BEGIN RSA PRIVATE KEY-----", formated_key)
+        self.assertNotIn("-----END RSA PRIVATE KEY-----", formated_key)
         self.assertEqual(len(formated_key), 816)
 
         key_2 = "-----BEGIN PRIVATE KEY-----\nMIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAM62buSW9Zgh7CmZ\nouJekK0ac9sgEZkspemjv7SyE6Hbdz+KmUr3C7MI6JuPfVyJbxvMDf3FbgBBK7r5\nyfGgehXwplLMZj8glvV3NkdLMLPWmaw9U5sOzRoym46pVvsEo1PUL2qDK5Wrsm1g\nuY1KIDSHL59NQ7PzDKgm1dxioeXFAgMBAAECgYA/fvRzTReloo3rfWD2Tfv84EpE\nPgaJ2ZghO4Zwl97F8icgIo/R4i760Lq6xgnI+gJiNHz7vcB7XYl0RrRMf3HgbA7z\npJxREmOVltESDHy6lH0TmCdv9xMmHltB+pbGOhqBvuGgFbEOR73lDDV0ln2rEITJ\nA2zjYF+hWe8b0JFeQQJBAOsIIIlHAMngjhCQDD6kla/vce972gCFU7ZeFw16ZMmb\n8W4rGRfQoQWYxSLAFIFsYewSBTccanyYbBNe3njki3ECQQDhJ4cgV6VpTwez4dkp\nU/xCHKoReedAEJhXucTNGpiIqu+TDgIz9aRbrgnUKkS1s06UJhcDRTl/+pCSRRt/\nCA2VAkBkPw4pn1hNwvK1S8t9OJQD+5xcKjZcvIFtKoqonAi7GUGL3OQSDVFw4q1K\n2iSk40aM+06wJ/WfeR+3z2ISrGBxAkAJ20YiF1QpcQlASbHNCl0vs7uKOlDyUAer\nR3mjFPf6e6kzQdi815MTZGIPxK3vWmMlPymgvgYPYTO1A4t5myulAkEA1QioAWcJ\noO26qhUlFRBCR8BMJoVPImV7ndVHE7usHdJvP7V2P9RyuRcMCTVul8RRmyoh/+yG\n4ghMaHo/v0YY5Q==\n-----END PRIVATE KEY-----\n"
         formated_key_2 = OneLogin_Saml2_Utils.format_private_key(key_2, True)
-        self.assertIn('-----BEGIN PRIVATE KEY-----', formated_key_2)
-        self.assertIn('-----END PRIVATE KEY-----', formated_key_2)
+        self.assertIn("-----BEGIN PRIVATE KEY-----", formated_key_2)
+        self.assertIn("-----END PRIVATE KEY-----", formated_key_2)
         self.assertEqual(len(formated_key_2), 916)
 
         formated_key_2 = OneLogin_Saml2_Utils.format_private_key(key_2, False)
-        self.assertNotIn('-----BEGIN PRIVATE KEY-----', formated_key_2)
-        self.assertNotIn('-----END PRIVATE KEY-----', formated_key_2)
+        self.assertNotIn("-----BEGIN PRIVATE KEY-----", formated_key_2)
+        self.assertNotIn("-----END PRIVATE KEY-----", formated_key_2)
         self.assertEqual(len(formated_key_2), 848)
 
-        key_3 = 'MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAM62buSW9Zgh7CmZouJekK0ac9sgEZkspemjv7SyE6Hbdz+KmUr3C7MI6JuPfVyJbxvMDf3FbgBBK7r5yfGgehXwplLMZj8glvV3NkdLMLPWmaw9U5sOzRoym46pVvsEo1PUL2qDK5Wrsm1guY1KIDSHL59NQ7PzDKgm1dxioeXFAgMBAAECgYA/fvRzTReloo3rfWD2Tfv84EpEPgaJ2ZghO4Zwl97F8icgIo/R4i760Lq6xgnI+gJiNHz7vcB7XYl0RrRMf3HgbA7zpJxREmOVltESDHy6lH0TmCdv9xMmHltB+pbGOhqBvuGgFbEOR73lDDV0ln2rEITJA2zjYF+hWe8b0JFeQQJBAOsIIIlHAMngjhCQDD6kla/vce972gCFU7ZeFw16ZMmb8W4rGRfQoQWYxSLAFIFsYewSBTccanyYbBNe3njki3ECQQDhJ4cgV6VpTwez4dkpU/xCHKoReedAEJhXucTNGpiIqu+TDgIz9aRbrgnUKkS1s06UJhcDRTl/+pCSRRt/CA2VAkBkPw4pn1hNwvK1S8t9OJQD+5xcKjZcvIFtKoqonAi7GUGL3OQSDVFw4q1K2iSk40aM+06wJ/WfeR+3z2ISrGBxAkAJ20YiF1QpcQlASbHNCl0vs7uKOlDyUAerR3mjFPf6e6kzQdi815MTZGIPxK3vWmMlPymgvgYPYTO1A4t5myulAkEA1QioAWcJoO26qhUlFRBCR8BMJoVPImV7ndVHE7usHdJvP7V2P9RyuRcMCTVul8RRmyoh/+yG4ghMaHo/v0YY5Q=='
+        key_3 = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAM62buSW9Zgh7CmZouJekK0ac9sgEZkspemjv7SyE6Hbdz+KmUr3C7MI6JuPfVyJbxvMDf3FbgBBK7r5yfGgehXwplLMZj8glvV3NkdLMLPWmaw9U5sOzRoym46pVvsEo1PUL2qDK5Wrsm1guY1KIDSHL59NQ7PzDKgm1dxioeXFAgMBAAECgYA/fvRzTReloo3rfWD2Tfv84EpEPgaJ2ZghO4Zwl97F8icgIo/R4i760Lq6xgnI+gJiNHz7vcB7XYl0RrRMf3HgbA7zpJxREmOVltESDHy6lH0TmCdv9xMmHltB+pbGOhqBvuGgFbEOR73lDDV0ln2rEITJA2zjYF+hWe8b0JFeQQJBAOsIIIlHAMngjhCQDD6kla/vce972gCFU7ZeFw16ZMmb8W4rGRfQoQWYxSLAFIFsYewSBTccanyYbBNe3njki3ECQQDhJ4cgV6VpTwez4dkpU/xCHKoReedAEJhXucTNGpiIqu+TDgIz9aRbrgnUKkS1s06UJhcDRTl/+pCSRRt/CA2VAkBkPw4pn1hNwvK1S8t9OJQD+5xcKjZcvIFtKoqonAi7GUGL3OQSDVFw4q1K2iSk40aM+06wJ/WfeR+3z2ISrGBxAkAJ20YiF1QpcQlASbHNCl0vs7uKOlDyUAerR3mjFPf6e6kzQdi815MTZGIPxK3vWmMlPymgvgYPYTO1A4t5myulAkEA1QioAWcJoO26qhUlFRBCR8BMJoVPImV7ndVHE7usHdJvP7V2P9RyuRcMCTVul8RRmyoh/+yG4ghMaHo/v0YY5Q=="
         formated_key_3 = OneLogin_Saml2_Utils.format_private_key(key_3, True)
-        self.assertIn('-----BEGIN RSA PRIVATE KEY-----', formated_key_3)
-        self.assertIn('-----END RSA PRIVATE KEY-----', formated_key_3)
+        self.assertIn("-----BEGIN RSA PRIVATE KEY-----", formated_key_3)
+        self.assertIn("-----END RSA PRIVATE KEY-----", formated_key_3)
         self.assertEqual(len(formated_key_3), 924)
 
         formated_key_3 = OneLogin_Saml2_Utils.format_private_key(key_3, False)
-        self.assertNotIn('-----BEGIN PRIVATE KEY-----', formated_key_3)
-        self.assertNotIn('-----END PRIVATE KEY-----', formated_key_3)
-        self.assertNotIn('-----BEGIN RSA PRIVATE KEY-----', formated_key_3)
-        self.assertNotIn('-----END RSA PRIVATE KEY-----', formated_key_3)
+        self.assertNotIn("-----BEGIN PRIVATE KEY-----", formated_key_3)
+        self.assertNotIn("-----END PRIVATE KEY-----", formated_key_3)
+        self.assertNotIn("-----BEGIN RSA PRIVATE KEY-----", formated_key_3)
+        self.assertNotIn("-----END RSA PRIVATE KEY-----", formated_key_3)
         self.assertEqual(len(formated_key_3), 848)
 
     def testRedirect(self):
         """
         Tests the redirect method of the OneLogin_Saml2_Utils
         """
-        request_data = {
-            'http_host': 'example.com'
-        }
+        request_data = {"http_host": "example.com"}
 
         # Check relative and absolute
         hostname = OneLogin_Saml2_Utils.get_self_host(request_data)
-        url = 'http://%s/example' % hostname
-        url2 = '/example'
+        url = "http://%s/example" % hostname
+        url2 = "/example"
 
         target_url = OneLogin_Saml2_Utils.redirect(url, {}, request_data)
         target_url2 = OneLogin_Saml2_Utils.redirect(url2, {}, request_data)
@@ -124,48 +121,42 @@ def testRedirect(self):
         self.assertEqual(target_url, target_url2)
 
         # Check that accept http/https and reject other protocols
-        url3 = 'https://%s/example?test=true' % hostname
-        url4 = 'ftp://%s/example' % hostname
+        url3 = "https://%s/example?test=true" % hostname
+        url4 = "ftp://%s/example" % hostname
 
         target_url3 = OneLogin_Saml2_Utils.redirect(url3, {}, request_data)
-        self.assertIn('test=true', target_url3)
+        self.assertIn("test=true", target_url3)
         with self.assertRaises(Exception) as context:
             OneLogin_Saml2_Utils.redirect(url4, {}, request_data)
             exception = context.exception
             self.assertIn("Redirect to invalid URL", str(exception))
 
         # Review parameter prefix
-        parameters1 = {
-            'value1': 'a'
-        }
+        parameters1 = {"value1": "a"}
 
         target_url5 = OneLogin_Saml2_Utils.redirect(url, parameters1, request_data)
-        self.assertEqual('http://%s/example?value1=a' % hostname, target_url5)
+        self.assertEqual("http://%s/example?value1=a" % hostname, target_url5)
 
         target_url6 = OneLogin_Saml2_Utils.redirect(url3, parameters1, request_data)
-        self.assertEqual('https://%s/example?test=true&value1=a' % hostname, target_url6)
+        self.assertEqual("https://%s/example?test=true&value1=a" % hostname, target_url6)
 
         # Review parameters
-        parameters2 = {
-            'alphavalue': 'a',
-            'numvaluelist': ['1', '2'],
-            'testing': None
-        }
+        parameters2 = {"alphavalue": "a", "numvaluelist": ["1", "2"], "testing": None}
 
         target_url7 = OneLogin_Saml2_Utils.redirect(url, parameters2, request_data)
         parameters2_decoded = {"alphavalue": "alphavalue=a", "numvaluelist": "numvaluelist[]=1&numvaluelist[]=2", "testing": "testing"}
         parameters2_str = "&".join(parameters2_decoded[x] for x in parameters2)
-        self.assertEqual('http://%s/example?%s' % (hostname, parameters2_str), target_url7)
+        self.assertEqual("http://%s/example?%s" % (hostname, parameters2_str), target_url7)
 
         parameters3 = {
-            'alphavalue': 'a',
-            'emptynumvaluelist': [],
-            'numvaluelist': [''],
+            "alphavalue": "a",
+            "emptynumvaluelist": [],
+            "numvaluelist": [""],
         }
         parameters3_decoded = {"alphavalue": "alphavalue=a", "numvaluelist": "numvaluelist[]="}
         parameters3_str = "&".join((parameters3_decoded[x] for x in parameters3.keys() if x in parameters3_decoded))
         target_url8 = OneLogin_Saml2_Utils.redirect(url, parameters3, request_data)
-        self.assertEqual('http://%s/example?%s' % (hostname, parameters3_str), target_url8)
+        self.assertEqual("http://%s/example?%s" % (hostname, parameters3_str), target_url8)
 
     def testGetselfhost(self):
         """
@@ -177,94 +168,86 @@ def testGetselfhost(self):
             exception = context.exception
             self.assertIn("No hostname defined", str(exception))
 
-        request_data = {
-            'server_name': 'example.com'
-        }
-        self.assertEqual('example.com', OneLogin_Saml2_Utils.get_self_host(request_data))
+        if sys.version_info > (3, 2, 0):
+            request_data = {"server_name": "example.com"}
+            with self.assertWarns(Warning) as context:
+                self_host = OneLogin_Saml2_Utils.get_self_host(request_data)
 
-        request_data = {
-            'http_host': 'example.com'
-        }
-        self.assertEqual('example.com', OneLogin_Saml2_Utils.get_self_host(request_data))
+            self.assertEqual("example.com", self_host)
 
-        request_data = {
-            'http_host': 'example.com:443'
-        }
-        self.assertEqual('example.com', OneLogin_Saml2_Utils.get_self_host(request_data))
+        request_data = {"http_host": "example.com"}
+        self.assertEqual("example.com", OneLogin_Saml2_Utils.get_self_host(request_data))
 
-        request_data = {
-            'http_host': 'example.com:ok'
-        }
-        self.assertEqual('example.com:ok', OneLogin_Saml2_Utils.get_self_host(request_data))
+        request_data = {"http_host": "example.com:443"}
+        self.assertEqual("example.com:443", OneLogin_Saml2_Utils.get_self_host(request_data))
+
+        request_data = {"http_host": "example.com:ok"}
+        self.assertEqual("example.com:ok", OneLogin_Saml2_Utils.get_self_host(request_data))
 
     def testisHTTPS(self):
         """
         Tests the is_https method of the OneLogin_Saml2_Utils
         """
-        request_data = {
-            'https': 'off'
-        }
+        request_data = {"https": "off"}
         self.assertFalse(OneLogin_Saml2_Utils.is_https(request_data))
 
-        request_data = {
-            'https': 'on'
-        }
+        request_data = {"https": "on"}
         self.assertTrue(OneLogin_Saml2_Utils.is_https(request_data))
 
-        request_data = {
-            'server_port': '80'
-        }
-        self.assertFalse(OneLogin_Saml2_Utils.is_https(request_data))
-
-        request_data = {
-            'server_port': '443'
-        }
+        request_data = {"server_port": "443"}
         self.assertTrue(OneLogin_Saml2_Utils.is_https(request_data))
 
     def testGetSelfURLhost(self):
         """
         Tests the get_self_url_host method of the OneLogin_Saml2_Utils
         """
-        request_data = {
-            'http_host': 'example.com'
-        }
-        self.assertEqual('http://example.com', OneLogin_Saml2_Utils.get_self_url_host(request_data))
+        request_data = {"http_host": "example.com"}
+        self.assertEqual("http://example.com", OneLogin_Saml2_Utils.get_self_url_host(request_data))
 
-        request_data['server_port'] = '80'
-        self.assertEqual('http://example.com', OneLogin_Saml2_Utils.get_self_url_host(request_data))
+        if sys.version_info > (3, 2, 0):
+            with self.assertWarns(Warning) as context:
+                request_data["server_port"] = "80"
+                self.assertEqual("http://example.com", OneLogin_Saml2_Utils.get_self_url_host(request_data))
 
-        request_data['server_port'] = '81'
-        self.assertEqual('http://example.com:81', OneLogin_Saml2_Utils.get_self_url_host(request_data))
+            with self.assertWarns(Warning) as context:
+                request_data["server_port"] = "81"
+                self.assertEqual("http://example.com:81", OneLogin_Saml2_Utils.get_self_url_host(request_data))
 
-        request_data['server_port'] = '443'
-        self.assertEqual('https://example.com', OneLogin_Saml2_Utils.get_self_url_host(request_data))
+            with self.assertWarns(Warning) as context:
+                request_data["server_port"] = "443"
+                self.assertEqual("https://example.com", OneLogin_Saml2_Utils.get_self_url_host(request_data))
 
-        del request_data['server_port']
-        request_data['https'] = 'on'
-        self.assertEqual('https://example.com', OneLogin_Saml2_Utils.get_self_url_host(request_data))
+        del request_data["server_port"]
+        request_data["https"] = "on"
+        self.assertEqual("https://example.com", OneLogin_Saml2_Utils.get_self_url_host(request_data))
 
-        request_data['server_port'] = '444'
-        self.assertEqual('https://example.com:444', OneLogin_Saml2_Utils.get_self_url_host(request_data))
+        if sys.version_info > (3, 2, 0):
+            with self.assertWarns(Warning) as context:
+                request_data["server_port"] = "444"
+                self.assertEqual("https://example.com:444", OneLogin_Saml2_Utils.get_self_url_host(request_data))
 
-        request_data['server_port'] = '443'
-        request_data['request_uri'] = ''
-        self.assertEqual('https://example.com', OneLogin_Saml2_Utils.get_self_url_host(request_data))
+            with self.assertWarns(Warning) as context:
+                request_data["server_port"] = "443"
+                request_data["request_uri"] = ""
+                self.assertEqual("https://example.com", OneLogin_Saml2_Utils.get_self_url_host(request_data))
 
-        request_data['request_uri'] = '/'
-        self.assertEqual('https://example.com', OneLogin_Saml2_Utils.get_self_url_host(request_data))
+            with self.assertWarns(Warning) as context:
+                request_data["request_uri"] = "/"
+                self.assertEqual("https://example.com", OneLogin_Saml2_Utils.get_self_url_host(request_data))
 
-        request_data['request_uri'] = 'onelogin/'
-        self.assertEqual('https://example.com', OneLogin_Saml2_Utils.get_self_url_host(request_data))
+            with self.assertWarns(Warning) as context:
+                request_data["request_uri"] = "onelogin/"
+                self.assertEqual("https://example.com", OneLogin_Saml2_Utils.get_self_url_host(request_data))
 
-        request_data['request_uri'] = '/onelogin'
-        self.assertEqual('https://example.com', OneLogin_Saml2_Utils.get_self_url_host(request_data))
+            with self.assertWarns(Warning) as context:
+                request_data["request_uri"] = "/onelogin"
+                self.assertEqual("https://example.com", OneLogin_Saml2_Utils.get_self_url_host(request_data))
 
-        request_data['request_uri'] = 'https://example.com/onelogin/sso'
-        self.assertEqual('https://example.com', OneLogin_Saml2_Utils.get_self_url_host(request_data))
+            with self.assertWarns(Warning) as context:
+                request_data["request_uri"] = "https://example.com/onelogin/sso"
+                self.assertEqual("https://example.com", OneLogin_Saml2_Utils.get_self_url_host(request_data))
 
-        request_data2 = {
-            'request_uri': 'example.com/onelogin/sso'
-        }
+        request_data2 = {"request_uri": "example.com/onelogin/sso"}
         with self.assertRaises(Exception) as context:
             OneLogin_Saml2_Utils.get_self_url_host(request_data2)
             exception = context.exception
@@ -274,144 +257,127 @@ def testGetSelfURL(self):
         """
         Tests the get_self_url method of the OneLogin_Saml2_Utils
         """
-        request_data = {
-            'http_host': 'example.com'
-        }
+        request_data = {"http_host": "example.com"}
         url = OneLogin_Saml2_Utils.get_self_url_host(request_data)
         self.assertEqual(url, OneLogin_Saml2_Utils.get_self_url(request_data))
 
-        request_data['request_uri'] = ''
+        request_data["request_uri"] = ""
         self.assertEqual(url, OneLogin_Saml2_Utils.get_self_url(request_data))
 
-        request_data['request_uri'] = '/'
-        self.assertEqual(url + '/', OneLogin_Saml2_Utils.get_self_url(request_data))
+        request_data["request_uri"] = "/"
+        self.assertEqual(url + "/", OneLogin_Saml2_Utils.get_self_url(request_data))
 
-        request_data['request_uri'] = 'index.html'
-        self.assertEqual(url + 'index.html', OneLogin_Saml2_Utils.get_self_url(request_data))
+        request_data["request_uri"] = "index.html"
+        self.assertEqual(url + "index.html", OneLogin_Saml2_Utils.get_self_url(request_data))
 
-        request_data['request_uri'] = '?index.html'
-        self.assertEqual(url + '?index.html', OneLogin_Saml2_Utils.get_self_url(request_data))
+        request_data["request_uri"] = "?index.html"
+        self.assertEqual(url + "?index.html", OneLogin_Saml2_Utils.get_self_url(request_data))
 
-        request_data['request_uri'] = '/index.html'
-        self.assertEqual(url + '/index.html', OneLogin_Saml2_Utils.get_self_url(request_data))
+        request_data["request_uri"] = "/index.html"
+        self.assertEqual(url + "/index.html", OneLogin_Saml2_Utils.get_self_url(request_data))
 
-        request_data['request_uri'] = '/index.html?testing'
-        self.assertEqual(url + '/index.html?testing', OneLogin_Saml2_Utils.get_self_url(request_data))
+        request_data["request_uri"] = "/index.html?testing"
+        self.assertEqual(url + "/index.html?testing", OneLogin_Saml2_Utils.get_self_url(request_data))
 
-        request_data['request_uri'] = '/test/index.html?testing'
-        self.assertEqual(url + '/test/index.html?testing', OneLogin_Saml2_Utils.get_self_url(request_data))
+        request_data["request_uri"] = "/test/index.html?testing"
+        self.assertEqual(url + "/test/index.html?testing", OneLogin_Saml2_Utils.get_self_url(request_data))
 
-        request_data['request_uri'] = 'https://example.com/testing'
-        self.assertEqual(url + '/testing', OneLogin_Saml2_Utils.get_self_url(request_data))
+        request_data["request_uri"] = "https://example.com/testing"
+        self.assertEqual(url + "/testing", OneLogin_Saml2_Utils.get_self_url(request_data))
 
     def testGetSelfURLNoQuery(self):
         """
         Tests the get_self_url_no_query method of the OneLogin_Saml2_Utils
         """
-        request_data = {
-            'http_host': 'example.com',
-            'script_name': '/index.html'
-        }
-        url = OneLogin_Saml2_Utils.get_self_url_host(request_data) + request_data['script_name']
+        request_data = {"http_host": "example.com", "script_name": "/index.html"}
+        url = OneLogin_Saml2_Utils.get_self_url_host(request_data) + request_data["script_name"]
         self.assertEqual(url, OneLogin_Saml2_Utils.get_self_url_no_query(request_data))
 
-        request_data['path_info'] = '/test'
-        self.assertEqual(url + '/test', OneLogin_Saml2_Utils.get_self_url_no_query(request_data))
+        request_data["path_info"] = "/test"
+        self.assertEqual(url + "/test", OneLogin_Saml2_Utils.get_self_url_no_query(request_data))
 
     def testGetSelfRoutedURLNoQuery(self):
         """
         Tests the get_self_routed_url_no_query method of the OneLogin_Saml2_Utils
         """
-        request_data = {
-            'http_host': 'example.com',
-            'request_uri': '/example1/route?x=test',
-            'query_string': '?x=test'
-        }
-        url = OneLogin_Saml2_Utils.get_self_url_host(request_data) + '/example1/route'
+        request_data = {"http_host": "example.com", "request_uri": "/example1/route?x=test", "query_string": "?x=test"}
+        url = OneLogin_Saml2_Utils.get_self_url_host(request_data) + "/example1/route"
         self.assertEqual(url, OneLogin_Saml2_Utils.get_self_routed_url_no_query(request_data))
 
         request_data_2 = {
-            'http_host': 'example.com',
-            'request_uri': '',
+            "http_host": "example.com",
+            "request_uri": "",
         }
         url_2 = OneLogin_Saml2_Utils.get_self_url_host(request_data_2)
         self.assertEqual(url_2, OneLogin_Saml2_Utils.get_self_routed_url_no_query(request_data_2))
 
         request_data_3 = {
-            'http_host': 'example.com',
+            "http_host": "example.com",
         }
         url_3 = OneLogin_Saml2_Utils.get_self_url_host(request_data_3)
         self.assertEqual(url_3, OneLogin_Saml2_Utils.get_self_routed_url_no_query(request_data_3))
 
-        request_data_4 = {
-            'http_host': 'example.com',
-            'request_uri': '/example1/route/test/',
-            'query_string': '?invalid=1'
-        }
-        url_4 = OneLogin_Saml2_Utils.get_self_url_host(request_data_4) + '/example1/route/test/'
+        request_data_4 = {"http_host": "example.com", "request_uri": "/example1/route/test/", "query_string": "?invalid=1"}
+        url_4 = OneLogin_Saml2_Utils.get_self_url_host(request_data_4) + "/example1/route/test/"
         self.assertEqual(url_4, OneLogin_Saml2_Utils.get_self_routed_url_no_query(request_data_4))
 
-        request_data_5 = {
-            'http_host': 'example.com',
-            'request_uri': '/example1/route/test/',
-            'query_string': ''
-        }
-        url_5 = OneLogin_Saml2_Utils.get_self_url_host(request_data_5) + '/example1/route/test/'
+        request_data_5 = {"http_host": "example.com", "request_uri": "/example1/route/test/", "query_string": ""}
+        url_5 = OneLogin_Saml2_Utils.get_self_url_host(request_data_5) + "/example1/route/test/"
         self.assertEqual(url_5, OneLogin_Saml2_Utils.get_self_routed_url_no_query(request_data_5))
 
         request_data_6 = {
-            'http_host': 'example.com',
-            'request_uri': '/example1/route/test/',
+            "http_host": "example.com",
+            "request_uri": "/example1/route/test/",
         }
-        url_6 = OneLogin_Saml2_Utils.get_self_url_host(request_data_6) + '/example1/route/test/'
+        url_6 = OneLogin_Saml2_Utils.get_self_url_host(request_data_6) + "/example1/route/test/"
         self.assertEqual(url_6, OneLogin_Saml2_Utils.get_self_routed_url_no_query(request_data_6))
 
     def testGetStatus(self):
         """
         Gets the status of a message
         """
-        xml = self.file_contents(join(self.data_path, 'responses', 'response1.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "response1.xml.base64"))
         xml = b64decode(xml)
         dom = etree.fromstring(xml)
 
         status = OneLogin_Saml2_Utils.get_status(dom)
-        self.assertEqual(OneLogin_Saml2_Constants.STATUS_SUCCESS, status['code'])
+        self.assertEqual(OneLogin_Saml2_Constants.STATUS_SUCCESS, status["code"])
 
-        xml2 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'status_code_responder.xml.base64'))
+        xml2 = self.file_contents(join(self.data_path, "responses", "invalids", "status_code_responder.xml.base64"))
         xml2 = b64decode(xml2)
         dom2 = etree.fromstring(xml2)
 
         status2 = OneLogin_Saml2_Utils.get_status(dom2)
-        self.assertEqual(OneLogin_Saml2_Constants.STATUS_RESPONDER, status2['code'])
-        self.assertEqual('', status2['msg'])
+        self.assertEqual(OneLogin_Saml2_Constants.STATUS_RESPONDER, status2["code"])
+        self.assertEqual("", status2["msg"])
 
-        xml3 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'status_code_responer_and_msg.xml.base64'))
+        xml3 = self.file_contents(join(self.data_path, "responses", "invalids", "status_code_responer_and_msg.xml.base64"))
         xml3 = b64decode(xml3)
         dom3 = etree.fromstring(xml3)
 
         status3 = OneLogin_Saml2_Utils.get_status(dom3)
-        self.assertEqual(OneLogin_Saml2_Constants.STATUS_RESPONDER, status3['code'])
-        self.assertEqual('something_is_wrong', status3['msg'])
+        self.assertEqual(OneLogin_Saml2_Constants.STATUS_RESPONDER, status3["code"])
+        self.assertEqual("something_is_wrong", status3["msg"])
 
-        xml_inv = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_status.xml.base64'))
+        xml_inv = self.file_contents(join(self.data_path, "responses", "invalids", "no_status.xml.base64"))
         xml_inv = b64decode(xml_inv)
         dom_inv = etree.fromstring(xml_inv)
 
-        with self.assertRaisesRegex(Exception, 'Missing Status on response'):
+        with self.assertRaisesRegex(Exception, "Missing Status on response"):
             OneLogin_Saml2_Utils.get_status(dom_inv)
 
-        xml_inv2 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_status_code.xml.base64'))
+        xml_inv2 = self.file_contents(join(self.data_path, "responses", "invalids", "no_status_code.xml.base64"))
         xml_inv2 = b64decode(xml_inv2)
         dom_inv2 = etree.fromstring(xml_inv2)
 
-        with self.assertRaisesRegex(Exception, 'Missing Status Code on response'):
+        with self.assertRaisesRegex(Exception, "Missing Status Code on response"):
             OneLogin_Saml2_Utils.get_status(dom_inv2)
 
     def testParseDuration(self):
         """
         Tests the parse_duration method of the OneLogin_Saml2_Utils
         """
-        duration = 'PT1393462294S'
+        duration = "PT1393462294S"
         timestamp = 1393876825
 
         parsed_duration = OneLogin_Saml2_Utils.parse_duration(duration, timestamp)
@@ -420,17 +386,17 @@ def testParseDuration(self):
         parsed_duration_2 = OneLogin_Saml2_Utils.parse_duration(duration)
         self.assertTrue(parsed_duration_2 > parsed_duration)
 
-        invalid_duration = 'PT1Y'
+        invalid_duration = "PT1Y"
         with self.assertRaises(Exception) as context:
             OneLogin_Saml2_Utils.parse_duration(invalid_duration)
             exception = context.exception
             self.assertIn("Unrecognised ISO 8601 date format", str(exception))
 
-        new_duration = 'P1Y1M'
+        new_duration = "P1Y1M"
         parsed_duration_4 = OneLogin_Saml2_Utils.parse_duration(new_duration, timestamp)
         self.assertEqual(1428091225, parsed_duration_4)
 
-        neg_duration = '-P14M'
+        neg_duration = "-P14M"
         parsed_duration_5 = OneLogin_Saml2_Utils.parse_duration(neg_duration, timestamp)
         self.assertEqual(1357243225, parsed_duration_5)
 
@@ -439,26 +405,34 @@ def testParseSAML2Time(self):
         Tests the parse_SAML_to_time method of the OneLogin_Saml2_Utils
         """
         time = 1386650371
-        saml_time = '2013-12-10T04:39:31Z'
+        saml_time = "2013-12-10T04:39:31Z"
         self.assertEqual(time, OneLogin_Saml2_Utils.parse_SAML_to_time(saml_time))
         with self.assertRaises(Exception) as context:
-            OneLogin_Saml2_Utils.parse_SAML_to_time('invalidSAMLTime')
+            OneLogin_Saml2_Utils.parse_SAML_to_time("invalidSAMLTime")
             exception = context.exception
             self.assertIn("does not match format", str(exception))
 
         # Now test if toolkit supports miliseconds
-        saml_time2 = '2013-12-10T04:39:31.120Z'
+        saml_time2 = "2013-12-10T04:39:31.120Z"
         self.assertEqual(time, OneLogin_Saml2_Utils.parse_SAML_to_time(saml_time2))
 
+        # Now test if toolkit supports microseconds
+        saml_time3 = "2013-12-10T04:39:31.120240Z"
+        self.assertEqual(time, OneLogin_Saml2_Utils.parse_SAML_to_time(saml_time3))
+
+        # Now test if toolkit supports nanoseconds
+        saml_time4 = "2013-12-10T04:39:31.120240360Z"
+        self.assertEqual(time, OneLogin_Saml2_Utils.parse_SAML_to_time(saml_time4))
+
     def testParseTime2SAML(self):
         """
         Tests the parse_time_to_SAML method of the OneLogin_Saml2_Utils
         """
         time = 1386650371
-        saml_time = '2013-12-10T04:39:31Z'
+        saml_time = "2013-12-10T04:39:31Z"
         self.assertEqual(saml_time, OneLogin_Saml2_Utils.parse_time_to_SAML(time))
         with self.assertRaises(Exception) as context:
-            OneLogin_Saml2_Utils.parse_time_to_SAML('invalidtime')
+            OneLogin_Saml2_Utils.parse_time_to_SAML("invalidtime")
             exception = context.exception
             self.assertIn("could not convert string to float", str(exception))
 
@@ -467,18 +441,18 @@ def testGetExpireTime(self):
         Tests the get_expire_time method of the OneLogin_Saml2_Utils
         """
         self.assertEqual(None, OneLogin_Saml2_Utils.get_expire_time())
-        self.assertNotEqual(None, OneLogin_Saml2_Utils.get_expire_time('PT360000S'))
+        self.assertNotEqual(None, OneLogin_Saml2_Utils.get_expire_time("PT360000S"))
 
-        self.assertEqual('1291955971', OneLogin_Saml2_Utils.get_expire_time('PT360000S', '2010-12-10T04:39:31Z'))
-        self.assertEqual('1291955971', OneLogin_Saml2_Utils.get_expire_time('PT360000S', 1291955971))
+        self.assertEqual("1291955971", OneLogin_Saml2_Utils.get_expire_time("PT360000S", "2010-12-10T04:39:31Z"))
+        self.assertEqual("1291955971", OneLogin_Saml2_Utils.get_expire_time("PT360000S", 1291955971))
 
-        self.assertNotEqual('3311642371', OneLogin_Saml2_Utils.get_expire_time('PT360000S', '2074-12-10T04:39:31Z'))
-        self.assertNotEqual('3311642371', OneLogin_Saml2_Utils.get_expire_time('PT360000S', 1418186371))
+        self.assertNotEqual("3311642371", OneLogin_Saml2_Utils.get_expire_time("PT360000S", "2074-12-10T04:39:31Z"))
+        self.assertNotEqual("3311642371", OneLogin_Saml2_Utils.get_expire_time("PT360000S", 1418186371))
 
     def _generate_name_id_element(self, name_qualifier):
-        name_id_value = 'value'
-        entity_id = 'sp-entity-id'
-        name_id_format = 'name-id-format'
+        name_id_value = "value"
+        entity_id = "sp-entity-id"
+        name_id_format = "name-id-format"
 
         raw_name_id = OneLogin_Saml2_Utils.generate_name_id(
             name_id_value,
@@ -493,8 +467,8 @@ def testNameidGenerationIncludesNameQualifierAttribute(self):
         """
         Tests the inclusion of NameQualifier in the generateNameId method of the OneLogin_Saml2_Utils
         """
-        idp_name_qualifier = 'idp-name-qualifier'
-        idp_name_qualifier_attribute = ('NameQualifier', idp_name_qualifier)
+        idp_name_qualifier = "idp-name-qualifier"
+        idp_name_qualifier_attribute = ("NameQualifier", idp_name_qualifier)
 
         name_id = self._generate_name_id_element(idp_name_qualifier)
 
@@ -505,7 +479,7 @@ def testNameidGenerationDoesNotIncludeNameQualifierAttribute(self):
         Tests the (not) inclusion of NameQualifier in the generateNameId method of the OneLogin_Saml2_Utils
         """
         idp_name_qualifier = None
-        not_expected_attribute = 'NameQualifier'
+        not_expected_attribute = "NameQualifier"
 
         name_id = self._generate_name_id_element(idp_name_qualifier)
 
@@ -515,27 +489,27 @@ def testGenerateNameIdWithoutFormat(self):
         """
         Tests the generateNameId method of the OneLogin_Saml2_Utils
         """
-        name_id_value = 'ONELOGIN_ce998811003f4e60f8b07a311dc641621379cfde'
+        name_id_value = "ONELOGIN_ce998811003f4e60f8b07a311dc641621379cfde"
         name_id_format = None
 
         name_id = OneLogin_Saml2_Utils.generate_name_id(name_id_value, None, name_id_format)
-        expected_name_id = '<saml:NameID>ONELOGIN_ce998811003f4e60f8b07a311dc641621379cfde</saml:NameID>'
+        expected_name_id = "<saml:NameID>ONELOGIN_ce998811003f4e60f8b07a311dc641621379cfde</saml:NameID>"
         self.assertEqual(name_id, expected_name_id)
 
     def testGenerateNameIdWithSPNameQualifier(self):
         """
         Tests the generateNameId method of the OneLogin_Saml2_Utils
         """
-        name_id_value = 'ONELOGIN_ce998811003f4e60f8b07a311dc641621379cfde'
-        entity_id = 'http://stuff.com/endpoints/metadata.php'
-        name_id_format = 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'
+        name_id_value = "ONELOGIN_ce998811003f4e60f8b07a311dc641621379cfde"
+        entity_id = "http://stuff.com/endpoints/metadata.php"
+        name_id_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
 
         name_id = OneLogin_Saml2_Utils.generate_name_id(name_id_value, entity_id, name_id_format)
         expected_name_id = '<saml:NameID SPNameQualifier="http://stuff.com/endpoints/metadata.php" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">ONELOGIN_ce998811003f4e60f8b07a311dc641621379cfde</saml:NameID>'
         self.assertEqual(expected_name_id, name_id)
 
         settings_info = self.loadSettingsJSON()
-        x509cert = settings_info['idp']['x509cert']
+        x509cert = settings_info["idp"]["x509cert"]
         key = OneLogin_Saml2_Utils.format_cert(x509cert)
 
         name_id_enc = OneLogin_Saml2_Utils.generate_name_id(name_id_value, entity_id, name_id_format, key)
@@ -546,15 +520,15 @@ def testGenerateNameIdWithoutSPNameQualifier(self):
         """
         Tests the generateNameId method of the OneLogin_Saml2_Utils
         """
-        name_id_value = 'ONELOGIN_ce998811003f4e60f8b07a311dc641621379cfde'
-        name_id_format = 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'
+        name_id_value = "ONELOGIN_ce998811003f4e60f8b07a311dc641621379cfde"
+        name_id_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
 
         name_id = OneLogin_Saml2_Utils.generate_name_id(name_id_value, None, name_id_format)
         expected_name_id = '<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">ONELOGIN_ce998811003f4e60f8b07a311dc641621379cfde</saml:NameID>'
         self.assertEqual(expected_name_id, name_id)
 
         settings_info = self.loadSettingsJSON()
-        x509cert = settings_info['idp']['x509cert']
+        x509cert = settings_info["idp"]["x509cert"]
         key = OneLogin_Saml2_Utils.format_cert(x509cert)
 
         name_id_enc = OneLogin_Saml2_Utils.generate_name_id(name_id_value, None, name_id_format, key)
@@ -568,18 +542,21 @@ def testCalculateX509Fingerprint(self):
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
         cert_path = settings.get_cert_path()
 
-        key = self.file_contents(cert_path + 'sp.key')
-        cert = self.file_contents(cert_path + 'sp.crt')
+        key = self.file_contents(cert_path + "sp.key")
+        cert = self.file_contents(cert_path + "sp.crt")
 
         self.assertEqual(None, OneLogin_Saml2_Utils.calculate_x509_fingerprint(key))
-        self.assertEqual('afe71c28ef740bc87425be13a2263d37971da1f9', OneLogin_Saml2_Utils.calculate_x509_fingerprint(cert))
-        self.assertEqual('afe71c28ef740bc87425be13a2263d37971da1f9', OneLogin_Saml2_Utils.calculate_x509_fingerprint(cert, 'sha1'))
+        self.assertEqual("afe71c28ef740bc87425be13a2263d37971da1f9", OneLogin_Saml2_Utils.calculate_x509_fingerprint(cert))
+        self.assertEqual("afe71c28ef740bc87425be13a2263d37971da1f9", OneLogin_Saml2_Utils.calculate_x509_fingerprint(cert, "sha1"))
 
-        self.assertEqual('c51cfa06c7a49767f6eab18238eae1c56708e29264da3d11f538a12cd2c357ba', OneLogin_Saml2_Utils.calculate_x509_fingerprint(cert, 'sha256'))
+        self.assertEqual("c51cfa06c7a49767f6eab18238eae1c56708e29264da3d11f538a12cd2c357ba", OneLogin_Saml2_Utils.calculate_x509_fingerprint(cert, "sha256"))
 
-        self.assertEqual('bc5826e6f9429247254bae5e3c650e6968a36a62d23075eb168134978d88600559c10830c28711b2c29c7947c0c2eb1d', OneLogin_Saml2_Utils.calculate_x509_fingerprint(cert, 'sha384'))
+        self.assertEqual("bc5826e6f9429247254bae5e3c650e6968a36a62d23075eb168134978d88600559c10830c28711b2c29c7947c0c2eb1d", OneLogin_Saml2_Utils.calculate_x509_fingerprint(cert, "sha384"))
 
-        self.assertEqual('3db29251b97559c67988ea0754cb0573fc409b6f75d89282d57cfb75089539b0bbdb2dcd9ec6e032549ecbc466439d5992e18db2cf5494ca2fe1b2e16f348dff', OneLogin_Saml2_Utils.calculate_x509_fingerprint(cert, 'sha512'))
+        self.assertEqual(
+            "3db29251b97559c67988ea0754cb0573fc409b6f75d89282d57cfb75089539b0bbdb2dcd9ec6e032549ecbc466439d5992e18db2cf5494ca2fe1b2e16f348dff",
+            OneLogin_Saml2_Utils.calculate_x509_fingerprint(cert, "sha512"),
+        )
 
     def testDeleteLocalSession(self):
         """
@@ -606,11 +583,11 @@ def testFormatFingerPrint(self):
         """
         Tests the format_finger_print method of the OneLogin_Saml2_Utils
         """
-        finger_print_1 = 'AF:E7:1C:28:EF:74:0B:C8:74:25:BE:13:A2:26:3D:37:97:1D:A1:F9'
-        self.assertEqual('afe71c28ef740bc87425be13a2263d37971da1f9', OneLogin_Saml2_Utils.format_finger_print(finger_print_1))
+        finger_print_1 = "AF:E7:1C:28:EF:74:0B:C8:74:25:BE:13:A2:26:3D:37:97:1D:A1:F9"
+        self.assertEqual("afe71c28ef740bc87425be13a2263d37971da1f9", OneLogin_Saml2_Utils.format_finger_print(finger_print_1))
 
-        finger_print_2 = 'afe71c28ef740bc87425be13a2263d37971da1f9'
-        self.assertEqual('afe71c28ef740bc87425be13a2263d37971da1f9', OneLogin_Saml2_Utils.format_finger_print(finger_print_2))
+        finger_print_2 = "afe71c28ef740bc87425be13a2263d37971da1f9"
+        self.assertEqual("afe71c28ef740bc87425be13a2263d37971da1f9", OneLogin_Saml2_Utils.format_finger_print(finger_print_2))
 
     def testDecryptElement(self):
         """
@@ -620,68 +597,68 @@ def testDecryptElement(self):
 
         key = settings.get_sp_key()
 
-        xml_nameid_enc = b64decode(self.file_contents(join(self.data_path, 'responses', 'response_encrypted_nameid.xml.base64')))
+        xml_nameid_enc = b64decode(self.file_contents(join(self.data_path, "responses", "response_encrypted_nameid.xml.base64")))
         dom_nameid_enc = etree.fromstring(xml_nameid_enc)
-        encrypted_nameid_nodes = dom_nameid_enc.find('.//saml:EncryptedID', namespaces=OneLogin_Saml2_Constants.NSMAP)
+        encrypted_nameid_nodes = dom_nameid_enc.find(".//saml:EncryptedID", namespaces=OneLogin_Saml2_Constants.NSMAP)
         encrypted_data = encrypted_nameid_nodes[0]
         decrypted_nameid = OneLogin_Saml2_Utils.decrypt_element(encrypted_data, key)
-        self.assertEqual('saml:NameID', decrypted_nameid.tag)
-        self.assertEqual('2de11defd199f8d5bb63f9b7deb265ba5c675c10', decrypted_nameid.text)
+        self.assertEqual("saml:NameID", decrypted_nameid.tag)
+        self.assertEqual("2de11defd199f8d5bb63f9b7deb265ba5c675c10", decrypted_nameid.text)
 
-        xml_assertion_enc = b64decode(self.file_contents(join(self.data_path, 'responses', 'valid_encrypted_assertion_encrypted_nameid.xml.base64')))
+        xml_assertion_enc = b64decode(self.file_contents(join(self.data_path, "responses", "valid_encrypted_assertion_encrypted_nameid.xml.base64")))
         dom_assertion_enc = etree.fromstring(xml_assertion_enc)
-        encrypted_assertion_enc_nodes = dom_assertion_enc.find('.//saml:EncryptedAssertion', namespaces=OneLogin_Saml2_Constants.NSMAP)
+        encrypted_assertion_enc_nodes = dom_assertion_enc.find(".//saml:EncryptedAssertion", namespaces=OneLogin_Saml2_Constants.NSMAP)
         encrypted_data_assert = encrypted_assertion_enc_nodes[0]
 
         decrypted_assertion = OneLogin_Saml2_Utils.decrypt_element(encrypted_data_assert, key)
-        self.assertEqual('{%s}Assertion' % OneLogin_Saml2_Constants.NS_SAML, decrypted_assertion.tag)
-        self.assertEqual('_6fe189b1c241827773902f2b1d3a843418206a5c97', decrypted_assertion.get('ID'))
+        self.assertEqual("{%s}Assertion" % OneLogin_Saml2_Constants.NS_SAML, decrypted_assertion.tag)
+        self.assertEqual("_6fe189b1c241827773902f2b1d3a843418206a5c97", decrypted_assertion.get("ID"))
 
-        encrypted_nameid_nodes = decrypted_assertion.xpath('./saml:Subject/saml:EncryptedID', namespaces=OneLogin_Saml2_Constants.NSMAP)
+        encrypted_nameid_nodes = decrypted_assertion.xpath("./saml:Subject/saml:EncryptedID", namespaces=OneLogin_Saml2_Constants.NSMAP)
         encrypted_data = encrypted_nameid_nodes[0][0]
         decrypted_nameid = OneLogin_Saml2_Utils.decrypt_element(encrypted_data, key)
-        self.assertEqual('{%s}NameID' % OneLogin_Saml2_Constants.NS_SAML, decrypted_nameid.tag)
-        self.assertEqual('457bdb600de717891c77647b0806ce59c089d5b8', decrypted_nameid.text)
+        self.assertEqual("{%s}NameID" % OneLogin_Saml2_Constants.NS_SAML, decrypted_nameid.tag)
+        self.assertEqual("457bdb600de717891c77647b0806ce59c089d5b8", decrypted_nameid.text)
 
-        key_2_file_name = join(self.data_path, 'misc', 'sp2.key')
-        f = open(key_2_file_name, 'r')
+        key_2_file_name = join(self.data_path, "misc", "sp2.key")
+        f = open(key_2_file_name, "r")
         key2 = f.read()
         f.close()
 
         # sp.key and sp2.key are equivalent we should be able to decrypt the nameID again
         decrypted_nameid = OneLogin_Saml2_Utils.decrypt_element(encrypted_data, key2)
-        self.assertIn('{%s}NameID' % (OneLogin_Saml2_Constants.NS_SAML), decrypted_nameid.tag)
-        self.assertEqual('457bdb600de717891c77647b0806ce59c089d5b8', decrypted_nameid.text)
+        self.assertIn("{%s}NameID" % (OneLogin_Saml2_Constants.NS_SAML), decrypted_nameid.tag)
+        self.assertEqual("457bdb600de717891c77647b0806ce59c089d5b8", decrypted_nameid.text)
 
-        key_3_file_name = join(self.data_path, 'misc', 'sp3.key')
-        f = open(key_3_file_name, 'r')
+        key_3_file_name = join(self.data_path, "misc", "sp3.key")
+        f = open(key_3_file_name, "r")
         key3 = f.read()
         f.close()
 
         # sp.key and sp3.key are equivalent we should be able to decrypt the nameID again
         decrypted_nameid = OneLogin_Saml2_Utils.decrypt_element(encrypted_data, key3)
-        self.assertIn('{%s}NameID' % (OneLogin_Saml2_Constants.NS_SAML), decrypted_nameid.tag)
-        self.assertEqual('457bdb600de717891c77647b0806ce59c089d5b8', decrypted_nameid.text)
+        self.assertIn("{%s}NameID" % (OneLogin_Saml2_Constants.NS_SAML), decrypted_nameid.tag)
+        self.assertEqual("457bdb600de717891c77647b0806ce59c089d5b8", decrypted_nameid.text)
 
-        key_4_file_name = join(self.data_path, 'misc', 'sp4.key')
-        f = open(key_4_file_name, 'r')
+        key_4_file_name = join(self.data_path, "misc", "sp4.key")
+        f = open(key_4_file_name, "r")
         key4 = f.read()
         f.close()
 
         with self.assertRaisesRegex(Exception, "(1, 'failed to decrypt')"):
             OneLogin_Saml2_Utils.decrypt_element(encrypted_data, key4)
 
-        xml_nameid_enc_2 = b64decode(self.file_contents(join(self.data_path, 'responses', 'invalids', 'encrypted_nameID_without_EncMethod.xml.base64')))
+        xml_nameid_enc_2 = b64decode(self.file_contents(join(self.data_path, "responses", "invalids", "encrypted_nameID_without_EncMethod.xml.base64")))
         dom_nameid_enc_2 = parseString(xml_nameid_enc_2)
-        encrypted_nameid_nodes_2 = dom_nameid_enc_2.getElementsByTagName('saml:EncryptedID')
+        encrypted_nameid_nodes_2 = dom_nameid_enc_2.getElementsByTagName("saml:EncryptedID")
         encrypted_data_2 = encrypted_nameid_nodes_2[0].firstChild
 
         with self.assertRaisesRegex(Exception, "(1, 'failed to decrypt')"):
             OneLogin_Saml2_Utils.decrypt_element(encrypted_data_2, key)
 
-        xml_nameid_enc_3 = b64decode(self.file_contents(join(self.data_path, 'responses', 'invalids', 'encrypted_nameID_without_keyinfo.xml.base64')))
+        xml_nameid_enc_3 = b64decode(self.file_contents(join(self.data_path, "responses", "invalids", "encrypted_nameID_without_keyinfo.xml.base64")))
         dom_nameid_enc_3 = parseString(xml_nameid_enc_3)
-        encrypted_nameid_nodes_3 = dom_nameid_enc_3.getElementsByTagName('saml:EncryptedID')
+        encrypted_nameid_nodes_3 = dom_nameid_enc_3.getElementsByTagName("saml:EncryptedID")
         encrypted_data_3 = encrypted_nameid_nodes_3[0].firstChild
 
         with self.assertRaisesRegex(Exception, "(1, 'failed to decrypt')"):
@@ -695,20 +672,20 @@ def testDecryptElementInplace(self):
 
         key = settings.get_sp_key()
 
-        xml_nameid_enc = b64decode(self.file_contents(join(self.data_path, 'responses', 'response_encrypted_nameid.xml.base64')))
+        xml_nameid_enc = b64decode(self.file_contents(join(self.data_path, "responses", "response_encrypted_nameid.xml.base64")))
         dom = fromstring(xml_nameid_enc)
-        encrypted_node = dom.xpath('//saml:EncryptedID/xenc:EncryptedData', namespaces=OneLogin_Saml2_Constants.NSMAP)[0]
+        encrypted_node = dom.xpath("//saml:EncryptedID/xenc:EncryptedData", namespaces=OneLogin_Saml2_Constants.NSMAP)[0]
 
         # can be decrypted twice when copy the node first
         for _ in range(2):
             decrypted_nameid = OneLogin_Saml2_Utils.decrypt_element(encrypted_node, key, inplace=False)
-            self.assertIn('NameID', decrypted_nameid.tag)
-            self.assertEqual('2de11defd199f8d5bb63f9b7deb265ba5c675c10', decrypted_nameid.text)
+            self.assertIn("NameID", decrypted_nameid.tag)
+            self.assertEqual("2de11defd199f8d5bb63f9b7deb265ba5c675c10", decrypted_nameid.text)
 
         # can only be decrypted once in place
         decrypted_nameid = OneLogin_Saml2_Utils.decrypt_element(encrypted_node, key, inplace=True)
-        self.assertIn('NameID', decrypted_nameid.tag)
-        self.assertEqual('2de11defd199f8d5bb63f9b7deb265ba5c675c10', decrypted_nameid.text)
+        self.assertIn("NameID", decrypted_nameid.tag)
+        self.assertEqual("2de11defd199f8d5bb63f9b7deb265ba5c675c10", decrypted_nameid.text)
 
         # can't be decrypted twice since it has been decrypted inplace
         with self.assertRaisesRegex(Exception, "(1, 'failed to decrypt')"):
@@ -722,60 +699,60 @@ def testAddSign(self):
         key = settings.get_sp_key()
         cert = settings.get_sp_cert()
 
-        xml_authn = b64decode(self.file_contents(join(self.data_path, 'requests', 'authn_request.xml.base64')))
+        xml_authn = b64decode(self.file_contents(join(self.data_path, "requests", "authn_request.xml.base64")))
         xml_authn_signed = compat.to_string(OneLogin_Saml2_Utils.add_sign(xml_authn, key, cert))
-        self.assertIn('<ds:SignatureValue>', xml_authn_signed)
+        self.assertIn("<ds:SignatureValue>", xml_authn_signed)
 
         res = parseString(xml_authn_signed)
-        ds_signature = res.firstChild.firstChild.nextSibling.nextSibling
-        self.assertIn('ds:Signature', ds_signature.tagName)
+        ds_signature = res.firstChild.firstChild.nextSibling.nextSibling.nextSibling
+        self.assertIn("ds:Signature", ds_signature.tagName)
 
         xml_authn_dom = parseString(xml_authn)
         xml_authn_signed_2 = compat.to_string(OneLogin_Saml2_Utils.add_sign(xml_authn_dom.toxml(), key, cert))
-        self.assertIn('<ds:SignatureValue>', xml_authn_signed_2)
+        self.assertIn("<ds:SignatureValue>", xml_authn_signed_2)
         res_2 = parseString(xml_authn_signed_2)
-        ds_signature_2 = res_2.firstChild.firstChild.nextSibling.nextSibling
-        self.assertIn('ds:Signature', ds_signature_2.tagName)
+        ds_signature_2 = res_2.firstChild.firstChild.nextSibling.nextSibling.nextSibling
+        self.assertIn("ds:Signature", ds_signature_2.tagName)
 
         xml_authn_signed_3 = compat.to_string(OneLogin_Saml2_Utils.add_sign(xml_authn_dom.firstChild.toxml(), key, cert))
-        self.assertIn('<ds:SignatureValue>', xml_authn_signed_3)
+        self.assertIn("<ds:SignatureValue>", xml_authn_signed_3)
         res_3 = parseString(xml_authn_signed_3)
-        ds_signature_3 = res_3.firstChild.firstChild.nextSibling.nextSibling
-        self.assertIn('ds:Signature', ds_signature_3.tagName)
+        ds_signature_3 = res_3.firstChild.firstChild.nextSibling.nextSibling.nextSibling
+        self.assertIn("ds:Signature", ds_signature_3.tagName)
 
         xml_authn_etree = etree.fromstring(xml_authn)
         xml_authn_signed_4 = compat.to_string(OneLogin_Saml2_Utils.add_sign(xml_authn_etree, key, cert))
-        self.assertIn('<ds:SignatureValue>', xml_authn_signed_4)
+        self.assertIn("<ds:SignatureValue>", xml_authn_signed_4)
         res_4 = parseString(xml_authn_signed_4)
-        ds_signature_4 = res_4.firstChild.firstChild.nextSibling.nextSibling
-        self.assertIn('ds:Signature', ds_signature_4.tagName)
+        ds_signature_4 = res_4.firstChild.firstChild.nextSibling.nextSibling.nextSibling
+        self.assertIn("ds:Signature", ds_signature_4.tagName)
 
         xml_authn_signed_5 = compat.to_string(OneLogin_Saml2_Utils.add_sign(xml_authn_etree, key, cert))
-        self.assertIn('<ds:SignatureValue>', xml_authn_signed_5)
+        self.assertIn("<ds:SignatureValue>", xml_authn_signed_5)
         res_5 = parseString(xml_authn_signed_5)
-        ds_signature_5 = res_5.firstChild.firstChild.nextSibling.nextSibling
-        self.assertIn('ds:Signature', ds_signature_5.tagName)
+        ds_signature_5 = res_5.firstChild.firstChild.nextSibling.nextSibling.nextSibling.nextSibling
+        self.assertIn("ds:Signature", ds_signature_5.tagName)
 
-        xml_logout_req = b64decode(self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml.base64')))
+        xml_logout_req = b64decode(self.file_contents(join(self.data_path, "logout_requests", "logout_request.xml.base64")))
         xml_logout_req_signed = compat.to_string(OneLogin_Saml2_Utils.add_sign(xml_logout_req, key, cert))
-        self.assertIn('<ds:SignatureValue>', xml_logout_req_signed)
+        self.assertIn("<ds:SignatureValue>", xml_logout_req_signed)
         res_6 = parseString(xml_logout_req_signed)
-        ds_signature_6 = res_6.firstChild.firstChild.nextSibling.nextSibling
-        self.assertIn('ds:Signature', ds_signature_6.tagName)
+        ds_signature_6 = res_6.firstChild.firstChild.nextSibling.nextSibling.nextSibling
+        self.assertIn("ds:Signature", ds_signature_6.tagName)
 
-        xml_logout_res = b64decode(self.file_contents(join(self.data_path, 'logout_responses', 'logout_response.xml.base64')))
+        xml_logout_res = b64decode(self.file_contents(join(self.data_path, "logout_responses", "logout_response.xml.base64")))
         xml_logout_res_signed = compat.to_string(OneLogin_Saml2_Utils.add_sign(xml_logout_res, key, cert))
-        self.assertIn('<ds:SignatureValue>', xml_logout_res_signed)
+        self.assertIn("<ds:SignatureValue>", xml_logout_res_signed)
         res_7 = parseString(xml_logout_res_signed)
-        ds_signature_7 = res_7.firstChild.firstChild.nextSibling.nextSibling
-        self.assertIn('ds:Signature', ds_signature_7.tagName)
+        ds_signature_7 = res_7.firstChild.firstChild.nextSibling.nextSibling.nextSibling
+        self.assertIn("ds:Signature", ds_signature_7.tagName)
 
-        xml_metadata = self.file_contents(join(self.data_path, 'metadata', 'metadata_settings1.xml'))
+        xml_metadata = self.file_contents(join(self.data_path, "metadata", "metadata_settings1.xml"))
         xml_metadata_signed = compat.to_string(OneLogin_Saml2_Utils.add_sign(xml_metadata, key, cert))
-        self.assertIn('<ds:SignatureValue>', xml_metadata_signed)
+        self.assertIn("<ds:SignatureValue>", xml_metadata_signed)
         res_8 = parseString(xml_metadata_signed)
         ds_signature_8 = res_8.firstChild.firstChild.nextSibling
-        self.assertIn('ds:Signature', ds_signature_8.tagName)
+        self.assertIn("ds:Signature", ds_signature_8.tagName)
 
     def testAddSignCheckAlg(self):
         """
@@ -786,19 +763,19 @@ def testAddSignCheckAlg(self):
         key = settings.get_sp_key()
         cert = settings.get_sp_cert()
 
-        xml_authn = b64decode(self.file_contents(join(self.data_path, 'requests', 'authn_request.xml.base64')))
+        xml_authn = b64decode(self.file_contents(join(self.data_path, "requests", "authn_request.xml.base64")))
         xml_authn_signed = compat.to_string(OneLogin_Saml2_Utils.add_sign(xml_authn, key, cert))
-        self.assertIn('<ds:SignatureValue>', xml_authn_signed)
-        self.assertIn('<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>', xml_authn_signed)
-        self.assertIn('<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>', xml_authn_signed)
+        self.assertIn("<ds:SignatureValue>", xml_authn_signed)
+        self.assertIn('<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>', xml_authn_signed)
+        self.assertIn('<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>', xml_authn_signed)
 
         xml_authn_signed_2 = compat.to_string(OneLogin_Saml2_Utils.add_sign(xml_authn, key, cert, False, OneLogin_Saml2_Constants.RSA_SHA256, OneLogin_Saml2_Constants.SHA384))
-        self.assertIn('<ds:SignatureValue>', xml_authn_signed_2)
+        self.assertIn("<ds:SignatureValue>", xml_authn_signed_2)
         self.assertIn('<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>', xml_authn_signed_2)
         self.assertIn('<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>', xml_authn_signed_2)
 
         xml_authn_signed_3 = compat.to_string(OneLogin_Saml2_Utils.add_sign(xml_authn, key, cert, False, OneLogin_Saml2_Constants.RSA_SHA384, OneLogin_Saml2_Constants.SHA512))
-        self.assertIn('<ds:SignatureValue>', xml_authn_signed_3)
+        self.assertIn("<ds:SignatureValue>", xml_authn_signed_3)
         self.assertIn('<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>', xml_authn_signed_3)
         self.assertIn('<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>', xml_authn_signed_3)
 
@@ -808,30 +785,30 @@ def testValidateSign(self):
         """
         settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
         idp_data = settings.get_idp_data()
-        cert = idp_data['x509cert']
+        cert = idp_data["x509cert"]
 
-        settings_2 = OneLogin_Saml2_Settings(self.loadSettingsJSON('settings2.json'))
+        settings_2 = OneLogin_Saml2_Settings(self.loadSettingsJSON("settings2.json"))
         idp_data2 = settings_2.get_idp_data()
-        cert_2 = idp_data2['x509cert']
+        cert_2 = idp_data2["x509cert"]
         fingerprint_2 = OneLogin_Saml2_Utils.calculate_x509_fingerprint(cert_2)
-        fingerprint_2_256 = OneLogin_Saml2_Utils.calculate_x509_fingerprint(cert_2, 'sha256')
+        fingerprint_2_256 = OneLogin_Saml2_Utils.calculate_x509_fingerprint(cert_2, "sha256")
 
         try:
-            self.assertFalse(OneLogin_Saml2_Utils.validate_sign('', cert))
+            self.assertFalse(OneLogin_Saml2_Utils.validate_sign("", cert))
         except Exception as e:
-            self.assertEqual('Empty string supplied as input', str(e))
+            self.assertEqual("Empty string supplied as input", str(e))
 
         # expired cert
-        xml_metadata_signed = self.file_contents(join(self.data_path, 'metadata', 'signed_metadata_settings1.xml'))
+        xml_metadata_signed = self.file_contents(join(self.data_path, "metadata", "signed_metadata_settings1.xml"))
         self.assertTrue(OneLogin_Saml2_Utils.validate_metadata_sign(xml_metadata_signed, cert))
         # expired cert, verified it
         self.assertFalse(OneLogin_Saml2_Utils.validate_metadata_sign(xml_metadata_signed, cert, validatecert=True))
 
-        xml_metadata_signed_2 = self.file_contents(join(self.data_path, 'metadata', 'signed_metadata_settings2.xml'))
+        xml_metadata_signed_2 = self.file_contents(join(self.data_path, "metadata", "signed_metadata_settings2.xml"))
         self.assertTrue(OneLogin_Saml2_Utils.validate_metadata_sign(xml_metadata_signed_2, cert_2))
         self.assertTrue(OneLogin_Saml2_Utils.validate_metadata_sign(xml_metadata_signed_2, None, fingerprint_2))
 
-        xml_response_msg_signed = b64decode(self.file_contents(join(self.data_path, 'responses', 'signed_message_response.xml.base64')))
+        xml_response_msg_signed = b64decode(self.file_contents(join(self.data_path, "responses", "signed_message_response.xml.base64")))
 
         # expired cert
         self.assertTrue(OneLogin_Saml2_Utils.validate_sign(xml_response_msg_signed, cert))
@@ -839,73 +816,85 @@ def testValidateSign(self):
         self.assertFalse(OneLogin_Saml2_Utils.validate_sign(xml_response_msg_signed, cert, validatecert=True))
 
         # modified cert
-        other_cert_path = join(dirname(__file__), '..', '..', '..', 'certs')
-        f = open(other_cert_path + '/certificate1', 'r')
+        other_cert_path = join(dirname(__file__), "..", "..", "..", "certs")
+        f = open(other_cert_path + "/certificate1", "r")
         cert_x = f.read()
         f.close()
         self.assertFalse(OneLogin_Saml2_Utils.validate_sign(xml_response_msg_signed, cert_x))
         self.assertFalse(OneLogin_Saml2_Utils.validate_sign(xml_response_msg_signed, cert_x, validatecert=True))
 
-        xml_response_msg_signed_2 = b64decode(self.file_contents(join(self.data_path, 'responses', 'signed_message_response2.xml.base64')))
+        xml_response_msg_signed_2 = b64decode(self.file_contents(join(self.data_path, "responses", "signed_message_response2.xml.base64")))
         self.assertTrue(OneLogin_Saml2_Utils.validate_sign(xml_response_msg_signed_2, cert_2))
         self.assertTrue(OneLogin_Saml2_Utils.validate_sign(xml_response_msg_signed_2, None, fingerprint_2))
-        self.assertTrue(OneLogin_Saml2_Utils.validate_sign(xml_response_msg_signed_2, None, fingerprint_2, 'sha1'))
-        self.assertTrue(OneLogin_Saml2_Utils.validate_sign(xml_response_msg_signed_2, None, fingerprint_2_256, 'sha256'))
+        self.assertTrue(OneLogin_Saml2_Utils.validate_sign(xml_response_msg_signed_2, None, fingerprint_2, "sha1"))
+        self.assertTrue(OneLogin_Saml2_Utils.validate_sign(xml_response_msg_signed_2, None, fingerprint_2_256, "sha256"))
 
-        xml_response_assert_signed = b64decode(self.file_contents(join(self.data_path, 'responses', 'signed_assertion_response.xml.base64')))
+        xml_response_assert_signed = b64decode(self.file_contents(join(self.data_path, "responses", "signed_assertion_response.xml.base64")))
 
         # expired cert
         self.assertTrue(OneLogin_Saml2_Utils.validate_sign(xml_response_assert_signed, cert))
         # expired cert, verified it
         self.assertFalse(OneLogin_Saml2_Utils.validate_sign(xml_response_assert_signed, cert, validatecert=True))
 
-        xml_response_assert_signed_2 = b64decode(self.file_contents(join(self.data_path, 'responses', 'signed_assertion_response2.xml.base64')))
+        xml_response_assert_signed_2 = b64decode(self.file_contents(join(self.data_path, "responses", "signed_assertion_response2.xml.base64")))
         self.assertTrue(OneLogin_Saml2_Utils.validate_sign(xml_response_assert_signed_2, cert_2))
         self.assertTrue(OneLogin_Saml2_Utils.validate_sign(xml_response_assert_signed_2, None, fingerprint_2))
 
-        xml_response_double_signed = b64decode(self.file_contents(join(self.data_path, 'responses', 'double_signed_response.xml.base64')))
+        xml_response_double_signed = b64decode(self.file_contents(join(self.data_path, "responses", "double_signed_response.xml.base64")))
 
         # expired cert
         self.assertTrue(OneLogin_Saml2_Utils.validate_sign(xml_response_double_signed, cert))
         # expired cert, verified it
         self.assertFalse(OneLogin_Saml2_Utils.validate_sign(xml_response_double_signed, cert, validatecert=True))
 
-        xml_response_double_signed_2 = b64decode(self.file_contents(join(self.data_path, 'responses', 'double_signed_response2.xml.base64')))
+        xml_response_double_signed_2 = b64decode(self.file_contents(join(self.data_path, "responses", "double_signed_response2.xml.base64")))
         self.assertTrue(OneLogin_Saml2_Utils.validate_sign(xml_response_double_signed_2, cert_2))
         self.assertTrue(OneLogin_Saml2_Utils.validate_sign(xml_response_double_signed_2, None, fingerprint_2))
 
         dom = parseString(xml_response_msg_signed_2)
         self.assertTrue(OneLogin_Saml2_Utils.validate_sign(dom.toxml(), cert_2))
 
-        dom.firstChild.firstChild.firstChild.nodeValue = 'https://idp.example.com/simplesaml/saml2/idp/metadata.php'
+        dom.firstChild.firstChild.firstChild.nodeValue = "https://idp.example.com/simplesaml/saml2/idp/metadata.php"
 
-        dom.firstChild.getAttributeNode('ID').nodeValue = u'_34fg27g212d63k1f923845324475802ac0fc24530b'
+        dom.firstChild.getAttributeNode("ID").nodeValue = "_34fg27g212d63k1f923845324475802ac0fc24530b"
         # Reference validation failed
         self.assertFalse(OneLogin_Saml2_Utils.validate_sign(dom.toxml(), cert_2))
 
-        invalid_fingerprint = 'afe71c34ef740bc87434be13a2263d31271da1f9'
+        invalid_fingerprint = "afe71c34ef740bc87434be13a2263d31271da1f9"
         # Wrong fingerprint
         self.assertFalse(OneLogin_Saml2_Utils.validate_metadata_sign(xml_metadata_signed_2, None, invalid_fingerprint))
 
         dom_2 = parseString(xml_response_double_signed_2)
         self.assertTrue(OneLogin_Saml2_Utils.validate_sign(dom_2.toxml(), cert_2))
-        dom_2.firstChild.firstChild.firstChild.nodeValue = 'https://example.com/other-idp'
+        dom_2.firstChild.firstChild.firstChild.nodeValue = "https://example.com/other-idp"
         # Modified message
         self.assertFalse(OneLogin_Saml2_Utils.validate_sign(dom_2.toxml(), cert_2))
 
         # Try to validate directly the Assertion
         dom_3 = parseString(xml_response_double_signed_2)
         assert_elem_3 = dom_3.firstChild.firstChild.nextSibling.nextSibling.nextSibling
-        assert_elem_3.setAttributeNS(OneLogin_Saml2_Constants.NS_SAML, 'xmlns:saml', OneLogin_Saml2_Constants.NS_SAML)
+        assert_elem_3.setAttributeNS(OneLogin_Saml2_Constants.NS_SAML, "xmlns:saml", OneLogin_Saml2_Constants.NS_SAML)
         self.assertFalse(OneLogin_Saml2_Utils.validate_sign(assert_elem_3.toxml(), cert_2))
 
         # Wrong scheme
-        no_signed = b64decode(self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_signature.xml.base64')))
+        no_signed = b64decode(self.file_contents(join(self.data_path, "responses", "invalids", "no_signature.xml.base64")))
         self.assertFalse(OneLogin_Saml2_Utils.validate_sign(no_signed, cert))
 
-        no_key = b64decode(self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_key.xml.base64')))
+        no_key = b64decode(self.file_contents(join(self.data_path, "responses", "invalids", "no_key.xml.base64")))
         self.assertFalse(OneLogin_Saml2_Utils.validate_sign(no_key, cert))
 
         # Signature Wrapping attack
-        wrapping_attack1 = b64decode(self.file_contents(join(self.data_path, 'responses', 'invalids', 'signature_wrapping_attack.xml.base64')))
+        wrapping_attack1 = b64decode(self.file_contents(join(self.data_path, "responses", "invalids", "signature_wrapping_attack.xml.base64")))
         self.assertFalse(OneLogin_Saml2_Utils.validate_sign(wrapping_attack1, cert))
+
+    def testNormalizeUrl(self):
+        base_url = "https://blah.com/path"
+        capital_scheme = "hTTps://blah.com/path"
+        capital_domain = "https://blAH.Com/path"
+        capital_path = "https://blah.com/PAth"
+        capital_all = "HTTPS://BLAH.COM/PATH"
+
+        self.assertIn(base_url, OneLogin_Saml2_Utils.normalize_url(capital_scheme))
+        self.assertIn(base_url, OneLogin_Saml2_Utils.normalize_url(capital_domain))
+        self.assertNotIn(base_url, OneLogin_Saml2_Utils.normalize_url(capital_path))
+        self.assertNotIn(base_url, OneLogin_Saml2_Utils.normalize_url(capital_all))
diff --git a/tests/src/OneLogin/saml2_tests/xml_utils_test.py b/tests/src/OneLogin/saml2_tests/xml_utils_test.py
index 507575f1..2135aca3 100644
--- a/tests/src/OneLogin/saml2_tests/xml_utils_test.py
+++ b/tests/src/OneLogin/saml2_tests/xml_utils_test.py
@@ -1,10 +1,9 @@
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2010-2018 OneLogin, Inc.
-# MIT License
 
 import json
 import unittest
+import xmlsec
 
 from base64 import b64decode
 from lxml import etree
@@ -13,57 +12,75 @@
 
 
 class TestOneLoginSaml2Xml(unittest.TestCase):
-    data_path = join(dirname(__file__), '..', '..', '..', 'data')
+    data_path = join(dirname(__file__), "..", "..", "..", "data")
 
     def loadSettingsJSON(self, filename=None):
         if filename:
-            filename = join(dirname(__file__), '..', '..', '..', 'settings', filename)
+            filename = join(dirname(__file__), "..", "..", "..", "settings", filename)
         else:
-            filename = join(dirname(__file__), '..', '..', '..', 'settings', 'settings1.json')
+            filename = join(dirname(__file__), "..", "..", "..", "settings", "settings1.json")
         if exists(filename):
-            stream = open(filename, 'r')
+            stream = open(filename, "r")
             settings = json.load(stream)
             stream.close()
             return settings
         else:
-            raise Exception('Settings json file does not exist')
+            raise Exception("Settings json file does not exist")
 
     def file_contents(self, filename):
-        f = open(filename, 'r')
+        f = open(filename, "r")
         content = f.read()
         f.close()
         return content
 
+    def testLibxml2(self):
+        """
+        Tests that libxml2 versions used by xmlsec and lxml are compatible
+
+        If this test fails, reinstall lxml without using binary to ensure it is
+        linked to same version of libxml2 as xmlsec:
+        pip install --force-reinstall --no-binary lxml lxml
+
+        See https://bugs.launchpad.net/lxml/+bug/1960668
+        """
+        env = etree.fromstring("<xml></xml>")
+        sig = xmlsec.template.create(env, xmlsec.Transform.EXCL_C14N, xmlsec.Transform.RSA_SHA256, ns="ds")
+
+        ds = etree.QName(sig).namespace
+        cm = sig.find(".//{%s}CanonicalizationMethod" % ds)
+
+        self.assertIsNotNone(cm)
+
     def testValidateXML(self):
         """
         Tests the validate_xml method of the OneLogin_Saml2_XML
         """
-        metadata_unloaded = '<xml><EntityDescriptor>'
-        res = OneLogin_Saml2_XML.validate_xml(metadata_unloaded, 'saml-schema-metadata-2.0.xsd')
+        metadata_unloaded = "<xml><EntityDescriptor>"
+        res = OneLogin_Saml2_XML.validate_xml(metadata_unloaded, "saml-schema-metadata-2.0.xsd")
         self.assertIsInstance(res, str)
-        self.assertIn('unloaded_xml', res)
+        self.assertIn("unloaded_xml", res)
 
-        metadata_invalid = self.file_contents(join(self.data_path, 'metadata', 'noentity_metadata_settings1.xml'))
+        metadata_invalid = self.file_contents(join(self.data_path, "metadata", "noentity_metadata_settings1.xml"))
 
-        res = OneLogin_Saml2_XML.validate_xml(metadata_invalid, 'saml-schema-metadata-2.0.xsd')
+        res = OneLogin_Saml2_XML.validate_xml(metadata_invalid, "saml-schema-metadata-2.0.xsd")
         self.assertIsInstance(res, str)
-        self.assertIn('invalid_xml', res)
+        self.assertIn("invalid_xml", res)
 
-        metadata_expired = self.file_contents(join(self.data_path, 'metadata', 'expired_metadata_settings1.xml'))
-        res = OneLogin_Saml2_XML.validate_xml(metadata_expired, 'saml-schema-metadata-2.0.xsd')
+        metadata_expired = self.file_contents(join(self.data_path, "metadata", "expired_metadata_settings1.xml"))
+        res = OneLogin_Saml2_XML.validate_xml(metadata_expired, "saml-schema-metadata-2.0.xsd")
         self.assertIsInstance(res, OneLogin_Saml2_XML._element_class)
 
-        metadata_ok = self.file_contents(join(self.data_path, 'metadata', 'metadata_settings1.xml'))
-        res = OneLogin_Saml2_XML.validate_xml(metadata_ok, 'saml-schema-metadata-2.0.xsd')
+        metadata_ok = self.file_contents(join(self.data_path, "metadata", "metadata_settings1.xml"))
+        res = OneLogin_Saml2_XML.validate_xml(metadata_ok, "saml-schema-metadata-2.0.xsd")
         self.assertIsInstance(res, OneLogin_Saml2_XML._element_class)
 
     def testToString(self):
         """
         Tests the to_string method of the OneLogin_Saml2_XML
         """
-        xml = '<test>test1</test>'
+        xml = "<test>test1</test>"
         elem = etree.fromstring(xml)
-        bxml = xml.encode('utf8')
+        bxml = xml.encode("utf8")
 
         self.assertIs(xml, OneLogin_Saml2_XML.to_string(xml))
         self.assertIs(bxml, OneLogin_Saml2_XML.to_string(bxml))
@@ -77,7 +94,7 @@ def testToElement(self):
         """
         Tests the to_etree method of the OneLogin_Saml2_XML
         """
-        xml = '<test>test1</test>'
+        xml = "<test>test1</test>"
         elem = etree.fromstring(xml)
         xml_expected = etree.tostring(elem)
 
@@ -85,7 +102,7 @@ def testToElement(self):
         self.assertIsInstance(res, etree._Element)
         self.assertEqual(xml_expected, etree.tostring(res))
 
-        res = OneLogin_Saml2_XML.to_etree(xml.encode('utf8'))
+        res = OneLogin_Saml2_XML.to_etree(xml.encode("utf8"))
         self.assertIsInstance(res, etree._Element)
         self.assertEqual(xml_expected, etree.tostring(res))
 
@@ -104,46 +121,46 @@ def testQuery(self):
         """
         Tests the query method of the OneLogin_Saml2_Utils
         """
-        xml = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
+        xml = self.file_contents(join(self.data_path, "responses", "valid_response.xml.base64"))
         xml = b64decode(xml)
         dom = etree.fromstring(xml)
 
-        assertion_nodes = OneLogin_Saml2_XML.query(dom, '/samlp:Response/saml:Assertion')
+        assertion_nodes = OneLogin_Saml2_XML.query(dom, "/samlp:Response/saml:Assertion")
         self.assertEqual(1, len(assertion_nodes))
         assertion = assertion_nodes[0]
-        self.assertIn('Assertion', assertion.tag)
+        self.assertIn("Assertion", assertion.tag)
 
-        attribute_statement_nodes = OneLogin_Saml2_XML.query(dom, '/samlp:Response/saml:Assertion/saml:AttributeStatement')
+        attribute_statement_nodes = OneLogin_Saml2_XML.query(dom, "/samlp:Response/saml:Assertion/saml:AttributeStatement")
         self.assertEqual(1, len(assertion_nodes))
         attribute_statement = attribute_statement_nodes[0]
-        self.assertIn('AttributeStatement', attribute_statement.tag)
+        self.assertIn("AttributeStatement", attribute_statement.tag)
 
-        attribute_statement_nodes_2 = OneLogin_Saml2_XML.query(dom, './saml:AttributeStatement', assertion)
+        attribute_statement_nodes_2 = OneLogin_Saml2_XML.query(dom, "./saml:AttributeStatement", assertion)
         self.assertEqual(1, len(attribute_statement_nodes_2))
         attribute_statement_2 = attribute_statement_nodes_2[0]
         self.assertEqual(attribute_statement, attribute_statement_2)
 
-        signature_res_nodes = OneLogin_Saml2_XML.query(dom, '/samlp:Response/ds:Signature')
+        signature_res_nodes = OneLogin_Saml2_XML.query(dom, "/samlp:Response/ds:Signature")
         self.assertEqual(1, len(signature_res_nodes))
         signature_res = signature_res_nodes[0]
-        self.assertIn('Signature', signature_res.tag)
+        self.assertIn("Signature", signature_res.tag)
 
-        signature_nodes = OneLogin_Saml2_XML.query(dom, '/samlp:Response/saml:Assertion/ds:Signature')
+        signature_nodes = OneLogin_Saml2_XML.query(dom, "/samlp:Response/saml:Assertion/ds:Signature")
         self.assertEqual(1, len(signature_nodes))
         signature = signature_nodes[0]
-        self.assertIn('Signature', signature.tag)
+        self.assertIn("Signature", signature.tag)
 
-        signature_nodes_2 = OneLogin_Saml2_XML.query(dom, './ds:Signature', assertion)
+        signature_nodes_2 = OneLogin_Saml2_XML.query(dom, "./ds:Signature", assertion)
         self.assertEqual(1, len(signature_nodes_2))
         signature2 = signature_nodes_2[0]
         self.assertNotEqual(signature_res, signature2)
         self.assertEqual(signature, signature2)
 
-        signature_nodes_3 = OneLogin_Saml2_XML.query(dom, './ds:SignatureValue', assertion)
+        signature_nodes_3 = OneLogin_Saml2_XML.query(dom, "./ds:SignatureValue", assertion)
         self.assertEqual(0, len(signature_nodes_3))
 
-        signature_nodes_4 = OneLogin_Saml2_XML.query(dom, './ds:Signature/ds:SignatureValue', assertion)
+        signature_nodes_4 = OneLogin_Saml2_XML.query(dom, "./ds:Signature/ds:SignatureValue", assertion)
         self.assertEqual(1, len(signature_nodes_4))
 
-        signature_nodes_5 = OneLogin_Saml2_XML.query(dom, './/ds:SignatureValue', assertion)
+        signature_nodes_5 = OneLogin_Saml2_XML.query(dom, ".//ds:SignatureValue", assertion)
         self.assertEqual(1, len(signature_nodes_5))