pysaml2 incompatible with xmlsec1 version 1.3.0

[MathieuB1]

The IDP server doesn't work anymore with xmlsec 1.3.0. This is required when importing from saml2.sigver import get_xmlsec_binary. The breaking change is the following:

https://www.aleksey.com/xmlsec/news.html

(API breaking change) The XMLSec command line utility is using 'strict' key search mode by default. To restore the old 'lax' key search mode, use the new '--lax-key-search' option.

As there we cannot pass any arg to get_xmlsec_binary method we are stuck and have to wait for a new pysaml2 release see issue on: IdentityPython/pysaml2#906

Code to update:

https://github.com/IdentityPython/pysaml2/blob/2d47437a21aaaa77abed1b1aacdf5bda5a7f7b87/src/saml2/sigver.py#L220 
line.660 --> com_list 

Broken command:

/usr/bin/xmlsec1 --sign --privkey-pem /app/idp/certificates/private.key --id-attr:ID urn:oasis:names:tc:SAML:2.0:assertion:Assertion --node-id id-ypHQSxfXdaDrDXrHe --output /tmp/tmpjltassif.xml /tmp/tmpw0hrid6t.xml 

Signature status: FAILED
Failure reason: KEY-NOT-FOUND
Error: failed to sign file "/tmp/tmpw0hrid6t.xml"

Working command (--lax-key-search):

/usr/bin/xmlsec1 --sign --lax-key-search --privkey-pem /app/idp/certificates/private.key --id-attr:ID urn:oasis:names:tc:SAML:2.0:assertion:Assertion --node-id id-ypHQSxfXdaDrDXrHe --output /tmp/tmpjltassif.xml /tmp/tmpw0hrid6t.xml 
Signature status: OK

Temporary solution is to stick the xmlsec1 lib to xmlsec1-1.2.37 available on http://www.aleksey.com/xmlsec/download/xmlsec1-1.2.37.tar.gz