Notice that x509cert is require for validate HTTP-Redirect signatures

pitbulk · pitbulk · commit e73ed4d0ec6b · 2016-04-08T22:40:05.000+02:00
diff --git a/README.md b/README.md
@@ -286,7 +286,8 @@ This is the settings.json file:
         "x509cert": "<onelogin_connector_cert>"
         /*
          *  Instead of use the whole x509cert you can use a fingerprint in order to 
-         *  validate a SAMLResponse.
+         *  validate a SAMLResponse, but you will need it to validate LogoutRequest and LogoutResponse using the HTTP-Redirect binding.
+         * 
          *  (openssl x509 -noout -fingerprint -in "idp.crt" to generate it,
          *  or add for example the -sha256 , -sha384 or -sha512 parameter)
          *
diff --git a/src/onelogin/saml2/auth.py b/src/onelogin/saml2/auth.py
@@ -15,7 +15,6 @@
 from urllib import quote_plus
 
 import dm.xmlsec.binding as xmlsec
-import copy
 
 from onelogin.saml2.settings import OneLogin_Saml2_Settings
 from onelogin.saml2.response import OneLogin_Saml2_Response
